WP-Safety

Reviewkit – Trustpilot Reviews Widget & Embed Security & Risk Analysis

wordpress.org/plugins/gutensuite-reviewkit

Easily embed and showcase Trustpilot reviews on your WordPress site to build trust and boost conversions.

300 active installs v1.1.1 PHP 7.4+ WP 6.6+ Updated Jan 24, 2026
reviewssocial-prooftestimonialstrust-badgestrustpilot
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Reviewkit – Trustpilot Reviews Widget & Embed Safe to Use in 2026?

Generally Safe

Score 100/100

Reviewkit – Trustpilot Reviews Widget & Embed has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The "gutensuite-reviewkit" v1.1.1 plugin exhibits a generally positive security posture, with a notable absence of critical vulnerabilities in its history and strong adherence to security best practices within its static analysis. The plugin correctly utilizes prepared statements for all SQL queries and implements nonce checks for its AJAX handlers, which significantly mitigates common attack vectors. Furthermore, the vast majority of output is properly escaped, and there are no file operations or external HTTP requests that raise immediate concerns. The lack of any recorded CVEs, both past and present, suggests a history of diligent security patching or a lack of significant disclosed vulnerabilities, which is a strong indicator of a well-maintained codebase.

However, a few areas warrant attention. While the total number of entry points (3) is low, the presence of two AJAX handlers, even though they appear to have authorization checks (as indicated by 0 unprotected entry points), still represent potential targets for attackers if those checks are not sufficiently robust. More significantly, the taint analysis reveals two flows with unsanitized paths. Although no critical or high severity issues were flagged, unsanitized paths, even if not leading to immediate exploits, represent a latent risk and a deviation from secure coding practices. The bundling of Freemius v1.0, while common, also implies a dependency that should be monitored for its own security vulnerabilities. Overall, the plugin is strong, but the unsanitized paths and the nature of AJAX handlers present minor areas for improvement to achieve an even more secure state.

Key Concerns

  • Taint analysis shows 2 unsanitized paths
  • Bundled library Freemius v1.0 is outdated
Vulnerabilities
None known

Reviewkit – Trustpilot Reviews Widget & Embed Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Reviewkit – Trustpilot Reviews Widget & Embed Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
2 prepared
Unescaped Output
13
84 escaped
Nonce Checks
2
Capability Checks
1
File Operations
0
External Requests
2
Bundled Libraries
1

Bundled Libraries

Freemius1.0

SQL Query Safety

100% prepared2 total queries

Output Escaping

87% escaped97 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
get_reviews (includes\Admin\Ajax.php:33)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Reviewkit – Trustpilot Reviews Widget & Embed Attack Surface

Entry Points3
Unprotected0

AJAX Handlers 2

authwp_ajax_gutensuite_reviewkit_get_reviewsincludes\Admin\Ajax.php:26
authwp_ajax_gutensuite_reviewkit_delete_cacheincludes\Admin\Ajax.php:27

Shortcodes 1

[reviewkit_review] includes\Shortcodes\ReviewWidgets.php:10
WordPress Hooks 8
actionplugins_loadedgutensuite-reviewkit.php:40
actiongutensuite_reviewkit_loadedgutensuite-reviewkit.php:41
actioninitgutensuite-reviewkit.php:42
actionadmin_enqueue_scriptsincludes\Admin\Assets.php:12
actionwp_enqueue_scriptsincludes\Admin\Assets.php:13
actionwp_enqueue_scriptsincludes\Admin\Assets.php:14
actiongutensuite_reviewkit_sync_reviews_cronincludes\Admin\Cron.php:28
actionadmin_menuincludes\Admin\Menu.php:13

Scheduled Events 1

gutensuite_reviewkit_sync_reviews_cron
Maintenance & Trust

Reviewkit – Trustpilot Reviews Widget & Embed Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 24, 2026
PHP min version7.4
Downloads1K

Community Trust

Rating100/100
Number of ratings2
Active installs300
Alternatives

Reviewkit – Trustpilot Reviews Widget & Embed Alternatives

Trustify Blocks – Testimonials, Reviews & Trust Widgets for Gutenberg

Trustify Blocks – Testimonials, Reviews & Trust Widgets for Gutenberg

trustify-blocks

A
100

Build trust and credibility with your website visitors using customizable testimonials and review blocks.

0 No CVEs
Better Business Reviews – Trustpilot WordPress Plugin

Better Business Reviews – Trustpilot WordPress Plugin

better-business-reviews

A
99

Better Business Reviews allows you to display your business reviews from a Trustpilot profile.

3K 1 CVE
Solid Testimonials – Testimonial Slider, Video Testimonials & Customer Reviews

Solid Testimonials – Testimonial Slider, Video Testimonials & Customer Reviews

gs-testimonial

A
96

Showcase and automate customer reviews with ease - sliders, grids, filters, and more to boost trust and sales.

1K 6 CVEs
Revix Reviews – All-in-One Business Review Manager

Revix Reviews – All-in-One Business Review Manager

revix-reviews

A
100

Revix Reviews helps you collect, import, and display reviews—including Trustpilot and Google—with more platforms coming soon.

60 No CVEs
Reviews for Google My Business

Reviews for Google My Business

reviews-for-google-my-business

A
100

Display Google My Business reviews on your website for free. Improve credibility with full customization, categories, and flexible shortcode.

20 No CVEs
Developer Profile

Reviewkit – Trustpilot Reviews Widget & Embed Developer Profile

GutenSuite

2 plugins · 300 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Reviewkit – Trustpilot Reviews Widget & Embed

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/gutensuite-reviewkit/assets/js/gutensuite-reviewkit.core.min.css/wp-content/plugins/gutensuite-reviewkit/assets/js/gutensuite-reviewkit.core.min.js/wp-content/plugins/gutensuite-reviewkit/assets/js/gutensuite-shortcode/index.min.css/wp-content/plugins/gutensuite-reviewkit/assets/lib/swiper.min.css/wp-content/plugins/gutensuite-reviewkit/assets/lib/swiper.min.js/wp-content/plugins/gutensuite-reviewkit/assets/lib/review-carousel.js
Script Paths
/wp-content/plugins/gutensuite-reviewkit/assets/js/gutensuite-reviewkit.core.min.js/wp-content/plugins/gutensuite-reviewkit/assets/js/gutensuite-shortcode/index.min.css/wp-content/plugins/gutensuite-reviewkit/assets/lib/swiper.min.js/wp-content/plugins/gutensuite-reviewkit/assets/lib/review-carousel.js
Version Parameters
gutensuite-reviewkit/style.css?ver=gutensuite-reviewkit/script.js?ver=

HTML / DOM Fingerprints

CSS Classes
gutensuite-reviewkit-shortcodesswiper-containerswiper-wrapperswiper-slideswiper-paginationswiper-button-nextswiper-button-prevreviewkit-carousel-wrapper+2 more
Data Attributes
data-reviewkit-carousel
JS Globals
gutensuite_reviewkitgutensuite_reviewkit_fsfs_dynamic_init
FAQ

Frequently Asked Questions about Reviewkit – Trustpilot Reviews Widget & Embed