Does SteClick Counter have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is SteClick Counter compatible with WordPress 6.9.4?

According to WordPress.org data, SteClick Counter 1.0.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is SteClick Counter compatible with PHP 7.4+?

SteClick Counter requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is SteClick Counter updated?

SteClick Counter was last updated on Jan 23, 2026. Frequent updates are generally a positive security signal.

What is SteClick Counter's security score?

SteClick Counter has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

SteClick Counter Security & Risk Analysis

wordpress.org/plugins/steclick-counter

Lightweight click tracking for WordPress. Track any link or button by simply adding a prefix to your URLs.

20 active installs v1.0.0 PHP 7.4+ WP 6.0+ Updated Jan 23, 2026

analyticsclick-trackingdownload-trackinglink-counterpdf-tracking

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is SteClick Counter Safe to Use in 2026?

Generally Safe

Score 100/100

SteClick Counter has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

The steclick-counter v1.0.0 plugin exhibits a generally good security posture based on the static analysis. It effectively utilizes prepared statements for all SQL queries, which is a critical security practice for preventing SQL injection vulnerabilities. The high percentage of properly escaped output also indicates a good effort to mitigate cross-site scripting (XSS) risks. Furthermore, the presence of nonce and capability checks, even if limited in scope, demonstrates an awareness of WordPress security best practices for authentication and authorization.

Key Concerns

Flows with unsanitized paths
File operations detected
Low number of checks

Vulnerabilities

None known

SteClick Counter Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

SteClick Counter Release Timeline

v1.0.0Current

Code Analysis

Analyzed Mar 16, 2026

SteClick Counter Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

26 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

93% escaped28 total outputs

Data Flows · Security

1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths

steclick_handle_redirect (steclick-counter.php:118)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

SteClick Counter Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 3

actioninitsteclick-counter.php:154

actionadmin_menusteclick-counter.php:170

actionadmin_post_steclick_delete_tagsteclick-counter.php:216

Maintenance & Trust

SteClick Counter Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 23, 2026

PHP min version7.4

Downloads173

Community Trust

Rating0/100

Number of ratings0

Active installs20

Alternatives

SteClick Counter Alternatives

Click Counter by Simple Tools

click-counter

100

Advanced click tracking for any CSS selector. Analytics, charts, goals, CSV export, visual picker, and more.

100 No CVEs

Smart Click Tracker

smart-click-tracker

100

Track clicks on any element of your WordPress site and view detailed statistics with beautiful charts.

100 No CVEs

Linkyy – A Link Click Tracker

linkyy-link-tracker

100

Lightweight link click tracking with admin dashboard analytics for WordPress.

10 No CVEs

Track a click on Google Analytics

track-a-click-on-google-analytics

A simple shortcode to insert Google Analytics event tracking code on your links

10 No CVEs

Epic Tracking – Click & Event Tracking for WordPress

epic-tracking

100

Click and event tracking for WordPress. Point, click, and track — no code, no tag managers, no third-party scripts.

0 No CVEs

Developer Profile

SteClick Counter Developer Profile

Kasuga

8 plugins · 140 total installs

100

trust score

Avg Security Score

100/100

Avg Patch Time

1 days

View full developer profile

Detection Fingerprints

How We Detect SteClick Counter

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

steclick-counter

Shortcode Output

<p class="description">
		<strong>No setup required.</strong> Just add the prefix <strong><code>/?tag={TAG}&to=</code></strong> before the URL you want to track clicks for.<br>Example: <i>/?tag=pdf01&to=https://example.com/sample.pdf</i>
	</p>

FAQ