WP-Safety

BizReview – Business and Google Place Review Plugin Security & Risk Analysis

wordpress.org/plugins/bizreview

Google Business Review Showcase Plugin - Easily Show Your Google Business Reviews On Your Website

100 active installs v1.5.14 PHP + WP 5.0+ Updated Mar 12, 2026
businessgoogle-places-reviewsmasonaryreviewsshortcode
78
B · Generally Safe
CVEs total1
Unpatched1
Last CVEFeb 3, 2026
Plugin page Download
Safety Verdict

Is BizReview – Business and Google Place Review Plugin Safe to Use in 2026?

Mostly Safe

Score 78/100

BizReview – Business and Google Place Review Plugin is generally safe to use. 1 past CVE were resolved.

1 known CVE 1 unpatched Last CVE: Feb 3, 2026Updated 2mo ago
Risk Assessment

The bizreview plugin v1.5.14 exhibits a generally strong security posture based on the provided static analysis. The absence of known vulnerabilities (CVEs) and a clean taint analysis are significant strengths, indicating a lack of severe, exploitable flaws. The plugin also demonstrates good practices by implementing nonce and capability checks on entry points, and a high percentage of properly escaped output, which mitigates common cross-site scripting (XSS) risks. However, the plugin's use of raw SQL queries without prepared statements represents a notable concern. Although the total number of SQL queries is low, this practice, if a query were to involve user-supplied input, could open the door to SQL injection vulnerabilities. The presence of external HTTP requests also warrants attention; without further analysis, it's difficult to assess if these are made securely and if they could be leveraged for further attacks. While the plugin has a small attack surface and all identified entry points have some form of protection, the raw SQL remains the most concrete risk identified.

Key Concerns

  • SQL queries not using prepared statements
Vulnerabilities
1 published

BizReview – Business and Google Place Review Plugin Security Vulnerabilities

CVEs by Year

1 CVE in 2026 · unpatched
2026
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2026-39606medium · 5.3Missing Authorization

BizReview <= 1.5.14 - Missing Authorization

Feb 3, 2026Unpatched
Version History

BizReview – Business and Google Place Review Plugin Release Timeline

v1.5.14Current1 CVE
CVE-2026-39606
v1.5.131 CVE
CVE-2026-39606
v1.5.121 CVE
CVE-2026-39606
v1.5.111 CVE
CVE-2026-39606
v1.5.101 CVE
CVE-2026-39606
v1.5.91 CVE
CVE-2026-39606
v1.5.81 CVE
CVE-2026-39606
v1.5.71 CVE
CVE-2026-39606
v1.5.61 CVE
CVE-2026-39606
v1.5.51 CVE
CVE-2026-39606
v1.5.41 CVE
CVE-2026-39606
v1.5.31 CVE
CVE-2026-39606
v1.5.21 CVE
CVE-2026-39606
Code Analysis
Analyzed Mar 16, 2026

BizReview – Business and Google Place Review Plugin Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
0 prepared
Unescaped Output
37
349 escaped
Nonce Checks
1
Capability Checks
2
File Operations
0
External Requests
3
Bundled Libraries
0

SQL Query Safety

0% prepared1 total queries

Output Escaping

90% escaped386 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

2 flows
dismiss_offer_banner (Helpers\ThemeAtelier_Offer_Banner.php:154)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

BizReview – Business and Google Place Review Plugin Attack Surface

Entry Points2
Unprotected0

AJAX Handlers 1

authwp_ajax_themeatelier_dismiss_offer_bannerHelpers\ThemeAtelier_Offer_Banner.php:35

Shortcodes 1

[bizr_google_place] view\google-shortcode.php:11
WordPress Hooks 21
actionadmin_menuadmin\admin.php:20
actionadmin_initadmin\admin.php:21
actionadmin_footeradmin\appsero\Insights.php:114
actionadmin_noticesadmin\appsero\Insights.php:132
actionadmin_initadmin\appsero\Insights.php:135
filtercron_schedulesadmin\appsero\Insights.php:141
actionplugin_loadedbizreview.php:55
actionafter_setup_themebizreview.php:81
actionadmin_noticesHelpers\ThemeAtelier_Offer_Banner.php:34
actionwp_enqueue_scriptsinc\class-enqueue.php:20
actionadmin_enqueue_scriptsinc\class-enqueue.php:22
actioninitview\elementor-widgets\elementor-widget.php:147
actionadmin_noticesview\elementor-widgets\elementor-widget.php:167
actionelementor/elements/categories_registeredview\elementor-widgets\elementor-widget.php:172
actionelementor/frontend/after_enqueue_stylesview\elementor-widgets\elementor-widget.php:173
actionelementor/frontend/after_register_stylesview\elementor-widgets\elementor-widget.php:174
actionelementor/editor/before_enqueue_scriptsview\elementor-widgets\elementor-widget.php:175
actionelementor/widgets/widgets_registeredview\elementor-widgets\elementor-widget.php:178
actionwp_enqueue_scriptsview\elementor-widgets\elementor-widget.php:181
actionwp_enqueue_scriptsview\elementor-widgets\elementor-widget.php:313
actionwidgets_initview\widgets\widget-google-review.php:229
Maintenance & Trust

BizReview – Business and Google Place Review Plugin Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 12, 2026
PHP min version
Downloads6K

Community Trust

Rating100/100
Number of ratings1
Active installs100
Alternatives

BizReview – Business and Google Place Review Plugin Alternatives

Widgets for Google Reviews

Widgets for Google Reviews

wp-reviews-plugin-for-google

A
93

Embed Google reviews fast and easily into your WordPress site. Increase SEO, trust and sales using Google reviews.

900K 4 CVEs
Widgets for Google Business Reviews and Ratings

Widgets for Google Business Reviews and Ratings

widgets-for-google-reviews-and-ratings

A
100

🛠️ Display Google Business Reviews on your WordPress website to build credibility, boost customer trust, and improve SEO with Google Rich Snippets

2K No CVEs
Widget for Google Reviews

Widget for Google Reviews

business-reviews-wp

A
95

Shortcode and widget for Google Reviews. Display Google Business Reviews on your WordPress website to increase user confidence and SEO.

1K 2 CVEs
Free Google Reviews widget by OpenWidget

Free Google Reviews widget by OpenWidget

free-google-reviews-widget-by-openwidget

A
92

⭐️ Embed Google reviews into your WordPress site. Improve trust, sales & SEO of your Wordpress site with Google reviews.

100 No CVEs
Reviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor, and More

Reviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor, and More

reviews-feed

A
99

No API key required. Display Yelp and Google reviews for any business in a clean, customizable feed on your site.

100K 2 CVEs
Developer Profile

BizReview – Business and Google Place Review Plugin Developer Profile

Foysal Imran

8 plugins · 780 total installs

88
trust score
Avg Security Score
91/100
Avg Patch Time
21 days
View full developer profile
Detection Fingerprints

How We Detect BizReview – Business and Google Place Review Plugin

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/bizreview/assets/icofont/icofont.min.css/wp-content/plugins/bizreview/assets/fontawesome/all.min.css/wp-content/plugins/bizreview/assets/css/bt-grid.css/wp-content/plugins/bizreview/assets/css/owl.carousel.min.css/wp-content/plugins/bizreview/assets/css/owl.theme.default.min.css/wp-content/plugins/bizreview/assets/css/main.css/wp-content/plugins/bizreview/inc/google-review/js/google-place.js/wp-content/plugins/bizreview/assets/js/isotope.pkgd.min.js+4 more
Script Paths
/wp-content/plugins/bizreview/inc/google-review/js/google-place.js/wp-content/plugins/bizreview/assets/js/isotope.pkgd.min.js/wp-content/plugins/bizreview/assets/js/owl.carousel.min.js/wp-content/plugins/bizreview/assets/js/main.js/wp-content/plugins/bizreview/admin/assets/js/bizreview-admin.js
Version Parameters
bizreview/style.css?ver=bizreview/script.js?ver=

HTML / DOM Fingerprints

CSS Classes
bizreview-main
HTML Comments
<!-- Bizreview Appsero Insights --><!-- Offer Banner -->
JS Globals
window.bizreview_google_api_key
Shortcode Output
[bizreview]
FAQ

Frequently Asked Questions about BizReview – Business and Google Place Review Plugin