WP-Safety

Macymed Link Tracker Security & Risk Analysis

wordpress.org/plugins/macymed-link-tracker

LinkTracker is a powerful tool to analyze your site traffic, analyze clicks on your links and generate detailed reports for your campaigns.

0 active installs v1.2.0.0 PHP 7.4+ WP 6.6.2+ Updated Feb 6, 2025
analyticsclick-trackinginternal-trackinglink-trackingoutbound-tracking
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Macymed Link Tracker Safe to Use in 2026?

Generally Safe

Score 92/100

Macymed Link Tracker has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The "macymed-link-tracker" v1.2.0.0 plugin exhibits a concerning security posture primarily due to its substantial attack surface exposed through AJAX handlers. A significant weakness is the presence of 10 AJAX handlers, all of which lack authentication checks, creating a broad entry point for potential attackers. While the plugin demonstrates good practices in other areas, such as a high percentage of properly escaped output and the predominant use of prepared statements for SQL queries, these strengths are overshadowed by the critical exposure of its AJAX endpoints.

The taint analysis reveals 4 flows with unsanitized paths, all categorized as high severity. This indicates that user-supplied data in these flows is not being adequately validated or sanitized before being processed, potentially leading to vulnerabilities like cross-site scripting (XSS) or path traversal if these flows are reachable through the unprotected AJAX endpoints.

Fortunately, the plugin has no recorded vulnerability history, which suggests a historical lack of exploitable flaws. However, this positive track record should not detract from the immediate risks identified in the static analysis. The combination of a large, unprotected attack surface and high-severity taint flows presents a clear and present danger that requires immediate attention.

Key Concerns

  • 10 unprotected AJAX handlers
  • 4 high severity unsanitized flows
  • Bundled outdated library: dompdf
Vulnerabilities
None known

Macymed Link Tracker Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Macymed Link Tracker Release Timeline

v1.2.0.0Current
v1.1.0.6
v1.1.0.5
v1.1.0.4
v1.1.0.3
v1.1.0.2
v1.1.0.1
v1.1.0
Code Analysis
Analyzed Apr 16, 2026

Macymed Link Tracker Code Analysis

Dangerous Functions
0
Raw SQL Queries
8
106 prepared
Unescaped Output
18
838 escaped
Nonce Checks
58
Capability Checks
2
File Operations
2
External Requests
0
Bundled Libraries
1

Bundled Libraries

dompdf

SQL Query Safety

93% prepared114 total queries

Output Escaping

98% escaped856 total outputs
Data Flows · Security
4 unsanitized

Data Flow Analysis

20 flows4 with unsanitized paths
get_table_data (src/Admin/Pages/Components/AdminTable.php:260)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
10 unprotected

Macymed Link Tracker Attack Surface

Entry Points10
Unprotected10

AJAX Handlers 10

authwp_ajax_get_detailssrc/Admin/Pages/ListClicks.php:19
authwp_ajax_get_referer_detailssrc/Admin/Pages/ListClicks.php:48
authwp_ajax_get_data_for_statssrc/Utils/Stats.php:47
authwp_ajax_get_total_clickssrc/Utils/Stats.php:48
noprivwp_ajax_get_total_clickssrc/Utils/Stats.php:49
authwp_ajax_get_detailstrunk/src/Admin/Pages/ListClicks.php:19
authwp_ajax_get_referer_detailstrunk/src/Admin/Pages/ListClicks.php:48
authwp_ajax_get_data_for_statstrunk/src/Utils/Stats.php:47
authwp_ajax_get_total_clickstrunk/src/Utils/Stats.php:48
noprivwp_ajax_get_total_clickstrunk/src/Utils/Stats.php:49
WordPress Hooks 96
actioninitmacymed_link_tracker.php:120
actionplugins_loadedmacymed_link_tracker.php:140
actionmacymed_link_tracker_pro_list_url_render_actionssrc/Admin/Hooks.php:12
actionmacymed_link_tracker_pro_list_referer_render_actionssrc/Admin/Hooks.php:13
actionmacymed_link_tracker_pro_list_history_render_actionssrc/Admin/Hooks.php:14
actionmacymed_link_tracker_stats_report_tab_pro_beforesrc/Admin/Hooks.php:15
actionmacymed_link_tracker_stats_report_tab_pro_aftersrc/Admin/Hooks.php:16
actionmacymed_link_tracker_pro_details_url_graph_networksrc/Admin/Hooks.php:17
actionmacymed_link_tracker_list_type_tracking_messagesrc/Admin/Hooks.php:23
actionmacymed_link_tracker_list_personal_data_messagesrc/Admin/Hooks.php:24
actionmacymed_link_tracker_list_personal_data_message_rgpdsrc/Admin/Hooks.php:25
actionmacymed_tracker_tracking_use_external_redirect_page_messagesrc/Admin/Hooks.php:27
filterset-screen-optionsrc/Admin/Pages/Components/AdminTable.php:24
filterset-screen-optionsrc/Admin/Pages/Components/AdminTableClicks.php:24
filterset-screen-optionsrc/Admin/Pages/Components/AdminTableReferer.php:24
actionadmin_initsrc/Admin/Pages/Settings.php:18
actionadmin_post_macymed_link_tracker_clear_databasesrc/Admin/Pages/Tools.php:18
actionadmin_post_macymed_link_tracker_clear_urlsrc/Admin/Pages/Tools.php:37
actionadmin_post_macymed_link_tracker_clear_keywordsrc/Admin/Pages/Tools.php:57
actionadmin_initsrc/Admin/Pages/Tools.php:81
actionadmin_headsrc/Admin/RegisterAdmin.php:58
filteradmin_body_classsrc/Admin/RegisterAdmin.php:59
actionmacymed_link_tracker_sidebar_beforesrc/Admin/RegisterAdmin.php:60
actionadmin_enqueue_scriptssrc/Admin/RegisterAdmin.php:203
filterscript_loader_tagsrc/Admin/RegisterAdmin.php:245
actionadmin_menusrc/Admin/RegisterAdmin.php:273
actionwp_enqueue_scriptssrc/Utils/Assets.php:16
actionmacymed_link_tracker_details_url_graph_evolutionsrc/Utils/Chart.php:15
actionmacymed_link_tracker_details_url_graph_networksrc/Utils/Chart.php:16
filterquery_varssrc/Utils/Redirect.php:14
actionparse_requestsrc/Utils/Redirect.php:26
actionwp_enqueue_scriptssrc/Utils/RedirectPage.php:12
actionmacymed_link_tracker_redirect_page_headsrc/Utils/RedirectPage.php:14
actionmacymed_link_tracker_redirect_page_logosrc/Utils/RedirectPage.php:15
actionmacymed_link_tracker_redirect_page_titlesrc/Utils/RedirectPage.php:16
actionmacymed_link_tracker_redirect_page_messagesrc/Utils/RedirectPage.php:17
actionmacymed_link_tracker_redirect_page_buttonssrc/Utils/RedirectPage.php:18
actionmacymed_tracker_tracking_add_external_redirect_page_setting_fieldssrc/Utils/Settings.php:11
actionmacymed_tracker_tracking_add_exclusion_outgoing_setting_fieldssrc/Utils/Settings.php:12
actionmacymed_tracker_tracking_add_exclusion_tracking_setting_fieldssrc/Utils/Settings.php:13
actionmacymed_tracker_tracking_register_external_redirect_page_settingssrc/Utils/Settings.php:15
actionmacymed_tracker_tracking_register_exclusion_outgoing_setting_settingssrc/Utils/Settings.php:16
actionmacymed_tracker_tracking_register_exclusion_tracking_setting_settingssrc/Utils/Settings.php:17
actionwp_enqueue_scriptssrc/Utils/Stats.php:476
actiontemplate_redirectsrc/Utils/Tracking.php:18
filterthe_contentsrc/Utils/Tracking.php:80
filterwidget_textsrc/Utils/Tracking.php:81
filterwidget_text_contentsrc/Utils/Tracking.php:82
actioninittrunk/macymed_link_tracker.php:120
actionplugins_loadedtrunk/macymed_link_tracker.php:140
actionmacymed_link_tracker_pro_list_url_render_actionstrunk/src/Admin/Hooks.php:12
actionmacymed_link_tracker_pro_list_referer_render_actionstrunk/src/Admin/Hooks.php:13
actionmacymed_link_tracker_pro_list_history_render_actionstrunk/src/Admin/Hooks.php:14
actionmacymed_link_tracker_stats_report_tab_pro_beforetrunk/src/Admin/Hooks.php:15
actionmacymed_link_tracker_stats_report_tab_pro_aftertrunk/src/Admin/Hooks.php:16
actionmacymed_link_tracker_pro_details_url_graph_networktrunk/src/Admin/Hooks.php:17
actionmacymed_link_tracker_list_type_tracking_messagetrunk/src/Admin/Hooks.php:23
actionmacymed_link_tracker_list_personal_data_messagetrunk/src/Admin/Hooks.php:24
actionmacymed_link_tracker_list_personal_data_message_rgpdtrunk/src/Admin/Hooks.php:25
actionmacymed_tracker_tracking_use_external_redirect_page_messagetrunk/src/Admin/Hooks.php:27
filterset-screen-optiontrunk/src/Admin/Pages/Components/AdminTable.php:24
filterset-screen-optiontrunk/src/Admin/Pages/Components/AdminTableClicks.php:24
filterset-screen-optiontrunk/src/Admin/Pages/Components/AdminTableReferer.php:24
actionadmin_inittrunk/src/Admin/Pages/Settings.php:18
actionadmin_post_macymed_link_tracker_clear_databasetrunk/src/Admin/Pages/Tools.php:18
actionadmin_post_macymed_link_tracker_clear_urltrunk/src/Admin/Pages/Tools.php:37
actionadmin_post_macymed_link_tracker_clear_keywordtrunk/src/Admin/Pages/Tools.php:57
actionadmin_inittrunk/src/Admin/Pages/Tools.php:81
actionadmin_headtrunk/src/Admin/RegisterAdmin.php:58
filteradmin_body_classtrunk/src/Admin/RegisterAdmin.php:59
actionmacymed_link_tracker_sidebar_beforetrunk/src/Admin/RegisterAdmin.php:60
actionadmin_enqueue_scriptstrunk/src/Admin/RegisterAdmin.php:203
filterscript_loader_tagtrunk/src/Admin/RegisterAdmin.php:245
actionadmin_menutrunk/src/Admin/RegisterAdmin.php:273
actionwp_enqueue_scriptstrunk/src/Utils/Assets.php:16
actionmacymed_link_tracker_details_url_graph_evolutiontrunk/src/Utils/Chart.php:15
actionmacymed_link_tracker_details_url_graph_networktrunk/src/Utils/Chart.php:16
filterquery_varstrunk/src/Utils/Redirect.php:14
actionparse_requesttrunk/src/Utils/Redirect.php:26
actionwp_enqueue_scriptstrunk/src/Utils/RedirectPage.php:12
actionmacymed_link_tracker_redirect_page_headtrunk/src/Utils/RedirectPage.php:14
actionmacymed_link_tracker_redirect_page_logotrunk/src/Utils/RedirectPage.php:15
actionmacymed_link_tracker_redirect_page_titletrunk/src/Utils/RedirectPage.php:16
actionmacymed_link_tracker_redirect_page_messagetrunk/src/Utils/RedirectPage.php:17
actionmacymed_link_tracker_redirect_page_buttonstrunk/src/Utils/RedirectPage.php:18
actionmacymed_tracker_tracking_add_external_redirect_page_setting_fieldstrunk/src/Utils/Settings.php:11
actionmacymed_tracker_tracking_add_exclusion_outgoing_setting_fieldstrunk/src/Utils/Settings.php:12
actionmacymed_tracker_tracking_add_exclusion_tracking_setting_fieldstrunk/src/Utils/Settings.php:13
actionmacymed_tracker_tracking_register_external_redirect_page_settingstrunk/src/Utils/Settings.php:15
actionmacymed_tracker_tracking_register_exclusion_outgoing_setting_settingstrunk/src/Utils/Settings.php:16
actionmacymed_tracker_tracking_register_exclusion_tracking_setting_settingstrunk/src/Utils/Settings.php:17
actionwp_enqueue_scriptstrunk/src/Utils/Stats.php:476
actiontemplate_redirecttrunk/src/Utils/Tracking.php:18
filterthe_contenttrunk/src/Utils/Tracking.php:80
filterwidget_texttrunk/src/Utils/Tracking.php:81
filterwidget_text_contenttrunk/src/Utils/Tracking.php:82
Maintenance & Trust

Macymed Link Tracker Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedFeb 6, 2025
PHP min version7.4
Downloads556

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Macymed Link Tracker Alternatives

Linkyy – A Link Click Tracker

Linkyy – A Link Click Tracker

linkyy-link-tracker

A
100

Lightweight link click tracking with admin dashboard analytics for WordPress.

10 No CVEs
Track a click on Google Analytics

Track a click on Google Analytics

track-a-click-on-google-analytics

A
85

A simple shortcode to insert Google Analytics event tracking code on your links

10 No CVEs
Click Counter by Simple Tools

Click Counter by Simple Tools

click-counter

A
100

Advanced click tracking for any CSS selector. Analytics, charts, goals, CSV export, visual picker, and more.

100 No CVEs
ShortLinks Pro – Affiliate Links, Link Shortening, Click Tracking & Marketing

ShortLinks Pro – Affiliate Links, Link Shortening, Click Tracking & Marketing

shortlinkspro

A
99

Shorten, track, manage and share any URL using your own domain name!

100 1 CVE
Smart Click Tracker

Smart Click Tracker

smart-click-tracker

A
100

Track clicks on any element of your WordPress site and view detailed statistics with beautiful charts.

100 No CVEs
Developer Profile

Macymed Link Tracker Developer Profile

Macymed

1 plugin · 0 total installs

88
trust score
Avg Security Score
92/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Macymed Link Tracker

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/macymed-link-tracker/resources/css/app.css/wp-content/plugins/macymed-link-tracker/resources/js/app.js
Script Paths
/wp-content/plugins/macymed-link-tracker/resources/js/app.js
Version Parameters
macymed-link-tracker/resources/css/app.css?ver=macymed-link-tracker/resources/js/app.js?ver=

HTML / DOM Fingerprints

CSS Classes
macymed-link-tracker-redirect-page
Data Attributes
data-macymed-redirect-urldata-macymed-redirect-delay
JS Globals
macymedLinkTrackerData
FAQ

Frequently Asked Questions about Macymed Link Tracker