Does Link Juice Keeper have any unpatched vulnerabilities?

No. All known vulnerabilities in Link Juice Keeper have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Link Juice Keeper compatible with WordPress 6.8.5?

According to WordPress.org data, Link Juice Keeper 2.1.3 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Link Juice Keeper compatible with PHP 7.2+?

Link Juice Keeper requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Link Juice Keeper updated?

Link Juice Keeper was last updated on Jun 29, 2025. Frequent updates are generally a positive security signal.

What is Link Juice Keeper's security score?

Link Juice Keeper has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Link Juice Keeper Security & Risk Analysis

wordpress.org/plugins/link-juice-keeper

Improve your SEO and keep your link juice by automatically redirecting all 404 errors to any page/post/url. User friendly options and log feature.

10K active installs v2.1.3 PHP 7.2+ WP 5.3.0+ Updated Jun 29, 2025

404errorlinkredirectseo

A · Safe

CVEs total1

Unpatched0

Last CVEFeb 10, 2023

Plugin page Download

Safety Verdict

Is Link Juice Keeper Safe to Use in 2026?

Generally Safe

Score 100/100

Link Juice Keeper has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Feb 10, 2023Updated 9mo ago

Risk Assessment

The 'link-juice-keeper' plugin version 2.1.3 exhibits a mixed security posture. On the positive side, the static analysis reveals a remarkably small attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events. This suggests that direct user interaction points are minimal. Furthermore, the absence of dangerous function calls, file operations, and external HTTP requests is a strong indicator of good coding practices in these areas. The code also demonstrates a good degree of output escaping, with 86% of outputs being properly handled.

However, there are notable areas of concern. While the static analysis shows no direct vulnerabilities in the current version's code signals (e.g., taint analysis), the plugin does have a history of known vulnerabilities, specifically a medium severity Cross-site Scripting (XSS) vulnerability discovered in February 2023. The fact that there are no currently unpatched CVEs is positive, but the existence of past XSS issues implies a potential for similar vulnerabilities to arise again if input handling is not rigorously maintained. The presence of 6 SQL queries, with 50% not using prepared statements, is another significant risk, as it opens the door to SQL injection vulnerabilities, especially if any of the unsanitized inputs are incorporated into these queries. The lack of explicit capability checks and nonce checks on any potential (though currently unexposed) entry points is also a concern, as it relies on WordPress's core security measures which might not be sufficient on their own for all scenarios.

In conclusion, the plugin benefits from a limited attack surface and good output escaping in many areas. Nevertheless, the past XSS vulnerability and the significant proportion of SQL queries lacking prepared statements represent material risks that require attention. Developers should prioritize addressing these SQL query vulnerabilities and maintain vigilance regarding input sanitization to prevent future XSS or similar injection attacks.

Key Concerns

Medium severity XSS vulnerability in history
50% of SQL queries not using prepared statements
No capability checks
No nonce checks

Vulnerabilities

Link Juice Keeper Security Vulnerabilities

CVEs by Year

1 CVE in 2023

2023

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2023-25793medium · 5.5Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Link Juice Keeper <= 2.0.2 - Authenticated(Admin+) Stored Cross-Site Scripting

Feb 10, 2023 Patched in 2.0.3 (347d)

Code Analysis

Analyzed Mar 16, 2026

Link Juice Keeper Code Analysis

Dangerous Functions

Raw SQL Queries

3 prepared

Unescaped Output

36 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

50% prepared6 total queries

Output Escaping

86% escaped42 total outputs

Attack Surface

Link Juice Keeper Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 7

actionplugins_loadedincludes\class-link-juice-keeper.php:148

actionadmin_enqueue_scriptsincludes\class-link-juice-keeper.php:162

actionadmin_enqueue_scriptsincludes\class-link-juice-keeper.php:163

filteradmin_initincludes\class-link-juice-keeper.php:166

actionadmin_initincludes\class-link-juice-keeper.php:167

actionadmin_menuincludes\class-link-juice-keeper.php:168

actiontemplate_redirectincludes\class-link-juice-keeper.php:183

Maintenance & Trust

Link Juice Keeper Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJun 29, 2025

PHP min version7.2

Downloads268K

Community Trust

Rating94/100

Number of ratings15

Active installs10K

Alternatives

Link Juice Keeper Alternatives

Redirect 404 to Homepage

404-to-homepage

100

Redirect 404 missing pages to the homepage using SEO 301 redirection. Super lightweight!

70K No CVEs

All 404 Redirect to Homepage

all-404-redirect-to-homepage

Using this plugin, you can fix all 404 error links by redirecting them to homepage using the SEO 301 redirection. Improve your SEO rank & pages speed

200K 2 CVEs

Simple 301 Redirects By BetterLinks – Easy WordPress Redirect Manager for Redirects, 404 Error Log & More

simple-301-redirects

Simple 301 Redirects provides an easy method of redirecting requests to another page on your site or elsewhere on the web.

100K 7 CVEs

SEO Repair Kit – AI Chatbot, Schema Manager, SEO Content Monitoring, GSC Integration, Keyword & Rank Tracking

seo-repair-kit

100

The ultimate WordPress plugin for SEO automation - from link fixing to AI-powered schema generation and chatbot support.

3K No CVEs

Gone Response

gone-response

100

Show the 404 page content with a 410 Gone status for all 404 errors.

200 No CVEs

Developer Profile

Link Juice Keeper Developer Profile

George Pattichis

9 plugins · 76K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

192 days

View full developer profile

Detection Fingerprints

How We Detect Link Juice Keeper

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/link-juice-keeper/css/link-juice-keeper-admin.css/wp-content/plugins/link-juice-keeper/js/link-juice-keeper-admin.js

Script Paths

admin/js/link-juice-keeper-admin.js

Version Parameters

link-juice-keeper-admin.css?ver=link-juice-keeper-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

link-juice-keeper-main-wrapljk-container

HTML Comments

Link Juice KeeperLink Juice Keeper Settings404 Logs

Data Attributes

data-ljk-redirect-typedata-ljk-redirect-url

JS Globals

LJK_admin_params

FAQ