Does Reviews and Rating – Google Reviews have any unpatched vulnerabilities?

No. All known vulnerabilities in Reviews and Rating – Google Reviews have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Reviews and Rating – Google Reviews compatible with WordPress 6.7.5?

According to WordPress.org data, Reviews and Rating – Google Reviews 5.10 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Reviews and Rating – Google Reviews compatible with PHP 5.2.4+?

Reviews and Rating – Google Reviews requires PHP 5.2.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Reviews and Rating – Google Reviews updated?

Reviews and Rating – Google Reviews was last updated on Jan 31, 2025. Frequent updates are generally a positive security signal.

What is Reviews and Rating – Google Reviews's security score?

Reviews and Rating – Google Reviews has a WP-Safety security score of 90/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Reviews and Rating – Google Reviews Security & Risk Analysis

wordpress.org/plugins/g-business-reviews-rating

Completely restriction-free Google reviews and rating as Shortcode/Widget. Extensive display options; delicious themes; includes Structured Data.

20K active installs v5.10 PHP 5.2.4+ WP 4.6+ Updated Jan 31, 2025

gmb-reviewsgoogle-my-businessgoogle-ratinggoogle-reviewsstructured-data

A · Safe

CVEs total2

Unpatched0

Last CVEMay 24, 2024

Plugin page Download

Safety Verdict

Is Reviews and Rating – Google Reviews Safe to Use in 2026?

Generally Safe

Score 90/100

Reviews and Rating – Google Reviews has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: May 24, 2024Updated 1yr ago

Risk Assessment

The plugin 'g-business-reviews-rating' v5.10 exhibits a mixed security posture. While the static analysis indicates a relatively low attack surface with no apparent unprotected entry points and good practices in terms of output escaping (92%) and nonce checks (20), there are areas for concern. The presence of 2 taint flows with unsanitized paths, even without critical or high severity, suggests potential avenues for vulnerabilities if inputs are not handled rigorously. Furthermore, the SQL query usage shows that only 22% are prepared statements, which is a significant weakness that could lead to SQL injection vulnerabilities if not mitigated by other security layers within the application.

Key Concerns

SQL queries not using prepared statements
Taint flows with unsanitized paths

Vulnerabilities

Reviews and Rating – Google Reviews Security Vulnerabilities

CVEs by Year

1 CVE in 2023

2023

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

High

Medium

2 total CVEs

CVE-2024-5218medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Reviews and Rating – Google Reviews <= 5.2 - Authenticated (Author+) Stored Cross-Site Scripting

May 24, 2024 Patched in 5.3 (7d)

CVE-2023-23986high · 8.3Missing Authorization

Reviews and Rating – Google My Business <= 4.14 - Missing Authorization

Jan 20, 2023 Patched in 4.15 (368d)

Code Analysis

Analyzed Mar 16, 2026

Reviews and Rating – Google Reviews Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

731 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

22% prepared9 total queries

Output Escaping

92% escaped797 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

admin_ajax (index.php:1744)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Reviews and Rating – Google Reviews Attack Surface

Entry Points6

Unprotected0

Shortcodes 6

[reviews_rating] index.php:1000

[reviews_rating_single] index.php:1001

[reviews_rating_links] index.php:1002

[reviews_rating_link] index.php:1003

[links_google_business] index.php:1004

[link_google_business] index.php:1005

WordPress Hooks 19

actionwpcron.php:16

actiongoogle_business_reviews_rating_runcron.php:17

actionupgrader_process_completeg-business-reviews-rating.php:47

actioninitindex.php:279

actionadmin_initindex.php:966

actionadmin_menuindex.php:967

actionadmin_enqueue_scriptsindex.php:968

actionadmin_enqueue_scriptsindex.php:969

actionadmin_noticesindex.php:971

actionwp_dashboard_setupindex.php:972

actionwidgets_initindex.php:973

filterplugin_action_linksindex.php:975

filterplugin_row_metaindex.php:976

actionwidgets_initindex.php:1006

actionwp_enqueue_scriptsindex.php:1010

actionwp_enqueue_scriptsindex.php:1015

actionwp_headindex.php:1020

actionadmin_enqueue_scriptswidget.php:48

actionadmin_enqueue_scriptswidget.php:49

Scheduled Events 1

google_business_reviews_rating_run

Maintenance & Trust

Reviews and Rating – Google Reviews Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedJan 31, 2025

PHP min version5.2.4

Downloads990K

Community Trust

Rating98/100

Number of ratings183

Active installs20K

Alternatives

Reviews and Rating – Google Reviews Alternatives

Smart Showcase for Google Reviews

smart-showcase-for-google-reviews

100

Smart Showcase for Google Reviews is a WordPress plugin that lets businesses display Google customer reviews on their websites easily.

90 No CVEs

Get Google Reviews

get-google-reviews

100

Get your Google Reviews and display them on your website. Easily and without needing an API key.

70 No CVEs

Automatic Update Google Business Profile Reviews

automatic-update-google-business-profile-reviews

100

This Plugins gets average rating from your company\'s Google My Business entry. You can display the rating on your wordpress website.

30 No CVEs

Reviews from Google

reviews-from-google

Display your Google Reviews on Your WordPress Website

30 No CVEs

Reviews for Google My Business

reviews-for-google-my-business

100

Display Google My Business reviews on your website for free. Improve credibility with full customization, categories, and flexible shortcode.

20 No CVEs

Developer Profile

Reviews and Rating – Google Reviews Developer Profile

Noah Hearle

2 plugins · 25K total installs

trust score

Avg Security Score

95/100

Avg Patch Time

344 days

View full developer profile

Detection Fingerprints

How We Detect Reviews and Rating – Google Reviews

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/g-business-reviews-rating/css//wp-content/plugins/g-business-reviews-rating/js//wp-content/plugins/g-business-reviews-rating/frontend/css//wp-content/plugins/g-business-reviews-rating/frontend/js/

Script Paths

/wp-content/plugins/g-business-reviews-rating/frontend/js/g-business-reviews-rating.js

Version Parameters

g-business-reviews-rating/css/frontend.css?ver=g-business-reviews-rating/css/animate.css?ver=g-business-reviews-rating/frontend/js/g-business-reviews-rating.js?ver=

HTML / DOM Fingerprints

CSS Classes

g-reviews-wrapperg-reviews-itemsg-reviews-itemg-reviews-avatarg-reviews-authorg-reviews-ratingg-reviews-dateg-reviews-text+3 more

HTML Comments

Data Attributes

data-titledata-ratingdata-authordata-datedata-reviewtext

JS Globals

g_business_reviews_rating_params

REST Endpoints

/wp-json/g-business-reviews-rating/

Shortcode Output

[google-reviews-rating[google-reviews-widget

FAQ