Bitt Link Shortener Security & Risk Analysis
wordpress.org/plugins/bitt-link-shorterWP Simple Plugin Get free link shortener plugin for your wordpress.
Is Bitt Link Shortener Safe to Use in 2026?
Generally Safe
Score 85/100Bitt Link Shortener has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "bitt-link-shorter" v2.2.2 plugin exhibits a concerning security posture primarily due to its unprotected AJAX endpoints. While the plugin doesn't appear to have a history of publicly disclosed vulnerabilities and avoids known dangerous functions, the static analysis reveals significant weaknesses. The presence of 4 AJAX handlers, all lacking authentication checks, presents a substantial attack surface. This means any unauthenticated user could potentially trigger these functions, leading to unintended actions. Furthermore, the taint analysis indicates one flow with unsanitized paths, which is flagged as high severity. This suggests a potential for malicious input to be processed without proper validation or sanitization, possibly leading to code execution or data manipulation. The low percentage of SQL queries using prepared statements and the even lower percentage of properly escaped output are also red flags, increasing the risk of SQL injection and cross-site scripting (XSS) vulnerabilities respectively.
Key Concerns
- 4 AJAX handlers without auth checks
- High severity taint flow with unsanitized path
- Only 33% of SQL queries use prepared statements
- Only 15% of outputs are properly escaped
- No nonce checks on AJAX handlers
- No capability checks on AJAX handlers
- Bundled outdated DataTables v1.10.16
Bitt Link Shortener Security Vulnerabilities
Bitt Link Shortener Code Analysis
Bundled Libraries
SQL Query Safety
Output Escaping
Data Flow Analysis
Bitt Link Shortener Attack Surface
AJAX Handlers 4
WordPress Hooks 5
Maintenance & Trust
Bitt Link Shortener Maintenance & Trust
Maintenance Signals
Community Trust
Bitt Link Shortener Alternatives
ShortLinks Pro – Affiliate Links, Link Shortening, Click Tracking & Marketing
shortlinkspro
Shorten, track, manage and share any URL using your own domain name!
Short Links for M8C — لینک کوتاه
short-links-for-m8c
Create short links from WordPress using the M8C link shortener service (m8c.ir). Not affiliated with M8C; for use with the M8C API.
URL Shortener by Shortez.
shortez-url-shortener
What is Shortez?
URL Shortener by ShortUrlsEZ.
shorturls
What is ShortUrlsEZ?
url Shortener 4eq
url-shortener-4eq
url Shortener 4eq is a quick, modern, and open-source link shortener. This plugin allows you to use 4eq service in WordPress.
Bitt Link Shortener Developer Profile
4 plugins · 1K total installs
How We Detect Bitt Link Shortener
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/bitt-link-shorter/assets/css/bitt-link-shorter.css/wp-content/plugins/bitt-link-shorter/assets/js/bitt-link-shorter.js/wp-content/plugins/bitt-link-shorter/assets/plugins/datatable/css/dataTables.bootstrap4.min.css/wp-content/plugins/bitt-link-shorter/assets/plugins/datatable/js/dataTables.bootstrap4.min.js/wp-content/plugins/bitt-link-shorter/assets/plugins/datatable/js/jquery.dataTables.min.js/wp-content/plugins/bitt-link-shorter/assets/js/bitt-link-shorter.jsbitt-link-shorter/assets/css/bitt-link-shorter.css?ver=bitt-link-shorter/assets/js/bitt-link-shorter.js?ver=bitt-link-shorter/assets/plugins/datatable/css/dataTables.bootstrap4.min.css?ver=bitt-link-shorter/assets/plugins/datatable/js/dataTables.bootstrap4.min.js?ver=bitt-link-shorter/assets/plugins/datatable/js/jquery.dataTables.min.js?ver=HTML / DOM Fingerprints
wpbls-sidebarbitt-link-shorter-dashboarwpbls-error-noticewpbls_genrate_bulk_bitt_link_shortername="wpbls_genrate_bitt_link_shorter"id="wpbls_bitt_copy_link_post_id_"name="wpbls_current_link"name="wpbls_bitt_individual"name="wpbls_bitt_copy_link_p_btn"data-id="post_id_"+7 morewpbls_bitt_copy_link_btn