WP-Safety

OmniReview – Fetch Reviews From Anywhere Security & Risk Analysis

wordpress.org/plugins/omnireview

OmniReview lets you collect, sync, manage and display reviews from multiple platforms using customizable widgets.

0 active installs v1.0.1 PHP 7.4+ WP 5.0+ Updated Unknown
omnireviewratingreviewstestimonialswidgets
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is OmniReview – Fetch Reviews From Anywhere Safe to Use in 2026?

Generally Safe

Score 100/100

OmniReview – Fetch Reviews From Anywhere has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The omnireview plugin, version 1.0.1, exhibits a generally good security posture based on the provided static analysis and vulnerability history. The plugin demonstrates robust security practices by implementing nonce and capability checks on all identified entry points, including AJAX handlers. The presence of 15 nonce and 15 capability checks across 12 entry points indicates a strong focus on authorization and input validation. Furthermore, the absence of any recorded CVEs, unpatched vulnerabilities, or common vulnerability types suggests a history of stable and secure development. The use of prepared statements in 60% of SQL queries is also a positive sign, mitigating risks associated with SQL injection. However, the analysis does highlight a potential concern with the presence of the `unserialize` function, which can be a vector for deserialization vulnerabilities if not handled with extreme care and sanitization of its input. While no critical or high severity taint flows were detected, the single flow with unsanitized paths warrants attention. The plugin also makes 2 external HTTP requests, which could be a risk if the target endpoints are compromised or if data is sent insecurely. Overall, omnireview appears to be a relatively secure plugin, but the use of `unserialize` and the single identified unsanitized path are areas that require careful consideration and potential remediation.

Key Concerns

  • Use of unserialize function
  • Flow with unsanitized paths
  • External HTTP requests
Vulnerabilities
None known

OmniReview – Fetch Reviews From Anywhere Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

OmniReview – Fetch Reviews From Anywhere Code Analysis

Dangerous Functions
4
Raw SQL Queries
4
6 prepared
Unescaped Output
96
305 escaped
Nonce Checks
15
Capability Checks
15
File Operations
0
External Requests
2
Bundled Libraries
0

Dangerous Functions Found

unserialize$reviews_list = unserialize($post_meta['omnireview_total_reviews'][0]);includes\class-omnireview-widget.php:322
unserialize$platform_id = unserialize($collection_data['omnireview_platform_ids'][0]);includes\class-omnireview-widget.php:948
unserialize$total_reviews = unserialize($collection_data['omnireview_total_reviews'][0]);includes\class-omnireview-widget.php:956
unserialize$omnireview_total_re = unserialize($collection_data['omnireview_total_reviews'][0]);includes\class-omnireview-widget.php:1018

SQL Query Safety

60% prepared10 total queries

Output Escaping

76% escaped401 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

4 flows1 with unsanitized paths
<class-omnireview-admin> (includes\class-omnireview-admin.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

OmniReview – Fetch Reviews From Anywhere Attack Surface

Entry Points12
Unprotected0

AJAX Handlers 10

authwp_ajax_omnireview_run_syncincludes\class-omnireview-admin.php:12
authwp_ajax_omnireview_clear_cacheincludes\class-omnireview-admin.php:14
authwp_ajax_omnireview_force_resyncincludes\class-omnireview-admin.php:15
authwp_ajax_omnireview_export_settingsincludes\class-omnireview-admin.php:16
authwp_ajax_omnireview_import_settingsincludes\class-omnireview-admin.php:17
authwp_ajax_omnireview_clear_logsincludes\class-omnireview-admin.php:18
authwp_ajax_omnireview_test_connectionincludes\class-omnireview-admin.php:20
authwp_ajax_omnireview_send_support_messageincludes\class-omnireview-admin.php:26
authwp_ajax_omnireview_manual_syncincludes\class-omnireview-sync.php:7
authwp_ajax_omnireview_add_to_widgetincludes\class-omnireview-widget.php:14

Shortcodes 2

[omnireview_widget] includes\class-omnireview-frontend.php:6
[omnireview_widget] includes\class-omnireview-widget.php:16
WordPress Hooks 28
actionadmin_initincludes\class-omnireview-admin.php:8
actionadmin_headincludes\class-omnireview-admin.php:9
actionadmin_menuincludes\class-omnireview-admin.php:10
actionadmin_enqueue_scriptsincludes\class-omnireview-admin.php:11
actionomnireview_cron_syncincludes\class-omnireview-admin.php:22
actionadmin_initincludes\class-omnireview-admin.php:24
filtercron_schedulesincludes\class-omnireview-admin.php:117
actionomnireview_sync_reviewsincludes\class-omnireview-cron.php:6
actioninitincludes\class-omnireview-loader.php:20
actionplugins_loadedincludes\class-omnireview-loader.php:23
actioninitincludes\class-omnireview-reviews.php:14
actioninitincludes\class-omnireview-reviews.php:15
actionadd_meta_boxesincludes\class-omnireview-reviews.php:16
actionsave_post_omnireview_reviewincludes\class-omnireview-reviews.php:17
filtermanage_omnireview_review_posts_columnsincludes\class-omnireview-reviews.php:18
actionmanage_omnireview_review_posts_custom_columnincludes\class-omnireview-reviews.php:19
actionadd_meta_boxesincludes\class-omnireview-reviews.php:20
actionsave_post_omnireview_reviewincludes\class-omnireview-reviews.php:21
actioninitincludes\class-omnireview-widget.php:8
actionadmin_menuincludes\class-omnireview-widget.php:9
actionmanage_omnireview_widget_posts_custom_columnincludes\class-omnireview-widget.php:10
filtermanage_omnireview_widget_posts_columnsincludes\class-omnireview-widget.php:11
filterget_edit_post_linkincludes\class-omnireview-widget.php:12
actionadmin_enqueue_scriptsincludes\class-omnireview-widget.php:13
actionadmin_initincludes\class-omnireview-widget.php:15
actionomnireview_set_collection_card_heightincludes\class-omnireview-widget.php:17
actionwp_enqueue_scriptsincludes\class-omnireview-widget.php:26
actionwp_headincludes\class-omnireview-widget.php:49

Scheduled Events 2

omnireview_cron_sync
omnireview_sync_reviews
Maintenance & Trust

OmniReview – Fetch Reviews From Anywhere Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedUnknown
PHP min version7.4
Downloads194

Community Trust

Rating100/100
Number of ratings1
Active installs0
Alternatives

OmniReview – Fetch Reviews From Anywhere Alternatives

Site Reviews

Site Reviews

site-reviews

A
96

Site Reviews is a complete review management solution that integrates with WooCommerce and SureCart and works similarly to reviews on Amazon, Tripadvi &hellip;

70K 13 CVEs
WP Testimonials

WP Testimonials

testimonial-widgets

A
99

Display your Testimonials on your website fast and easily. 21 widget types, 25 widget styles available. (Free Plugin)

10K 2 CVEs
Better Business Reviews – Trustpilot WordPress Plugin

Better Business Reviews – Trustpilot WordPress Plugin

better-business-reviews

A
99

Better Business Reviews allows you to display your business reviews from a Trustpilot profile.

3K 1 CVE
Gutena Star Ratings

Gutena Star Ratings

gutena-star-ratings

A
100

Gutena Star Ratings is a great block that lets you add star rating to client testimonials and reviews. Not only the star rating will tell customers ho &hellip;

1K No CVEs
Review & testimonial widgets

Review & testimonial widgets

trustmary

A
91

Add reviews to your website with Trustmary’s review and testimonial widgets: Google Review Widget, Facebook Review Widget, Tripadvisor Review Widget, &hellip;

1K 1 CVE
Developer Profile

OmniReview – Fetch Reviews From Anywhere Developer Profile

Magazine3

13 plugins · 739K total installs

76
trust score
Avg Security Score
95/100
Avg Patch Time
327 days
View full developer profile
Detection Fingerprints

How We Detect OmniReview – Fetch Reviews From Anywhere

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/omnireview/assets/css/omnireview-admin.css/wp-content/plugins/omnireview/assets/js/omnireview-admin.js/wp-content/plugins/omnireview/assets/css/omnireview-public.css/wp-content/plugins/omnireview/assets/js/omnireview-public.js
Script Paths
/wp-content/plugins/omnireview/assets/js/omnireview-admin.js/wp-content/plugins/omnireview/assets/js/omnireview-public.js
Version Parameters
omnireview/assets/css/omnireview-admin.css?ver=omnireview/assets/js/omnireview-admin.js?ver=omnireview/assets/css/omnireview-public.css?ver=omnireview/assets/js/omnireview-public.js?ver=

HTML / DOM Fingerprints

CSS Classes
omnireview-widgetomnireview-settings-page
HTML Comments
<!-- OmniReview Widget Start --><!-- OmniReview Widget End -->
Data Attributes
data-omnireview-widget-id
JS Globals
omnireview_ajax_object
REST Endpoints
/wp-json/omnireview/v1/get-reviews
Shortcode Output
[omnireview]
FAQ

Frequently Asked Questions about OmniReview – Fetch Reviews From Anywhere