Does Arconix Testimonials have any unpatched vulnerabilities?

No. All known vulnerabilities in Arconix Testimonials have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Arconix Testimonials compatible with WordPress 5.7.15?

According to WordPress.org data, Arconix Testimonials 1.4.2 has been tested up to WordPress 5.7.15. Check the plugin's changelog for the latest compatibility information.

How often is Arconix Testimonials updated?

Arconix Testimonials was last updated on Mar 15, 2021. Frequent updates are generally a positive security signal.

What is Arconix Testimonials's security score?

Arconix Testimonials has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Arconix Testimonials Security & Risk Analysis

wordpress.org/plugins/arconix-testimonials

Easily showcase what your customers or users are saying about you or your business.

10 active installs v1.4.2 PHP + WP 3.8+ Updated Mar 15, 2021

arconixfeedbackquotestestimonials

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Arconix Testimonials Safe to Use in 2026?

Generally Safe

Score 85/100

Arconix Testimonials has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The arconix-testimonials plugin v1.4.2 demonstrates a generally good security posture with several key strengths. The absence of known CVEs and a clean taint analysis report are significant positives, suggesting the developers have a focus on avoiding common vulnerabilities. Furthermore, the plugin exclusively uses prepared statements for SQL queries and has a substantial number of capability checks, indicating a reasonable effort to secure database interactions and administrative functions. However, a notable concern lies in the output escaping, where only 57% of outputs are properly escaped. This leaves a significant portion of the output potentially vulnerable to cross-site scripting (XSS) attacks if user-supplied data is not handled with sufficient care before rendering.

The plugin has two AJAX handlers, both of which appear to be protected by authentication checks, which is a good practice. There are no REST API routes or cron events, reducing the attack surface. The presence of one `unserialize` function call is a point of caution. While not inherently a vulnerability, `unserialize` can be dangerous if the data being unserialized is not fully controlled or sanitized, potentially leading to object injection vulnerabilities. The limited number of entry points and the lack of known vulnerabilities are strengths, but the moderate output escaping and the use of `unserialize` warrant careful consideration.

In conclusion, arconix-testimonials v1.4.2 has a solid foundation in terms of avoiding known vulnerabilities and securing database operations. The absence of historical CVEs is encouraging. The primary area of weakness is the moderate level of output escaping, which presents a potential risk for XSS. The presence of `unserialize` is a secondary concern that requires vigilance in how it's implemented. Overall, the plugin is in a relatively good state but could benefit from further hardening of its output sanitization processes.

Key Concerns

Moderate output escaping (57%)
Use of unserialize function

Vulnerabilities

None known

Arconix Testimonials Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Arconix Testimonials Code Analysis

Dangerous Functions

Raw SQL Queries

6 prepared

Unescaped Output

121

163 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$datetime = unserialize( $meta_value );includes\metabox\helpers\cmb_Meta_Box_types.php:486

SQL Query Safety

100% prepared6 total queries

Output Escaping

57% escaped284 total outputs

Attack Surface

Arconix Testimonials Attack Surface

Entry Points3

Unprotected0

AJAX Handlers 2

authwp_ajax_cmb2_oembed_handlerincludes\metabox\includes\CMB2_Ajax.php:51

noprivwp_ajax_cmb2_oembed_handlerincludes\metabox\includes\CMB2_Ajax.php:52

Shortcodes 1

[ac-testimonials] includes\class-arconix-testimonials-admin.php:159

WordPress Hooks 67

filterwp_privacy_personal_data_erasersincludes\arconix-testimonials-privacy-erase.php:30

filterwp_privacy_personal_data_exportersincludes\arconix-testimonials-privacy-export.php:30

actioninitincludes\class-arconix-testimonials-admin.php:39

actioninitincludes\class-arconix-testimonials-admin.php:40

actioninitincludes\class-arconix-testimonials-admin.php:41

actionwidgets_initincludes\class-arconix-testimonials-admin.php:42

actionwp_enqueue_scriptsincludes\class-arconix-testimonials-admin.php:43

actionadmin_enqueue_scriptsincludes\class-arconix-testimonials-admin.php:44

actionmanage_posts_custom_columnincludes\class-arconix-testimonials-admin.php:45

actionwp_dashboard_setupincludes\class-arconix-testimonials-admin.php:46

actiondashboard_glance_itemsincludes\class-arconix-testimonials-admin.php:47

actionadd_meta_boxesincludes\class-arconix-testimonials-admin.php:48

filterwidget_textincludes\class-arconix-testimonials-admin.php:50

filterthe_contentincludes\class-arconix-testimonials-admin.php:51

filterenter_title_hereincludes\class-arconix-testimonials-admin.php:52

filtercmb2_admin_initincludes\class-arconix-testimonials-admin.php:53

filterpost_updated_messagesincludes\class-arconix-testimonials-admin.php:54

filtermanage_edit-testimonials_columnsincludes\class-arconix-testimonials-admin.php:55

actiondashboard_glance_itemsincludes\class-gamajo-dashboard-glancer.php:39

actioncmb2_admin_initincludes\metabox\example-functions.php:105

actioncmb2_admin_initincludes\metabox\example-functions.php:470

actioncmb2_admin_initincludes\metabox\example-functions.php:500

actioncmb2_admin_initincludes\metabox\example-functions.php:564

actioncmb2_admin_initincludes\metabox\example-functions.php:633

actioncmb2_admin_initincludes\metabox\example-functions.php:674

actioncmb2_initincludes\metabox\example-functions.php:776

filterget_post_metadataincludes\metabox\helpers\cmb_Meta_Box_ajax.php:112

filterupdate_post_metadataincludes\metabox\helpers\cmb_Meta_Box_ajax.php:114

filterwp_prepare_attachment_for_jsincludes\metabox\includes\CMB2.php:1525

actionadmin_enqueue_scriptsincludes\metabox\includes\CMB2.php:1543

actioncmb2_save_options-page_fieldsincludes\metabox\includes\CMB2_Ajax.php:54

filterget_post_metadataincludes\metabox\includes\CMB2_Ajax.php:147

filterupdate_post_metadataincludes\metabox\includes\CMB2_Ajax.php:150

filtercmb2_show_onincludes\metabox\includes\CMB2_hookup.php:79

actionedit_form_topincludes\metabox\includes\CMB2_hookup.php:115

actionedit_form_before_permalinkincludes\metabox\includes\CMB2_hookup.php:119

actionedit_form_after_titleincludes\metabox\includes\CMB2_hookup.php:123

actionedit_form_after_editorincludes\metabox\includes\CMB2_hookup.php:127

actionadd_meta_boxesincludes\metabox\includes\CMB2_hookup.php:131

actionadd_meta_boxesincludes\metabox\includes\CMB2_hookup.php:134

actionadd_attachmentincludes\metabox\includes\CMB2_hookup.php:135

actionedit_attachmentincludes\metabox\includes\CMB2_hookup.php:136

actionsave_postincludes\metabox\includes\CMB2_hookup.php:137

actionpre_get_postsincludes\metabox\includes\CMB2_hookup.php:144

actionadd_meta_boxes_commentincludes\metabox\includes\CMB2_hookup.php:152

actionedit_commentincludes\metabox\includes\CMB2_hookup.php:153

filtermanage_edit-comments_columnsincludes\metabox\includes\CMB2_hookup.php:156

actionmanage_comments_custom_columnincludes\metabox\includes\CMB2_hookup.php:157

filtermanage_edit-comments_sortable_columnsincludes\metabox\includes\CMB2_hookup.php:158

actionpre_get_postsincludes\metabox\includes\CMB2_hookup.php:159

actionshow_user_profileincludes\metabox\includes\CMB2_hookup.php:168

actionedit_user_profileincludes\metabox\includes\CMB2_hookup.php:169

actionuser_new_formincludes\metabox\includes\CMB2_hookup.php:170

actionpersonal_options_updateincludes\metabox\includes\CMB2_hookup.php:172

actionedit_user_profile_updateincludes\metabox\includes\CMB2_hookup.php:173

actionuser_registerincludes\metabox\includes\CMB2_hookup.php:174

filtermanage_users_columnsincludes\metabox\includes\CMB2_hookup.php:177

filtermanage_users_custom_columnincludes\metabox\includes\CMB2_hookup.php:178

filtermanage_users_sortable_columnsincludes\metabox\includes\CMB2_hookup.php:179

actionpre_get_postsincludes\metabox\includes\CMB2_hookup.php:180

actionpre_get_postsincludes\metabox\includes\CMB2_hookup.php:226

actioncreated_termincludes\metabox\includes\CMB2_hookup.php:230

actionedited_termsincludes\metabox\includes\CMB2_hookup.php:231

actiondelete_termincludes\metabox\includes\CMB2_hookup.php:232

actioncmb2_do_oembedincludes\metabox\includes\helper-functions.php:131

filteris_protected_metaincludes\metabox\includes\rest-api\CMB2_REST.php:144

actioninitincludes\metabox\init.php:131

Maintenance & Trust

Arconix Testimonials Maintenance & Trust

Maintenance Signals

WordPress version tested5.7.15

Last updatedMar 15, 2021

PHP min version

Downloads5K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

Arconix Testimonials Alternatives

Simple Testimonials Showcase

simple-testimonials-showcase

This plugin allows you to create and display testimonials in multiple ways.

600 2 unpatched

Creta Testimonial Showcase

creta-testimonial-showcase

Showcase client reviews with Creta Testimonial Showcase an easy, responsive WordPress testimonial plugin with free and premium templates.

2K 1 CVE

BNE Testimonials

bne-testimonials

Display testimonials and reviews on any page or widget area as list or slider. Upgrade to PRO for additional layouts, themes, submission form, API, ra …

1K 1 CVE

Testimonial Customer Feedback

testimonial-maker

100

Display client testimonials with customizable layouts, slider effects, and responsive design. Simple setup with shortcode support.

1K No CVEs

Easy Quotes

easy-quotes

Collect and show your favorite Quotes / Reviews / Testimonials or any other short snippet of Text.

700 2 CVEs

Developer Profile

Arconix Testimonials Developer Profile

tychesoftwares

20 plugins · 160K total installs

trust score

Avg Security Score

91/100

Avg Patch Time

228 days

View full developer profile

Detection Fingerprints

How We Detect Arconix Testimonials

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/arconix-testimonials/css/testimonials.css/wp-content/plugins/arconix-testimonials/js/testimonials.js

Script Paths

/wp-content/plugins/arconix-testimonials/js/testimonials.js

Version Parameters

arconix-testimonials/css/testimonials.css?ver=arconix-testimonials/js/testimonials.js?ver=

HTML / DOM Fingerprints

CSS Classes

arconix-testimonialsarconix-testimonial-wrapperarconix-testimonial-title

HTML Comments

Data Attributes

data-testimonial-id

JS Globals

ArconixTestimonials

Shortcode Output

[arconix_testimonials[/arconix_testimonials]

FAQ