WP-Safety

Internal Links Plugin: Link & Cluster Security & Risk Analysis

wordpress.org/plugins/laci-link-cluster

Short Description: Craft Internal Links and Topical Clusters in WordPress for a better User Experience & SEO Performance

0 active installs v1.0.7 PHP 7.1.0+ WP 5.0+ Updated Feb 6, 2025
internal-linkslink-buildinglink-managementseo
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Internal Links Plugin: Link & Cluster Safe to Use in 2026?

Generally Safe

Score 92/100

Internal Links Plugin: Link & Cluster has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The "laci-link-cluster" plugin version 1.0.7 demonstrates a generally strong security posture, primarily due to its diligent use of prepared statements for all SQL queries and a very high rate of properly escaped output. The static analysis reveals no critical or high-severity issues in taint analysis, indicating a low risk of code injection or data leakage. Furthermore, the plugin has no recorded vulnerabilities or CVEs, which is a significant positive indicator of its stability and security over time. The presence of nonces and capability checks on a substantial portion of its entry points suggests a thoughtful approach to access control.

However, the analysis does highlight some areas for improvement that, while not currently manifesting as critical issues, represent potential attack vectors. With 25 AJAX handlers, even though all are reported to have authentication checks, a large attack surface inherently carries a higher risk of future oversight or potential bypasses if checks are not robustly implemented. The bundled Select2 library, while not inherently dangerous, could become a vulnerability if it's not kept up-to-date with its own security patches. The absence of any recorded vulnerabilities in its history is commendable, but it does not guarantee future immunity, and ongoing vigilance is always necessary.

In conclusion, "laci-link-cluster" v1.0.7 is a well-developed plugin with strong core security practices. Its thorough use of prepared statements and output escaping, coupled with a clean vulnerability history, makes it a relatively safe option. The primary concern lies in the sheer number of AJAX handlers, which, despite current checks, represents a larger potential area for future exploitation if not continuously monitored. The bundled library also warrants attention for potential future updates. Overall, the plugin's current state is good, with minor areas for risk mitigation.

Key Concerns

  • Large number of AJAX handlers
  • Bundled library (Select2)
Vulnerabilities
None known

Internal Links Plugin: Link & Cluster Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Internal Links Plugin: Link & Cluster Release Timeline

v1.0.7Current
v1.0.6
v1.0.5
v1.0.4
v1.0.3
v1.0.1
v1.0.0
Code Analysis
Analyzed Apr 16, 2026

Internal Links Plugin: Link & Cluster Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
21 prepared
Unescaped Output
11
703 escaped
Nonce Checks
36
Capability Checks
4
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

Select2

SQL Query Safety

100% prepared21 total queries

Output Escaping

98% escaped714 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

6 flows
<header> (templates/dashboard/partials/header.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Internal Links Plugin: Link & Cluster Attack Surface

Entry Points29
Unprotected0

AJAX Handlers 25

authwp_ajax_get_internal_links_infoincludes/Ajax.php:21
authwp_ajax_laci_change_key_words_for_postincludes/Ajax.php:23
authwp_ajax_laci_change_category_for_postincludes/Ajax.php:25
authwp_ajax_laci_update_single_post_to_dbincludes/Ajax.php:27
authwp_ajax_laci_get_keywords_infoincludes/Ajax.php:29
authwp_ajax_laci_get_total_linksincludes/Controllers/ExternalLinksController.php:13
authwp_ajax_laci_get_domain_postsincludes/Controllers/ExternalLinksController.php:14
authwp_ajax_laci_update_urlincludes/Controllers/ExternalLinksController.php:15
authwp_ajax_laci_search_keyword_same_cateincludes/Controllers/PlacementAssistantController.php:16
authwp_ajax_laci_save_internal_links_for_postincludes/Controllers/PlacementAssistantController.php:17
authwp_ajax_laci_load_more_post_same_cateincludes/Controllers/PlacementAssistantController.php:18
authwp_ajax_laci_load_more_post_diff_cateincludes/Controllers/PlacementAssistantController.php:19
authwp_ajax_laci_get_content_postincludes/Controllers/PlacementAssistantController.php:20
authwp_ajax_laci_save_related_postincludes/Controllers/PlacementAssistantController.php:21
authwp_ajax_laci_insert_main_keywordsincludes/Controllers/PlacementAssistantController.php:22
authwp_ajax_laci_add_related_boxincludes/Controllers/PlacementAssistantController.php:23
authwp_ajax_laci_delete_related_postincludes/Controllers/PlacementAssistantController.php:24
authwp_ajax_laci_import_key_words_rank_mathincludes/Controllers/SettingsController.php:14
authwp_ajax_laci_import_key_words_yoastincludes/Controllers/SettingsController.php:15
authwp_ajax_laci_update_post_to_dbincludes/UpdateDatabase.php:20
noprivwp_ajax_laci_update_post_to_dbincludes/UpdateDatabase.php:21
authwp_ajax_laci_start_update_post_cronincludes/UpdateDatabase.php:23
noprivwp_ajax_laci_start_update_post_cronincludes/UpdateDatabase.php:24
authwp_ajax_laci_check_cron_job_statusincludes/UpdateDatabase.php:26
noprivwp_ajax_laci_check_cron_job_statusincludes/UpdateDatabase.php:27

Shortcodes 4

[laci_internal_links_post_list] includes/Shortcode/AddShortcode.php:18
[laci_internal_links_breadcrumbs] includes/Shortcode/AddShortcode.php:19
[laci_related_post_content] includes/Shortcode/AddShortcode.php:20
[laci_post_title_link] includes/Shortcode/AddShortcode.php:21
WordPress Hooks 26
actionadmin_menuincludes/Controllers/AdminMenuController.php:16
actionadmin_initincludes/Controllers/AdminMenuController.php:18
filterposts_fieldsincludes/Controllers/CreatePostListTableController.php:203
actionadd_meta_boxesincludes/Controllers/LinkSuggestionsController.php:15
actionadd_meta_boxesincludes/Controllers/MetaBoxAddKeyWordController.php:15
actionsave_postincludes/Controllers/MetaBoxAddKeyWordController.php:16
actionadd_meta_boxesincludes/Controllers/MetaBoxInternalLinkInfoController.php:15
actionadd_meta_boxesincludes/Controllers/MetaBoxMainCategoryController.php:16
actionsave_postincludes/Controllers/MetaBoxMainCategoryController.php:17
actioncategory_edit_form_fieldsincludes/Controllers/MetaBoxMainCategoryController.php:19
actionedited_categoryincludes/Controllers/MetaBoxMainCategoryController.php:20
filtermanage_posts_columnsincludes/Controllers/PostLinkManagerController.php:14
actionmanage_posts_custom_columnincludes/Controllers/PostLinkManagerController.php:15
filtermanage_pages_columnsincludes/Controllers/PostLinkManagerController.php:18
actionmanage_pages_custom_columnincludes/Controllers/PostLinkManagerController.php:19
actionadmin_enqueue_scriptsincludes/Enqueue/AdminEnqueue.php:17
actionadmin_enqueue_scriptsincludes/Enqueue/AdminEnqueue.php:19
filtermce_buttonsincludes/Enqueue/AdminEnqueue.php:20
filtermce_external_pluginsincludes/Enqueue/AdminEnqueue.php:21
filtersafe_style_cssincludes/Enqueue/AdminEnqueue.php:23
filterposts_searchincludes/Enqueue/AdminEnqueue.php:25
actionwp_enqueue_scriptsincludes/Enqueue/AdminEnqueue.php:27
actioninitincludes/Initialize.php:29
actionlaci_update_post_cron_jobincludes/UpdateDatabase.php:29
actionplugins_loadedwp-link-and-cluster.php:79
actioninitwp-link-and-cluster.php:82

Scheduled Events 2

laci_update_post_cron_job
laci_update_post_cron_job
Maintenance & Trust

Internal Links Plugin: Link & Cluster Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5
Last updatedFeb 6, 2025
PHP min version7.1.0
Downloads1K

Community Trust

Rating100/100
Number of ratings1
Active installs0
Alternatives

Internal Links Plugin: Link & Cluster Alternatives

Internal Links Manager

Internal Links Manager

seo-automated-link-building

A
97

Boost your SEO and get better rankings with our automated link building plugin. With this plugin you can link any keyword to any URL - internal or ext &hellip;

10K 3 CVEs
Autolinks Manager – SEO Auto Linker

Autolinks Manager – SEO Auto Linker

daext-autolinks-manager

A
100

Automate your affiliate links, increase product page visits, link glossary keywords, and more with this advanced SEO auto-linker plugin.

2K 1 CVE
Automatic Internal Links for SEO by Pagup

Automatic Internal Links for SEO by Pagup

automatic-internal-links-for-seo

A
99

Build internal links from focus keywords. Manual SYNC in Free, continuous auto-sync in Pro.

1K 1 CVE
FS SEO Internal Link Juicer

FS SEO Internal Link Juicer

fs-seo-internal-link-juicer

A
92

Enhance SEO by linking posts, pages, and custom post types based on focus keyphrases for better content connections.

100 No CVEs
SageLink – SEO Internal Link Builder & Auto Linker

SageLink – SEO Internal Link Builder & Auto Linker

sagelink

A
100

Automatically link keywords in your content to improve SEO and site structure. Smart internal linking for posts, pages, categories & tags.

100 No CVEs
Developer Profile

Internal Links Plugin: Link & Cluster Developer Profile

linkandcluster

1 plugin · 0 total installs

88
trust score
Avg Security Score
92/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Internal Links Plugin: Link & Cluster

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/laci-link-cluster/assets/frontend/style.css/wp-content/plugins/laci-link-cluster/assets/lib/select2/select2.min.js/wp-content/plugins/laci-link-cluster/assets/lib/select2/select2.min.css/wp-content/plugins/laci-link-cluster/assets/admin/js/select2.js/wp-content/plugins/laci-link-cluster/assets/lib/css/jquery-ui.css/wp-content/plugins/laci-link-cluster/assets/admin/css/link-assistant.css/wp-content/plugins/laci-link-cluster/assets/admin/js/link-assistant.js/wp-content/plugins/laci-link-cluster/assets/admin/css/settings.css+3 more
Script Paths
/wp-content/plugins/laci-link-cluster/assets/admin/js/link-assistant.js/wp-content/plugins/laci-link-cluster/assets/admin/js/select2.js/wp-content/plugins/laci-link-cluster/assets/admin/js/link-assistant.js/wp-content/plugins/laci-link-cluster/assets/admin/js/settings.js/wp-content/plugins/laci-link-cluster/assets/admin/js/manage-posts-columns.js
Version Parameters
laci-link-cluster/assets/frontend/style.css?ver=laci-link-cluster/assets/lib/select2/select2.min.js?ver=laci-link-cluster/assets/lib/select2/select2.min.css?ver=laci-link-cluster/assets/admin/js/select2.js?ver=laci-link-cluster/assets/lib/css/jquery-ui.css?ver=laci-link-cluster/assets/admin/css/link-assistant.css?ver=laci-link-cluster/assets/admin/js/link-assistant.js?ver=laci-link-cluster/assets/admin/css/settings.css?ver=laci-link-cluster/assets/admin/js/settings.js?ver=laci-link-cluster/assets/admin/css/manage-posts-columns.css?ver=laci-link-cluster/assets/admin/js/manage-posts-columns.js?ver=

HTML / DOM Fingerprints

CSS Classes
laci-link-assistant-wrapper
Data Attributes
data-laci-post-iddata-laci-post-titledata-laci-post-type
JS Globals
LACI_INTERNAL_LINKS_VERSION
FAQ

Frequently Asked Questions about Internal Links Plugin: Link & Cluster