Does Mentionlink have any unpatched vulnerabilities?

No. All known vulnerabilities in Mentionlink have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Mentionlink compatible with WordPress 6.9.4?

According to WordPress.org data, Mentionlink 1.2.3 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is Mentionlink updated?

Mentionlink was last updated on Nov 29, 2025. Frequent updates are generally a positive security signal.

What is Mentionlink's security score?

Mentionlink has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Mentionlink Security & Risk Analysis

wordpress.org/plugins/mentionlink

Mentionlink helps publishers by converting plain text product mentions to affiliate links, automatically. Make every product mention count!

0 active installs v1.2.3 PHP + WP 6.0+ Updated Nov 29, 2025

affiliate-linksamazon-associatesskimlinksviglinkwalmart-affiliates

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Mentionlink Safe to Use in 2026?

Generally Safe

Score 100/100

Mentionlink has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The 'mentionlink' plugin v1.2.3 exhibits a strong security posture based on the provided static analysis. There are no identified dangerous functions, all SQL queries utilize prepared statements, and all output is properly escaped. Furthermore, the plugin does not perform file operations or external HTTP requests, and there are no identified taint flows or vulnerabilities in its history. The presence of a capability check indicates some level of authorization awareness in its code.

However, the complete absence of any entry points (AJAX handlers, REST API routes, shortcodes, cron events) is unusual and might suggest a very limited functionality or that the analysis did not cover all aspects of the plugin's interaction points. The fact that there are no nonce checks is a concern, especially if any user-initiated actions, even those not explicitly categorized as AJAX or REST, occur. Without any recorded vulnerabilities, it's difficult to ascertain past security weaknesses, but this clean history, combined with good coding practices, is a positive sign. Overall, the plugin appears to be well-secured in its current analyzed state, with the primary potential area for scrutiny being any undiscovered or indirectly exposed entry points and the lack of explicit nonce checks for user interactions.

Key Concerns

No nonce checks detected

Vulnerabilities

None known

Mentionlink Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Mentionlink Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

8 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped8 total outputs

Attack Surface

Mentionlink Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 5

actioninitmentionlink.php:43

actionwp_enqueue_scriptsmentionlink.php:50

actionadmin_menumentionlink.php:51

actionadmin_initmentionlink.php:52

filterscript_loader_tagmentionlink.php:66

Maintenance & Trust

Mentionlink Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedNov 29, 2025

PHP min version

Downloads337

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Mentionlink Alternatives

ProductLinker for Amazon

productlinker-for-amazon

100

Create affiliate product lists using just ASINs — no Amazon API key required. Perfect for bloggers who can't qualify for or don't want API access.

0 No CVEs

PrettyLinks – Affiliate Links, Link Branding, Link Tracking, Marketing and Stripe Payments Plugin

pretty-link

🌠 The best WordPress link management, branding, tracking, sharing and payments plugin. Easily make pretty & trackable shortlinks. 🔗

300K 8 CVEs

ThirstyAffiliates – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin

thirstyaffiliates

🔗 Affiliate link management & cloaker tool. Easily manage, shrink and track your affiliate links in WordPress. 🔥

30K 5 CVEs

BetterLinks – URL Shortener, Link Tracking, Analytics & Affiliate Link Manager

betterlinks

Ultimate plugin to create, shorten, track and manage any URL. Gather analytics reports and run successful marketing campaigns easily.

20K 3 CVEs

Content Egg – Affiliate Product Importer & Price Comparison

content-egg

Import affiliate products, compare prices, sync to WooCommerce, and auto-generate SEO content with AI — all in one toolkit.

10K 3 CVEs

Developer Profile

Mentionlink Developer Profile

mentionlink

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Mentionlink

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Script Paths

https://cdn.mentionlink.com/script.min.js

Version Parameters

mentionlink/script.min.js?ver=1.2.3

HTML / DOM Fingerprints

Data Attributes

data-domainmentionlink_domain

FAQ