Does Press Release Reviews have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Press Release Reviews compatible with WordPress 6.7.5?

According to WordPress.org data, Press Release Reviews 1.0.0 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

How often is Press Release Reviews updated?

Press Release Reviews was last updated on Jan 25, 2025. Frequent updates are generally a positive security signal.

What is Press Release Reviews's security score?

Press Release Reviews has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Press Release Reviews Security & Risk Analysis

wordpress.org/plugins/press-release-reviews

Display press releases from Pressreleasereviews.com on your pages or sidebar

0 active installs v1.0.0 PHP + WP 2.1+ Updated Jan 25, 2025

pr-reviewspress-release-reviewspress-reviews

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Press Release Reviews Safe to Use in 2026?

Generally Safe

Score 92/100

Press Release Reviews has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "press-release-reviews" v1.0.0 plugin exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices by utilizing prepared statements for all SQL queries, escaping a high percentage of its outputs, and having no known vulnerabilities in its history. This suggests a development team that is at least partially aware of common security pitfalls.

However, a significant concern is the presence of a single AJAX handler that lacks authentication checks. This creates a direct attack vector where an unauthenticated user could potentially interact with this handler and trigger unintended actions or expose sensitive information, depending on the functionality. The absence of any taint analysis results is also noteworthy; while this could indicate clean code, it's also possible that the analysis tools or methods used were not comprehensive enough to detect subtle vulnerabilities. The lack of capability checks further reinforces the concern regarding the unprotected AJAX endpoint.

Overall, while the plugin's historical record is clean and it avoids several common pitfalls like raw SQL and unescaped output, the unprotected AJAX endpoint presents a clear and immediate risk. This weakness significantly overshadows the positive aspects, requiring prompt attention to secure this entry point. Future development should prioritize implementing proper authentication and authorization checks for all user-facing endpoints.

Key Concerns

Unprotected AJAX handler
Missing capability checks

Vulnerabilities

None known

Press Release Reviews Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Press Release Reviews Release Timeline

No version history available.

Code Analysis

Analyzed Apr 16, 2026

Press Release Reviews Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

6 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

86% escaped7 total outputs

Attack Surface

1 unprotected

Press Release Reviews Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_prwirepro_form_responseinc/core/class-init.php:485

WordPress Hooks 8

actionplugins_loadedinc/core/class-init.php:381

actionadmin_enqueue_scriptsinc/core/class-init.php:445

actionadmin_enqueue_scriptsinc/core/class-init.php:449

actionadmin_menuinc/core/class-init.php:461

actionadmin_post_prwirepro_form_responseinc/core/class-init.php:473

actionadmin_noticesinc/core/class-init.php:497

actionwp_enqueue_scriptsinc/core/class-init.php:549

actionwp_enqueue_scriptsinc/core/class-init.php:553

Maintenance & Trust

Press Release Reviews Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedJan 25, 2025

PHP min version

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Press Release Reviews Alternatives

Wiremo – Customer reviews for WordPress

wp-reviews-by-wiremo

Customer review platform for WordPress. Automatically gather, control and display your best reviews without tech hassles. Free up time to grow your br …

30 No CVEs

Review Deck

review-deck

100

Manage and display customer reviews using shortcodes. Includes form, list, slider, masonry, column, summary, and floating widget display options.

10 No CVEs

Developer Profile

Press Release Reviews Developer Profile

lightimagemedia

16 plugins · 1K total installs

trust score

Avg Security Score

91/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Press Release Reviews

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/press-release-reviews/inc/admin/css/prwirepro-press_release_reviews-admin.css/wp-content/plugins/press-release-reviews/inc/admin/js/prwirepro-press_release_reviews-ajax-handler.js

Script Paths

/wp-content/plugins/press-release-reviews/inc/admin/js/prwirepro-press_release_reviews-ajax-handler.js

Version Parameters

press-release-reviews/inc/admin/css/prwirepro-press_release_reviews-admin.css?ver=press-release-reviews/inc/admin/js/prwirepro-press_release_reviews-ajax-handler.js?ver=

HTML / DOM Fingerprints

HTML Comments

Data Attributes

data-page-title="Press Release Reviews"data-menu-title="Press Release Reviews"data-capability="manage_options"data-menu-slug="prwirepro-press_release_reviews"data-parent-slug="prwirepro-press_release_reviews"data-page-title="Press Release Reviews"+9 more

JS Globals

params

FAQ