WP-Safety

Katalys Advertiser Integration Security & Risk Analysis

wordpress.org/plugins/revoffers-advertiser-integration

Provides tightly-coupled integration with Katalys Affiliate Network for WooCommerce order tracking and attribution.

70 active installs v1.6.4 PHP 5.5+ WP 5.6+ Updated Mar 9, 2026
affiliatekatalysrevofferstracking
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Katalys Advertiser Integration Safe to Use in 2026?

Generally Safe

Score 100/100

Katalys Advertiser Integration has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 26d ago
Risk Assessment

The revoffers-advertiser-integration plugin v1.6.4 exhibits a mixed security posture. While it has no recorded vulnerabilities in its history and avoids the use of dangerous functions, several concerning aspects are present in its static analysis. The plugin has a single AJAX handler which lacks authentication checks, creating a direct entry point for unauthenticated attackers. This, combined with a lack of nonce checks, significantly increases the risk of cross-site request forgery (CSRF) attacks or unauthorized execution of actions. The 60% rate of prepared statements for SQL queries is acceptable, but the remaining 40% could still be vulnerable if they handle user-supplied data. Furthermore, the 56% rate of properly escaped output suggests a potential for cross-site scripting (XSS) vulnerabilities in the outputs that are not correctly escaped. The absence of taint analysis data makes it difficult to assess potential injection vulnerabilities, but the other identified weaknesses are sufficient to warrant caution.

Key Concerns

  • Unprotected AJAX handler
  • No nonce checks
  • Inconsistent SQL prepared statements
  • Inconsistent output escaping
Vulnerabilities
None known

Katalys Advertiser Integration Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Katalys Advertiser Integration Code Analysis

Dangerous Functions
0
Raw SQL Queries
2
3 prepared
Unescaped Output
8
10 escaped
Nonce Checks
0
Capability Checks
1
File Operations
21
External Requests
3
Bundled Libraries
0

SQL Query Safety

60% prepared5 total queries

Output Escaping

56% escaped18 total outputs
Attack Surface
1 unprotected

Katalys Advertiser Integration Attack Surface

Entry Points1
Unprotected1

AJAX Handlers 1

authwp_ajax_revoffers_orders_debugadmin_func.php:45
WordPress Hooks 11
actionadmin_initadmin_func.php:10
actionadmin_menuadmin_func.php:34
actionrest_api_initrevoffers-advertiser-integration.php:37
actionwp_footerrevoffers-advertiser-integration.php:40
actionwoocommerce_checkout_create_orderrevoffers-advertiser-integration.php:43
filterwoocommerce_rest_pre_insert_shop_order_objectrevoffers-advertiser-integration.php:44
actionwoocommerce_order_status_processingrevoffers-advertiser-integration.php:49
actionwoocommerce_order_status_completedrevoffers-advertiser-integration.php:51
actionwoocommerce_order_status_changedrevoffers-advertiser-integration.php:53
actionwoocommerce_thankyourevoffers-advertiser-integration.php:60
filtercron_schedulesrevoffers-advertiser-integration.php:370
Maintenance & Trust

Katalys Advertiser Integration Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedMar 9, 2026
PHP min version5.5
Downloads13K

Community Trust

Rating0/100
Number of ratings0
Active installs70
Alternatives

Katalys Advertiser Integration Alternatives

PrettyLinks – Affiliate Links, Link Branding, Link Tracking, Marketing and Stripe Payments Plugin

PrettyLinks – Affiliate Links, Link Branding, Link Tracking, Marketing and Stripe Payments Plugin

pretty-link

A
90

🌠 The best WordPress link management, branding, tracking, sharing and payments plugin. Easily make pretty & trackable shortlinks. 🔗

300K 8 CVEs
ThirstyAffiliates – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin

ThirstyAffiliates – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin

thirstyaffiliates

A
95

🔗 Affiliate link management & cloaker tool. Easily manage, shrink and track your affiliate links in WordPress. 🔥

30K 5 CVEs
Affiliate Sales in Google Analytics and other tools

Affiliate Sales in Google Analytics and other tools

wecantrack

A
99

Integrate all your affiliate sales in Google Analytics, Google Ads, Facebook, Data Studio and more!

2K 1 CVE
AffiliateWP – Affiliate Info

AffiliateWP – Affiliate Info

affiliatewp-affiliate-info

A
100

Display information based on the affiliate's referral URL.

1K No CVEs
Sovrn

Sovrn

viglink

A
100

Maximize your affiliate revenue with Sovrn Commerce - link optimization, price comparisons, and unified reporting.

1K No CVEs
Developer Profile

Katalys Advertiser Integration Developer Profile

katalysdev

2 plugins · 80 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Katalys Advertiser Integration

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/revoffers-advertiser-integration/revoffers-advertiser-integration.php
Script Paths
https://db.revoffers.com/js/

HTML / DOM Fingerprints

JS Globals
window._revoffers_track
REST Endpoints
/wp-json/revoffers/v1/
FAQ

Frequently Asked Questions about Katalys Advertiser Integration