Does WH4U Domains have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is WH4U Domains compatible with WordPress 6.9.4?

According to WordPress.org data, WH4U Domains 1.5.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is WH4U Domains compatible with PHP 7.4+?

WH4U Domains requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is WH4U Domains updated?

WH4U Domains was last updated on Apr 16, 2026. Frequent updates are generally a positive security signal.

What is WH4U Domains's security score?

WH4U Domains has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WH4U Domains Security & Risk Analysis

wordpress.org/plugins/wh4u-domains

Domain reseller plugin for searching, registering, and transferring domains via the DomainsReseller API.

0 active installs v1.5.0 PHP 7.4+ WP 6.2+ Updated Apr 16, 2026

domain-registrationdomain-searchdomainsresellertld

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is WH4U Domains Safe to Use in 2026?

Generally Safe

Score 100/100

WH4U Domains has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "wh4u-domains" v1.5.1 plugin exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The code demonstrates excellent adherence to secure coding practices, with 100% of SQL queries utilizing prepared statements and all output being properly escaped. The absence of file operations and critical or high-severity taint flows further reinforces this positive assessment. The plugin also shows a commitment to security by incorporating nonce and capability checks, and it has no recorded vulnerabilities or CVEs. This indicates a well-maintained and secure codebase.

However, while the code itself appears robust, the presence of AJAX handlers and shortcodes represents potential entry points that, though currently reported as protected, warrant ongoing vigilance. The external HTTP requests, though only three, are a minor concern as they represent an external dependency that could potentially be exploited if not handled securely. The absence of any recorded historical vulnerabilities is a significant strength, suggesting responsible development and proactive security measures by the maintainers. Overall, "wh4u-domains" v1.5.1 presents a low risk profile, with its strengths far outweighing its minor potential concerns.

Vulnerabilities

None known

WH4U Domains Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

WH4U Domains Release Timeline

v1.5.0Current

v1.4.2

v1.4.1

Code Analysis

Analyzed Apr 16, 2026

WH4U Domains Code Analysis

Dangerous Functions

Raw SQL Queries

52 prepared

Unescaped Output

833 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared52 total queries

Output Escaping

100% escaped837 total outputs

Attack Surface

WH4U Domains Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 1

authwp_ajax_wh4u_appearance_previewadmin/class-wh4u-admin-appearance.php:838

Shortcodes 1

[wh4u_domain_lookup] public/class-wh4u-public.php:30

WordPress Hooks 20

filterstyle_loader_tagadmin/class-wh4u-admin-appearance.php:902

actionadmin_menuadmin/class-wh4u-admin.php:25

actionadmin_enqueue_scriptsadmin/class-wh4u-admin.php:26

actionadmin_initadmin/class-wh4u-admin.php:27

actionadmin_initadmin/class-wh4u-admin.php:28

actionin_admin_headeradmin/class-wh4u-admin.php:30

actionadmin_noticesincludes/class-wh4u-encryption.php:64

actionadmin_initincludes/class-wh4u-encryption.php:185

actionwh4u_new_public_orderincludes/class-wh4u-notifications.php:25

actionhttp_api_curlincludes/class-wh4u-notifications.php:302

actionwh4u_public_order_status_changedincludes/class-wh4u-public-order-processor.php:25

actionwp_enqueue_scriptspublic/class-wh4u-public.php:31

actioninitpublic/class-wh4u-public.php:32

actionenqueue_block_editor_assetspublic/class-wh4u-public.php:606

actionplugins_loadedwh4u-domains.php:91

actionwh4u_prune_logswh4u-domains.php:110

actionrest_api_initwh4u-domains.php:132

actionwh4u_process_queuewh4u-domains.php:195

filtercron_scheduleswh4u-domains.php:197

actioninitwh4u-domains.php:199

Scheduled Events 3

wh4u_process_queue

wh4u_prune_logs

Maintenance & Trust

WH4U Domains Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedApr 16, 2026

PHP min version7.4

Downloads53

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

WH4U Domains Alternatives

Domain Search for WHMCS

domain-search-for-whmcs

Integrate WHMCS domain search functionality into your WordPress website with a clean, responsive search form.

200 No CVEs

Multiple Domain

multiple-domain

This plugin allows you to have multiple domains in a single Wordpress installation and enables custom redirects for each domain.

10K 1 CVE

Domain Mapping System | Create Microsites with Multiple Alias Domains (multisite optional)

domain-mapping-system

100

Domain Mapping System is the most powerful way to manage alias domains and map them to any published resource - creating Microsites with ease!

2K No CVEs

Reseller Store

reseller-store

100

Design your own storefront for your Basic and Pro Reseller plan and have more control over your customers experience and business!

2K No CVEs

WP Hydra

wp-hydra

Allows one WordPress installation to be resolved and browsed at multiple domains.

1K No CVEs

Developer Profile

WH4U Domains Developer Profile

webhosting4ugr

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WH4U Domains

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wh4u-domains/admin/css/wh4u-admin-settings.css/wp-content/plugins/wh4u-domains/admin/js/wh4u-admin-settings.js/wp-content/plugins/wh4u-domains/public/css/wh4u-public-domains.css/wp-content/plugins/wh4u-domains/public/js/wh4u-public-domains.js

Script Paths

/wp-content/plugins/wh4u-domains/admin/js/wh4u-admin-settings.js/wp-content/plugins/wh4u-domains/public/js/wh4u-public-domains.js

Version Parameters

/wp-content/plugins/wh4u-domains/admin/css/wh4u-admin-settings.css?ver=/wp-content/plugins/wh4u-domains/admin/js/wh4u-admin-settings.js?ver=/wp-content/plugins/wh4u-domains/public/css/wh4u-public-domains.css?ver=/wp-content/plugins/wh4u-domains/public/js/wh4u-public-domains.js?ver=

HTML / DOM Fingerprints

CSS Classes

wh4u-admin-settings-wrapwh4u-domain-searchwh4u-domain-search-resultswh4u-domain-details

Data Attributes

data-wh4u-domain-iddata-wh4u-action

JS Globals

WH4U_DOMAINS_AJAX_URLWH4U_DOMAINS_NONCE

REST Endpoints

/wp-json/wh4u-domains/v1/domains/wp-json/wh4u-domains/v1/orders/wp-json/wh4u-domains/v1/pricing/wp-json/wh4u-domains/v1/credits/wp-json/wh4u-domains/v1/queue/wp-json/wh4u-domains/v1/public-orders

FAQ