Does SmartyAds have any unpatched vulnerabilities?

No. All known vulnerabilities in SmartyAds have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is SmartyAds compatible with WordPress 4.0.38?

According to WordPress.org data, SmartyAds 1.1 has been tested up to WordPress 4.0.38. Check the plugin's changelog for the latest compatibility information.

How often is SmartyAds updated?

SmartyAds was last updated on Oct 20, 2014. Frequent updates are generally a positive security signal.

What is SmartyAds's security score?

SmartyAds has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

SmartyAds Security & Risk Analysis

wordpress.org/plugins/smartyads

SmartyAds easy-to-install plugin allows efficient monetization of your WordPress built website or blog.

10 active installs v1.1 PHP + WP 3.4+ Updated Oct 20, 2014

adadsadvertisingbannerscpm

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is SmartyAds Safe to Use in 2026?

Generally Safe

Score 85/100

SmartyAds has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The smartyads v1.1 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices regarding SQL query handling, utilizing prepared statements exclusively, and has no recorded vulnerability history, suggesting a generally stable and secure codebase. However, significant concerns arise from the static analysis. The presence of a single AJAX handler without any authentication checks represents a critical entry point that could be exploited by unauthenticated users. Furthermore, the low percentage of properly escaped output (21%) indicates a high likelihood of cross-site scripting (XSS) vulnerabilities, as data is not being adequately sanitized before being displayed to users. While there are no direct indicators of critical taint flows or dangerous function usage in this specific analysis, the combination of an unprotected AJAX endpoint and widespread output escaping issues presents a tangible risk of remote code execution or data leakage.

Key Concerns

AJAX handler without auth checks
Low percentage of output escaping
Flows with unsanitized paths

Vulnerabilities

None known

SmartyAds Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

SmartyAds Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

21% escaped19 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

sync_callback (smartyads.php:124)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

SmartyAds Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_syncsmartyads.php:122

WordPress Hooks 5

actionwidgets_initsmartyads-widget.php:83

actionplugins_loadedsmartyads.php:21

actionadmin_enqueue_scriptssmartyads.php:42

actionadmin_menusmartyads.php:46

actionwp_headsmartyads.php:118

Maintenance & Trust

SmartyAds Maintenance & Trust

Maintenance Signals

WordPress version tested4.0.38

Last updatedOct 20, 2014

PHP min version

Downloads2K

Community Trust

Rating60/100

Number of ratings2

Active installs10

Alternatives

SmartyAds Alternatives

AdPlugg WordPress Ad Plugin

adplugg

100

Advertising is easy with AdPlugg. The AdPlugg WordPress Ad Plugin and ad server allow you to easily manage, schedule, rotate and track your ads.

500 1 CVE

Ad Commander – Ad Manager for Banners, AdSense, Ad Networks

ad-commander

100

Insert image banner ads, Google AdSense, Amazon, affiliate ad networks. Rotate and randomize ad groups. Track impressions and clicks. Create ads.txt.

100 No CVEs

Ad Commander Tools

ad-commander-tools

Add-on for the Ad Commander plugin that allows you to import, export, and manage ad statistics. This plugin requires Ad Commander.

50 No CVEs

Adshares

adshares

The easiest way to connect your site to the Adshares network.

10 No CVEs

Next Tiny Ring

next-tiny-ring

100

Next Tiny Ring allows you to propose an advertising solution through display of banner ads shared on a network of several websites.

0 No CVEs

Developer Profile

SmartyAds Developer Profile

SmartyAds

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect SmartyAds

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/smartyads/style.css/wp-content/plugins/smartyads/js/script.js

Script Paths

//stat.smartyads.com/simpr2.php

HTML / DOM Fingerprints

CSS Classes

b-monetgurub-wizardb-control__btnb-control__labelb-control__inputb-helpb-wizard_step_1b-control+1 more

Data Attributes

id="sync_input"id="sync_btn"

JS Globals

ajax_file_api

FAQ