WP-Safety

Internal Link Visualizer Security & Risk Analysis

wordpress.org/plugins/internal-link-visualizer

Visualize your site's internal and external links as an interactive map. Discover orphan content and optimize your linking strategy.

70 active installs v2.1.2 PHP 7.4+ WP 5.0+ Updated Dec 14, 2025
internal-linkslink-analysisseositemapvisualization
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Internal Link Visualizer Safe to Use in 2026?

Generally Safe

Score 100/100

Internal Link Visualizer has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago
Risk Assessment

The internal-link-visualizer plugin, version 2.1.2, demonstrates a generally strong security posture with excellent coverage of authentication and authorization checks across its identified entry points. The absence of known vulnerabilities and the consistent use of nonces and capability checks are significant strengths. The plugin also shows a commendable approach to SQL queries, with a high percentage utilizing prepared statements.

However, there are a few areas that warrant attention. The presence of the `unserialize` function is a significant concern, as it can lead to arbitrary object injection vulnerabilities if not handled with extreme care and strict validation of the serialized data. While the taint analysis did not reveal critical or high severity issues related to this function in the analyzed flows, the potential risk remains if untrusted data is ever passed to it. Additionally, the output escaping is only properly implemented in 55% of cases, which could lead to cross-site scripting (XSS) vulnerabilities in certain scenarios where user-supplied data is displayed without proper sanitization.

The plugin's vulnerability history is remarkably clean, with no recorded CVEs. This suggests a responsible development team that either proactively addresses security or has historically had a low incidence of exploitable flaws. Nevertheless, the static analysis findings, particularly the use of `unserialize` and incomplete output escaping, indicate that ongoing vigilance and potential code review are necessary to maintain this clean security record.

Key Concerns

  • Unsanitized path in taint flow
  • Dangerous function: unserialize
  • Output escaping only 55% proper
Vulnerabilities
None known

Internal Link Visualizer Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Internal Link Visualizer Release Timeline

v2.1.2Current
v2.1.1
Code Analysis
Analyzed Mar 16, 2026

Internal Link Visualizer Code Analysis

Dangerous Functions
1
Raw SQL Queries
88
193 prepared
Unescaped Output
337
408 escaped
Nonce Checks
20
Capability Checks
19
File Operations
1
External Requests
3
Bundled Libraries
0

Dangerous Functions Found

unserialize$data = unserialize($value);includes\class-intelivi-advanced-cache-manager.php:209

SQL Query Safety

69% prepared281 total queries

Output Escaping

55% escaped745 total outputs
Data Flows · Security
1 unsanitized

Data Flow Analysis

7 flows1 with unsanitized paths
save_cache_config (includes\class-intelivi-admin.php:1951)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Internal Link Visualizer Attack Surface

Entry Points16
Unprotected0

AJAX Handlers 15

authwp_ajax_intelivi_generate_sitemapsincludes\class-intelivi-ajax-handler.php:116
authwp_ajax_intelivi_get_sitemap_dataincludes\class-intelivi-ajax-handler.php:117
authwp_ajax_intelivi_scan_contentincludes\class-intelivi-ajax-handler.php:118
authwp_ajax_intelivi_delete_sitemapincludes\class-intelivi-ajax-handler.php:119
authwp_ajax_intelivi_get_statsincludes\class-intelivi-ajax-handler.php:120
authwp_ajax_intelivi_analyze_graphincludes\class-intelivi-ajax-handler.php:122
authwp_ajax_intelivi_get_cached_analyticsincludes\class-intelivi-ajax-handler.php:123
authwp_ajax_intelivi_get_links_analysisincludes\class-intelivi-ajax-handler.php:125
authwp_ajax_intelivi_save_snapshotincludes\class-intelivi-ajax-handler.php:127
authwp_ajax_intelivi_list_snapshotsincludes\class-intelivi-ajax-handler.php:128
authwp_ajax_intelivi_get_snapshotincludes\class-intelivi-ajax-handler.php:129
authwp_ajax_intelivi_save_ui_optionincludes\class-intelivi-ajax-handler.php:131
authwp_ajax_intelivi_cleanup_linksincludes\class-intelivi-ajax-handler.php:133
authwp_ajax_intelivi_debug_generateincludes\class-intelivi-debug-ajax.php:13
authwp_ajax_intelivi_debug_scanincludes\class-intelivi-debug-ajax.php:14

Shortcodes 1

[intelivi_version] includes\class-intelivi-admin.php:51
WordPress Hooks 25
actionadmin_menudebug-helper.php:12
actionadmin_menuincludes\class-intelivi-admin.php:44
actionadmin_enqueue_scriptsincludes\class-intelivi-admin.php:45
actionadmin_initincludes\class-intelivi-admin.php:46
filterscript_loader_tagincludes\class-intelivi-admin.php:47
actionadmin_footerincludes\class-intelivi-admin.php:48
filterscript_loader_tagincludes\class-intelivi-admin.php:281
actionintelivi_preload_critical_dataincludes\class-intelivi-advanced-cache-manager.php:180
actionintelivi_cleanup_advanced_cacheincludes\class-intelivi-advanced-cache-manager.php:181
actionintelivi_cleanup_cacheincludes\class-intelivi-cache-manager.php:44
actionintelivi_after_activationincludes\class-intelivi-database-views.php:48
actionintelivi_before_deactivationincludes\class-intelivi-database-views.php:49
actionintelivi_cleanup_rate_limitsincludes\class-intelivi-security-manager.php:188
actionsave_postincludes\class-intelivi-smart-manager-cache-invalidator.php:51
actiondelete_postincludes\class-intelivi-smart-manager-cache-invalidator.php:52
actionwp_trash_postincludes\class-intelivi-smart-manager-cache-invalidator.php:53
actionuntrash_postincludes\class-intelivi-smart-manager-cache-invalidator.php:54
actiontransition_post_statusincludes\class-intelivi-smart-manager-cache-invalidator.php:55
actionintelivi_links_updatedincludes\class-intelivi-smart-manager-cache-invalidator.php:58
actionintelivi_link_addedincludes\class-intelivi-smart-manager-cache-invalidator.php:59
actionintelivi_link_removedincludes\class-intelivi-smart-manager-cache-invalidator.php:60
actionactivated_pluginincludes\class-intelivi-smart-manager-cache-invalidator.php:63
actiondeactivated_pluginincludes\class-intelivi-smart-manager-cache-invalidator.php:64
actioninitincludes\class-intelivi-smart-manager-cache-invalidator.php:220
actionplugins_loadedinternal-link-visualizer.php:70

Scheduled Events 5

intelivi_initial_scan
intelivi_preload_critical_data
intelivi_cleanup_advanced_cache
intelivi_cleanup_cache
intelivi_cleanup_rate_limits
Maintenance & Trust

Internal Link Visualizer Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedDec 14, 2025
PHP min version7.4
Downloads322

Community Trust

Rating70/100
Number of ratings2
Active installs70
Alternatives

Internal Link Visualizer Alternatives

Post Network

Post Network

post-network

A
100

Visualize post relationships graphically based on internal links

40 No CVEs
Yoast SEO – Advanced SEO with real-time guidance and built-in AI

Yoast SEO – Advanced SEO with real-time guidance and built-in AI

wordpress-seo

A
89

Improve your SEO with real-time feedback, schema, and clear guidance. Upgrade for AI tools, Google Docs integration, and 24/7 support, no hidden fees.

10.0M 18 CVEs
All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic

All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic

all-in-one-seo-pack

B
82

AIOSEO is the most powerful WordPress SEO plugin. Improve SEO rankings and traffic with comprehensive SEO tools and smart AI SEO optimizations!

3.0M 26 CVEs
XML Sitemap Generator for Google

XML Sitemap Generator for Google

google-sitemap-generator

A
97

Generate multiple types of sitemaps to improve SEO and get your website indexed quickly.

1.0M 3 CVEs
SiteSEO – SEO Simplified

SiteSEO – SEO Simplified

siteseo

A
96

SiteSEO is an easy, fast and powerful SEO plugin for WordPress. Unlock your Website's potential and Maximize your online visibility with our SiteSEO!

500K 4 CVEs
Developer Profile

Internal Link Visualizer Developer Profile

suivixtenzia

1 plugin · 70 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Internal Link Visualizer

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/internal-link-visualizer/css/style.css/wp-content/plugins/internal-link-visualizer/js/app.js
Script Paths
/wp-content/plugins/internal-link-visualizer/js/app.js
Version Parameters
internal-link-visualizer/style.css?ver=internal-link-visualizer/js/app.js?ver=

HTML / DOM Fingerprints

CSS Classes
intelivi-debug-infointelivi-link-dataintelivi-table-wrap
Data Attributes
data-post-iddata-titledata-url
JS Globals
intelivi_ajax_object
FAQ

Frequently Asked Questions about Internal Link Visualizer