WP-Safety

SkylarkAds Advertisement Banner Security & Risk Analysis

wordpress.org/plugins/skylarkads

A powerful yet easy-to-use advertisement management system for WordPress with customizable designs and detailed analytics.

0 active installs v1.6.6 PHP 7.4+ WP 5.0+ Updated Oct 28, 2025
adsadvertisementanalyticsbannermarketing
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is SkylarkAds Advertisement Banner Safe to Use in 2026?

Generally Safe

Score 100/100

SkylarkAds Advertisement Banner has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6mo ago
Risk Assessment

The skylarkads plugin v1.6.6 exhibits a generally strong security posture with a few notable areas for improvement. The static analysis reveals excellent practices in SQL query handling, with 100% prepared statements, and a high degree of output escaping (99%). The absence of dangerous functions, file operations, and recorded vulnerabilities in its history are all positive indicators. The presence of robust nonce and capability checks across most entry points also contributes to a good overall defense.

However, the plugin presents two AJAX handlers that lack authentication checks. While the taint analysis did not reveal any unsanitized paths, these unprotected AJAX endpoints represent a potential attack surface. If these handlers perform sensitive operations or reveal information without proper validation, they could be exploited. The presence of 12 AJAX handlers indicates a significant reliance on this mechanism, making the unprotected ones a more pronounced concern.

In conclusion, skylarkads is built on a solid foundation with good security practices. The primary weakness lies in the two unprotected AJAX endpoints. Addressing these by implementing appropriate authentication and capability checks would significantly bolster the plugin's security. The plugin's clean vulnerability history is encouraging, suggesting a proactive approach to security, but vigilance is always required, especially with exposed entry points.

Key Concerns

  • Unprotected AJAX handlers
Vulnerabilities
None known

SkylarkAds Advertisement Banner Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

SkylarkAds Advertisement Banner Release Timeline

v1.6.6Current
Code Analysis
Analyzed Mar 17, 2026

SkylarkAds Advertisement Banner Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
30 prepared
Unescaped Output
8
657 escaped
Nonce Checks
14
Capability Checks
9
File Operations
0
External Requests
3
Bundled Libraries
0

SQL Query Safety

100% prepared30 total queries

Output Escaping

99% escaped665 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

3 flows
ajax_get_campaign_performance (js\campaign-performance.php:316)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

SkylarkAds Advertisement Banner Attack Surface

Entry Points14
Unprotected2

AJAX Handlers 12

authwp_ajax_skylarkads_get_campaign_performancejs\campaign-performance.php:28
authwp_ajax_skylarkads_send_analytics_dataskylarkads-banner-analytics.php:10
noprivwp_ajax_skylarkads_send_analytics_dataskylarkads-banner-analytics.php:11
authwp_ajax_skylarkads_get_banner_statsskylarkads-banner-stats.php:144
authwp_ajax_skylarkads_get_banner_date_rangeskylarkads-banner-stats.php:188
authwp_ajax_skylarkads_increment_ad_click_countskylarkads.php:99
noprivwp_ajax_skylarkads_increment_ad_click_countskylarkads.php:100
authwp_ajax_skylarkads_increment_ad_view_countskylarkads.php:101
noprivwp_ajax_skylarkads_increment_ad_view_countskylarkads.php:102
authwp_ajax_skylarkads_get_banner_statsskylarkads.php:105
authwp_ajax_skylarkads_get_banner_date_rangeskylarkads.php:106
authwp_ajax_skylarkads_dismiss_premium_noticeskylarkads.php:114

Shortcodes 2

[skylarkads_ad_banner] skylarkads.php:95
[skylarkads_animation_test] skylarkads.php:96
WordPress Hooks 47
actionincrement_ad_view_countjs\campaign-performance.php:18
actionincrement_ad_click_countjs\campaign-performance.php:19
actioncheck_campaigns_dailyjs\campaign-performance.php:22
actionwp_dashboard_setupjs\campaign-performance.php:25
actionwp_enqueue_scriptsskylarkads-banner-analytics.php:9
actionincrement_ad_view_countskylarkads-banner-analytics.php:12
actionincrement_ad_click_countskylarkads-banner-analytics.php:13
actioninitskylarkads-banner-campaigns.php:9
actionadd_meta_boxesskylarkads-banner-campaigns.php:10
actionsave_postskylarkads-banner-campaigns.php:11
filteruse_block_editor_for_post_typeskylarkads-banner-campaigns.php:12
actionadmin_menuskylarkads-banner-campaigns.php:13
filtergettextskylarkads-banner-campaigns.php:14
actionadmin_enqueue_scriptsskylarkads-banner-campaigns.php:16
filterredirect_post_locationskylarkads-banner-campaigns.php:149
actionadmin_noticesskylarkads-banner-campaigns.php:199
actioninitskylarkads-banner-groups.php:7
actionadmin_enqueue_scriptsskylarkads-banner-stats.php:26
actionskylarkads_cleanup_expired_dataskylarkads-security-manager.php:149
actioninitskylarkads.php:48
actionplugins_loadedskylarkads.php:49
actionplugins_loadedskylarkads.php:86
actioninitskylarkads.php:87
actionadd_meta_boxesskylarkads.php:88
actioninitskylarkads.php:89
actionsave_postskylarkads.php:90
actioninitskylarkads.php:91
actioninitskylarkads.php:92
actioninitskylarkads.php:93
actioninitskylarkads.php:94
actionwp_enqueue_scriptsskylarkads.php:97
actionenqueue_block_editor_assetsskylarkads.php:98
actionadmin_menuskylarkads.php:103
actionadmin_enqueue_scriptsskylarkads.php:104
actionadmin_initskylarkads.php:107
actioncheck_campaigns_dailyskylarkads.php:108
actioninitskylarkads.php:109
actioncheck_campaign_statusskylarkads.php:110
filteradmin_body_classskylarkads.php:111
actionadmin_headskylarkads.php:112
actionadmin_noticesskylarkads.php:113
actionadmin_footerskylarkads.php:115
actionadmin_footerskylarkads.php:116
actionadmin_noticesskylarkads.php:1029
actionsave_postskylarkads.php:1105
filterupload_mimesskylarkads.php:3190
actionwp_enqueue_scriptsskylarkads.php:3195

Scheduled Events 2

skylarkads_cleanup_expired_data
check_campaigns_daily
Maintenance & Trust

SkylarkAds Advertisement Banner Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedOct 28, 2025
PHP min version7.4
Downloads158

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

SkylarkAds Advertisement Banner Alternatives

Website Pop-up Builder by BDOW! (formerly Sumo): Pop-ups + forms for email opt-ins and lead generation

Website Pop-up Builder by BDOW! (formerly Sumo): Pop-ups + forms for email opt-ins and lead generation

sumome

A
100

Sumo is trusted by over 600,000 businesses — small and large — in growing their email lists, customer base, and revenue online.

20K 1 CVE
CallTrackingMetrics

CallTrackingMetrics

call-tracking-metrics

A
100

CallTrackingMetrics integrates with your WordPress site to provide powerful call tracking and attribution.

3K No CVEs
Random Banner

Random Banner

random-banner

C
54

Display random image, SWF, or script ads across your WordPress site with this powerful, customizable, and user-friendly Random Banner plugin.

1K 2 unpatched
WP Bannerize Pro

WP Bannerize Pro

wp-bannerize-pro

A
95

Bannerize simplifies banner creation and management. Track views and clicks to gauge campaign success.

900 4 CVEs
Banner Upload

Banner Upload

banner-upload

A
85

Easy way to display the different size of banner advertisements in WordPress using widgets

500 No CVEs
Developer Profile

SkylarkAds Advertisement Banner Developer Profile

skylarkads

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect SkylarkAds Advertisement Banner

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/skylarkads/assets/css/skylarkads-frontend.css/wp-content/plugins/skylarkads/assets/js/skylarkads-frontend.js/wp-content/plugins/skylarkads/assets/js/skylarkads-admin.js/wp-content/plugins/skylarkads/assets/css/skylarkads-admin.css/wp-content/plugins/skylarkads/assets/js/skylarkads-banner-preview.js/wp-content/plugins/skylarkads/assets/css/skylarkads-editor.css
Script Paths
/wp-content/plugins/skylarkads/assets/js/skylarkads-frontend.js/wp-content/plugins/skylarkads/assets/js/skylarkads-admin.js/wp-content/plugins/skylarkads/assets/js/skylarkads-banner-preview.js
Version Parameters
skylarkads/assets/css/skylarkads-frontend.css?ver=skylarkads/assets/js/skylarkads-frontend.js?ver=skylarkads/assets/js/skylarkads-admin.js?ver=skylarkads/assets/css/skylarkads-admin.css?ver=skylarkads/assets/js/skylarkads-banner-preview.js?ver=skylarkads/assets/css/skylarkads-editor.css?ver=

HTML / DOM Fingerprints

CSS Classes
skylarkads-menu-iconskylarkads-banner-containerskylarkads-banner-wrapperskylarkads-banner-item
HTML Comments
<!-- SkylarkAds Ad Banner Shortcode -->
Data Attributes
data-skylarkads-banner-iddata-skylarkads-banner-group-iddata-skylarkads-ad-typedata-skylarkads-ad-id
JS Globals
window.SkylarkAdsFrontendwindow.SkylarkAdsAdminwindow.skylarkads_ajax_object
REST Endpoints
/wp-json/skylarkads/v1/banners/wp-json/skylarkads/v1/stats/wp-json/skylarkads/v1/clicks/wp-json/skylarkads/v1/views
Shortcode Output
[skylarkads_ad_banner[skylarkads_animation_test
FAQ

Frequently Asked Questions about SkylarkAds Advertisement Banner