Does Zlick Paywall have any unpatched vulnerabilities?

No. All known vulnerabilities in Zlick Paywall have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Zlick Paywall compatible with WordPress 6.8.5?

According to WordPress.org data, Zlick Paywall 4.0.8 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Zlick Paywall compatible with PHP 7.0+?

Zlick Paywall requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Zlick Paywall updated?

Zlick Paywall was last updated on Dec 11, 2025. Frequent updates are generally a positive security signal.

What is Zlick Paywall's security score?

Zlick Paywall has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Zlick Paywall Security & Risk Analysis

wordpress.org/plugins/zlick-paywall

Sell subscriptions and one-off access to your content with industry-leading conversion rates, a simple platform to operate, and no upfront costs.

100 active installs v4.0.8 PHP 7.0+ WP 5.1+ Updated Dec 11, 2025

content-monetizationmonetizationpay-per-postpaywallsubscriptions

A · Safe

CVEs total1

Unpatched0

Last CVEMay 6, 2021

Plugin page Download

Safety Verdict

Is Zlick Paywall Safe to Use in 2026?

Generally Safe

Score 99/100

Zlick Paywall has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: May 6, 2021Updated 3mo ago

Risk Assessment

The zlick-paywall plugin v4.0.8 exhibits a generally positive security posture, with several good practices evident in the static analysis. The absence of unprotected entry points across AJAX handlers, REST API, and shortcodes is a significant strength. The majority of SQL queries utilize prepared statements, and a high percentage of output is properly escaped, which helps mitigate common web vulnerabilities. The presence of nonce and capability checks further bolsters its defenses.

However, there are areas for concern. The plugin makes a considerable number of external HTTP requests (12), which could potentially be exploited if the target endpoints are compromised or manipulated. Additionally, the single file operation, while not inherently risky, warrants scrutiny to ensure it's not being used in an insecure manner. The plugin also has a history of a high-severity vulnerability (CSRF), indicating a past weakness that, while currently patched, highlights the potential for such issues.

Overall, zlick-paywall v4.0.8 appears to be a well-secured plugin, with strong foundations in input sanitization and access control. The vulnerability history, though concerning, is mitigated by the absence of currently unpatched CVEs. The main areas to monitor would be the external HTTP requests and ensuring the file operation is handled securely.

Key Concerns

History of high-severity vulnerability (CSRF)
Numerous external HTTP requests
Presence of file operations

Vulnerabilities

Zlick Paywall Security Vulnerabilities

CVEs by Year

1 CVE in 2021

2021

Patched Has unpatched

Severity Breakdown

High

1 total CVE

WF-b6b68e35-ecfb-4876-8fee-c389077b2b4a-zlick-paywallhigh · 8.8Cross-Site Request Forgery (CSRF)

Zlick Paywall < 2.2.2 - Cross-Site Request Forgery

May 6, 2021 Patched in 2.2.2 (992d)

Code Analysis

Analyzed Mar 16, 2026

Zlick Paywall Code Analysis

Dangerous Functions

Raw SQL Queries

6 prepared

Unescaped Output

46 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

75% prepared8 total queries

Output Escaping

84% escaped55 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

zp_bulk_price_plan_selection_page (includes\plugin_bulk_actions.php:249)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Zlick Paywall Attack Surface

Entry Points7

Unprotected0

AJAX Handlers 5

authwp_ajax_zp_bulk_apply_price_plansincludes\plugin_bulk_actions_modal.php:496

authwp_ajax_zp_authenticate_articlepublic\shortcodes\zlick-widget.php:135

noprivwp_ajax_zp_authenticate_articlepublic\shortcodes\zlick-widget.php:136

authwp_ajax_zp_access_expiredpublic\shortcodes\zlick-widget.php:141

noprivwp_ajax_zp_access_expiredpublic\shortcodes\zlick-widget.php:142

Shortcodes 2

[zlick_payment_widget] public\shortcodes\zlick-widget.php:129

[zp_placeholder] public\shortcodes\zlick-widget.php:130

WordPress Hooks 19

actionadmin_enqueue_scriptsadmin\class-zlick-payments-admin.php:57

actionadmin_menuadmin\class-zlick-payments-admin.php:58

actionadmin_initadmin\class-zlick-payments-admin.php:59

actionadd_meta_boxesadmin\class-zlick-payments-admin.php:60

actionsave_postadmin\class-zlick-payments-admin.php:61

actionadmin_initincludes\plugin_bulk_actions.php:25

actionadmin_noticesincludes\plugin_bulk_actions.php:186

actionadmin_menuincludes\plugin_bulk_actions.php:203

actionadmin_initincludes\plugin_bulk_actions.php:238

actionmanage_category_custom_columnincludes\plugin_bulk_actions.php:482

actionadmin_footer-edit.phpincludes\plugin_bulk_actions_modal.php:16

filterplugin_action_links_zlick-paywall/zlick-payments.phpincludes\plugin_settings.php:7

actionsave_postincludes\post_callbacks.php:10

actionadmin_initincludes\stripe_functions.php:64

actioninitpublic\shortcodes\zlick-widget.php:151

filterthe_contentpublic\shortcodes\zlick-widget.php:763

actionwp_headpublic\shortcodes\zlick-widget.php:764

filterthe_content_feedpublic\shortcodes\zlick-widget.php:836

actioninitzlick-payments.php:89

Maintenance & Trust

Zlick Paywall Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedDec 11, 2025

PHP min version7.0

Downloads13K

Community Trust

Rating100/100

Number of ratings10

Active installs100

Alternatives

Zlick Paywall Alternatives

Conscent Paywall

conscent-paywall

Conscent.ai is the world’s fastest growing advanced analytics and revenue optimization solutions for the media and news publishing industry.

0 No CVEs

Steady for WordPress

steady-wp

Steady is the perfect plugin for regular payments: offer subscriptions, pledges, use a flexible paywall or start a subscription crowdfunding campaign.

600 No CVEs

InPlayer Paywall

inplayer-paywall

The InPlayer Paywall plugin is a simple way for monetizing your digital content.

10 No CVEs

PREMIUUM Content Monetization

premiuum-content-monetization

Revenue-per-Link™ content monetization. PREMIUUM makes it easy to sell articles, music, videos, files & links via subscriptions and/or micropayments.

0 No CVEs

Memberful – Membership Plugin

memberful-wp

Sell memberships and restrict access to content with WordPress and Memberful.

1K 3 CVEs

Developer Profile

Zlick Paywall Developer Profile

Zlick

1 plugin · 100 total installs

trust score

Avg Security Score

99/100

Avg Patch Time

992 days

View full developer profile

Detection Fingerprints

How We Detect Zlick Paywall

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/zlick-paywall/public/css/zlick-paywall-public.css/wp-content/plugins/zlick-paywall/public/js/zlick-paywall-public.js

Script Paths

/wp-content/plugins/zlick-paywall/public/js/zlick-paywall-public.js

Version Parameters

/wp-content/plugins/zlick-paywall/public/css/zlick-paywall-public.css?ver=/wp-content/plugins/zlick-paywall/public/js/zlick-paywall-public.js?ver=

HTML / DOM Fingerprints

CSS Classes

zlick-paywall-content

Data Attributes

data-zlick-paywall-content

JS Globals

window.zlickPaywall

Shortcode Output

[zlick_paywall]

FAQ