Does GamiPress – Link have any unpatched vulnerabilities?

No. All known vulnerabilities in GamiPress – Link have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is GamiPress – Link compatible with WordPress 6.9.4?

According to WordPress.org data, GamiPress – Link 1.1.5 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is GamiPress – Link updated?

GamiPress – Link was last updated on Dec 1, 2025. Frequent updates are generally a positive security signal.

What is GamiPress – Link's security score?

GamiPress – Link has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

GamiPress – Link Security & Risk Analysis

wordpress.org/plugins/gamipress-link

Add activity events based on link clicks generated by [gamipress_link]

900 active installs v1.1.5 PHP + WP 4.4+ Updated Dec 1, 2025

clickgamificationgamifygamipresslink

A · Safe

CVEs total1

Unpatched0

Last CVEJun 4, 2024

Plugin page Download

Safety Verdict

Is GamiPress – Link Safe to Use in 2026?

Generally Safe

Score 99/100

GamiPress – Link has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jun 4, 2024Updated 4mo ago

Risk Assessment

The gamipress-link plugin v1.1.5 demonstrates a generally good security posture based on the static analysis. The absence of unauthenticated AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the potential attack surface. Furthermore, the code strictly uses prepared statements for all SQL queries and includes nonce checks, which are strong indicators of secure coding practices. The lack of file operations and external HTTP requests further reduces common attack vectors.

However, there are some areas for improvement. While the majority of output is properly escaped, a notable percentage (30%) is not. This could potentially lead to Cross-Site Scripting (XSS) vulnerabilities if malicious input is not handled carefully. The vulnerability history shows a recent medium-severity XSS vulnerability, which aligns with the concern about unescaped output. Although this vulnerability is currently patched, it highlights a recurring pattern that requires ongoing attention.

In conclusion, gamipress-link v1.1.5 is relatively secure due to its limited attack surface and robust handling of database operations and nonces. The primary concern stems from the unescaped output, which has historically led to XSS vulnerabilities. Continued vigilance in ensuring all output is properly escaped will be crucial for maintaining a strong security profile.

Key Concerns

Unescaped output percentage is high
Recent medium vulnerability (XSS)

Vulnerabilities

GamiPress – Link Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-5536medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

GamiPress – Link <= 1.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

Jun 4, 2024 Patched in 1.1.5 (1d)

Code Analysis

Analyzed Mar 16, 2026

GamiPress – Link Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

23 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

70% escaped33 total outputs

Attack Surface

GamiPress – Link Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 2

authwp_ajax_gamipress_link_clickincludes\ajax-functions.php:95

noprivwp_ajax_gamipress_link_clickincludes\ajax-functions.php:96

WordPress Hooks 20

actionadmin_noticesgamipress-link.php:100

actionplugins_loadedgamipress-link.php:205

filtergamipress_automatic_updates_pluginsincludes\admin.php:26

filtergamipress_log_event_trigger_meta_dataincludes\logs.php:51

filtergamipress_get_user_trigger_count_log_metaincludes\logs.php:124

filtergamipress_log_extra_data_fieldsincludes\logs.php:226

filtergamipress_requirement_objectincludes\requirements.php:50

actiongamipress_requirement_ui_html_after_achievement_postincludes\requirements.php:70

actiongamipress_ajax_update_requirementincludes\requirements.php:106

actiongamipress_requirement_ui_html_after_requirement_titleincludes\requirements.php:129

filtergamipress_get_triggered_requirementsincludes\rules-engine.php:121

filteruser_has_access_to_achievementincludes\rules-engine.php:152

actioninitincludes\scripts.php:26

actionwp_enqueue_scriptsincludes\scripts.php:48

actionadmin_initincludes\scripts.php:64

actionadmin_enqueue_scriptsincludes\scripts.php:84

actioninitincludes\shortcodes\gamipress_link.php:62

filtergamipress_activity_triggersincludes\triggers.php:40

filtergamipress_activity_trigger_labelincludes\triggers.php:85

filtergamipress_trigger_get_user_idincludes\triggers.php:119

Maintenance & Trust

GamiPress – Link Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 1, 2025

PHP min version

Downloads23K

Community Trust

Rating100/100

Number of ratings2

Active installs900

Alternatives

GamiPress – Link Alternatives

GamiPress – Button

gamipress-button

Add activity events based on button clicks generated by [gamipress_button]

1K 2 CVEs

GamiPress – Leaderboards Include/Exclude Users

gamipress-leaderboards-include-exclude-users

100

Include or exclude specific users or roles on any leaderboard.

500 No CVEs

GamiPress – Block Users

gamipress-block-users

100

Block users and roles from getting awarded through the GamiPress awards engine

400 No CVEs

GamiPress – BuddyPress Group Leaderboard

gamipress-buddypress-group-leaderboard

100

Add a completely configurable tab on BuddyPress groups with a GamiPress leaderboard of group members

300 No CVEs

GamiPress – Emails By Type

gamipress-emails-by-type

100

Set different emails settings by type

200 No CVEs

Developer Profile

GamiPress – Link Developer Profile

Ruben Garcia

30 plugins · 25K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

139 days

View full developer profile

Detection Fingerprints

How We Detect GamiPress – Link

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/gamipress-link/assets/js/gamipress-link-admin.js/wp-content/plugins/gamipress-link/assets/js/gamipress-link.js

Script Paths

/wp-content/plugins/gamipress-link/assets/js/gamipress-link.js/wp-content/plugins/gamipress-link/assets/js/gamipress-link-admin.js

Version Parameters

/wp-content/plugins/gamipress-link/assets/js/gamipress-link.js?ver=/wp-content/plugins/gamipress-link/assets/js/gamipress-link-admin.js?ver=

HTML / DOM Fingerprints

JS Globals

gamipress_link

FAQ