Does External Links have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is External Links compatible with WordPress 4.7.33?

According to WordPress.org data, External Links 6.8.1 has been tested up to WordPress 4.7.33. Check the plugin's changelog for the latest compatibility information.

How often is External Links updated?

External Links was last updated on Nov 28, 2017. Frequent updates are generally a positive security signal.

What is External Links's security score?

External Links has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

External Links Security & Risk Analysis

wordpress.org/plugins/sem-external-links

The external links plugin for WordPress lets you process outgoing links differently from internal links.

9K active installs v6.8.1 PHP + WP 2.8+ Updated Nov 28, 2017

external-linkslink-targetlink-iconnofollowsemiologic

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is External Links Safe to Use in 2026?

Generally Safe

Score 85/100

External Links has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

The "sem-external-links" plugin version 6.8.1 exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The absence of any known CVEs, coupled with a clean taint analysis and a lack of dangerous functions or file operations, is highly positive. The code also demonstrates good practices by utilizing prepared statements for all SQL queries and includes at least one nonce and capability check, indicating an awareness of common WordPress security measures. The attack surface is effectively zero, with no apparent AJAX handlers, REST API routes, shortcodes, or cron events, which significantly limits potential entry points for attackers. However, the static analysis does reveal a concern regarding output escaping. With 18 total outputs and only 33% properly escaped, there's a significant chance of cross-site scripting (XSS) vulnerabilities if user-supplied or dynamically generated content is not handled carefully. This is the primary area of concern in an otherwise well-secured plugin.

Key Concerns

Insufficient output escaping detected

Vulnerabilities

None known

External Links Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

External Links Release Timeline

v6.8.1Current

v6.8

v6.7

v6.6

v6.5.1

v6.5

v6.4.1

v6.4

v6.3.1

v6.3

v6.2

v6.1

v6.0.1

v6.0

v5.5.4

v5.5.3

v5.5.2

v5.5.1

v5.5

v5.4.1

Code Analysis

Analyzed Mar 16, 2026

External Links Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

6 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

33% escaped18 total outputs

Attack Surface

External Links Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 15

actiontemplate_redirectexternal-links-anchor-utils.php:32

actionwp_footerexternal-links-anchor-utils.php:50

filterthe_contentsem-autolink-uri.php:88

filterthe_excerptsem-autolink-uri.php:89

filterwidget_textsem-autolink-uri.php:91

actionsettings_page_external-linkssem-external-links-admin.php:67

actionplugins_loadedsem-external-links.php:102

actionwp_enqueue_scriptssem-external-links.php:127

filterthe_contentsem-external-links.php:141

filtercomment_textsem-external-links.php:143

filterwidget_textsem-external-links.php:145

actionadmin_menusem-external-links.php:149

actionload-settings_page_external-linkssem-external-links.php:150

filterget_comment_author_linksem-follow_comment.php:85

filtercomment_textsem-follow_comment.php:86

Maintenance & Trust

External Links Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.33

Last updatedNov 28, 2017

PHP min version

Downloads358K

Community Trust

Rating96/100

Number of ratings36

Active installs9K

Alternatives

External Links Alternatives

External Links – nofollow, noopener & new window

wp-external-links

Internal links & external links manager: open in new window or tab, control nofollow, ugc, sponsored & noopener. SEO friendly.

90K 3 CVEs

Better WordPress External Links

bwp-external-links

Gives you total control over external links on your website.

500 No CVEs

Customize External Links and add Icon

customize-external-links-and-add-icon

Customize link attributes, such as nofollow links, remove noreferrer, add icons to indicate external links

300 No CVEs

External links new tab – nofollow

external-links-new-tab-nofollow

External links in new tab

300 No CVEs

NoFollowr

nofollowr

Browsing a site as an admin, icons are added to external links indicating their nofollow status. Clicking the icons toggles nofollow status via Ajax.

200 No CVEs

Developer Profile

External Links Developer Profile

Denis de Bernardy

4 plugins · 12K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect External Links

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/sem-external-links/sem-external-links.css

Version Parameters

sem-external-links.css?ver=

HTML / DOM Fingerprints

HTML Comments

Data Attributes

data-sem-external-links-id

JS Globals

window.sem_external_links_options

FAQ