WP-Safety

LIBRO DE VISITAS – GUESTBOOK Security & Risk Analysis

wordpress.org/plugins/libro-de-visitas-guestbook

For live example click here!!!

40 active installs v1.4 PHP 5.2.4+ WP + Updated Jun 4, 2018
commentsguest-bookguestbooklibro-de-visitasvisitas
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is LIBRO DE VISITAS – GUESTBOOK Safe to Use in 2026?

Generally Safe

Score 85/100

LIBRO DE VISITAS – GUESTBOOK has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago
Risk Assessment

The 'libro-de-visitas-guestbook' plugin v1.4 presents a mixed security posture. While it demonstrates good practices by not utilizing dangerous functions, performing all SQL queries with prepared statements, and avoiding external HTTP requests or file operations, significant security concerns arise from its handling of entry points. All four identified AJAX handlers lack authentication checks, creating a wide attack surface for potential unauthorized actions. The taint analysis further highlights this, with two flows identified as having unsanitized paths and classified as high severity, indicating a risk of data being manipulated or exploited through these entry points. Despite a clean vulnerability history with no recorded CVEs, this absence might be due to the plugin not being widely targeted or the vulnerabilities being recent. The lack of nonces and capability checks on the AJAX handlers, combined with the identified unsanitized paths, are the most pressing issues. A strong recommendation for immediate review and patching of these unprotected AJAX handlers is warranted.

Key Concerns

  • AJAX handlers without auth checks
  • High severity taint flow with unsanitized path
  • Total entry points unprotected
  • Output escaping is only 30% proper
  • No nonce checks on AJAX handlers
  • No capability checks on AJAX handlers
Vulnerabilities
None known

LIBRO DE VISITAS – GUESTBOOK Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

LIBRO DE VISITAS – GUESTBOOK Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
5 prepared
Unescaped Output
19
8 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared5 total queries

Output Escaping

30% escaped27 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
insertPost (js-php-phpguestbook\Class_Guest_Book_LdvJarim.php:95)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
4 unprotected

LIBRO DE VISITAS – GUESTBOOK Attack Surface

Entry Points4
Unprotected4

AJAX Handlers 4

authwp_ajax_showAllPosts_Guest_book_JarimAjaxJSjs-php-phpguestbook\Class_Guest_Book_LdvJarim.php:19
noprivwp_ajax_showAllPosts_Guest_book_JarimAjaxJSjs-php-phpguestbook\Class_Guest_Book_LdvJarim.php:21
authwp_ajax_insertPost_Guest_book_JarimAjaxJSjs-php-phpguestbook\Class_Guest_Book_LdvJarim.php:25
noprivwp_ajax_insertPost_Guest_book_JarimAjaxJSjs-php-phpguestbook\Class_Guest_Book_LdvJarim.php:27
WordPress Hooks 7
actionadmin_initClass_Install_LdvJarim.php:25
actionadmin_menuClass_Install_LdvJarim.php:26
filterpage_attributes_dropdown_pages_argsClass_Page_Add_Templates_LdvJarim.php:54
filterwp_insert_post_dataClass_Page_Add_Templates_LdvJarim.php:60
filtertemplate_includeClass_Page_Add_Templates_LdvJarim.php:68
actionget_headerindex.php:58
actionplugins_loadedindex.php:95
Maintenance & Trust

LIBRO DE VISITAS – GUESTBOOK Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29
Last updatedJun 4, 2018
PHP min version5.2.4
Downloads7K

Community Trust

Rating80/100
Number of ratings3
Active installs40
Alternatives

LIBRO DE VISITAS – GUESTBOOK Alternatives

Gwolle Guestbook

Gwolle Guestbook

gwolle-gb

A
89

Gwolle Guestbook is the WordPress guestbook you've just been looking for. Beautiful and easy.

20K 7 CVEs
Reverse Order Comments

Reverse Order Comments

reverse-order-comments

A
85

Allows to display the comments in reverse order. Latest comment first, oldest last.

100 No CVEs
Simple Guestbook

Simple Guestbook

simple-guestbook

A
100

A simple guestbook plugin based on WordPress page comments.

70 No CVEs
Memorista

Memorista

memorista

A
100

Offer guestbook functionality on any WordPress site in just a few steps.

60 No CVEs
Comment Pub

Comment Pub

comment-pub

A
85

Create a guestbook or local avatars or unique comments. The images be will resized on upload and originals deleted.

20 No CVEs
Developer Profile

LIBRO DE VISITAS – GUESTBOOK Developer Profile

jarim

2 plugins · 60 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect LIBRO DE VISITAS – GUESTBOOK

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/libro-de-visitas-guestbook/css/style_ldvjarim.css/wp-content/plugins/libro-de-visitas-guestbook/js-php-phpguestbook/Class_Guest_Book_LdvJarim.js
Script Paths
/wp-content/plugins/libro-de-visitas-guestbook/js-php-phpguestbook/Class_Guest_Book_LdvJarim.js
Version Parameters
libro-de-visitas-guestbook/css/style_ldvjarim.css?ver=libro-de-visitas-guestbook/js-php-phpguestbook/Class_Guest_Book_LdvJarim.js?ver=

HTML / DOM Fingerprints

Data Attributes
data-page-id
JS Globals
ajax_object
FAQ

Frequently Asked Questions about LIBRO DE VISITAS – GUESTBOOK