Does Refer A Friend for WooCommerce by WPGens have any unpatched vulnerabilities?

No. All known vulnerabilities in Refer A Friend for WooCommerce by WPGens have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Refer A Friend for WooCommerce by WPGens compatible with WordPress 6.8.5?

According to WordPress.org data, Refer A Friend for WooCommerce by WPGens 1.3.5 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is Refer A Friend for WooCommerce by WPGens updated?

Refer A Friend for WooCommerce by WPGens was last updated on Jul 11, 2025. Frequent updates are generally a positive security signal.

What is Refer A Friend for WooCommerce by WPGens's security score?

Refer A Friend for WooCommerce by WPGens has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Refer A Friend for WooCommerce by WPGens Security & Risk Analysis

wordpress.org/plugins/refer-a-friend-for-woocommerce-by-wpgens

Referral System for WooCommerce. Each customer has referral link that rewards them with a coupon after someone makes a purchase through their link

1K active installs v1.3.5 PHP + WP 4.2+ Updated Jul 11, 2025

affiliateecommercerefer-a-friendreferralwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Refer A Friend for WooCommerce by WPGens Safe to Use in 2026?

Generally Safe

Score 100/100

Refer A Friend for WooCommerce by WPGens has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8mo ago

Risk Assessment

The plugin 'refer-a-friend-for-woocommerce-by-wpgens' v1.3.5 exhibits a mixed security posture. On the positive side, it demonstrates good practices in its handling of SQL queries, exclusively using prepared statements, and has no recorded vulnerabilities or CVEs. This suggests a history of stable and relatively secure development. However, the static analysis reveals significant concerns. The plugin has a single identifiable entry point via an AJAX handler that lacks any authentication checks. This creates a direct and unprotected attack vector. Furthermore, a substantial portion (73%) of its output is not properly escaped, which could lead to Cross-Site Scripting (XSS) vulnerabilities if malicious data is processed and displayed to users. The absence of nonce checks on the AJAX handler exacerbates this risk.

Key Concerns

AJAX handler without auth check
High percentage of unescaped output
Missing nonce checks

Vulnerabilities

None known

Refer A Friend for WooCommerce by WPGens Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Refer A Friend for WooCommerce by WPGens Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

3 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

27% escaped11 total outputs

Attack Surface

1 unprotected

Refer A Friend for WooCommerce by WPGens Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_dismiss_admin_notificationadmin\gens-notifications.php:101

WordPress Hooks 16

filterwoocommerce_settings_tabs_arrayadmin\class-gens-raf-woo-integration.php:55

actionadmin_noticesadmin\gens-notifications.php:99

actionnetwork_admin_noticesadmin\gens-notifications.php:100

actionadmin_headadmin\gens-notifications.php:102

actionplugins_loadedgens-raf.php:51

filterwoocommerce_get_settings_pagesincludes\class-gens-raf.php:147

filterplugin_action_links_refer-a-friend-for-woocommerce-by-wpgens/gens-raf.phpincludes\class-gens-raf.php:149

filterplugin_action_links_refer-a-friend-for-woocommerce-by-wpgens/gens-raf.phpincludes\class-gens-raf.php:150

filterplugin_action_links_refer-a-friend-for-woocommerce-by-wpgens/gens-raf.phpincludes\class-gens-raf.php:151

actionwp_enqueue_scriptsincludes\class-gens-raf.php:166

actionwoocommerce_order_status_completedincludes\class-gens-raf.php:168

actionwoocommerce_checkout_update_order_metaincludes\class-gens-raf.php:170

actionwoocommerce_before_my_accountincludes\class-gens-raf.php:172

actionwoocommerce_before_my_accountincludes\class-gens-raf.php:174

actionwoocommerce_thankyouincludes\class-gens-raf.php:176

actionwoocommerce_admin_order_data_after_order_detailsincludes\class-gens-raf.php:178

Maintenance & Trust

Refer A Friend for WooCommerce by WPGens Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJul 11, 2025

PHP min version

Downloads99K

Community Trust

Rating98/100

Number of ratings38

Active installs1K

Alternatives

Refer A Friend for WooCommerce by WPGens Alternatives

Refersion for WooCommerce

refersion-for-woocommerce

100

Seamlessly connect your WooCommerce shop with Refersion and start tracking sales driven by promoters, influencers, and affiliates!

400 No CVEs

Simple Woo Affiliate Tracking

simple-woo-affiliate-tracking

The Simple Woo Affiliate Tracking simply (ha!) tracks the sales driven by any URL appended with a 'refid'.

40 No CVEs

AFFI – Affiliate Marketing for WooCommerce

affi-affiliate-marketing-for-woo

100

Support affiliate management with flexible commissions, real-time performance record, auto payouts, email notifications for events, etc...

20 No CVEs

Affiliates WooCommerce Light

affiliates-woocommerce-light

100

Grow your Business with your own Affiliate Network and let your partners earn commissions on referred sales. Integrates Affiliates and WooCommerce.

1K No CVEs

Affilia – Affiliate Program & Referral Tracking for WordPress

affiliaa-affiliate-program-with-mlm

100

Launch a powerful, self-hosted affiliate program for WordPress. Track referrals, manage affiliates, and boost sales for WooCommerce, EDD, and Contact …

700 No CVEs

Developer Profile

Refer A Friend for WooCommerce by WPGens Developer Profile

Goran87

4 plugins · 2K total installs

trust score

Avg Security Score

89/100

Avg Patch Time

140 days

View full developer profile

Detection Fingerprints

How We Detect Refer A Friend for WooCommerce by WPGens

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/refer-a-friend-for-woocommerce-by-wpgens/public/css/gens-raf-public.css/wp-content/plugins/refer-a-friend-for-woocommerce-by-wpgens/public/js/gens-raf-public.js

Script Paths

/wp-content/plugins/refer-a-friend-for-woocommerce-by-wpgens/public/js/gens-raf-public.js

Version Parameters

refer-a-friend-for-woocommerce-by-wpgens/public/css/gens-raf-public.css?ver=refer-a-friend-for-woocommerce-by-wpgens/public/js/gens-raf-public.js?ver=

HTML / DOM Fingerprints

CSS Classes

gens-raf-account-linkgens-raf-coupon-wrapper

Data Attributes

data-gens-raf-nonce

JS Globals

gens_raf_params

FAQ