Does Woomio (Influencer marketing) have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Woomio (Influencer marketing) compatible with WordPress 5.8.13?

According to WordPress.org data, Woomio (Influencer marketing) 1.0.4 has been tested up to WordPress 5.8.13. Check the plugin's changelog for the latest compatibility information.

Is Woomio (Influencer marketing) compatible with PHP 7.2+?

Woomio (Influencer marketing) requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Woomio (Influencer marketing) updated?

Woomio (Influencer marketing) was last updated on Nov 18, 2021. Frequent updates are generally a positive security signal.

What is Woomio (Influencer marketing)'s security score?

Woomio (Influencer marketing) has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Woomio (Influencer marketing) Security & Risk Analysis

wordpress.org/plugins/woomio-influencer-marketing

Woomio Plugin allows Shop Owners to add & track purchases made with token/coupon (campaign/affiliate) combinations which we supply to our affiliates.

0 active installs v1.0.4 PHP 7.2+ WP 5.0.0+ Updated Nov 18, 2021

influencer-marketingwoomiowoomio-for-woocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Woomio (Influencer marketing) Safe to Use in 2026?

Generally Safe

Score 85/100

Woomio (Influencer marketing) has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The "woomio-influencer-marketing" plugin v1.0.4 exhibits a mixed security posture. While it shows strengths like a high percentage of SQL queries using prepared statements and a robust rate of output escaping, significant concerns exist. The presence of an unprotected AJAX handler represents a critical entry point into the plugin's functionality without any authentication or capability checks, leaving it vulnerable to unauthorized access and potential abuse.

The taint analysis reveals two flows with unsanitized paths, both flagged as high severity. This indicates that user-supplied data is likely being used in sensitive operations without proper sanitization, potentially leading to injection vulnerabilities or other security risks. The lack of any recorded historical vulnerabilities, while seemingly positive, could also suggest limited past security scrutiny or a lack of comprehensive historical data, rather than guaranteed inherent security.

In conclusion, the plugin has some good coding practices in place, but the identified unprotected AJAX handler and high-severity taint flows are substantial security weaknesses that require immediate attention. The absence of historical vulnerabilities should not be interpreted as a sign of perfect security, given the current static analysis findings.

Key Concerns

Unprotected AJAX handler
High severity taint flows
No nonce checks
No capability checks
Unsanitized paths in taint flows
Less than 100% output escaping

Vulnerabilities

None known

Woomio (Influencer marketing) Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Woomio (Influencer marketing) Release Timeline

v1.0.4Current

v1.0.3

v1.0.2

v1.0.1

v1.0.0

Code Analysis

Analyzed Mar 17, 2026

Woomio (Influencer marketing) Code Analysis

Dangerous Functions

Raw SQL Queries

27 prepared

Unescaped Output

64 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

SQL Query Safety

87% prepared31 total queries

Output Escaping

67% escaped96 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

apply_discount_coupon_on_checkout (public\class-woomio-for-woocommerce-public.php:119)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

Woomio (Influencer marketing) Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_wfw_admin_ajaxincludes\class-woomio-for-woocommerce.php:78

WordPress Hooks 16

actionplugins_loadedincludes\class-woomio-for-woocommerce.php:60

actionadmin_enqueue_scriptsincludes\class-woomio-for-woocommerce.php:72

actionadmin_enqueue_scriptsincludes\class-woomio-for-woocommerce.php:73

actionadmin_menuincludes\class-woomio-for-woocommerce.php:74

actionwoocommerce_order_status_completedincludes\class-woomio-for-woocommerce.php:75

filterwoocommerce_order_item_display_meta_keyincludes\class-woomio-for-woocommerce.php:76

filterwoocommerce_hidden_order_itemmetaincludes\class-woomio-for-woocommerce.php:77

filterplugins_loadedincludes\class-woomio-for-woocommerce.php:79

filteradmin_noticesincludes\class-woomio-for-woocommerce.php:80

actionafter_delete_postincludes\class-woomio-for-woocommerce.php:81

actionwp_enqueue_scriptsincludes\class-woomio-for-woocommerce.php:93

actionwp_enqueue_scriptsincludes\class-woomio-for-woocommerce.php:94

actioninitincludes\class-woomio-for-woocommerce.php:95

actionwoocommerce_checkout_create_order_line_itemincludes\class-woomio-for-woocommerce.php:96

filterwoocommerce_order_item_get_formatted_meta_dataincludes\class-woomio-for-woocommerce.php:97

filterwoocommerce_before_cartincludes\class-woomio-for-woocommerce.php:98

Maintenance & Trust

Woomio (Influencer marketing) Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13

Last updatedNov 18, 2021

PHP min version7.2

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Woomio (Influencer marketing) Alternatives

Goaffpro Affiliate Marketing

goaffpro

100

The complete affiliate marketing solution for your WordPress and WooCommerce website.

4K No CVEs

Affiliatly

affiliatly

Affiliatly Integration for WooCommerce.

300 No CVEs

Dealspotr Campaign Tracking for WooCommerce

dealspotr-woocommerce-tracking

Adds checkout conversion tracking to WooCommerce for measuring Dealspotr influencer marketing campaign ROI.

10 No CVEs

Influencer Marketing – LinkX.fan

influencer-marketing-linkx-fan

Track Influencer with LinkX.fan - Evaluate influencers and see sales.

0 No CVEs

Developer Profile

Woomio (Influencer marketing) Developer Profile

iClickSee

1 plugin · 0 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Woomio (Influencer marketing)

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/woomio-influencer-marketing/admin/css/bootstrap.min.css/wp-content/plugins/woomio-influencer-marketing/admin/css/datatable-bs4.min.css/wp-content/plugins/woomio-influencer-marketing/admin/css/select2.min.css/wp-content/plugins/woomio-influencer-marketing/admin/css/woomio-for-woocommerce-admin.css/wp-content/plugins/woomio-influencer-marketing/admin/js/bootstrap.bundle.min.js/wp-content/plugins/woomio-influencer-marketing/admin/js/datatable.bs4.min.js/wp-content/plugins/woomio-influencer-marketing/admin/js/jquery.validate.min.js/wp-content/plugins/woomio-influencer-marketing/admin/js/select2.full.min.js+1 more

Script Paths

/wp-content/plugins/woomio-influencer-marketing/admin/js/woomio-for-woocommerce-admin.js

Version Parameters

woomio-for-woocommerce-admin.css?ver=bootstrap.min.css?ver=datatable-bs4.min.css?ver=select2.min.css?ver=bootstrap.bundle.min.js?ver=datatable.bs4.min.js?ver=jquery.validate.min.js?ver=select2.full.min.js?ver=woomio-for-woocommerce-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

woomio-for-woocommerce

Data Attributes

data-plugin-namedata-plugin-version

JS Globals

wfw_admin_params

FAQ