Does Mornolink for WHMCS have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Mornolink for WHMCS compatible with WordPress 7.0?

According to WordPress.org data, Mornolink for WHMCS 2.8.0 has been tested up to WordPress 7.0. Check the plugin's changelog for the latest compatibility information.

Is Mornolink for WHMCS compatible with PHP 8.1+?

Mornolink for WHMCS requires PHP 8.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Mornolink for WHMCS updated?

Mornolink for WHMCS was last updated on Apr 3, 2026. Frequent updates are generally a positive security signal.

What is Mornolink for WHMCS's security score?

Mornolink for WHMCS has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Mornolink for WHMCS Security & Risk Analysis

wordpress.org/plugins/whmcs-price

Dynamic way for extracting product & domain price from WHMCS.

100 active installs v2.8.0 PHP 8.1+ WP 6.4+ Updated Apr 3, 2026

billingdomainhostingpricewhmcs

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Mornolink for WHMCS Safe to Use in 2026?

Generally Safe

Score 100/100

Mornolink for WHMCS has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "whmcs-price" v1.3 plugin exhibits a generally strong security posture based on the provided static analysis. It demonstrates good practices by avoiding dangerous functions and exclusively using prepared statements for SQL queries. All identified outputs are properly escaped, and there are no external HTTP requests or recorded vulnerabilities, suggesting a well-maintained codebase.

However, there are areas that warrant attention. The presence of file operations without explicit mention of sanitization or validation, coupled with a lack of nonce and capability checks across the plugin's entry points, presents potential attack vectors. While the static analysis didn't reveal specific taint flows or unpatched CVEs, these missing security controls could be exploited if user-supplied data is processed in sensitive file operations or if the shortcode is used in an unexpected context that bypasses WordPress's default security.

The absence of any vulnerability history is a positive indicator, suggesting a mature and secure development process. Nonetheless, the lack of robust authentication and authorization mechanisms on its single entry point (the shortcode) is a notable weakness that could be leveraged in conjunction with other potential flaws. Overall, while the plugin has strong foundations, the gaps in input validation and authorization for its entry points introduce an element of risk.

Key Concerns

No nonce checks on entry points
No capability checks on entry points
File operations without clear sanitization/validation

Vulnerabilities

None known

Mornolink for WHMCS Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Mornolink for WHMCS Release Timeline

v2.8.0Current

v2.7.3

v2.7.2

v1.3

v1.2

v1.1

v1.0

Code Analysis

Analyzed Mar 16, 2026

Mornolink for WHMCS Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped1 total outputs

Attack Surface

Mornolink for WHMCS Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[whmcs] includes\short_code\short_code.php:64

WordPress Hooks 3

actionadmin_menuincludes\settings.php:25

actionadmin_initincludes\settings.php:26

actioninitincludes\short_code\short_code.php:66

Maintenance & Trust

Mornolink for WHMCS Maintenance & Trust

Maintenance Signals

WordPress version tested7.0

Last updatedApr 3, 2026

PHP min version8.1

Downloads6K

Community Trust

Rating100/100

Number of ratings3

Active installs100

Alternatives

Mornolink for WHMCS Alternatives

WHMCS Bridge

whmcs-bridge

WHMCS Bridge is a plugin that integrates the powerful WHMCS support and billing software with WordPress.

4K 2 CVEs

WHMCS Multi-Site Provisioning

remote-provisioning

This plugin allows provisioning of blogs on a Wordpress multi-site installation from external packages and billing systems such as WHMCS.

10 No CVEs

Domain Search for WHMCS

domain-search-for-whmcs

Integrate WHMCS domain search functionality into your WordPress website with a clean, responsive search form.

200 No CVEs

ICDSoft Reseller Store

icdsoft-reseller-store

Start reselling web hosting services, domains and SSL Certificates on your website. Create your own web hosting company.

60 1 CVE

WHMCS Domain Checker

whmcs-domain-checker

WordPress plugin that allows you to display the responsive WHMCS Domain Checker in a widget.

60 No CVEs

Developer Profile

Mornolink for WHMCS Developer Profile

morno

1 plugin · 100 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Mornolink for WHMCS

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Shortcode Output

NA

FAQ