Does LinkAlert have any unpatched vulnerabilities?

No. All known vulnerabilities in LinkAlert have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is LinkAlert compatible with WordPress 6.9.4?

According to WordPress.org data, LinkAlert 1.0.4 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is LinkAlert compatible with PHP 7.4+?

LinkAlert requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is LinkAlert updated?

LinkAlert was last updated on Unknown. Frequent updates are generally a positive security signal.

What is LinkAlert's security score?

LinkAlert has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

LinkAlert Security & Risk Analysis

wordpress.org/plugins/codirun-linkalert

Link management and click tracking plugin for WordPress. Monitor clicks in real time, manage short links, and receive instant notifications.

0 active installs v1.0.4 PHP 7.4+ WP 6.4+ Updated Unknown

affiliate-linksclick-trackinglink-managementlink-monitoringurl-shortener

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is LinkAlert Safe to Use in 2026?

Generally Safe

Score 100/100

LinkAlert has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The codirun-linkalert plugin, in version 1.0.4, exhibits a mixed security posture. Its strengths lie in its robust use of prepared statements for SQL queries (97%) and a significant number of nonce and capability checks (30 and 42 respectively), indicating an awareness of common WordPress security practices. The absence of known CVEs and a clean vulnerability history further contribute to a generally positive outlook.

However, there are notable areas of concern. The presence of 18 AJAX handlers, with one completely lacking authentication checks, presents a significant attack vector. This unprotected entry point could allow unauthorized users to trigger plugin functionality. Additionally, the taint analysis revealed two flows with unsanitized paths. While not classified as critical or high severity, unsanitized paths can still lead to unexpected behavior or potential exploits if not properly handled. The output escaping also shows room for improvement, with 43% of outputs not being properly escaped, which could lead to cross-site scripting (XSS) vulnerabilities.

In conclusion, while codirun-linkalert has a clean vulnerability history and good practices in many areas, the unprotected AJAX handler and unsanitized paths are critical issues that require immediate attention. The percentage of unescaped output is also a concern that should be addressed to improve the overall security of the plugin.

Key Concerns

AJAX handler without auth check
Flows with unsanitized paths
Low percentage of properly escaped output

Vulnerabilities

None known

LinkAlert Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

LinkAlert Code Analysis

Dangerous Functions

Raw SQL Queries

32 prepared

Unescaped Output

374

502 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

97% prepared33 total queries

Output Escaping

57% escaped876 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

6 flows2 with unsanitized paths

codirun_linkalert_handle_redirect (includes\class-codirun-linkalert-redirector.php:145)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

LinkAlert Attack Surface

Entry Points18

Unprotected1

AJAX Handlers 18

authwp_ajax_codirun_create_linkadmin\class-codirun-linkalert-admin.php:48

authwp_ajax_codirun_update_linkadmin\class-codirun-linkalert-admin.php:49

authwp_ajax_codirun_codirun_linkalert_delete_linkadmin\class-codirun-linkalert-admin.php:50

authwp_ajax_codirun_get_link_statsadmin\class-codirun-linkalert-admin.php:51

authwp_ajax_codirun_toggle_notification_channeladmin\class-codirun-linkalert-admin.php:52

authwp_ajax_codirun_add_categoryadmin\class-codirun-linkalert-admin.php:53

authwp_ajax_codirun_clear_link_statsadmin\class-codirun-linkalert-admin.php:54

authwp_ajax_codirun_recalculate_substitutionsadmin\class-codirun-linkalert-admin.php:55

authwp_ajax_codirun_check_slug_existsadmin\class-codirun-linkalert-admin.php:56

authwp_ajax_codirun_check_category_existsadmin\class-codirun-linkalert-admin.php:57

authwp_ajax_codirun_add_category_ajaxadmin\class-codirun-linkalert-admin.php:58

authwp_ajax_codirun_edit_category_ajaxadmin\class-codirun-linkalert-admin.php:59

authwp_ajax_codirun_delete_category_ajaxadmin\class-codirun-linkalert-admin.php:60

authwp_ajax_codirun_process_csvadmin\class-codirun-linkalert-admin.php:105

authwp_ajax_codirun_codirun_linkalert_import_csv_dataadmin\class-codirun-linkalert-admin.php:106

authwp_ajax_codirun_download_csv_templateadmin\class-codirun-linkalert-admin.php:107

authwp_ajax_codirun_import_links_extendedadmin\class-codirun-linkalert-admin.php:110

authwp_ajax_codirun_import_linksadmin\class-codirun-linkalert-admin.php:113

WordPress Hooks 20

actionadmin_initadmin\class-codirun-linkalert-admin.php:39

actionadmin_menuadmin\class-codirun-linkalert-admin.php:42

actionadmin_enqueue_scriptsadmin\class-codirun-linkalert-admin.php:45

actioninitadmin\class-codirun-linkalert-admin.php:120

actionadmin_initadmin\class-codirun-linkalert-admin.php:128

actionadmin_footeradmin\class-codirun-linkalert-admin.php:514

actioninitcodirun-linkalert.php:31

actioninitincludes\class-codirun-linkalert-redirector.php:47

actiontemplate_redirectincludes\class-codirun-linkalert-redirector.php:50

filterquery_varsincludes\class-codirun-linkalert-redirector.php:53

filterpretty-link-endpoint-filterincludes\class-codirun-linkalert-redirector.php:56

actioninitincludes\class-codirun-linkalert-redirector.php:60

actionplugins_loadedincludes\class-codirun-linkalert.php:79

actioninitincludes\class-codirun-linkalert.php:82

actionwp_enqueue_scriptsincludes\class-codirun-linkalert.php:85

actiontemplate_redirectincludes\class-codirun-linkalert.php:88

filterrewrite_rules_arrayincludes\class-codirun-linkalert.php:91

filterpretty-link-endpoint-filterincludes\class-codirun-linkalert.php:94

actionadmin_noticesincludes\codirun-linkalert-block-notices.php:49

actionadmin_initincludes\codirun-linkalert-block-notices.php:156

Maintenance & Trust

LinkAlert Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedUnknown

PHP min version7.4

Downloads330

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

LinkAlert Alternatives

ShortLinks Pro – Affiliate Links, Link Shortening, Click Tracking & Marketing

shortlinkspro

Shorten, track, manage and share any URL using your own domain name!

100 1 CVE

LinkFiliate – Advanced Affiliate Link Management, Branded Short Links, Click Tracking & Analytics

linkfiliate

100

Create pretty branded URLs, cloak affiliate links, and track clicks in real time — giving you better control of all your marketing links in WordPress.

10 No CVEs

URL Shortify – Simple and Easy URL Shortener

url-shortify

URL Shortify helps you beautify, manage, share & cloak any links on or off your WordPress website. Create links using your domain name!

10K 9 CVEs

Custom Link Shortener

custom-link-shortener

100

Advanced URL shortener for WordPress with analytics, link rotation, location tracking, random redirects, and password protection.

10 No CVEs

Royal Links

royal-links

100

A powerful WordPress link management plugin for shortening, tracking, and organizing your links.

0 No CVEs

Developer Profile

LinkAlert Developer Profile

Codirun

2 plugins · 10 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect LinkAlert

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/codirun-linkalert/assets/css/linkalert-style.css/wp-content/plugins/codirun-linkalert/assets/js/linkalert-script.js

Script Paths

/wp-content/plugins/codirun-linkalert/assets/js/linkalert-script.js

Version Parameters

codirun-linkalert/assets/css/linkalert-style.css?ver=codirun-linkalert/assets/js/linkalert-script.js?ver=

HTML / DOM Fingerprints

CSS Classes

codirun_link_alert_message

HTML Comments

Data Attributes

data-codirun-target-urldata-codirun-status-codedata-codirun-nofollowdata-codirun-sponsored

JS Globals

window.codirun_linkalert_redirect_options

FAQ