WP-Safety

Libro de Reclamaciones y Quejas Security & Risk Analysis

wordpress.org/plugins/libro-de-reclamaciones-y-quejas

Libro de reclamaciones válido para Perú con los campos obligatorios exigidos por Indecopi.

4K active installs v1.2 PHP 7.4+ WP 6.8+ Updated Jun 3, 2025
libro-de-reclamacioneslibro-de-reclamaciones-perulibro-de-reclamaciones-pluginlibro-de-reclamaciones-wordpress
77
B · Generally Safe
CVEs total2
Unpatched1
Last CVEJun 5, 2025
Plugin page Download
Safety Verdict

Is Libro de Reclamaciones y Quejas Safe to Use in 2026?

Mostly Safe

Score 77/100

Libro de Reclamaciones y Quejas is generally safe to use. 2 past CVEs were resolved. Keep it updated.

2 known CVEs 1 unpatched Last CVE: Jun 5, 2025Updated 10mo ago
Risk Assessment

The "libro-de-reclamaciones-y-quejas" plugin version 1.2 exhibits a mixed security posture, with some encouraging signs offset by significant concerns. The use of prepared statements for all SQL queries is a strong positive, as is the limited use of file operations and external HTTP requests. However, the presence of four AJAX handlers without any authentication checks creates a substantial attack surface and a direct pathway for potential unauthorized actions. The taint analysis, while not revealing critical or high severity issues, did identify two flows with unsanitized paths, which, combined with the unprotected AJAX endpoints, could be leveraged in tandem to exploit the plugin. The vulnerability history is particularly worrying, with two known CVEs, one of which remains unpatched. The nature of these past vulnerabilities (SQL Injection and CSRF) suggests recurring issues in handling user input and maintaining session integrity, which are amplified by the current lack of nonce checks.

Key Concerns

  • Unprotected AJAX handlers
  • Unpatched CVE
  • Low output escaping coverage
  • No nonce checks
  • Flows with unsanitized paths
  • Bundled library (dompdf)
Vulnerabilities
2

Libro de Reclamaciones y Quejas Security Vulnerabilities

CVEs by Year

2 CVEs in 2025 · unpatched
2025
Patched Has unpatched

Severity Breakdown

Medium
2

2 total CVEs

CVE-2025-30989medium · 4.9Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Libro de Reclamaciones y Quejas <= 0.9 - Authenticated (Administrator+) SQL Injection

Jun 5, 2025 Patched in 1.0 (8d)
CVE-2025-32113medium · 6.1Cross-Site Request Forgery (CSRF)

Libro de Reclamaciones y Quejas <= 0.9 - Cross-Site Request Forgery to Stored Cross-Site Scripting

Apr 4, 2025Unpatched
Code Analysis
Analyzed Mar 16, 2026

Libro de Reclamaciones y Quejas Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
4 prepared
Unescaped Output
43
32 escaped
Nonce Checks
0
Capability Checks
1
File Operations
1
External Requests
0
Bundled Libraries
1

Bundled Libraries

dompdf

SQL Query Safety

100% prepared4 total queries

Output Escaping

43% escaped75 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths
rt_libro_lrq_submenu_settings_ver (libro_admin.php:95)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
4 unprotected

Libro de Reclamaciones y Quejas Attack Surface

Entry Points5
Unprotected4

AJAX Handlers 4

authwp_ajax_rt_libro_load_provincias_frontrt-libro-reclamaciones.php:38
noprivwp_ajax_rt_libro_load_provincias_frontrt-libro-reclamaciones.php:39
authwp_ajax_rt_libro_load_distrito_frontrt-libro-reclamaciones.php:40
noprivwp_ajax_rt_libro_load_distrito_frontrt-libro-reclamaciones.php:41

Shortcodes 1

[libro_page] libro_shortcode.php:173
WordPress Hooks 5
actionadmin_menulibro_admin.php:7
actionbefore_woocommerce_initrt-libro-reclamaciones.php:26
actioninitrt-libro-reclamaciones.php:35
actionwp_headrt-libro-reclamaciones.php:47
actionadmin_noticesrt-libro-reclamaciones.php:58
Maintenance & Trust

Libro de Reclamaciones y Quejas Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedJun 3, 2025
PHP min version7.4
Downloads24K

Community Trust

Rating76/100
Number of ratings10
Active installs4K
Alternatives

Libro de Reclamaciones y Quejas Alternatives

Libro de Reclamaciones para Perú

Libro de Reclamaciones para Perú

neurosystems-libro-reclamaciones-peru

A
100

Libro de Reclamaciones Virtual para Perú. Cumple con INDECOPI, evita multas y gestiona tus reclamos fácilmente.

70 No CVEs
Developer Profile

Libro de Reclamaciones y Quejas Developer Profile

Renzo Tejada

11 plugins · 9K total installs

75
trust score
Avg Security Score
94/100
Avg Patch Time
327 days
View full developer profile
Detection Fingerprints

How We Detect Libro de Reclamaciones y Quejas

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/libro-de-reclamaciones-y-quejas/css/style.css/wp-content/plugins/libro-de-reclamaciones-y-quejas/css/form_rt_libro.css/wp-content/plugins/libro-de-reclamaciones-y-quejas/js/form_rt_libro.js/wp-content/plugins/libro-de-reclamaciones-y-quejas/js/rt_libro_reclamaciones.js
Version Parameters
libro-de-reclamaciones-y-quejas/css/style.css?ver=libro-de-reclamaciones-y-quejas/css/form_rt_libro.css?ver=libro-de-reclamaciones-y-quejas/js/form_rt_libro.js?ver=libro-de-reclamaciones-y-quejas/js/rt_libro_reclamaciones.js?ver=

HTML / DOM Fingerprints

CSS Classes
rt-libro-reclamaciones-form
Data Attributes
data-departamentodata-provinciadata-distritodata-type-docdata-type-doc-tutor
JS Globals
ajaxurlrt_libro_data
REST Endpoints
/wp-json/rt-libro/v1/claims
Shortcode Output
<div class="rt-libro-reclamaciones-form"><h4>Libro de Reclamaciones</h4>
FAQ

Frequently Asked Questions about Libro de Reclamaciones y Quejas