dlb's Send-A-Link Security & Risk Analysis
wordpress.org/plugins/dlbs-send-a-linkdlb's Send-A-Link allows visitors to send someone an email containing a link to the post or page.
Is dlb's Send-A-Link Safe to Use in 2026?
Generally Safe
Score 85/100dlb's Send-A-Link has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The dlbs-send-a-link plugin v1.2 exhibits a generally good security posture based on the static analysis provided. The absence of dangerous functions, the use of prepared statements for all SQL queries, and a high percentage of properly escaped output are strong indicators of secure coding practices. Furthermore, the plugin has no recorded vulnerabilities, which suggests a history of stable and secure development.
However, the analysis does reveal a few areas that warrant attention. The most significant concern is the complete lack of capability checks. This means that any authenticated user, regardless of their role or permissions, can potentially interact with the plugin's functionality. While there are no explicit AJAX handlers or REST API routes without checks, the shortcode is the sole entry point and its operations might be sensitive. The absence of taint analysis flows is noted, but it's important to remember that this doesn't guarantee the absence of vulnerabilities, especially if the plugin's functionality is complex.
In conclusion, dlbs-send-a-link v1.2 is a relatively safe plugin due to its clean code regarding SQL and output handling, and its spotless vulnerability history. The primary weakness lies in the missing capability checks, which could lead to privilege escalation if the shortcode's functionality is exploitable by unauthorized users. The plugin has a small attack surface, which mitigates some of the risk associated with the missing permission checks.
Key Concerns
- No capability checks on entry points
dlb's Send-A-Link Security Vulnerabilities
dlb's Send-A-Link Release Timeline
dlb's Send-A-Link Code Analysis
SQL Query Safety
Output Escaping
dlb's Send-A-Link Attack Surface
Shortcodes 1
WordPress Hooks 2
Maintenance & Trust
dlb's Send-A-Link Maintenance & Trust
Maintenance Signals
Community Trust
dlb's Send-A-Link Alternatives
Send link to friend
send-link-to-friend
If user think the content is useful to their friend, they can use this form to send the URL instead of copy and paste the URL into email.
Email Log
email-log
Log and view all outgoing emails from WordPress. Very useful if you have to debug email related problems or have to store sent emails for auditing.
Send Users Email – Email Subscribers, Email Marketing Newsletter
send-users-email
Send Users Email provides a way to send email to all system users either by selecting individual users or user roles.
Mass Email To users
mass-email-to-users
Mass Email To Users is the plugin for sending a mass email to WordPress users. Admin can send an email to WordPress users together.
Send Email From Admin
send-email-from-admin
Easily send a simple custom email with an attachment from the WordPress administration screen.
dlb's Send-A-Link Developer Profile
1 plugin · 10 total installs
How We Detect dlb's Send-A-Link
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/dlbs-send-a-link/dsl.css/wp-content/plugins/dlbs-send-a-link/dsl.js/wp-content/plugins/dlbs-send-a-link/dsl.jsdlbs-send-a-link/dsl.css?ver=dlbs-send-a-link/dsl.js?ver=HTML / DOM Fingerprints
data-dsl-noncedsl[dsl-link]