Does Zone Redirect have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Zone Redirect compatible with WordPress 5.6.17?

According to WordPress.org data, Zone Redirect 1.0.10 has been tested up to WordPress 5.6.17. Check the plugin's changelog for the latest compatibility information.

How often is Zone Redirect updated?

Zone Redirect was last updated on Jan 14, 2021. Frequent updates are generally a positive security signal.

What is Zone Redirect's security score?

Zone Redirect has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Zone Redirect Security & Risk Analysis

wordpress.org/plugins/zone-redirect

This plugin helps you manage and create 301 & 302 redirects for your WordPress site to improve SEO and visitor experience.

0 active installs v1.0.10 PHP + WP + Updated Jan 14, 2021

301302redirectseourl

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Zone Redirect Safe to Use in 2026?

Generally Safe

Score 85/100

Zone Redirect has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The "zone-redirect" plugin version 1.0.10 exhibits a mixed security posture. On the positive side, there are no reported CVEs, and the plugin demonstrates good practices by implementing nonce checks on all identified AJAX handlers. The majority of SQL queries utilize prepared statements, which is a significant security advantage. However, several areas raise concerns. A substantial portion of output is not properly escaped, creating a risk of Cross-Site Scripting (XSS) vulnerabilities. Furthermore, the taint analysis reveals a high number of flows with unsanitized paths, including five classified as high severity, indicating potential for insecure data handling and privilege escalation if these flows are triggered by user input.

While the plugin has no documented vulnerability history, the static analysis findings, particularly the unsanitized taint flows and the low percentage of properly escaped output, suggest potential undiscovered vulnerabilities. The presence of file operations and external HTTP requests, though not explicitly flagged as problematic in the provided data, are always points of attention in security analysis. The plugin's strengths lie in its well-protected entry points and use of prepared statements, but the susceptibility to XSS and the critical taint flows present significant risks that need to be addressed.

Key Concerns

High percentage of unsanitized taint flows
Low percentage of properly escaped output
5 high severity taint flows
File operations detected
External HTTP requests detected

Vulnerabilities

None known

Zone Redirect Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Zone Redirect Release Timeline

v1.0.7

v1.0.6

v1.0.4

v1.0.3

Code Analysis

Analyzed Mar 17, 2026

Zone Redirect Code Analysis

Dangerous Functions

Raw SQL Queries

14 prepared

Unescaped Output

16 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

DataTables

SQL Query Safety

82% prepared17 total queries

Output Escaping

36% escaped44 total outputs

Data Flows · Security

6 unsanitized

Data Flow Analysis

7 flows6 with unsanitized paths

importing_spreadsheet (admin\class-zone-redirect-admin.php:326)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Zone Redirect Attack Surface

Entry Points7

Unprotected0

AJAX Handlers 7

authwp_ajax_save_redirection_linkadmin\class-zone-redirect-admin.php:105

authwp_ajax_load_link_infoadmin\class-zone-redirect-admin.php:106

authwp_ajax_update_redirection_linkadmin\class-zone-redirect-admin.php:107

authwp_ajax_trash_linkadmin\class-zone-redirect-admin.php:108

authwp_ajax_change_link_statusadmin\class-zone-redirect-admin.php:109

authwp_ajax_importing_spreadsheetadmin\class-zone-redirect-admin.php:110

authwp_ajax_exporting_spreadsheetadmin\class-zone-redirect-admin.php:111

WordPress Hooks 4

actionadmin_menuadmin\class-zone-redirect-admin.php:104

actionplugins_loadedincludes\class-zone-redirect.php:153

actionadmin_enqueue_scriptsincludes\class-zone-redirect.php:170

actionadmin_enqueue_scriptsincludes\class-zone-redirect.php:171

Maintenance & Trust

Zone Redirect Maintenance & Trust

Maintenance Signals

WordPress version tested5.6.17

Last updatedJan 14, 2021

PHP min version

Downloads1K

Community Trust

Rating100/100

Number of ratings1

Active installs0

Alternatives

Zone Redirect Alternatives

Simple Page Redirect

simple-post-redirect

100

Simple Page Redirect is an easy-to-use WordPress plugin that lets you quickly redirect any post, page, custom post type, or portfolio item to an inter …

10K No CVEs

Quick 301 Redirects

quick-301-redirects

100

The fastest & easiest way to do 301 redirects. You can set each redirect or bulk upload unlimited number of 301 redirects using a CSV file

7K No CVEs

Change Permalink Helper

change-permalink-helper

It checks the Permalink and redirects to the new URL, if it doesn't exist. It sends the header message "moved permanently 301"

900 No CVEs

Legacy URL Suffix & SEO Preserver

php-to-pages

100

Maintain SEO rankings with custom URL suffixes like .php or .html. Perfect for legacy site migrations, fixing 404s, and preserving link juice.

200 No CVEs

Post Redirection – 301, 404 Redirects

advance-wp-redirect

100

Post Redirection – 301, 404 Redirects lets you quickly redirect pages, posts, custom types, and URLs to new locations for seamless navigation.

40 No CVEs

Developer Profile

Zone Redirect Developer Profile

Zekinah Lecaros

3 plugins · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Zone Redirect

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/zone-redirect/css/zone-redirect-admin.css/wp-content/plugins/zone-redirect/css/bootstrap/bootstrap.min.css/wp-content/plugins/zone-redirect/css/bootstrap/bootstrap-toggle.min.css/wp-content/plugins/zone-redirect/css/datatable/jquery.dataTables.css/wp-content/plugins/zone-redirect/css/pnotify/pnotify.css/wp-content/plugins/zone-redirect/js/zone-redirect-admin.js/wp-content/plugins/zone-redirect/js/bootstrap/bootstrap.min.js/wp-content/plugins/zone-redirect/js/bootstrap/bootstrap-toggle.min.js+4 more

Script Paths

/wp-content/plugins/zone-redirect/js/zone-redirect-admin.js/wp-content/plugins/zone-redirect/js/bootstrap/bootstrap.min.js/wp-content/plugins/zone-redirect/js/bootstrap/bootstrap-toggle.min.js/wp-content/plugins/zone-redirect/js/fontawesome/all.js/wp-content/plugins/zone-redirect/js/pnotify/pnotify.js/wp-content/plugins/zone-redirect/js/datatable/jquery.dataTables.js+1 more

Version Parameters

zone-redirect-admin.css?ver=bootstrap.min.css?ver=bootstrap-toggle.min.css?ver=jquery.dataTables.css?ver=pnotify.css?ver=zone-redirect-admin.js?ver=bootstrap.min.js?ver=bootstrap-toggle.min.js?ver=all.js?ver=pnotify.js?ver=jquery.dataTables.js?ver=zone-redirect-ajax.js?ver=

HTML / DOM Fingerprints

CSS Classes

zone-redirect-main-display

HTML Comments

+21 more

Data Attributes

data-toggle="modal"data-target="#exampleModal"data-target="#addModal"data-toggle="modal"data-target="#exampleModal"data-target="#addModal"+20 more

JS Globals

redirectsettingsAjax

REST Endpoints

/wp-json/zone-redirect/v1/settings

FAQ