Does WP Link Manager have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Link Manager compatible with WordPress 5.2.24?

According to WordPress.org data, WP Link Manager 0.1 has been tested up to WordPress 5.2.24. Check the plugin's changelog for the latest compatibility information.

Is WP Link Manager compatible with PHP 5.2+?

WP Link Manager requires PHP 5.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is WP Link Manager updated?

WP Link Manager was last updated on Oct 30, 2019. Frequent updates are generally a positive security signal.

What is WP Link Manager's security score?

WP Link Manager has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Link Manager Security & Risk Analysis

wordpress.org/plugins/wp-link-manager

Wordpress plugin to create pretty and short link based on your site URL for external (or internal) ugly links

0 active installs v0.1 PHP 5.2+ WP + Updated Oct 30, 2019

affiliateaffiliate-link-managementlinklink-cloakerlink-redirect

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WP Link Manager Safe to Use in 2026?

Generally Safe

Score 85/100

WP Link Manager has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago

Risk Assessment

The wp-link-manager plugin v0.1 exhibits a concerning security posture due to a significant number of unprotected entry points. With 12 out of 14 total entry points lacking authentication checks, the plugin exposes a large attack surface to unauthenticated users. While the static analysis did not reveal dangerous functions or raw SQL queries, and SQL queries are properly prepared, the output escaping is alarmingly low at only 17%, suggesting a high risk of Cross-Site Scripting (XSS) vulnerabilities. The taint analysis indicates unsanitized paths, although no critical or high-severity flows were identified, which is a positive sign given the other weaknesses. The plugin's vulnerability history is clean, with no recorded CVEs, which could imply either a lack of prior security issues or insufficient historical scrutiny. The presence of bundled libraries like Select2 and an outdated TinyMCE v1.0 might introduce its own risks if not properly maintained or if they contain known vulnerabilities not directly tied to the plugin's core code. Overall, while the plugin demonstrates good practices in SQL handling and has no known CVEs, the widespread lack of authentication on AJAX handlers and poor output escaping are significant weaknesses that need immediate attention to mitigate the risk of compromise.

Key Concerns

Unprotected AJAX handlers
Low output escaping percentage
Unsanitized paths in taint analysis
Bundled outdated TinyMCE library

Vulnerabilities

None known

WP Link Manager Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

WP Link Manager Release Timeline

No version history available.

Code Analysis

Analyzed Apr 16, 2026

WP Link Manager Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

12 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2TinyMCE1.0

Output Escaping

17% escaped69 total outputs

Data Flows · Security

4 unsanitized

Data Flow Analysis

4 flows4 with unsanitized paths

wplman_pagnation_form_frontend_callback (includes/class-wplman-ajax-frontend.php:91)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

12 unprotected

WP Link Manager Attack Surface

Entry Points14

Unprotected12

AJAX Handlers 12

authwp_ajax_wplman_shortlink_list_frontend_actionincludes/class-wplman-ajax-frontend.php:7

noprivwp_ajax_wplman_shortlink_list_frontend_actionincludes/class-wplman-ajax-frontend.php:8

authwp_ajax_wplman_pagnation_form_frontend_actionincludes/class-wplman-ajax-frontend.php:9

authwp_ajax_noprive_wplman_pagnation_form_frontend_actionincludes/class-wplman-ajax-frontend.php:10

authwp_ajax_wplman_shortlink_listincludes/class-wplman-ajax.php:10

authwp_ajax_wplman_pagnation_formincludes/class-wplman-ajax.php:11

authwp_ajax_wplman_delete_shortlinkincludes/class-wplman-ajax.php:12

authwp_ajax_wplman_edit_form_shortlinkincludes/class-wplman-ajax.php:13

authwp_ajax_wplman_detail_shortlinkincludes/class-wplman-ajax.php:14

authwp_ajax_wplman_add_form_shortlinkincludes/class-wplman-ajax.php:15

authwp_ajax_wplman_save_shortlinkincludes/class-wplman-ajax.php:16

authwp_ajax_insert_shortlinkincludes/class-wplman-ajax.php:17

Shortcodes 2

[shortlinks_list] includes/class-wplman-frontend.php:13

[shortlink] includes/class-wplman-frontend.php:14

WordPress Hooks 22

actionwp_enqueue_scriptsincludes/class-wplman-frontend.php:16

actiontemplate_redirectincludes/class-wplman-redirect.php:11

actionadmin_menuincludes/dashboard/class-wplman-dashboard-pages.php:8

actionadmin_enqueue_scriptsincludes/dashboard/class-wplman-dashboard-scripts.php:8

actionadmin_initincludes/dashboard/class-wplman-page-configurations.php:10

filtermce_external_pluginsincludes/dashboard/class-wplman-tinymce-button.php:11

filtermce_buttonsincludes/dashboard/class-wplman-tinymce-button.php:12

actionadd_meta_boxesincludes/library/class-wplman-meta-fields-generator.php:32

actionsave_postincludes/library/class-wplman-meta-fields-generator.php:33

actionadmin_print_scriptsincludes/library/class-wplman-meta-fields-generator.php:57

actionadmin_headincludes/library/class-wplman-meta-fields-generator.php:58

actionadmin_print_stylesincludes/library/class-wplman-meta-fields-generator.php:59

actioninitincludes/library/class-wplman-post-type-generator.php:147

actioninitincludes/library/class-wplman-post-type-generator.php:149

actioninitincludes/library/class-wplman-post-type-generator.php:151

actionrestrict_manage_postsincludes/library/class-wplman-post-type-generator.php:160

filterpost_updated_messagesincludes/library/class-wplman-post-type-generator.php:162

filterbulk_post_updated_messagesincludes/library/class-wplman-post-type-generator.php:163

actionload-edit.phpincludes/library/class-wplman-post-type-generator.php:742

filterrequestincludes/library/class-wplman-post-type-generator.php:774

actionplugins_loadedwplink-manager.php:182

actionactivated_pluginwplink-manager.php:185

Maintenance & Trust

WP Link Manager Maintenance & Trust

Maintenance Signals

WordPress version tested5.2.24

Last updatedOct 30, 2019

PHP min version5.2

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

WP Link Manager Alternatives

My Affiliate Link

my-affiliate-link

A plugin that creates shortcodes for use with any affiliate cloaking service or plugin. Formats affiliate links so they aren't indexed by the sea …

10 No CVEs

Affiliate Links – Link Cloaking and Management

affiliate-links

Create any redirect links to any website from your WordPress Admin. Perfect for the affiliate links masking.

3K 3 CVEs

Shopper – Affiliate Link Management, 25000+ Brand Partnerships & Creative Product Displays

shopper

The ultimate affiliate plugin: manage links, 25K+ brand partnerships, high converting displays, link break alerts & more to boost your earnings.

60 1 CVE

iDatAffiliates Affiliate Link Manager

idataffiliates

Easily manage, shrink and track your affiliate links in WordPress.

20 No CVEs

Premium Link Cloaker Lite

premium-link-cloaker-lite

Awesome yet easy-to-use link cloaker, designed for affiliate marketers. 100% newbie friendly.

10 No CVEs

Developer Profile

WP Link Manager Developer Profile

ihamed

1 plugin · 0 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WP Link Manager

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-link-manager/assets/css/wplman-frontend.css/wp-content/plugins/wp-link-manager/assets/js/wplman-frontend.js/wp-content/plugins/wp-link-manager/assets/css/wplman.css/wp-content/plugins/wp-link-manager/assets/css/jquery-confirm.min.css/wp-content/plugins/wp-link-manager/assets/css/select2.min.css/wp-content/plugins/wp-link-manager/assets/css/fontawesome-all.min.css

Script Paths

/wp-content/plugins/wp-link-manager/assets/js/wplman-frontend.js

Version Parameters

wp-link-manager/assets/css/wplman-frontend.css?ver=wp-link-manager/assets/js/wplman-frontend.js?ver=wp-link-manager/assets/css/wplman.css?ver=wp-link-manager/assets/css/jquery-confirm.min.css?ver=wp-link-manager/assets/css/select2.min.css?ver=wp-link-manager/assets/css/fontawesome-all.min.css?ver=

HTML / DOM Fingerprints

CSS Classes

wplman-list-shortlinks-frontendshortlink-posts-filtersearch-boxpost-search-inputnav-boxalignleftactionstablenav-pages+6 more

HTML Comments

Data Attributes

id="wplman-list-shortlinks-frontend"id="shortlink-posts-filter"id="post-search-input"id="pagination-shortlinks"id="mask"class="spinner is-active"+1 more

JS Globals

frontendObj

Shortcode Output

<a href="

FAQ