Does PG Simple Affiliate Shop have any unpatched vulnerabilities?

No. All known vulnerabilities in PG Simple Affiliate Shop have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is PG Simple Affiliate Shop compatible with WordPress 5.6.17?

According to WordPress.org data, PG Simple Affiliate Shop 1.5 has been tested up to WordPress 5.6.17. Check the plugin's changelog for the latest compatibility information.

How often is PG Simple Affiliate Shop updated?

PG Simple Affiliate Shop was last updated on Mar 24, 2021. Frequent updates are generally a positive security signal.

What is PG Simple Affiliate Shop's security score?

PG Simple Affiliate Shop has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

PG Simple Affiliate Shop Security & Risk Analysis

wordpress.org/plugins/pg-simple-affiliate-shop

Create a simple and attractive store for your affiliate products and banner advertisements. Easily manage the products you promote.

100 active installs v1.5 PHP + WP 3.4+ Updated Mar 24, 2021

affiliate-marketingaffiliate-product-managementaffiliate-shopaffiliate-storesimple-affiliate-page

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is PG Simple Affiliate Shop Safe to Use in 2026?

Generally Safe

Score 85/100

PG Simple Affiliate Shop has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The plugin "pg-simple-affiliate-shop" v1.5 demonstrates a mixed security posture. On the positive side, it shows excellent practices regarding SQL queries, utilizing prepared statements exclusively, and has no recorded vulnerabilities (CVEs), suggesting a history of responsible development or a lack of past exploitable issues. The presence of nonce and capability checks is also a good sign. However, significant concerns arise from the attack surface analysis. Two AJAX handlers are exposed without authentication checks, presenting a direct entry point for potential attackers. Furthermore, a very low percentage (5%) of output escaping indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities. While taint analysis shows no reported flows, this is likely due to the limited scope of the analysis or the absence of specific taintable inputs.

Key Concerns

Unprotected AJAX handlers
Low percentage of properly escaped output

Vulnerabilities

None known

PG Simple Affiliate Shop Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

PG Simple Affiliate Shop Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

3 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

TinyMCE

Output Escaping

5% escaped60 total outputs

Attack Surface

2 unprotected

PG Simple Affiliate Shop Attack Surface

Entry Points6

Unprotected2

AJAX Handlers 2

authwp_ajax_pgeek_sas_update_post_ordershop.php:127

authwp_ajax_pg_sas_shortcode_generatorshop.php:139

Shortcodes 4

[pg_sas_shop] shop.php:101

[pg_sas_banner] shop.php:102

[pg_sas_image] shop.php:103

[pg_dummy_url] shop.php:104

WordPress Hooks 23

actionadmin_menuinc\pg-options.php:55

actionadmin_initinc\pg-options.php:56

actioninitshop.php:99

actioninitshop.php:100

actionwp_enqueue_scriptsshop.php:105

filterwidget_textshop.php:107

actionsave_postshop.php:118

actionsave_postshop.php:119

filterwp_insert_post_datashop.php:120

filtermanage_edit-pgeek_sas_sortable_columnsshop.php:121

actionmanage_pgeek_sas_posts_custom_columnshop.php:122

filtermanage_pgeek_sas_posts_columnsshop.php:123

actionadmin_enqueue_scriptsshop.php:124

actionadmin_menushop.php:125

actionadmin_enqueue_scriptsshop.php:126

actionadmin_print_scriptsshop.php:129

actionadmin_print_stylesshop.php:130

filterget_media_item_argsshop.php:131

filterupload_dirshop.php:132

filtermedia_upload_tabsshop.php:133

actionadmin_initshop.php:138

filtermce_buttonsshop.php:169

filtermce_external_pluginsshop.php:170

Maintenance & Trust

PG Simple Affiliate Shop Maintenance & Trust

Maintenance Signals

WordPress version tested5.6.17

Last updatedMar 24, 2021

PHP min version

Downloads38K

Community Trust

Rating100/100

Number of ratings9

Active installs100

Alternatives

PG Simple Affiliate Shop Alternatives

AffiliateX – Amazon Affiliate Plugin

affiliatex

AffiliateX is the best WordPress Amazon Affiliate Plugin. Create professional affiliate websites with customizable WordPress Amazon Affiliate Blocks.

10K 3 CVEs

Content Egg – Affiliate Product Importer & Price Comparison

content-egg

Import affiliate products, compare prices, sync to WooCommerce, and auto-generate SEO content with AI — all in one toolkit.

10K 3 CVEs

Affiliates Manager

affiliates-manager

Affiliates Manager plugin can help you manage an affiliate marketing program to drive more traffic and more sales to your site.

9K 12 CVEs

YITH WooCommerce Affiliates

yith-woocommerce-affiliates

YITH WooCommerce Affiliates allows you to create affiliate profiles and grant your affiliates earnings each time someone purchases from their link.

7K 1 CVE

Goaffpro Affiliate Marketing

goaffpro

100

The complete affiliate marketing solution for your WordPress and WooCommerce website.

5K No CVEs

Developer Profile

PG Simple Affiliate Shop Developer Profile

PeoplesGeek

3 plugins · 200 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect PG Simple Affiliate Shop

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/pg-simple-affiliate-shop/css/pg-sas.css/wp-content/plugins/pg-simple-affiliate-shop/css/pg-sas-layout.css/wp-content/plugins/pg-simple-affiliate-shop/js/pg-sas-admin.js/wp-content/plugins/pg-simple-affiliate-shop/js/pg-sas-frontend.js/wp-content/plugins/pg-simple-affiliate-shop/js/colorbox/jquery.colorbox-min.js/wp-content/plugins/pg-simple-affiliate-shop/css/colorbox.css

Script Paths

/wp-content/plugins/pg-simple-affiliate-shop/js/pg-sas-admin.js/wp-content/plugins/pg-simple-affiliate-shop/js/pg-sas-frontend.js/wp-content/plugins/pg-simple-affiliate-shop/js/colorbox/jquery.colorbox-min.js

Version Parameters

pg-simple-affiliate-shop/css/pg-sas.css?ver=pg-simple-affiliate-shop/css/pg-sas-layout.css?ver=pg-simple-affiliate-shop/js/pg-sas-admin.js?ver=pg-simple-affiliate-shop/js/pg-sas-frontend.js?ver=pg-simple-affiliate-shop/js/colorbox/jquery.colorbox-min.js?ver=pg-simple-affiliate-shop/css/colorbox.css?ver=

HTML / DOM Fingerprints

CSS Classes

pg-sas-shop-wrappg-sas-shop-itempg-sas-shop-item-imagepg-sas-shop-item-titlepg-sas-shop-item-costpg-sas-shop-item-descriptionpg-sas-shop-item-testimonialpg-sas-shop-item-customer+7 more

HTML Comments

<!-- TODO: Add fields to quick edit menu<!-- TODO: Get icon on edit screen<!-- TODO: Add ability to 'move' an image from a remote URL to the local server<!-- TODO: Remove the 'insert gallery' button from the gallery tab used by the uploader+27 more

Data Attributes

data-pg-sas-shop-iddata-pg-sas-product-iddata-pg-sas-banner-iddata-pg-sas-image-id

JS Globals

pg_sas_admin_paramspg_sas_frontend_params

REST Endpoints

/wp-json/pg-sas/v1/settings

Shortcode Output

[pg_sas_shop][pg_sas_banner][pg_sas_image][pg_dummy_url]

FAQ