Does Client and Product Testimonials have any unpatched vulnerabilities?

No. All known vulnerabilities in Client and Product Testimonials have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Client and Product Testimonials compatible with WordPress 4.8.28?

According to WordPress.org data, Client and Product Testimonials 1.0.1 has been tested up to WordPress 4.8.28. Check the plugin's changelog for the latest compatibility information.

How often is Client and Product Testimonials updated?

Client and Product Testimonials was last updated on Feb 23, 2016. Frequent updates are generally a positive security signal.

What is Client and Product Testimonials's security score?

Client and Product Testimonials has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Client and Product Testimonials Security & Risk Analysis

wordpress.org/plugins/client-and-product-testimonials

The ultimate testimonial plugin for your WordPress site. Display testimonials in style, with ease.

30 active installs v1.0.1 PHP + WP 4.0+ Updated Feb 23, 2016

clientproductproductstestimonialtestimonials

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Client and Product Testimonials Safe to Use in 2026?

Generally Safe

Score 85/100

Client and Product Testimonials has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago

Risk Assessment

The 'client-and-product-testimonials' plugin, version 1.0.1, presents a generally strong security posture based on the provided static analysis. The complete absence of any identified attack surface, including AJAX handlers, REST API routes, shortcodes, or cron events, is a significant positive. Furthermore, the analysis indicates no dangerous functions are used, and all SQL queries are properly prepared, which are excellent practices. The presence of a capability check and the absence of file operations or external HTTP requests also contribute to its perceived security.

However, a notable concern arises from the output escaping analysis, where 60% of outputs are properly escaped. This implies that 40% of outputs are not, leaving potential for cross-site scripting (XSS) vulnerabilities if user-supplied data is outputted without sufficient sanitization. While the taint analysis shows no critical or high severity flows, the unescaped outputs represent a tangible risk that requires attention. The plugin's history of zero vulnerabilities, including no recorded CVEs, is highly positive and suggests a generally well-maintained codebase. Despite the lack of identified critical issues in taint analysis and historical vulnerabilities, the unescaped output is a specific, evidence-backed concern that slightly diminishes the overall security score.

Key Concerns

40% of outputs not properly escaped

Vulnerabilities

None known

Client and Product Testimonials Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Client and Product Testimonials Code Analysis

Dangerous Functions

Raw SQL Queries

6 prepared

Unescaped Output

6 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select23.5.4

SQL Query Safety

100% prepared6 total queries

Output Escaping

60% escaped10 total outputs

Attack Surface

Client and Product Testimonials Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 16

actioninitclient-and-product-testimonials.php:77

actionmedia_buttons_contextclient-and-product-testimonials.php:84

filterplugin_action_links_client-and-product-testimonials/client-and-product-testimonials.phpclient-and-product-testimonials.php:87

actionadmin_menuclient-and-product-testimonials.php:93

actionadmin_noticesclient-and-product-testimonials.php:96

actionadmin_initclient-and-product-testimonials.php:99

actionplugins_loadedclient-and-product-testimonials.php:102

filtercapt_contentclient-and-product-testimonials.php:108

filtercapt_contentclient-and-product-testimonials.php:109

filtercapt_contentclient-and-product-testimonials.php:110

filtercapt_contentclient-and-product-testimonials.php:111

filtercapt_contentclient-and-product-testimonials.php:112

filtercapt_contentclient-and-product-testimonials.php:113

actionadmin_initclient-and-product-testimonials.php:117

filteradmin_footer_textclient-and-product-testimonials.php:120

actionadmin_headclient-and-product-testimonials.php:122

Maintenance & Trust

Client and Product Testimonials Maintenance & Trust

Maintenance Signals

WordPress version tested4.8.28

Last updatedFeb 23, 2016

PHP min version

Downloads4K

Community Trust

Rating100/100

Number of ratings1

Active installs30

Alternatives

Client and Product Testimonials Alternatives

Common Addons for Elementor by Xpertcodes

common-addons-for-elementor-by-xpertcodes

100

A powerful collection of custom Elementor widgets and addons for creating stunning websites.

0 No CVEs

Site Reviews

site-reviews

Site Reviews is a complete review management solution that integrates with WooCommerce and SureCart and works similarly to reviews on Amazon, Tripadvi …

70K 13 CVEs

Testimonial Grid and Testimonial Slider plus Carousel with Rotator Widget

wp-testimonial-with-widget

100

A quick, easy way to add and display responsive, clean client's testimonial on your website using a shortcode, widget or Gutenberg block.

9K No CVEs

CPO Content Types

cpo-content-types

100

Add support for special content types in your website, such as a portfolio, features, and slides.

3K 1 CVE

Gutena Testimonial Slider

gutena-testimonial

100

This block allows you to display client testimonial slider on websites. This plugin provides a user-friendly interface to add, manage, and display tes …

3K No CVEs

Developer Profile

Client and Product Testimonials Developer Profile

Evan Herman

15 plugins · 136K total installs

trust score

Avg Security Score

84/100

Avg Patch Time

375 days

View full developer profile

Detection Fingerprints

How We Detect Client and Product Testimonials

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/client-and-product-testimonials/lib/css/testimonial-styles.css/wp-content/plugins/client-and-product-testimonials/lib/css/owl.carousel.css/wp-content/plugins/client-and-product-testimonials/lib/css/owl.theme.css/wp-content/plugins/client-and-product-testimonials/lib/js/testimonial-scripts.js/wp-content/plugins/client-and-product-testimonials/lib/js/owl.carousel.js/wp-content/plugins/client-and-product-testimonials/lib/js/script.js

Script Paths

/wp-content/plugins/client-and-product-testimonials/lib/js/testimonial-scripts.js/wp-content/plugins/client-and-product-testimonials/lib/js/owl.carousel.js/wp-content/plugins/client-and-product-testimonials/lib/js/script.js

Version Parameters

client-and-product-testimonials/lib/css/testimonial-styles.css?ver=client-and-product-testimonials/lib/css/owl.carousel.css?ver=client-and-product-testimonials/lib/css/owl.theme.css?ver=client-and-product-testimonials/lib/js/testimonial-scripts.js?ver=client-and-product-testimonials/lib/js/owl.carousel.js?ver=client-and-product-testimonials/lib/js/script.js?ver=

HTML / DOM Fingerprints

CSS Classes

client-and-product-testimonial-wrapperclient-and-product-testimonial-contentclient-and-product-testimonial-author-nameclient-and-product-testimonial-author-titleclient-and-product-testimonial-author-companyclient-and-product-testimonial-author-photo

HTML Comments

Data Attributes

data-slider-itemsdata-slider-margindata-slider-loopdata-slider-navdata-slider-dotsdata-slider-autoplay+1 more

JS Globals

client_and_product_testimonial_slider_options

Shortcode Output

[client-product-testimonial][client-product-testimonial display_type="slider"][client-product-testimonial display_type="list"][client-product-testimonial category="your_category_slug"]

FAQ