Does Tiny1z Short URLs have any unpatched vulnerabilities?

No. All known vulnerabilities in Tiny1z Short URLs have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Tiny1z Short URLs compatible with WordPress 6.8.5?

According to WordPress.org data, Tiny1z Short URLs 1.0.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Tiny1z Short URLs compatible with PHP 7.0+?

Tiny1z Short URLs requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Tiny1z Short URLs updated?

Tiny1z Short URLs was last updated on Sep 7, 2025. Frequent updates are generally a positive security signal.

What is Tiny1z Short URLs's security score?

Tiny1z Short URLs has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Tiny1z Short URLs Security & Risk Analysis

wordpress.org/plugins/tiny1z-short-urls

Automatically generate and manage Tiny1z short URLs for posts, pages, and WooCommerce products. Modern, fast, and easy to use.

0 active installs v1.0.0 PHP 7.0+ WP 5.0+ Updated Sep 7, 2025

linkssharingshort-urlurl-shortener

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Tiny1z Short URLs Safe to Use in 2026?

Generally Safe

Score 100/100

Tiny1z Short URLs has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6mo ago

Risk Assessment

The tiny1z-short-urls plugin version 1.0.0 exhibits a generally strong security posture based on the provided static analysis. The absence of any known CVEs and the plugin's clean vulnerability history are positive indicators. Code analysis reveals good practices such as 100% of SQL queries using prepared statements and a very high rate of output escaping (94%). The attack surface is relatively small, with only two entry points identified, and crucially, none are reported as unprotected. The presence of nonce checks further strengthens its security.

However, there are a few areas that warrant attention. The lack of capability checks on any of the entry points (AJAX handlers or shortcodes) is a notable weakness. While the static analysis didn't detect any tainted flows, the absence of capability checks means that any user, regardless of their role or permissions, could potentially interact with the plugin's functionality. The two external HTTP requests, while not inherently insecure, represent a potential vector if the target URLs are compromised or if the plugin doesn't validate the responses it receives.

In conclusion, tiny1z-short-urls v1.0.0 is a relatively secure plugin with good coding practices in place. The primary concern is the lack of role-based access control, which could be exploited if the plugin's functionality has sensitive implications. Addressing this would significantly enhance its overall security.

Key Concerns

Missing capability checks on entry points

Vulnerabilities

None known

Tiny1z Short URLs Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Tiny1z Short URLs Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

29 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

94% escaped31 total outputs

Attack Surface

Tiny1z Short URLs Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 1

authwp_ajax_tiny1z_generate_urlincludes\class-plugin-core.php:40

Shortcodes 1

[tiny1z_short_url] includes\class-plugin-core.php:37

WordPress Hooks 16

actionadmin_menuincludes\class-plugin-core.php:18

actionadmin_initincludes\class-plugin-core.php:19

actionsave_postincludes\class-plugin-core.php:22

actionsave_post_productincludes\class-plugin-core.php:23

filtermanage_post_posts_columnsincludes\class-plugin-core.php:26

actionmanage_post_posts_custom_columnincludes\class-plugin-core.php:27

filtermanage_page_posts_columnsincludes\class-plugin-core.php:28

actionmanage_page_posts_custom_columnincludes\class-plugin-core.php:29

filtermanage_product_posts_columnsincludes\class-plugin-core.php:30

actionmanage_product_posts_custom_columnincludes\class-plugin-core.php:31

actionwoocommerce_email_after_order_tableincludes\class-plugin-core.php:34

actionadmin_enqueue_scriptsincludes\class-plugin-core.php:39

filterthe_contentincludes\class-plugin-core.php:42

actionadmin_enqueue_scriptsincludes\class-plugin-core.php:44

actionwp_enqueue_scriptsincludes\class-plugin-core.php:45

actionplugins_loadedtiny1z-short-url.php:19

Maintenance & Trust

Tiny1z Short URLs Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedSep 7, 2025

PHP min version7.0

Downloads204

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Tiny1z Short URLs Alternatives

Short.bg URL Shortener

short-bg-url-shortener

100

Shorten post URLs via Short.bg API directly from the WordPress editor.

0 No CVEs

URL Short tool by Shorterm – Simple, Fast & Private

shorterm

100

Lightweight WordPress URL Shortener. Create custom slugs, cloak affiliate links & track clicks without slowing down your site.

0 No CVEs

URL Shortify – Simple and Easy URL Shortener

url-shortify

URL Shortify helps you beautify, manage, share & cloak any links on or off your WordPress website. Create links using your domain name!

10K 9 CVEs

Link Shortner

link-shortener

100

Link Shortner allows you to easily create clean, branded short permalink links for your posts custom URL.

900 No CVEs

Bitly URL Shortener

codehaveli-bitly-url-shortener

Bitly URL Shortener uses the functionality of Bitly API to generate Bitly short link without leaving your WordPress site.

600 1 CVE

Developer Profile

Tiny1z Short URLs Developer Profile

Tiny1z

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Tiny1z Short URLs

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

../assets/tiny1z-admin.css../assets/tiny1z-frontend.css../assets/tiny1z-frontend.js

Version Parameters

tiny1z-admin-css?ver=tiny1z-frontend-css?ver=tiny1z-frontend-js?ver=

HTML / DOM Fingerprints

CSS Classes

tiny1z-short-url-wraptiny1z-short-url-btntiny1z-short-url-snippettiny1z-short-url-inputtiny1z-copy-btntiny1z-short-url-card

Data Attributes

data-input

REST Endpoints

/wp-json/tiny1z/

Shortcode Output

<div class='tiny1z-short-url-wrap'><a href='' class='tiny1z-short-url-btn' target='_blank'>🔗 Copy Short URL</a></div>

<div class='tiny1z-short-url-snippet' style='position:relative;display:flex;align-items:center;max-width:420px;margin:1em 0;'>

<input type='text' readonly value='

FAQ