WP-Safety

Wbcom Designs – WB Ad Manager Security & Risk Analysis

wordpress.org/plugins/wb-ads-rotator-with-split-test

Comprehensive ad management for WordPress with ad rotation, split testing, multiple placements, Google AdSense, BuddyPress, and bbPress integration.

10 active installs v2.6.0 PHP 7.4+ WP 5.8+ Updated Jan 20, 2026
ad-managerad-rotationadsadsensesplit-test
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Wbcom Designs – WB Ad Manager Safe to Use in 2026?

Generally Safe

Score 100/100

Wbcom Designs – WB Ad Manager has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The "wb-ads-rotator-with-split-test" v2.6.0 plugin exhibits a generally good security posture, with a strong emphasis on security best practices like nonce and capability checks. The static analysis reveals a comprehensive approach to input sanitization and output escaping, with a very high percentage of outputs being properly escaped and a significant portion of SQL queries utilizing prepared statements. The absence of known CVEs and a history free of recorded vulnerabilities further reinforce this positive impression.

However, the taint analysis highlights a significant area of concern. A large number of identified flows (9 out of 11) show unsanitized paths, with 9 of these being categorized as high severity. This suggests that while the plugin might be escaping output effectively, there are potential vulnerabilities in how user-supplied data is processed internally before reaching sensitive operations or being used in SQL queries. The presence of external HTTP requests, while not inherently a vulnerability, could be a vector if not handled securely. The large number of total SQL queries, even with a high percentage using prepared statements, warrants careful review of the remaining 27% that do not.

In conclusion, the plugin demonstrates strong defensive coding in many areas. The lack of historical vulnerabilities is a positive indicator. Nevertheless, the high number of high-severity unsanitized taint flows is a critical weakness that needs immediate attention. Addressing these specific taint flow issues should be the priority to ensure the plugin's security.

Key Concerns

  • High severity unsanitized taint flows
  • SQL queries without prepared statements
Vulnerabilities
None known

Wbcom Designs – WB Ad Manager Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Wbcom Designs – WB Ad Manager Code Analysis

Dangerous Functions
0
Raw SQL Queries
25
66 prepared
Unescaped Output
46
940 escaped
Nonce Checks
17
Capability Checks
9
File Operations
0
External Requests
3
Bundled Libraries
0

SQL Query Safety

73% prepared91 total queries

Output Escaping

95% escaped986 total outputs
Data Flows
10 unsanitized

Data Flow Analysis

11 flows10 with unsanitized paths
render_page (includes\Modules\Links\class-partnership-admin.php:191)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Wbcom Designs – WB Ad Manager Attack Surface

Entry Points15
Unprotected0

AJAX Handlers 9

authwp_ajax_wbam_dismiss_setupincludes\Admin\class-setup-wizard.php:47
authwp_ajax_wbam_track_clickincludes\Frontend\class-frontend.php:38
noprivwp_ajax_wbam_track_clickincludes\Frontend\class-frontend.php:39
authwp_ajax_wbam_email_captureincludes\Frontend\class-frontend.php:40
noprivwp_ajax_wbam_email_captureincludes\Frontend\class-frontend.php:41
authwp_ajax_wbam_track_link_clickincludes\Modules\Links\class-links-module.php:114
noprivwp_ajax_wbam_track_link_clickincludes\Modules\Links\class-links-module.php:115
authwp_ajax_wbam_submit_partnershipincludes\Modules\Links\class-partnership-form.php:75
noprivwp_ajax_wbam_submit_partnershipincludes\Modules\Links\class-partnership-form.php:76

Shortcodes 6

[wbam_link] includes\Modules\Links\class-link-shortcodes.php:37
[wbam_links] includes\Modules\Links\class-link-shortcodes.php:38
[wbam_link_url] includes\Modules\Links\class-link-shortcodes.php:39
[wbam_partnership_inquiry] includes\Modules\Links\class-partnership-form.php:74
[wbam_ad] includes\Modules\Placements\class-shortcode-placement.php:51
[wbam_ads] includes\Modules\Placements\class-shortcode-placement.php:52
WordPress Hooks 99
actionadmin_enqueue_scriptsincludes\Admin\class-admin.php:36
actionadd_meta_boxesincludes\Admin\class-admin.php:37
actionsave_postincludes\Admin\class-admin.php:38
filtermanage_wbam-ad_posts_columnsincludes\Admin\class-admin.php:39
actionmanage_wbam-ad_posts_custom_columnincludes\Admin\class-admin.php:40
actionadmin_initincludes\Admin\class-admin.php:41
actionadmin_noticesincludes\Admin\class-admin.php:76
actionadd_meta_boxesincludes\Admin\class-display-options.php:29
actionsave_postincludes\Admin\class-display-options.php:30
actionadmin_menuincludes\Admin\class-help-docs.php:51
actionadmin_enqueue_scriptsincludes\Admin\class-help-docs.php:52
actionadmin_menuincludes\Admin\class-settings.php:64
actionadmin_initincludes\Admin\class-settings.php:65
actionadmin_menuincludes\Admin\class-setup-wizard.php:44
actionadmin_initincludes\Admin\class-setup-wizard.php:45
actionadmin_noticesincludes\Admin\class-setup-wizard.php:46
actionadmin_menuincludes\Admin\class-upgrade-pro.php:50
actionadmin_enqueue_scriptsincludes\Admin\class-upgrade-pro.php:51
actioninitincludes\Core\class-plugin.php:84
actionadmin_initincludes\Core\class-plugin.php:165
actionadmin_noticesincludes\Core\class-plugin.php:166
actionwp_enqueue_scriptsincludes\Frontend\class-frontend.php:37
actionwp_headincludes\Frontend\class-frontend.php:42
filterwbam_ad_outputincludes\Frontend\class-frontend.php:45
filterscript_loader_tagincludes\Frontend\class-frontend.php:107
actionwp_footerincludes\Modules\AdTypes\class-ad-sense-ad.php:43
filterscript_loader_tagincludes\Modules\AdTypes\class-ad-sense-ad.php:106
actionbbp_template_before_forums_loopincludes\Modules\bbPress\class-bb-press-module.php:129
actionbbp_template_after_forums_loopincludes\Modules\bbPress\class-bb-press-module.php:130
actionbbp_template_before_topics_loopincludes\Modules\bbPress\class-bb-press-module.php:133
actionbbp_template_after_topics_loopincludes\Modules\bbPress\class-bb-press-module.php:134
actionbbp_template_before_single_topicincludes\Modules\bbPress\class-bb-press-module.php:137
actionbbp_template_after_single_topicincludes\Modules\bbPress\class-bb-press-module.php:138
actionbbp_template_before_replies_loopincludes\Modules\bbPress\class-bb-press-module.php:141
actionbbp_theme_after_reply_contentincludes\Modules\bbPress\class-bb-press-module.php:142
actionwidgets_initincludes\Modules\bbPress\class-bb-press-module.php:356
actionbp_after_activity_entryincludes\Modules\BuddyPress\class-bp-activity-placement.php:60
actionbp_before_activity_loopincludes\Modules\BuddyPress\class-bp-activity-placement.php:63
actionbp_before_members_loopincludes\Modules\BuddyPress\class-bp-directory-placement.php:82
actionbp_after_members_loopincludes\Modules\BuddyPress\class-bp-directory-placement.php:83
actionbp_before_groups_loopincludes\Modules\BuddyPress\class-bp-directory-placement.php:86
actionbp_after_groups_loopincludes\Modules\BuddyPress\class-bp-directory-placement.php:87
actionbp_directory_members_itemincludes\Modules\BuddyPress\class-bp-directory-placement.php:90
actionbp_directory_groups_itemincludes\Modules\BuddyPress\class-bp-directory-placement.php:91
actionwidgets_initincludes\Modules\BuddyPress\class-bp-widgets.php:26
actioninitincludes\Modules\Links\class-link-cloaker.php:40
filterquery_varsincludes\Modules\Links\class-link-cloaker.php:41
actiontemplate_redirectincludes\Modules\Links\class-link-cloaker.php:42
actionwp_enqueue_scriptsincludes\Modules\Links\class-link-shortcodes.php:42
actionadmin_menuincludes\Modules\Links\class-links-admin.php:45
actionadmin_initincludes\Modules\Links\class-links-admin.php:46
actionadmin_enqueue_scriptsincludes\Modules\Links\class-links-admin.php:47
actionwp_enqueue_scriptsincludes\Modules\Links\class-links-module.php:110
filterwbam_settings_tabsincludes\Modules\Links\class-links-module.php:118
filterwbam_settings_fieldsincludes\Modules\Links\class-links-module.php:119
actionadmin_menuincludes\Modules\Links\class-partnership-admin.php:44
actionadmin_initincludes\Modules\Links\class-partnership-admin.php:45
actionadmin_enqueue_scriptsincludes\Modules\Links\class-partnership-admin.php:46
actionadmin_menuincludes\Modules\Links\class-partnership-admin.php:49
actionwbam_partnership_createdincludes\Modules\Links\class-partnership-emails.php:38
actionwbam_partnership_acceptedincludes\Modules\Links\class-partnership-emails.php:41
actionwbam_partnership_rejectedincludes\Modules\Links\class-partnership-emails.php:44
filterwbam_partnership_email_headersincludes\Modules\Links\class-partnership-emails.php:47
actionwp_enqueue_scriptsincludes\Modules\Links\class-partnership-form.php:77
actionloop_endincludes\Modules\Placements\class-after-archive-placement.php:93
actionbuddyx_after_contentincludes\Modules\Placements\class-after-archive-placement.php:97
actiongenesis_after_loopincludes\Modules\Placements\class-after-archive-placement.php:99
actiongenerate_after_main_contentincludes\Modules\Placements\class-after-archive-placement.php:101
actionastra_primary_content_bottomincludes\Modules\Placements\class-after-archive-placement.php:103
actionocean_after_contentincludes\Modules\Placements\class-after-archive-placement.php:105
actiontheme_after_contentincludes\Modules\Placements\class-after-archive-placement.php:107
actionloop_startincludes\Modules\Placements\class-before-archive-placement.php:93
actionbuddyx_before_contentincludes\Modules\Placements\class-before-archive-placement.php:97
actiongenesis_before_loopincludes\Modules\Placements\class-before-archive-placement.php:99
actiongenerate_before_main_contentincludes\Modules\Placements\class-before-archive-placement.php:101
actionastra_primary_content_topincludes\Modules\Placements\class-before-archive-placement.php:103
actionocean_before_contentincludes\Modules\Placements\class-before-archive-placement.php:105
actiontheme_before_contentincludes\Modules\Placements\class-before-archive-placement.php:107
actioncomment_form_beforeincludes\Modules\Placements\class-comment-placement.php:85
actioncomment_form_afterincludes\Modules\Placements\class-comment-placement.php:86
filtercomments_arrayincludes\Modules\Placements\class-comment-placement.php:87
filterget_comment_textincludes\Modules\Placements\class-comment-placement.php:88
filterthe_contentincludes\Modules\Placements\class-content-placement.php:45
actionwp_footerincludes\Modules\Placements\class-footer-placement.php:52
actionwp_body_openincludes\Modules\Placements\class-header-placement.php:53
actionbuddyx_body_topincludes\Modules\Placements\class-header-placement.php:56
actionreign_body_topincludes\Modules\Placements\class-header-placement.php:57
actiongenesis_before_headerincludes\Modules\Placements\class-header-placement.php:58
actiontheme_body_topincludes\Modules\Placements\class-header-placement.php:59
filterthe_contentincludes\Modules\Placements\class-paragraph-placement.php:45
actionwbam_save_ad_metaincludes\Modules\Placements\class-placement-engine.php:59
actiondelete_postincludes\Modules\Placements\class-placement-engine.php:60
actiontrashed_postincludes\Modules\Placements\class-placement-engine.php:61
actionwp_footerincludes\Modules\Placements\class-popup-placement.php:78
actionwp_footerincludes\Modules\Placements\class-sticky-placement.php:78
actionwidgets_initincludes\Modules\Placements\class-widget-placement.php:45
filterwbam_ad_outputincludes\Modules\Targeting\class-frequency-manager.php:47
actionwp_footerincludes\Modules\Targeting\class-frequency-manager.php:50
actionplugins_loadedwb-ads-rotator-with-split-test.php:117
Maintenance & Trust

Wbcom Designs – WB Ad Manager Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 20, 2026
PHP min version7.4
Downloads13K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Wbcom Designs – WB Ad Manager Alternatives

Ad Inserter – Ad Manager & AdSense Ads

Ad Inserter – Ad Manager & AdSense Ads

ad-inserter

A
88

Manage Google AdSense ads, banners, ad rotation, sticky widgets, AMP ads, ads.txt, tracking, header and footer code, PHP code, global custom fields

300K 12 CVEs
AD Publisher – Automatically insert post ads

AD Publisher – Automatically insert post ads

ad-publisher

A
85

Automatically publishing ad code and increasing THE ad UNIT AdSense CTR

100 No CVEs
Auto Ad Inserter – Increase Google Adsense and Ad Manager Revenue

Auto Ad Inserter – Increase Google Adsense and Ad Manager Revenue

revenueflex-easy-ads

A
100

Auto Ad Inserter is an AI-assisted tool used to get the best revenue from ads placed on your site through Google Adsense and Ads manager.

50 1 CVE
Remove Yellow BGBOX

Remove Yellow BGBOX

remove-yellow-bgbox

A
85

Fix the background color that sometimes AdSense ads have on websites/blog’s (Remove Yellow Background/Box From Google Adsense Ads).

10 No CVEs
Advanced Ads – Ad Manager & AdSense

Advanced Ads – Ad Manager & AdSense

advanced-ads

A
88

The only complete toolkit for all ad types. Grow your revenue with AdSense, Amazon—or any affiliate network. Get pinpoint targeting and best support!

100K 8 CVEs
Developer Profile

Wbcom Designs – WB Ad Manager Developer Profile

Varun Dubey

5 plugins · 420 total installs

76
trust score
Avg Security Score
95/100
Avg Patch Time
532 days
View full developer profile
Detection Fingerprints

How We Detect Wbcom Designs – WB Ad Manager

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wb-ads-rotator-with-split-test/assets/css/admin.css/wp-content/plugins/wb-ads-rotator-with-split-test/assets/js/admin.js
Script Paths
/wp-content/plugins/wb-ads-rotator-with-split-test/assets/js/admin.js
Version Parameters
wb-ads-rotator-with-split-test/assets/css/admin.css?ver=wb-ads-rotator-with-split-test/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
wbam-ad-settingswbam-ad-placementswbam-ad-status
Data Attributes
data-wbam-ad-iddata-wbam-placement-id
JS Globals
wbamAdminwbamCodeEditor
Shortcode Output
[wbam_display_ad][wbam_get_ads]
FAQ

Frequently Asked Questions about Wbcom Designs – WB Ad Manager