WP-Safety

Linkz.ai – Automatic link previews on hover Security & Risk Analysis

wordpress.org/plugins/linkz-ai

Linkz.ai improves visitor retention on your website & blog with live link previews. Linkz.ai automatically extracts & shows linked content, e.

80 active installs v1.3.0 PHP 5.4+ WP 4.7+ Updated Dec 21, 2024
elementorembedsfreewidgetsyoutube
91
A · Safe
CVEs total2
Unpatched0
Last CVEOct 10, 2024
Download
Safety Verdict

Is Linkz.ai – Automatic link previews on hover Safe to Use in 2026?

Generally Safe

Score 91/100

Linkz.ai – Automatic link previews on hover has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Oct 10, 2024Updated 1yr ago
Risk Assessment

The "linkz-ai" v1.3.0 plugin exhibits a mixed security posture. On the positive side, the static analysis reveals a small attack surface with no unprotected entry points and a complete reliance on prepared statements for SQL queries. The plugin also demonstrates good practices with a healthy number of nonce and capability checks. Taint analysis shows no critical or high-severity unsanitized flows.

However, concerns arise from the output escaping, where only 57% of outputs are properly escaped, leaving potential for cross-site scripting (XSS) vulnerabilities. While there are no currently unpatched CVEs, the plugin has a history of two medium-severity vulnerabilities, both stemming from missing authorization issues. This historical pattern suggests a recurring oversight in securing sensitive operations, even though the current analysis shows no immediate auth bypasses in the entry points.

Overall, the plugin has made strides in secure coding practices, particularly with SQL handling and a protected attack surface. The primary remaining risk is the inconsistent output escaping and the historical precedent of authorization flaws. While no critical issues are immediately apparent in this version's static analysis, the past vulnerability types warrant continued vigilance regarding authorization and the identified output escaping weaknesses.

Key Concerns

  • Inconsistent output escaping
  • History of missing authorization vulns
Vulnerabilities
2

Linkz.ai – Automatic link previews on hover Security Vulnerabilities

CVEs by Year

2 CVEs in 2024
2024
Patched Has unpatched

Severity Breakdown

Medium
2

2 total CVEs

CVE-2024-9587medium · 5.4Missing Authorization

Linkz.ai <= 1.1.8 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update via AJAX

Oct 10, 2024 Patched in 1.2.0 (9d)
CVE-2024-9586medium · 6.5Missing Authorization

Linkz.ai <= 1.1.8 - Missing Authorization to Unauthenticated Plugin Settings Update

Oct 10, 2024 Patched in 1.2.0 (9d)
Code Analysis
Analyzed Mar 16, 2026

Linkz.ai – Automatic link previews on hover Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
31
41 escaped
Nonce Checks
4
Capability Checks
5
File Operations
0
External Requests
1
Bundled Libraries
0

Output Escaping

57% escaped72 total outputs
Data Flows
All sanitized

Data Flow Analysis

3 flows
check_auth (init.php:204)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Linkz.ai – Automatic link previews on hover Attack Surface

Entry Points1
Unprotected0

AJAX Handlers 1

authwp_ajax_linkzinit.php:57
WordPress Hooks 7
actionadmin_enqueue_scriptsinit.php:52
actionwp_enqueue_scriptsinit.php:53
actionadmin_menuinit.php:54
actionadmin_initinit.php:55
actionadmin_initinit.php:56
actionadmin_initinit.php:60
actionadmin_initinit.php:61
Maintenance & Trust

Linkz.ai – Automatic link previews on hover Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedDec 21, 2024
PHP min version5.4
Downloads4K

Community Trust

Rating100/100
Number of ratings3
Active installs80
Alternatives

Linkz.ai – Automatic link previews on hover Alternatives

GW Elementor Addons

GW Elementor Addons

gw-elementor-addons

A
100

GW Elementor Addons – Take your Elementor designs to the next level with 40+ premium widgets, 120+ templates, and many more.

60 No CVEs
Free widgets For Elementor

Free widgets For Elementor

free-widgets-for-elementor

A
85

Free widgets For Elementor is a collection of powerful widgets that works perfectly with Elementor page builder. It has many widgets so you can easy-t &hellip;

30 No CVEs
Just show free stuff in Elementor

Just show free stuff in Elementor

just-show-free-stuff-in-elementor

A
100

This plug-in will remove/hide pro features so the interface will be a bit cleaner.

10 No CVEs
AddonNest for Elementor

AddonNest for Elementor

addonnest

A
100

Supercharge Elementor with 20+ premium-quality widgets for stunning websites. No coding needed!

0 No CVEs
ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor

ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor

elementskit-lite

A
89

Join millions who empower their websites with ElementsKit Elementor Addons. Get templates, & 100+ widgets like header-footer, mega menu, custom widget

2.0M 22 CVEs
Developer Profile

Linkz.ai – Automatic link previews on hover Developer Profile

Vittorio - Linkz.ai

1 plugin · 80 total installs

88
trust score
Avg Security Score
91/100
Avg Patch Time
9 days
View full developer profile
Detection Fingerprints

How We Detect Linkz.ai – Automatic link previews on hover

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/linkz-ai/assets/img/icon-16x16.png
Script Paths
/wp-content/plugins/linkz-ai/assets/js/admin.js
Version Parameters
linkz-ai/assets/js/admin.js?ver=linkz-ai/assets/css/admin.css?ver=

HTML / DOM Fingerprints

JS Globals
linkzAi
FAQ

Frequently Asked Questions about Linkz.ai – Automatic link previews on hover