WP-Safety

Advanced Testimonial Security & Risk Analysis

wordpress.org/plugins/advanced-testimonial

A general lightweight, easy-to-use slider plugin.

0 active installs v2.0.0 PHP 5.3+ WP 4.9+ Updated Unknown
advanced-testimonialslidertestimonial-sliderwordpress-slider
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Advanced Testimonial Safe to Use in 2026?

Generally Safe

Score 100/100

Advanced Testimonial has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The 'advanced-testimonial' plugin v2.0.0 exhibits a generally good security posture, with a strong emphasis on secure coding practices. The static analysis reveals a limited attack surface with all identified entry points (AJAX handlers, shortcodes) appearing to have appropriate authentication and capability checks. Furthermore, the complete absence of direct SQL queries, relying solely on prepared statements, is a significant strength, as is the limited number of file operations and external HTTP requests. The plugin also demonstrates good output escaping practices for the majority of its outputs.

However, a notable area for concern is the output escaping efficiency. While 76% of outputs are properly escaped, this still leaves 24% unescaped, which could potentially lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is not handled carefully within those unescaped portions. The plugin also bundles jQuery v3.3.1, which is an older version and might be susceptible to known vulnerabilities if specific exploits targeting that version exist. The vulnerability history is a strong positive, showing no recorded CVEs, which suggests a history of diligent security practices by the developers. Despite the minor concerns around unescaped output and the bundled library version, the plugin's overall security is robust due to its secure handling of critical areas like SQL and authentication.

Key Concerns

  • Unescaped output (24%)
  • Bundled outdated library (jQuery v3.3.1)
Vulnerabilities
None known

Advanced Testimonial Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Advanced Testimonial Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
49
153 escaped
Nonce Checks
3
Capability Checks
6
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

jQuery3.3.1

Output Escaping

76% escaped202 total outputs
Attack Surface

Advanced Testimonial Attack Surface

Entry Points3
Unprotected0

AJAX Handlers 2

authwp_ajax_cmb2_oembed_handlerinc\CMB2\includes\CMB2_Ajax.php:51
noprivwp_ajax_cmb2_oembed_handlerinc\CMB2\includes\CMB2_Ajax.php:52

Shortcodes 1

[advanced_testimonial] inc\advanced-testimonial-slide.php:3
WordPress Hooks 57
actioninitadvanced-testimonial.php:66
actionplugins_loadedadvanced-testimonial.php:69
actionadmin_noticesadvanced-testimonial.php:102
actioncmb2_admin_initinc\CMB2\example-functions.php:105
actioncmb2_admin_initinc\CMB2\example-functions.php:470
actioncmb2_admin_initinc\CMB2\example-functions.php:500
actioncmb2_admin_initinc\CMB2\example-functions.php:564
actioncmb2_admin_initinc\CMB2\example-functions.php:633
actioncmb2_admin_initinc\CMB2\example-functions.php:674
actioncmb2_initinc\CMB2\example-functions.php:776
filterwp_prepare_attachment_for_jsinc\CMB2\includes\CMB2.php:1549
actionadmin_enqueue_scriptsinc\CMB2\includes\CMB2.php:1567
actioncmb2_save_options-page_fieldsinc\CMB2\includes\CMB2_Ajax.php:54
filterget_post_metadatainc\CMB2\includes\CMB2_Ajax.php:147
filterupdate_post_metadatainc\CMB2\includes\CMB2_Ajax.php:150
filtercmb2_show_oninc\CMB2\includes\CMB2_Hookup.php:79
actionedit_form_topinc\CMB2\includes\CMB2_Hookup.php:115
actionedit_form_before_permalinkinc\CMB2\includes\CMB2_Hookup.php:119
actionedit_form_after_titleinc\CMB2\includes\CMB2_Hookup.php:123
actionedit_form_after_editorinc\CMB2\includes\CMB2_Hookup.php:127
actionadd_meta_boxesinc\CMB2\includes\CMB2_Hookup.php:131
actionadd_meta_boxesinc\CMB2\includes\CMB2_Hookup.php:134
actionadd_attachmentinc\CMB2\includes\CMB2_Hookup.php:135
actionedit_attachmentinc\CMB2\includes\CMB2_Hookup.php:136
actionsave_postinc\CMB2\includes\CMB2_Hookup.php:137
actionpre_get_postsinc\CMB2\includes\CMB2_Hookup.php:144
actionadd_meta_boxes_commentinc\CMB2\includes\CMB2_Hookup.php:152
actionedit_commentinc\CMB2\includes\CMB2_Hookup.php:153
filtermanage_edit-comments_columnsinc\CMB2\includes\CMB2_Hookup.php:156
actionmanage_comments_custom_columninc\CMB2\includes\CMB2_Hookup.php:157
filtermanage_edit-comments_sortable_columnsinc\CMB2\includes\CMB2_Hookup.php:158
actionpre_get_postsinc\CMB2\includes\CMB2_Hookup.php:159
actionshow_user_profileinc\CMB2\includes\CMB2_Hookup.php:168
actionedit_user_profileinc\CMB2\includes\CMB2_Hookup.php:169
actionuser_new_forminc\CMB2\includes\CMB2_Hookup.php:170
actionpersonal_options_updateinc\CMB2\includes\CMB2_Hookup.php:172
actionedit_user_profile_updateinc\CMB2\includes\CMB2_Hookup.php:173
actionuser_registerinc\CMB2\includes\CMB2_Hookup.php:174
filtermanage_users_columnsinc\CMB2\includes\CMB2_Hookup.php:177
filtermanage_users_custom_columninc\CMB2\includes\CMB2_Hookup.php:178
filtermanage_users_sortable_columnsinc\CMB2\includes\CMB2_Hookup.php:179
actionpre_get_postsinc\CMB2\includes\CMB2_Hookup.php:180
actionpre_get_postsinc\CMB2\includes\CMB2_Hookup.php:226
actioncreated_terminc\CMB2\includes\CMB2_Hookup.php:230
actionedited_termsinc\CMB2\includes\CMB2_Hookup.php:231
actiondelete_terminc\CMB2\includes\CMB2_Hookup.php:232
actioncmb2_do_oembedinc\CMB2\includes\helper-functions.php:131
filteris_protected_metainc\CMB2\includes\rest-api\CMB2_REST.php:144
actioninitinc\CMB2\init.php:131
actioncmb2_admin_initinc\CMB2\options.php:3
actioninitinc\function.php:31
actionwp_footerinc\function.php:140
actionadd_meta_boxesinc\shortcode-metabox.php:14
filtermanage_posts_columnsinc\shortcode-metabox.php:30
actionmanage_posts_custom_columninc\shortcode-metabox.php:51
actionwp_enqueue_scriptsplugin.php:119
actionwp_enqueue_scriptsplugin.php:120
Maintenance & Trust

Advanced Testimonial Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10
Last updatedUnknown
PHP min version5.3
Downloads1K

Community Trust

Rating100/100
Number of ratings1
Active installs0
Alternatives

Advanced Testimonial Alternatives

You can quote me on that

You can quote me on that

you-can-quote-me-on-that

A
92

The quickest and easiest way to create testimonial sliders.

500 No CVEs
Master Slider – Responsive Touch Slider

Master Slider – Responsive Touch Slider

master-slider

D
32

Build SEO friendly sliders fast and easy with touch swipe navigation that works smoothly across all devices.

60K 3 unpatched
Real Testimonials – Testimonial Slider, Collect Customer Reviews and Video Testimonials

Real Testimonials – Testimonial Slider, Collect Customer Reviews and Video Testimonials

testimonial-free

A
97

A Customizable Testimonial plugin to Automate Collecting, Filtering, and Publishing Customer Reviews. Testimonial Slider, Grid & More to Grow Sales

40K 3 CVEs
Testimonial – Testimonial Slider and Showcase Plugin

Testimonial – Testimonial Slider and Showcase Plugin

testimonial-slider-and-showcase

A
99

Display customer testimonials beautifully with responsive slider and grid layouts. Build trust and boost conversions with this WordPress testimonial p …

30K 2 CVEs
Serious Slider

Serious Slider

cryout-serious-slider

A
95

Serious Slider is a free highly efficient SEO friendly fully translatable accessibility ready image slider for WordPress. Seriously!

20K 4 CVEs
Developer Profile

Advanced Testimonial Developer Profile

devmonowar

3 plugins · 30 total installs

87
trust score
Avg Security Score
90/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Advanced Testimonial

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/advanced-testimonial/css/testimonial.css/wp-content/plugins/advanced-testimonial/css/testimonial_carousel.css/wp-content/plugins/advanced-testimonial/js/testimonial-carousel.js/wp-content/plugins/advanced-testimonial/js/testimonial-frontend.js
Script Paths
/wp-content/plugins/advanced-testimonial/js/testimonial-carousel.js/wp-content/plugins/advanced-testimonial/js/testimonial-frontend.js
Version Parameters
advanced-testimonial/css/testimonial.css?ver=advanced-testimonial/css/testimonial_carousel.css?ver=advanced-testimonial/js/testimonial-carousel.js?ver=advanced-testimonial/js/testimonial-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
testimonial-carousel-wraptestimonial-carouseltestimonial-item
Data Attributes
data-testimonial-id
JS Globals
testimonialCarousel
Shortcode Output
[testimonial-carousel][testimonial_carousel]
FAQ

Frequently Asked Questions about Advanced Testimonial