Viet Nam Affiliate Security & Risk Analysis
wordpress.org/plugins/viet-nam-affiliateViệt Nam affiliate tools là công cụ cho phép bạn chuyển đổi các link trên post của bạn thành link affiliate hỗ trợ tracking chi tiết, đầy đủ.
Is Viet Nam Affiliate Safe to Use in 2026?
Use With Caution
Score 64/100Viet Nam Affiliate has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.
The "viet-nam-affiliate" plugin v1.0.0 exhibits a concerning security posture despite a seemingly small attack surface. While there are no reported AJAX handlers, REST API routes, shortcodes, or cron events, the static analysis reveals significant weaknesses. Notably, 50% of SQL queries are not using prepared statements, presenting a risk of SQL injection. Furthermore, a critical issue is the complete lack of output escaping, meaning all data outputted by the plugin is potentially vulnerable to Cross-Site Scripting (XSS) attacks. The taint analysis confirms this, with 100% of analyzed flows having unsanitized paths and two flows identified as high severity.
The plugin's vulnerability history is also a major red flag. It has one known, currently unpatched medium-severity CVE, which is a common cross-site scripting vulnerability. This pattern, combined with the static analysis findings, strongly suggests a history of insecure coding practices, particularly around input handling and output sanitization. The outdated bundled library, DataTables v1.10.18, could also introduce additional vulnerabilities if it has known exploits. In conclusion, while the attack surface appears minimal, the lack of input validation, unescaped output, and the unpatched CVE indicate a significant and active security risk that requires immediate attention.
Key Concerns
- Unpatched CVE
- High severity taint flows
- No output escaping
- Raw SQL queries
- Bundled outdated library
Viet Nam Affiliate Security Vulnerabilities
CVEs by Year
Severity Breakdown
1 total CVE
Viet Nam Affiliate <= 1.0.0 - Authenticated (Administrator+) Stored Cross-Site Scripting
Viet Nam Affiliate Code Analysis
Bundled Libraries
SQL Query Safety
Output Escaping
Data Flow Analysis
Viet Nam Affiliate Attack Surface
WordPress Hooks 5
Maintenance & Trust
Viet Nam Affiliate Maintenance & Trust
Maintenance Signals
Community Trust
Viet Nam Affiliate Alternatives
Flixy – Review & Product Boxes For Affiliate Pages
flixy-review-product-boxes-for-affiliate-pages
Flixy Boxes is simple, responsive wordpress plugin for creating responsive Review/Product box. The Flixy Boxes feature lets you promote specific produ …
PrettyLinks – Affiliate Links, Link Branding, Link Tracking, Marketing and Stripe Payments Plugin
pretty-link
🌠 The best WordPress link management, branding, tracking, sharing and payments plugin. Easily make pretty & trackable shortlinks. 🔗
Advanced Ads – Ad Manager & AdSense
advanced-ads
The only complete toolkit for all ad types. Grow your revenue with AdSense, Amazon—or any affiliate network. Get pinpoint targeting and best support!
ThirstyAffiliates – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin
thirstyaffiliates
🔗 Affiliate link management & cloaker tool. Easily manage, shrink and track your affiliate links in WordPress. 🔥
AdRotate Banner Manager
adrotate
Easily manage, and schedule ads on your WordPress site with AdRotate. Support for Google AdSense, Amazon, and custom banners. Start monetizing today!
Viet Nam Affiliate Developer Profile
1 plugin · 10 total installs
How We Detect Viet Nam Affiliate
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/viet-nam-affiliate/assets/css/datatables.min.css/wp-content/plugins/viet-nam-affiliate/assets/js/datatables.min.js/wp-content/plugins/viet-nam-affiliate/assets/js/init.js/wp-content/plugins/viet-nam-affiliate/assets/js/datatables.min.js/wp-content/plugins/viet-nam-affiliate/assets/js/init.jsHTML / DOM Fingerprints
<!-- VIET NAM Affiliate --><!-- @link https://toidicode.com --><!-- @since 1.0.0 --><!-- @package Toidicode.com -->+16 more