Does SalesFeed have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is SalesFeed compatible with WordPress 6.8.5?

According to WordPress.org data, SalesFeed 1.3.5 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is SalesFeed updated?

SalesFeed was last updated on Aug 8, 2025. Frequent updates are generally a positive security signal.

What is SalesFeed's security score?

SalesFeed has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

SalesFeed Security & Risk Analysis

wordpress.org/plugins/salesfeed

Add a SalesFeed tracking code to your WordPress site. You need a SalesFeed account.

100 active installs v1.3.5 PHP + WP 3.0+ Updated Aug 8, 2025

analyticsgooglepronamicsalesfeedtracking

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is SalesFeed Safe to Use in 2026?

Generally Safe

Score 100/100

SalesFeed has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9mo ago

Risk Assessment

The salesfeed plugin v1.3.5 exhibits a strong security posture based on the provided static analysis and vulnerability history. The code demonstrates excellent adherence to secure coding practices, with no identified dangerous functions, raw SQL queries, or file operations. All output appears to be properly escaped, and importantly, there are no observed taint flows, indicating a lack of critical or high-severity vulnerabilities related to unsanitized data. The plugin's attack surface is also minimal, with no AJAX handlers, REST API routes, or shortcodes detected that lack authentication or permission checks. Furthermore, the absence of any known CVEs, both historical and currently unpatched, suggests a proactive and secure development lifecycle.

While the plugin is currently presenting as highly secure, it's important to note that the analysis did not detect any nonce checks or capability checks. This could represent a potential area for future hardening, especially if the plugin's functionality evolves to include more sensitive operations or user interactions. However, given the current lack of any identified vulnerabilities and the absence of a substantial attack surface, the absence of these checks does not represent an immediate, exploitable risk based on the provided data. Overall, salesfeed v1.3.5 appears to be a well-secured plugin.

Key Concerns

No nonce checks detected
No capability checks detected

Vulnerabilities

None known

SalesFeed Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

SalesFeed Release Timeline

v1.3.5Current

v1.3.4

v1.3.3

v1.3.2

v1.3.1

v1.3.0

v1.2.0

v1.1.0

v1.0.0

Code Analysis

Analyzed Mar 16, 2026

SalesFeed Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

8 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped8 total outputs

Attack Surface

SalesFeed Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 4

actionplugins_loadedsalesfeed.php:31

actionwp_footersalesfeed.php:33

actionadmin_initsalesfeed.php:36

actionadmin_menusalesfeed.php:37

Maintenance & Trust

SalesFeed Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedAug 8, 2025

PHP min version

Downloads9K

Community Trust

Rating0/100

Number of ratings0

Active installs100

Alternatives

SalesFeed Alternatives

GA Google Analytics – Connect Google Analytics to WordPress

ga-google-analytics

100

Adds Google Analytics tracking code to your WordPress site. Supports many tracking features.

400K No CVEs

Pixel Manager for WooCommerce – Conversion Tracking, Google Ads, GA4, TikTok, Dynamic Remarketing

woocommerce-google-adwords-conversion-tracking-tag

Conversion tracking for WooCommerce. Google Ads, GA4, Meta/Facebook Pixel, TikTok & more. Recover 30% more conversions with server-side tracking!

50K 4 CVEs

Conversios: Google Analytics (GA4), Google Ads, Conversion and Analytics Tracking for Multi-Channels

enhanced-e-commerce-for-woocommerce-store

Track GA4 Analytics, Google Ads, Microsoft Ads, and Conversion with server-side tracking (CAPI), dynamic remarketing, & product feeds for WooCommerce.

10K 10 CVEs

Simple Universal Google Analytics

simple-universal-google-analytics

Enable Universal Google Analytics tracking option on your WordPress site. Add tracking code to every page with WordPress Google Analytics plugin.

4K No CVEs

CallTrackingMetrics

call-tracking-metrics

100

CallTrackingMetrics integrates with your WordPress site to provide powerful call tracking and attribution.

3K No CVEs

Developer Profile

SalesFeed Developer Profile

Pronamic

16 plugins · 5K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

6 days

View full developer profile

Detection Fingerprints

How We Detect SalesFeed

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Script Paths

/wp-content/plugins/salesfeed/admin/settings.php

HTML / DOM Fingerprints

HTML Comments

Data Attributes

label_for

JS Globals

window._scoopi

FAQ