WP-Safety

ShortLinks Pro – Affiliate Links, Link Shortening, Click Tracking & Marketing Security & Risk Analysis

wordpress.org/plugins/shortlinkspro

Shorten, track, manage and share any URL using your own domain name!

100 active installs v1.2.0 PHP 7.0+ WP 4.4+ Updated Jan 21, 2026
affiliate-linksclick-trackinglink-shortenerlink-trackingurl-shortener
99
A · Safe
CVEs total1
Unpatched0
Last CVEJun 5, 2025
Plugin page Download
Safety Verdict

Is ShortLinks Pro – Affiliate Links, Link Shortening, Click Tracking & Marketing Safe to Use in 2026?

Generally Safe

Score 99/100

ShortLinks Pro – Affiliate Links, Link Shortening, Click Tracking & Marketing has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jun 5, 2025Updated 2mo ago
Risk Assessment

The "shortlinkspro" v1.2.0 plugin exhibits a generally good security posture with several positive indicators. A high percentage of outputs are properly escaped, and a significant portion of SQL queries utilize prepared statements. The plugin also demonstrates a strong adherence to security best practices with numerous nonce and capability checks in place, and it lacks dangerous functions and direct file operations. The attack surface, while present with AJAX handlers, is protected by authentication, and there are no exposed REST API routes or shortcodes.

However, the taint analysis reveals a notable concern: 5 out of 8 analyzed flows have unsanitized paths, with 4 of them being of high severity. This indicates a potential for vulnerabilities if user-supplied data is not handled correctly before being used in sensitive operations. Although there is only one past CVE recorded, which is now patched, the history of an SQL Injection vulnerability is a reminder of the potential risks associated with database interactions.

In conclusion, while "shortlinkspro" v1.2.0 demonstrates considerable effort in implementing security controls, the presence of high-severity unsanitized taint flows warrants careful attention and investigation. The plugin's strengths lie in its robust use of escaping, prepared statements, and authentication checks. The weakness lies in potential mishandling of unsanitized data in critical paths, suggesting a need for more rigorous input validation.

Key Concerns

  • High severity unsanitized taint flows
  • Unsanitized paths in taint flows
  • Bundled outdated library: Select2 v1.0.2
  • History of SQL Injection vulnerability
Vulnerabilities
1

ShortLinks Pro – Affiliate Links, Link Shortening, Click Tracking & Marketing Security Vulnerabilities

CVEs by Year

1 CVE in 2025
2025
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2025-49327medium · 4.9Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

ShortLinks Pro <= 1.0.7 - Authenticated (Administrator+) SQL Injection

Jun 5, 2025 Patched in 1.0.8 (8d)
Code Analysis
Analyzed Mar 16, 2026

ShortLinks Pro – Affiliate Links, Link Shortening, Click Tracking & Marketing Code Analysis

Dangerous Functions
0
Raw SQL Queries
12
30 prepared
Unescaped Output
20
326 escaped
Nonce Checks
8
Capability Checks
17
File Operations
0
External Requests
4
Bundled Libraries
1

Bundled Libraries

Select21.0.2

SQL Query Safety

71% prepared42 total queries

Output Escaping

94% escaped346 total outputs
Data Flows
5 unsanitized

Data Flow Analysis

8 flows5 with unsanitized paths
shortlinkspro_links_get_views (includes\custom-tables\links.php:374)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

ShortLinks Pro – Affiliate Links, Link Shortening, Click Tracking & Marketing Attack Surface

Entry Points5
Unprotected0

AJAX Handlers 5

authwp_ajax_shortlinkspro_hide_review_noticeincludes\admin\notices.php:82
authwp_ajax_shortlinkspro_clicks_cleanupincludes\admin\tools\clicks-cleanup.php:133
authwp_ajax_shortlinkspro_import_from_pluginincludes\admin\tools\import-from-plugin.php:155
authwp_ajax_shortlinkspro_get_link_by_slugincludes\ajax-functions.php:45
authwp_ajax_shortlinkspro_clicks_chartincludes\ajax-functions.php:217
WordPress Hooks 90
actionadmin_noticesincludes\admin\notices.php:65
actionadmin_initincludes\admin\pages\settings.php:32
actionrest_api_initincludes\admin\pages\settings.php:33
actioncmb2_admin_initincludes\admin\pages\settings.php:182
actioncmb2_admin_initincludes\admin\pages\tools.php:133
actioncmb2_after_formincludes\admin\pages\tools.php:186
filtershortlinkspro_settings_clicks_tracking_meta_boxesincludes\admin\settings\clicks-cleanup.php:57
filtershortlinkspro_settings_clicks_tracking_meta_boxesincludes\admin\settings\clicks-rules.php:45
filtershortlinkspro_settings_general_meta_boxesincludes\admin\settings\general.php:46
filtershortlinkspro_settings_general_meta_boxesincludes\admin\settings\link-defaults.php:76
filtershortlinkspro_tools_general_meta_boxesincludes\admin\tools\clicks-cleanup.php:50
filterinitincludes\admin\tools\import-from-plugin\plugin-importer.php:104
filterinitincludes\admin\tools\import-from-plugin\plugin-importer.php:105
filtershortlinkspro_import_from_plugin_pluginsincludes\admin\tools\import-from-plugin\plugin-importer.php:108
filtershortlinkspro_import_from_plugin_resultincludes\admin\tools\import-from-plugin\plugin-importer.php:111
filtershortlinkspro_tools_general_meta_boxesincludes\admin\tools\import-from-plugin.php:87
actionadmin_menuincludes\admin.php:52
actionadmin_menuincludes\admin.php:68
actionadmin_menuincludes\admin.php:136
actionadmin_menuincludes\admin.php:151
actionadmin_bar_menuincludes\admin.php:204
actionadmin_bar_menuincludes\admin.php:248
actionadmin_bar_menuincludes\admin.php:284
actionadmin_initincludes\admin.php:301
filteradmin_footer_textincludes\admin.php:449
actionshortlinkspro_schedule_eventsincludes\cron\auto-clicks-cleanup.php:36
actionshortlinkspro_clear_scheduled_eventsincludes\cron\auto-clicks-cleanup.php:46
actionshortlinkspro_auto_clicks_cleanup_eventincludes\cron\auto-clicks-cleanup.php:92
filtercron_schedulesincludes\cron.php:33
filterct_shortlinkspro_clicks_labelsincludes\custom-tables\clicks.php:30
filterct_query_whereincludes\custom-tables\clicks.php:75
filterct_query_shortlinkspro_clicks_search_fieldsincludes\custom-tables\clicks.php:105
filtermanage_shortlinkspro_clicks_columnsincludes\custom-tables\clicks.php:138
filtermanage_shortlinkspro_clicks_sortable_columnsincludes\custom-tables\clicks.php:168
filtershortlinkspro_clicks_row_actionsincludes\custom-tables\clicks.php:187
filtershortlinkspro_clicks_get_viewsincludes\custom-tables\clicks.php:296
actionmanage_shortlinkspro_clicks_custom_columnincludes\custom-tables\clicks.php:433
actionadd_meta_boxesincludes\custom-tables\clicks.php:505
actioncmb2_initincludes\custom-tables\clicks.php:628
filterct_shortlinkspro_link_categories_labelsincludes\custom-tables\link-categories.php:30
filterct_query_whereincludes\custom-tables\link-categories.php:64
filterct_query_shortlinkspro_link_categories_search_fieldsincludes\custom-tables\link-categories.php:84
filtermanage_shortlinkspro_link_categories_columnsincludes\custom-tables\link-categories.php:104
filtermanage_shortlinkspro_link_categories_sortable_columnsincludes\custom-tables\link-categories.php:124
actionmanage_shortlinkspro_link_categories_custom_columnincludes\custom-tables\link-categories.php:176
filterct_shortlinkspro_link_categories_default_dataincludes\custom-tables\link-categories.php:195
actioncmb2_initincludes\custom-tables\link-categories.php:238
actionct_render_shortlinkspro_link_categories_add_formincludes\custom-tables\link-categories.php:309
actionct_render_shortlinkspro_link_categories_edit_formincludes\custom-tables\link-categories.php:310
filterct_insert_object_dataincludes\custom-tables\link-categories.php:346
filterct_shortlinkspro_link_tags_labelsincludes\custom-tables\link-tags.php:30
filterct_query_whereincludes\custom-tables\link-tags.php:64
filterct_query_shortlinkspro_link_tags_search_fieldsincludes\custom-tables\link-tags.php:84
filtermanage_shortlinkspro_link_tags_columnsincludes\custom-tables\link-tags.php:104
filtermanage_shortlinkspro_link_tags_sortable_columnsincludes\custom-tables\link-tags.php:124
actionmanage_shortlinkspro_link_tags_custom_columnincludes\custom-tables\link-tags.php:176
filterct_shortlinkspro_link_tags_default_dataincludes\custom-tables\link-tags.php:195
actioncmb2_initincludes\custom-tables\link-tags.php:238
actionct_render_shortlinkspro_link_tags_add_formincludes\custom-tables\link-tags.php:309
actionct_render_shortlinkspro_link_tags_edit_formincludes\custom-tables\link-tags.php:310
filterct_insert_object_dataincludes\custom-tables\link-tags.php:346
filterct_shortlinkspro_links_labelsincludes\custom-tables\links.php:31
filterct_query_whereincludes\custom-tables\links.php:77
filterct_query_joinincludes\custom-tables\links.php:117
filterct_query_shortlinkspro_links_search_fieldsincludes\custom-tables\links.php:137
filtermanage_shortlinkspro_links_columnsincludes\custom-tables\links.php:160
filtermanage_shortlinkspro_links_sortable_columnsincludes\custom-tables\links.php:180
filtershortlinkspro_links_row_actionsincludes\custom-tables\links.php:265
actionshortlinkspro_action_duplicate_linkincludes\custom-tables\links.php:327
actionshortlinkspro_action_reset_clicksincludes\custom-tables\links.php:372
filtershortlinkspro_links_get_viewsincludes\custom-tables\links.php:419
actionmanage_shortlinkspro_links_custom_columnincludes\custom-tables\links.php:564
filterct_shortlinkspro_links_default_dataincludes\custom-tables\links.php:601
actioncmb2_initincludes\custom-tables\links.php:783
filterct_insert_object_dataincludes\custom-tables\links.php:996
actiondelete_objectincludes\custom-tables\links.php:1115
actionct_initincludes\custom-tables.php:306
actioninitincludes\redirect.php:76
actionshortlinkspro_process_redirectincludes\redirect.php:211
actioninitincludes\scripts.php:27
actionwp_enqueue_scriptsincludes\scripts.php:40
actionadmin_initincludes\scripts.php:66
actionadmin_enqueue_scriptsincludes\scripts.php:144
actionadmin_headincludes\scripts.php:270
actionadmin_bar_initincludes\scripts.php:283
actionshortlinkspro_before_redirectincludes\tracking.php:64
actionplugins_loadedshortlinkspro.php:172
actionplugins_loadedshortlinkspro.php:173
actionplugins_loadedshortlinkspro.php:174
actioninitshortlinkspro.php:176

Scheduled Events 1

shortlinkspro_auto_clicks_cleanup_event
Maintenance & Trust

ShortLinks Pro – Affiliate Links, Link Shortening, Click Tracking & Marketing Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 21, 2026
PHP min version7.0
Downloads3K

Community Trust

Rating100/100
Number of ratings12
Active installs100
Alternatives

ShortLinks Pro – Affiliate Links, Link Shortening, Click Tracking & Marketing Alternatives

LinkFiliate – Advanced Affiliate Link Management, Branded Short Links, Click Tracking & Analytics

LinkFiliate – Advanced Affiliate Link Management, Branded Short Links, Click Tracking & Analytics

linkfiliate

A
100

Create pretty branded URLs, cloak affiliate links, and track clicks in real time — giving you better control of all your marketing links in WordPress.

10 No CVEs
LinkCentral – URL shortener, Custom Links & Affiliate Link Shortener with Link Tracking

LinkCentral – URL shortener, Custom Links & Affiliate Link Shortener with Link Tracking

linkcentral

A
100

The easiest URL shortener, short links manager, and link tracking plugin. Fast and optimised for better short links, redirects and affiliate links.

300 No CVEs
LinkAlert

LinkAlert

codirun-linkalert

A
100

Link management and click tracking plugin for WordPress. Monitor clicks in real time, manage short links, and receive instant notifications.

0 No CVEs
PrettyLinks – Affiliate Links, Link Branding, Link Tracking, Marketing and Stripe Payments Plugin

PrettyLinks – Affiliate Links, Link Branding, Link Tracking, Marketing and Stripe Payments Plugin

pretty-link

A
90

🌠 The best WordPress link management, branding, tracking, sharing and payments plugin. Easily make pretty & trackable shortlinks. 🔗

300K 8 CVEs
ThirstyAffiliates – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin

ThirstyAffiliates – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin

thirstyaffiliates

A
95

🔗 Affiliate link management & cloaker tool. Easily manage, shrink and track your affiliate links in WordPress. 🔥

30K 5 CVEs
Developer Profile

ShortLinks Pro – Affiliate Links, Link Shortening, Click Tracking & Marketing Developer Profile

Ruben Garcia

30 plugins · 25K total installs

78
trust score
Avg Security Score
99/100
Avg Patch Time
139 days
View full developer profile
Detection Fingerprints

How We Detect ShortLinks Pro – Affiliate Links, Link Shortening, Click Tracking & Marketing

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/shortlinkspro/assets/css/admin.css/wp-content/plugins/shortlinkspro/assets/css/shortlinkspro.css/wp-content/plugins/shortlinkspro/assets/js/admin.js/wp-content/plugins/shortlinkspro/assets/js/shortlinkspro.js/wp-content/plugins/shortlinkspro/assets/js/vendors/moment.min.js/wp-content/plugins/shortlinkspro/assets/js/vendors/moment-timezone-with-data.min.js
Script Paths
/wp-content/plugins/shortlinkspro/assets/js/admin.js/wp-content/plugins/shortlinkspro/assets/js/shortlinkspro.js/wp-content/plugins/shortlinkspro/assets/js/vendors/moment.min.js/wp-content/plugins/shortlinkspro/assets/js/vendors/moment-timezone-with-data.min.js
Version Parameters
shortlinkspro/assets/css/admin.css?ver=shortlinkspro/assets/css/shortlinkspro.css?ver=shortlinkspro/assets/js/admin.js?ver=shortlinkspro/assets/js/shortlinkspro.js?ver=shortlinkspro/assets/js/vendors/moment.min.js?ver=shortlinkspro/assets/js/vendors/moment-timezone-with-data.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
shortlinkspro-wrappershortlinkspro-listshortlinkspro-tableshortlinkspro-actions
Data Attributes
data-shortlinkspro-id
JS Globals
shortlinkspro_params
REST Endpoints
/wp-json/shortlinkspro/v1/links
Shortcode Output
[shortlinkspro_list][shortlinkspro_analytics]
FAQ

Frequently Asked Questions about ShortLinks Pro – Affiliate Links, Link Shortening, Click Tracking & Marketing