WP-Safety

CodeShop Amazon Affiliate Security & Risk Analysis

wordpress.org/plugins/codeshop-amazon-affiliate

CodeShop Amazon Affiliate plugin to setup a complete amazon shop solution. Simple & fast, also monetize your Wordpress posts.

10 active installs v3.1.0 PHP 5.3.0+ WP 4.4+ Updated Oct 26, 2022
amazon-advertise-productsamazon-affiliateecommerceshopstore
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is CodeShop Amazon Affiliate Safe to Use in 2026?

Generally Safe

Score 85/100

CodeShop Amazon Affiliate has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago
Risk Assessment

The "codeshop-amazon-affiliate" v3.1.0 plugin exhibits a generally good security posture with a significant number of protective measures in place. The absence of known CVEs and a clean vulnerability history are positive indicators. Static analysis reveals that all identified entry points (AJAX handlers, shortcodes) are protected by nonce and capability checks, and the plugin avoids dangerous functions, file operations, and external HTTP requests. All SQL queries utilize prepared statements, which is a strong defense against SQL injection. However, a concerning finding is the low percentage of properly escaped output (26%). This indicates a significant risk of Cross-Site Scripting (XSS) vulnerabilities, where unescaped data displayed to users could be manipulated to inject malicious scripts. While the taint analysis found no unsanitized paths, the high number of unescaped outputs creates a substantial attack surface for XSS.

Key Concerns

  • Low percentage of properly escaped output
Vulnerabilities
None known

CodeShop Amazon Affiliate Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

CodeShop Amazon Affiliate Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
100
35 escaped
Nonce Checks
5
Capability Checks
7
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

26% escaped135 total outputs
Data Flows
All sanitized

Data Flow Analysis

3 flows
add_selected_products (includes\caaps-amazon-ajax-handler.class.php:887)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

CodeShop Amazon Affiliate Attack Surface

Entry Points6
Unprotected0

AJAX Handlers 5

authwp_ajax_caaps_searchby_kword_displayincludes\caaps-amazon-ajax-handler.class.php:59
authwp_ajax_caaps_searchby_asin_displayincludes\caaps-amazon-ajax-handler.class.php:60
authwp_ajax_caaps_add_selected_productsincludes\caaps-amazon-ajax-handler.class.php:61
authwp_ajax_caaps_remove_selected_productsincludes\caaps-amazon-ajax-handler.class.php:62
authwp_ajax_caaps_test_api_settingsincludes\caaps-amazon-ajax-handler.class.php:63

Shortcodes 1

[caaps] includes\caaps-amazon-shortcode.class.php:22
WordPress Hooks 22
actionadd_meta_boxesincludes\caaps-amazon-addproducts.class.php:17
actionadmin_enqueue_scriptsincludes\caaps-amazon-ajax-handler.class.php:58
actioninitincludes\caaps-amazon-shop-posttype.class.php:17
actioninitincludes\caaps-amazon-shop-posttype.class.php:18
actionadmin_initincludes\caaps-amazon-shop.class.php:16
actionadmin_initincludes\caaps-amazon-shop.class.php:17
actionadmin_menuincludes\caaps-amazon-shop.class.php:18
actioninitincludes\caaps-amazon-shop.class.php:19
actionadmin_noticesincludes\caaps-amazon-shop.class.php:20
actionplugins_loadedincludes\caaps-amazon-shop.class.php:21
filterplugin_row_metaincludes\caaps-amazon-shop.class.php:22
actioninitincludes\caaps-amazon-shortcode.class.php:17
actionmedia_buttonsincludes\caaps-post-products.class.php:17
actionadmin_enqueue_scriptsincludes\caaps-post-products.class.php:18
actioninitincludes\caaps-template-helper.class.php:23
filtertemplate_includeincludes\caaps-template-helper.class.php:24
filterfrontpage_templateincludes\caaps-template-helper.class.php:25
actionwp_enqueue_scriptsincludes\caaps-template-helper.class.php:26
actionpre_get_postsincludes\caaps-template-helper.class.php:27
actiontemplate_redirectincludes\caaps-template-helper.class.php:29
filterbody_classincludes\caaps-template-helper.class.php:30
actionwidgets_initincludes\caaps-widgets.class.php:21
Maintenance & Trust

CodeShop Amazon Affiliate Maintenance & Trust

Maintenance Signals

WordPress version tested6.0.11
Last updatedOct 26, 2022
PHP min version5.3.0
Downloads4K

Community Trust

Rating70/100
Number of ratings2
Active installs10
Alternatives

CodeShop Amazon Affiliate Alternatives

WooCommerce

WooCommerce

woocommerce

A
87

Everything you need to launch an online store in days and keep it growing for years. From your first sale to millions in revenue, Woo is with you.

7.0M 43 CVEs
Ecwid by Lightspeed Ecommerce Shopping Cart

Ecwid by Lightspeed Ecommerce Shopping Cart

ecwid-shopping-cart

B
83

Powerful, easy to use ecommerce shopping cart for WordPress. Sell on Facebook and Instagram. iPhone & Android apps. Superb support.

20K 13 CVEs
Shopping Cart & eCommerce Store

Shopping Cart & eCommerce Store

wp-easycart

A
88

A FREE WordPress eCommerce & WordPress Shopping Cart plugin that can sell products, subscriptions, downloads, services, donations, and much more o …

4K 21 CVEs
Shop Page WP

Shop Page WP

shop-page-wp

A
92

Create an affiliate shop page on your website. Simple to setup and add products to start making money from affiliate links on your blog.

3K 1 CVE
Premium Packages – Sell Digital Products Securely

Premium Packages – Sell Digital Products Securely

wpdm-premium-packages

A
94

Premium Packages is a free, full-featured WordPress eCommerce plugin to sell digital products easily and securely.

3K 9 CVEs
Developer Profile

CodeShop Amazon Affiliate Developer Profile

softcoy

2 plugins · 20 total installs

89
trust score
Avg Security Score
93/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect CodeShop Amazon Affiliate

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/codeshop-amazon-affiliate/admin/css/codeshop-styles.css/wp-content/plugins/codeshop-amazon-affiliate/admin/js/amazon-product-shop.js/wp-content/plugins/codeshop-amazon-affiliate/public/images/loader.gif
Script Paths
/wp-content/plugins/codeshop-amazon-affiliate/admin/js/amazon-product-shop.js
Version Parameters
codeshop-amazon-affiliate/admin/css/codeshop-styles.css?ver=codeshop-amazon-affiliate/admin/js/amazon-product-shop.js?ver=

HTML / DOM Fingerprints

HTML Comments
<!-- This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. Copyright 2017 codeapple.net -->
JS Globals
caaps_metabox_script_obj
FAQ

Frequently Asked Questions about CodeShop Amazon Affiliate