WP-Safety

PiWeb Customer review / Product review for WooCommerce Security & Risk Analysis

wordpress.org/plugins/product-review-for-woocommerce

Send a reminder email to customers for WooCommerce product reviews. You can send manual reminders or configure the plugin to send automatic review rem …

10 active installs v1.0.64 PHP 7.5+ WP 6.0+ Updated Mar 12, 2026
customer-reviewsreview-for-discountreview-pluginreview-reminderwoocommerce-review
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is PiWeb Customer review / Product review for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

PiWeb Customer review / Product review for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 22d ago
Risk Assessment

The product-review-for-woocommerce plugin, version 1.0.64, demonstrates a generally good security posture with strong adherence to secure coding practices. The plugin exclusively uses prepared statements for all its SQL queries and exhibits excellent output escaping, with 96% of outputs being properly escaped. Furthermore, the absence of any known CVEs in its history and no reported vulnerabilities indicates a stable and well-maintained codebase. The plugin also avoids the use of dangerous functions, file operations, and external HTTP requests, which are common vectors for attacks.

However, there are a few areas that warrant attention. The plugin exposes 12 AJAX handlers, and a significant portion (4) of these lack authentication checks. This presents a potential attack surface where unauthenticated users might be able to trigger sensitive actions. While no critical or high severity taint flows were identified, and the majority of code signals indicate robust security, the presence of unprotected AJAX endpoints remains a concern that could be exploited if not properly handled by the WordPress environment or other security measures.

In conclusion, this plugin is commendably secure in many aspects, particularly its database interactions and output handling. The vulnerability history further reinforces its reliability. The primary weakness lies in the unprotected AJAX endpoints, which, while not directly leading to critical issues in static analysis, represent a direct pathway for potential misuse. Addressing these unprotected entry points would further strengthen the plugin's overall security.

Key Concerns

  • Unprotected AJAX handlers
Vulnerabilities
None known

PiWeb Customer review / Product review for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

PiWeb Customer review / Product review for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
16 prepared
Unescaped Output
26
581 escaped
Nonce Checks
10
Capability Checks
7
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared16 total queries

Output Escaping

96% escaped607 total outputs
Data Flows
All sanitized

Data Flow Analysis

18 flows
tab (admin\class-blacklist.php:63)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
4 unprotected

PiWeb Customer review / Product review for WooCommerce Attack Surface

Entry Points12
Unprotected4

AJAX Handlers 12

authwp_ajax_pisol_review_remove_scheduled_reminderadmin\class-autoreminder.php:24
authwp_ajax_pisol_review_add_black_listed_emailadmin\class-blacklist.php:47
authwp_ajax_pisol_review_remove_black_listed_emailadmin\class-blacklist.php:49
authwp_ajax_pisol_review_add_edit_review_parameteradmin\class-customreview.php:47
authwp_ajax_pisol_review_delete_review_parameteradmin\class-customreview.php:49
authwp_ajax_pisol_review_send_review_reminderadmin\class-manualreminder.php:29
authwp_ajax_pisol_review_add_to_blacklistadmin\class-manualreminder.php:31
authwp_ajax_pisol_review_remove_from_blacklistadmin\class-manualreminder.php:32
authwp_ajax_load_reviews_by_pagepublic\class-reviewdisplay.php:30
noprivwp_ajax_load_reviews_by_pagepublic\class-reviewdisplay.php:31
authwp_ajax_pisol_submit_reviewpublic\class-reviewform.php:24
noprivwp_ajax_pisol_submit_reviewpublic\class-reviewform.php:25
WordPress Hooks 56
actionpisol_review_send_auto_reminderadmin\class-autoreminder.php:20
actionwoocommerce_order_status_changedadmin\class-autoreminder.php:22
actionadmin_post_pisol_review_unsubscribeadmin\class-blacklist.php:51
actionpisol_custom_field_review_editoradmin\class-customfields.php:18
actionpisol_custom_field_review_past_reminder_statsadmin\class-customfields.php:20
actionadmin_post_pisol_review_unsubscribeadmin\class-customreview.php:51
actionproduct_cat_add_form_fieldsadmin\class-customreview.php:53
actionproduct_cat_edit_form_fieldsadmin\class-customreview.php:55
actioncreated_product_catadmin\class-customreview.php:57
actionedited_product_catadmin\class-customreview.php:58
actionadmin_footeradmin\class-formmaker.php:444
filtermanage_edit-shop_order_columnsadmin\class-manualreminder.php:21
filtermanage_woocommerce_page_wc-orders_columnsadmin\class-manualreminder.php:22
actionmanage_shop_order_posts_custom_columnadmin\class-manualreminder.php:24
actionmanage_woocommerce_page_wc-orders_custom_columnadmin\class-manualreminder.php:25
actionadmin_enqueue_scriptsadmin\class-manualreminder.php:27
actionadmin_menuadmin\class-menu.php:18
actioninitadmin\class-myaccount.php:35
actionupdate_option_pisol_review_show_order_review_sectionadmin\class-myaccount.php:44
actionupdate_option_pisol_review_end_pointadmin\class-myaccount.php:45
actioninitadmin\class-pastorderreminder.php:37
filtercron_schedulesadmin\class-pastorderreminder.php:45
actionwp_loadedadmin\class-pastorderreminder.php:47
actionpisol_review_send_past_order_reminderadmin\class-pastorderreminder.php:49
actioninitadmin\class-reviewdisplay.php:33
actionpisol_review_email_headeradmin\class-reviewemail.php:27
actionpisol_review_email_footeradmin\class-reviewemail.php:28
filterwoocommerce_email_stylesadmin\class-reviewemail.php:29
filterwoocommerce_email_from_addressadmin\class-reviewemail.php:44
filterwoocommerce_email_from_nameadmin\class-reviewemail.php:45
actioninitadmin\class-reviewemailsetting.php:34
actioninitadmin\class-reviewform.php:33
actioninitadmin\class-reviewreminder.php:34
filtermanage_edit-shop_order_columnsadmin\class-reviewstats.php:19
filtermanage_woocommerce_page_wc-orders_columnsadmin\class-reviewstats.php:20
actionmanage_shop_order_posts_custom_columnadmin\class-reviewstats.php:22
actionmanage_woocommerce_page_wc-orders_custom_columnadmin\class-reviewstats.php:23
actionadmin_noticesclasses\review.php:106
actionadmin_noticesproduct-review-for-woocommerce.php:35
actionbefore_woocommerce_initproduct-review-for-woocommerce.php:48
actionadmin_initproduct-review-for-woocommerce.php:64
actionplugins_loadedpublic\class-blacklistdb.php:26
filterwoocommerce_account_menu_itemspublic\class-myaccount.php:31
actioninitpublic\class-myaccount.php:33
filtercomments_templatepublic\class-reviewdisplay.php:22
filterwc_get_templatepublic\class-reviewdisplay.php:24
actionwp_enqueue_scriptspublic\class-reviewdisplay.php:26
filterwoocommerce_product_tabspublic\class-reviewdisplay.php:28
filteroption_page_commentspublic\class-reviewdisplay.php:33
actioninitpublic\class-reviewform.php:21
filtertemplate_includepublic\class-reviewform.php:22
actionwp_enqueue_scriptspublic\class-reviewform.php:27
actionwoocommerce_checkout_terms_and_conditionspublic\class-reviewpermission.php:21
filterwoocommerce_checkout_posted_datapublic\class-reviewpermission.php:23
actionwoocommerce_checkout_update_order_metapublic\class-reviewpermission.php:25
actionwoocommerce_checkout_processpublic\class-reviewpermission.php:27

Scheduled Events 2

pisol_review_send_auto_reminder
pisol_review_send_past_order_reminder
Maintenance & Trust

PiWeb Customer review / Product review for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 12, 2026
PHP min version7.5
Downloads2K

Community Trust

Rating100/100
Number of ratings1
Active installs10
Alternatives

PiWeb Customer review / Product review for WooCommerce Alternatives

Customer Reviews for WooCommerce

Customer Reviews for WooCommerce

customer-reviews-woocommerce

A
88

Customer Reviews for WooCommerce plugin helps you get more sales with social proof. Set up automated review reminders and increase conversion rate.

80K 19 CVEs
Photo Reviews for WooCommerce

Photo Reviews for WooCommerce

woo-photo-reviews

A
100

Let customers attach photos to reviews, enhanced with filterable grids and overall ratings. Auto-send review reminders and coupon emails

10K No CVEs
ReviewX – Multi-Criteria Reviews for WooCommerce with Google Reviews & Schema

ReviewX – Multi-Criteria Reviews for WooCommerce with Google Reviews & Schema

reviewx

A
93

Drive woocommerce business growth with social proof: gather product reviews with multicriteria ratings, auto-reminder emails, discounts, and more.

9K 9 CVEs
Customer Reviews Collector for WooCommerce

Customer Reviews Collector for WooCommerce

customer-reviews-collector-for-woocommerce

A
99

Collect reviews on Google, Facebook, Yelp, Trustindex and other platforms automatically, with the help of our system.

5K 1 CVE
WiserReview Product Reviews for WooCommerce

WiserReview Product Reviews for WooCommerce

wiser-review

A
100

Collect, manage, and display powerful product reviews and testimonials for WooCommerce stores. Boost trust and conversion with automated review collec …

700 No CVEs
Developer Profile

PiWeb Customer review / Product review for WooCommerce Developer Profile

PI Web Solution

30 plugins · 93K total installs

78
trust score
Avg Security Score
99/100
Avg Patch Time
235 days
View full developer profile
Detection Fingerprints

How We Detect PiWeb Customer review / Product review for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/product-review-for-woocommerce/public/js/script.js/wp-content/plugins/product-review-for-woocommerce/admin/css/style.css/wp-content/plugins/product-review-for-woocommerce/admin/js/bootstrap.js
Script Paths
/wp-content/plugins/product-review-for-woocommerce/public/js/script.js/wp-content/plugins/product-review-for-woocommerce/admin/js/bootstrap.js
Version Parameters
product-review-for-woocommerce/public/js/script.js?ver=product-review-for-woocommerce/admin/css/style.css?ver=product-review-for-woocommerce/admin/js/bootstrap.js?ver=

HTML / DOM Fingerprints

CSS Classes
pisol-review-admin-formpisol-review-pro-feature
HTML Comments
version 3.11 work with bootstrap
Data Attributes
data-pisol-review-fielddata-pisol-review-slug
JS Globals
PISOL_REVIEW_VERSIONPISOL_REVIEW_SLUGPISOL_REVIEW_NAMEPISOL_REVIEW_URLPISOL_REVIEW_PATHPISOL_REVIEW_BASE_DIR
FAQ

Frequently Asked Questions about PiWeb Customer review / Product review for WooCommerce