WP-Safety

Moredeal – Monetize your WordPress content Security & Risk Analysis

wordpress.org/plugins/moredeal

Increase Blog Revenue via AI Product Selection Strategy

0 active installs v2.0.25 PHP 5.4+ WP 4.6.1+ Updated Feb 6, 2023
affiliateaffiliate-marketingamazonamazon-affiliateamazon-associate
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Moredeal – Monetize your WordPress content Safe to Use in 2026?

Generally Safe

Score 85/100

Moredeal – Monetize your WordPress content has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago
Risk Assessment

The "moredeal" plugin v2.0.25 exhibits a concerning security posture primarily due to a significant attack surface composed entirely of unprotected REST API routes. While the plugin demonstrates good practices in other areas, such as a high percentage of prepared SQL statements and proper output escaping, the lack of authentication or capability checks on all identified REST API endpoints creates a broad avenue for potential exploitation. The taint analysis reveals two high-severity flows with unsanitized paths, indicating potential risks related to how data is processed or used within these unprotected endpoints. The plugin's vulnerability history is clean, with no recorded CVEs, which is a positive sign. However, this absence of historical vulnerabilities does not mitigate the current risks identified in the static analysis. The combination of a large, unprotected attack surface and high-severity taint flows points to a need for immediate attention to secure these endpoints before any exploitable vulnerabilities are discovered or introduced.

Key Concerns

  • Unprotected REST API routes
  • High severity taint flow with unsanitized path
  • High severity taint flow with unsanitized path
  • No nonce checks
  • Limited capability checks on entry points
Vulnerabilities
None known

Moredeal – Monetize your WordPress content Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Moredeal – Monetize your WordPress content Code Analysis

Dangerous Functions
0
Raw SQL Queries
2
28 prepared
Unescaped Output
92
319 escaped
Nonce Checks
0
Capability Checks
4
File Operations
0
External Requests
1
Bundled Libraries
0

SQL Query Safety

93% prepared30 total queries

Output Escaping

78% escaped411 total outputs
Data Flows
4 unsanitized

Data Flow Analysis

5 flows4 with unsanitized paths
print_modules_dropdown (application\admin\ProductTable.php:82)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
9 unprotected

Moredeal – Monetize your WordPress content Attack Surface

Entry Points9
Unprotected9

REST API Routes 9

POST/wp-json/seastar/v1/shortcodeapplication\components\SearchProductClient.php:79
POST/wp-json/seastar/v1/product/conditionsapplication\components\SearchProductClient.php:85
POST/wp-json/seastar/v1/product/pageSelectionStrategyapplication\components\SearchProductClient.php:91
POST/wp-json/seastar/v1/product/orderByMetaapplication\components\SearchProductClient.php:97
POST/wp-json/seastar/v1/product/hotSearchKeywordListapplication\components\SearchProductClient.php:103
POST/wp-json/seastar/v1/product/categoryListapplication\components\SearchProductClient.php:109
POST/wp-json/seastar/v1/product/searchapplication\components\SearchProductClient.php:115
POST/wp-json/seastar/v1/product/template/templateSearchapplication\components\SearchProductClient.php:121
GET/wp-json/seastar/v1/license/unbindapplication\components\SearchProductClient.php:127
WordPress Hooks 23
actionadmin_menuapplication\admin\AdminPlugin.php:49
actionadmin_enqueue_scriptsapplication\admin\AdminPlugin.php:50
filterparent_fileapplication\admin\AdminPlugin.php:51
filterplugin_row_metaapplication\admin\AdminPlugin.php:57
actionbefore_delete_postapplication\admin\BeforeDeletePost.php:34
actionadmin_menuapplication\admin\GoProController.php:13
actionadmin_menuapplication\admin\ModuleController.php:17
actionadd_meta_boxesapplication\admin\MoredealMetaBox.php:45
actionsave_postapplication\admin\MoredealMetaBox.php:46
actionadmin_menuapplication\admin\ProductController.php:22
actionadmin_initapplication\admin\ProductController.php:23
actionadmin_menuapplication\components\Config.php:93
actionadmin_initapplication\components\Config.php:96
actionadmin_noticesapplication\components\LicenseManager.php:32
actionrest_api_initapplication\components\SearchProductClient.php:66
actionadmin_initapplication\Installer.php:38
actionadmin_initapplication\Installer.php:41
actionadmin_initapplication\Installer.php:42
filterthe_contentapplication\ModuleViewer.php:51
actionwp_enqueue_scriptsapplication\Plugin.php:83
actionamp_post_template_cssapplication\Plugin.php:84
actionplugins_loadedmoredeal.php:32
actioninitmoredeal.php:38
Maintenance & Trust

Moredeal – Monetize your WordPress content Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10
Last updatedFeb 6, 2023
PHP min version5.4
Downloads4K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Moredeal – Monetize your WordPress content Alternatives

AffiliateX – Amazon Affiliate Plugin

AffiliateX – Amazon Affiliate Plugin

affiliatex

A
96

AffiliateX is the best WordPress Amazon Affiliate Plugin. Create professional affiliate websites with customizable WordPress Amazon Affiliate Blocks.

10K 3 CVEs
Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management

Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management

simple-urls

A
98

Simple URLs helps you to manage links, create product displays, and grow your affiliate marketing business.

4K 6 CVEs
Amazon Product in a Post Plugin

Amazon Product in a Post Plugin

amazon-product-in-a-post-plugin

C
55

Add formatted Amazon Products to any page or post using the Amazon Product Advertising API.

900 1 unpatched
Add & Replace Affiliate Links for Amazon

Add & Replace Affiliate Links for Amazon

add-replace-affiliate-links-for-amazon

C
63

Add & Replace Affiliate Links for Amazon plugin helps you to add or update Amazon Associate tag parameters in links.

600 1 unpatched
Amazing Affiliates – Toolkit for Amazon Associates with Amazon Product Blocks and PAAPI5 Amazon API integration

Amazing Affiliates – Toolkit for Amazon Associates with Amazon Product Blocks and PAAPI5 Amazon API integration

amazingaffiliates

A
100

Monetize your Amazon Affiliate Income with Amazon API Integration & Amazon Product Blocks!

600 No CVEs
Developer Profile

Moredeal – Monetize your WordPress content Developer Profile

mdc

1 plugin · 0 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Moredeal – Monetize your WordPress content

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/moredeal/res/css/jquery-ui.min.css/wp-content/plugins/moredeal/res/js/base.js/wp-content/plugins/moredeal/res/js/keywords.js/wp-content/plugins/moredeal/res/css/setting.css
Script Paths
/wp-content/plugins/moredeal/res/js/base.js/wp-content/plugins/moredeal/res/js/keywords.js
Version Parameters
moredeal/res/css/jquery-ui.min.css?ver=moredeal/res/js/base.js?ver=moredeal/res/js/keywords.js?ver=moredeal/res/css/setting.css?ver=

HTML / DOM Fingerprints

CSS Classes
moredeal-settings-wrappermoredeal-config-tabs
HTML Comments
<!-- Moredeal settings --><!-- end Moredeal settings -->
Data Attributes
data-moredeal-action
JS Globals
moredealL10n
REST Endpoints
/wp-json/moredeal/v1/settings
FAQ

Frequently Asked Questions about Moredeal – Monetize your WordPress content