Does PPM Testimonial have any unpatched vulnerabilities?

No. All known vulnerabilities in PPM Testimonial have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is PPM Testimonial compatible with WordPress 3.5.2?

According to WordPress.org data, PPM Testimonial 1.1 has been tested up to WordPress 3.5.2. Check the plugin's changelog for the latest compatibility information.

How often is PPM Testimonial updated?

PPM Testimonial was last updated on Jun 3, 2013. Frequent updates are generally a positive security signal.

What is PPM Testimonial's security score?

PPM Testimonial has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

PPM Testimonial Security & Risk Analysis

wordpress.org/plugins/ppm-testimonial

This plugin will add fade in out testimonials via shortcode in page or post.

90 active installs v1.1 PHP + WP 3.3+ Updated Jun 3, 2013

jquery-qhoutequotequote-rotatortestimonial-rotator

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is PPM Testimonial Safe to Use in 2026?

Generally Safe

Score 85/100

PPM Testimonial has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The "ppm-testimonial" plugin v1.1 exhibits a generally positive security posture with no known vulnerabilities or critical code signals identified in static analysis. The absence of dangerous functions, raw SQL queries, file operations, and external HTTP requests is commendable. However, a significant concern arises from the complete lack of output escaping, meaning any data processed by the plugin and displayed to users could be vulnerable to cross-site scripting (XSS) attacks. Additionally, the absence of nonce and capability checks, while not directly exploitable given the current limited attack surface, represents a missed opportunity for robust security practices and could become a weakness if new entry points are introduced in the future. The plugin's history of zero CVEs is a strong indicator of good development, but the identified output escaping issue warrants attention to maintain this record.

Key Concerns

Output escaping is not implemented
No nonce checks present
No capability checks present

Vulnerabilities

None known

PPM Testimonial Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

PPM Testimonial Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped1 total outputs

Attack Surface

PPM Testimonial Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[ppm_testimonial] plugin-hook.php:72

WordPress Hooks 5

actioninitplugin-hook.php:20

filtermce_external_pluginsplugin-hook.php:34

filtermce_buttonsplugin-hook.php:35

actioninitplugin-hook.php:47

actioninittestimonial-type.php:31

Maintenance & Trust

PPM Testimonial Maintenance & Trust

Maintenance Signals

WordPress version tested3.5.2

Last updatedJun 3, 2013

PHP min version

Downloads4K

Community Trust

Rating100/100

Number of ratings8

Active installs90

Alternatives

PPM Testimonial Alternatives

Kento Testimonial Slider

kento-testimonial-slider

Slide Your Unlimited Testimonial or Clients Feedback By using Shortcode Anywhere With Clients Thumbnail.

100 No CVEs

Kento Clients Feedback

kento-clients-feedback

Display Cleants Feedback or Testimonials

10 No CVEs

Calculated Fields Form

calculated-fields-form

The CFF plugin allows you to create both simple and professional forms. Its form builder includes dynamic calculated fields and many other controls.

40K 17 CVEs

wp-Typography

wp-typography

Improve your web typography with: hyphenation, space control, intelligent character replacement, and CSS hooks.

20K No CVEs

Product Enquiry for WooCommerce

product-enquiry-for-woocommerce

Product Enquiry allows prospective customers to "Make an Enquiry" about a product, or "Request a Quote" right from within the product page.

10K 1 CVE

Developer Profile

PPM Testimonial Developer Profile

perfectpointmarketing

5 plugins · 710 total installs

trust score

Avg Security Score

88/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect PPM Testimonial

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ppm-testimonial/css/ppm-testimonial-plugin-style.css/wp-content/plugins/ppm-testimonial/js/jquery.quote_rotator.js/wp-content/plugins/ppm-testimonial/js/ppm-tm-active.js/wp-content/plugins/ppm-testimonial/js/custom-button.js

Script Paths

/wp-content/plugins/ppm-testimonial/js/jquery.quote_rotator.js/wp-content/plugins/ppm-testimonial/js/ppm-tm-active.js/wp-content/plugins/ppm-testimonial/js/custom-button.js

Version Parameters

ppm-testimonial-plugin-style.css?ver=jquery.quote_rotator.js?ver=ppm-tm-active.js?ver=custom-button.js?ver=

HTML / DOM Fingerprints

Shortcode Output

<ul id="ppm_quotes"><li><blockquote></blockquote><cite></cite></li>

FAQ