Does Hints have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

How often is Hints updated?

Hints was last updated on Mar 22, 2015. Frequent updates are generally a positive security signal.

What is Hints's security score?

Hints has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Hints Security & Risk Analysis

wordpress.org/plugins/hints

Provide a better user experience for you users, when they read your posts. Reduce the number outgoing, non-essential links.

10 active installs v1.0a PHP + WP 3.1+ Updated Mar 22, 2015

hintsinfo-cardslinkstooltipui

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Hints Safe to Use in 2026?

Generally Safe

Score 85/100

Hints has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The "hints" plugin v1.0a exhibits a strong security posture based on the static analysis results. The absence of dangerous functions, the exclusive use of prepared statements for SQL queries, and the complete output escaping are significant strengths. Furthermore, the plugin demonstrates a clean record with no known vulnerabilities (CVEs) and no critical or high-severity issues found during taint analysis. The limited attack surface, with only one shortcode and no unprotected entry points, also contributes positively to its security profile. There are no reported file operations or external HTTP requests, further reducing potential attack vectors. The lack of bundled libraries is also a good sign, as it avoids the risk of outdated and vulnerable components. The only area for potential, albeit minor, concern is the complete absence of nonce checks and capability checks. While this doesn't immediately indicate a vulnerability due to the limited attack surface, it is a deviation from best practices for securing WordPress functionalities. However, given the current analysis, the plugin appears to be secure and well-developed from a security perspective.

Key Concerns

Missing nonce checks
Missing capability checks

Vulnerabilities

None known

Hints Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Hints Release Timeline

No version history available.

Code Analysis

Analyzed Apr 16, 2026

Hints Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

Hints Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[hints] hints.class.php:23

WordPress Hooks 3

actionwp_loadedhints.class.php:21

actionwp_loadedhints.class.php:22

actioninithints.php:50

Maintenance & Trust

Hints Maintenance & Trust

Maintenance Signals

WordPress version tested

Last updatedMar 22, 2015

PHP min version

Downloads1K

Community Trust

Rating80/100

Number of ratings1

Active installs10

Alternatives

Hints Alternatives

Definitions – Internal Linkbuilding

definitions-internal-linkbuilding

Automatically replace your posts' keywords on your website with an internal link and tooltip.

20 No CVEs

Internal Link Juicer: SEO Auto Linker for WordPress

internal-links

Improve your SEO and your user experience through internal linkbuilding. Automated links between your posts based on a smart keyword configuration.

90K 2 CVEs

Link Whisper Free

link-whisper

The AI-powered internal linking plugin for WordPress. Build internal links faster, find linking opportunities, and improve SEO automatically.

30K 1 unpatched

Internal Links Manager

seo-automated-link-building

Boost your SEO and get better rankings with our automated link building plugin. With this plugin you can link any keyword to any URL - internal or ext …

10K 3 CVEs

Interlinks Manager – Internal Links Optimizer

daext-interlinks-manager

100

Interlinks Manager is an SEO WordPress plugin that gives you the ability to monitor and optimize your internal links.

8K No CVEs

Developer Profile

Hints Developer Profile

sojournings

2 plugins · 20 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Hints

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/hints/_inc/hints.js/wp-content/plugins/hints/_inc/hints.css

Script Paths

/wp-content/plugins/hints/_inc/hints.js

Version Parameters

hints.js?ver=hints.css?ver=

HTML / DOM Fingerprints

CSS Classes

wphints-plus-buttonwphints-containerbetter-linkswphints-data-boxwphints-trianglewphints-main-content

Data Attributes

data-box-id

Shortcode Output

<span class="wphints-container" style="display:inline;">
            
       <a href="javascript:void(0);" data-box-id="

FAQ