Does Kiyoh Reviews have any unpatched vulnerabilities?

No. All known vulnerabilities in Kiyoh Reviews have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Kiyoh Reviews compatible with WordPress 6.9.4?

According to WordPress.org data, Kiyoh Reviews 1.0.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Kiyoh Reviews compatible with PHP 7.4+?

Kiyoh Reviews requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Kiyoh Reviews updated?

Kiyoh Reviews was last updated on Feb 4, 2026. Frequent updates are generally a positive security signal.

What is Kiyoh Reviews's security score?

Kiyoh Reviews has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Kiyoh Reviews Security & Risk Analysis

wordpress.org/plugins/kiyoh-reviews

Integrate Kiyoh reviews with your WooCommerce store. Automatically send review invitations and display product reviews.

10 active installs v1.0.0 PHP 7.4+ WP 6.2+ Updated Feb 4, 2026

kiyohproduct-reviewsratingsreviewswoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Kiyoh Reviews Safe to Use in 2026?

Generally Safe

Score 100/100

Kiyoh Reviews has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "kiyoh-reviews" v1.0.0 plugin exhibits a generally strong security posture, with notable strengths in its handling of SQL queries and output escaping. The absence of known CVEs and recorded vulnerability history further suggests a stable and well-maintained codebase in these areas. The use of prepared statements for all SQL queries and a high percentage of properly escaped output are excellent security practices that significantly mitigate common web application vulnerabilities.

However, the plugin is not without its concerns. The static analysis reveals an attack surface consisting of two AJAX handlers, one of which lacks authentication checks. This unprotected AJAX endpoint represents a direct vulnerability that could be exploited by unauthenticated users, potentially leading to unintended actions or information disclosure depending on its functionality. While taint analysis found no flows, this is based on zero flows being analyzed, offering no assurance of security in that regard. The presence of bundled libraries, even if seemingly up-to-date, can introduce vulnerabilities if not managed carefully and could become a future concern.

Overall, the plugin's proactive approach to SQL and output sanitization is commendable. The primary weakness lies in the unprotected AJAX handler, which demands immediate attention. The lack of taint analysis and the potential for bundled library issues, while not immediate critical risks, indicate areas where further scrutiny would be beneficial for comprehensive security.

Key Concerns

Unprotected AJAX handler
Taint analysis not performed
Bundled library (Freemius v1.0)

Vulnerabilities

None known

Kiyoh Reviews Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Kiyoh Reviews Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

35 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius1.0

Output Escaping

88% escaped40 total outputs

Attack Surface

1 unprotected

Kiyoh Reviews Attack Surface

Entry Points2

Unprotected1

AJAX Handlers 2

authwp_ajax_converzo_kiyoh_sync_productssrc\Admin\Settings.php:38

authwp_ajax_converzo_kiyoh_download_logsrc\Admin\Settings.php:39

WordPress Hooks 25

actionplugins_loadedkiyoh-reviews.php:76

actioninitkiyoh-reviews.php:83

actioninitkiyoh-reviews.php:84

actionadmin_menusrc\Admin\Settings.php:36

actionadmin_enqueue_scriptssrc\Admin\Settings.php:37

actionwoocommerce_admin_field_converzo_kiyoh_section_startsrc\Admin\Settings.php:43

actionwoocommerce_admin_field_converzo_kiyoh_section_endsrc\Admin\Settings.php:44

actionwoocommerce_before_single_productsrc\Frontend\Reviews.php:35

actionwoocommerce_before_shop_loop_itemsrc\Frontend\Reviews.php:36

filtercomments_arraysrc\Frontend\Reviews.php:37

actionwoocommerce_review_before_comment_metasrc\Frontend\Reviews.php:38

actionwp_enqueue_scriptssrc\Frontend\Reviews.php:39

filterwoocommerce_product_review_list_argssrc\Frontend\Reviews.php:42

filterbody_classsrc\Frontend\Reviews.php:43

filtercomments_opensrc\Frontend\Reviews.php:102

actionadmin_noticessrc\Plugin.php:45

actionbefore_woocommerce_initsrc\Plugin.php:52

actionwidgets_initsrc\Plugin.php:74

filtercomments_arraysrc\Premium__premium_only\ReviewContent.php:32

actionwoocommerce_review_after_comment_textsrc\Premium__premium_only\ReviewContent.php:33

actionconverzo_kiyoh_fetch_company_reviewssrc\Service\CompanyReview.php:27

actionwoocommerce_order_status_changedsrc\Service\Invite.php:36

filterwoocommerce_order_actionssrc\Service\Invite.php:37

actionwoocommerce_order_action_converzo_kiyoh_send_invitesrc\Service\Invite.php:38

actionconverzo_kiyoh_sync_product_catalogsrc\Service\ProductSync.php:27

Scheduled Events 2

converzo_kiyoh_fetch_company_reviews

converzo_kiyoh_sync_product_catalog

Maintenance & Trust

Kiyoh Reviews Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 4, 2026

PHP min version7.4

Downloads105

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Kiyoh Reviews Alternatives

WPSSO Ratings and Reviews

wpsso-ratings-and-reviews

100

Adds Ratings and Reviews Features to the WordPress Comments System.

200 No CVEs

Reviewbird

reviewbird

100

Powerfully simple product review collection, moderation, and management for WooCommerce.

0 No CVEs

Site Reviews

site-reviews

Site Reviews is a complete review management solution that integrates with WooCommerce and SureCart and works similarly to reviews on Amazon, Tripadvi …

70K 13 CVEs

Photo Reviews for WooCommerce

woo-photo-reviews

100

Let customers attach photos to reviews, enhanced with filterable grids and overall ratings. Auto-send review reminders and coupon emails

10K No CVEs

ReviewX – Multi-Criteria Reviews for WooCommerce with Google Reviews & Schema

reviewx

Drive woocommerce business growth with social proof: gather product reviews with multicriteria ratings, auto-reminder emails, discounts, and more.

9K 13 CVEs

Developer Profile

Kiyoh Reviews Developer Profile

converzo

1 plugin · 10 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Kiyoh Reviews

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/kiyoh-reviews/assets/css/admin.css/wp-content/plugins/kiyoh-reviews/assets/js/admin-settings.js

Script Paths

/wp-content/plugins/kiyoh-reviews/assets/js/admin-settings.js

Version Parameters

kiyoh-adminkiyoh-admin-settings

HTML / DOM Fingerprints

CSS Classes

kiyoh-settings-section

Data Attributes

data-tab-iddata-tab-name

JS Globals

kiyohSettings

FAQ