Quick and Easy Testimonials Security & Risk Analysis
wordpress.org/plugins/quick-and-easy-testimonialsThis plugin provides a quick and easy way to add testimonials to your site.
Is Quick and Easy Testimonials Safe to Use in 2026?
Generally Safe
Score 100/100Quick and Easy Testimonials has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "quick-and-easy-testimonials" plugin, version 1.1.5, exhibits a strong security posture based on the provided static analysis. The absence of dangerous functions, file operations, and external HTTP requests, coupled with the exclusive use of prepared statements for SQL queries and a complete lack of taint flows, are significant strengths. The presence of nonce and capability checks on the identified entry points further bolsters its security.
However, a minor concern arises from the output escaping, where 23% of the outputs are not properly escaped. While this is not a critical issue given the absence of taint flows and SQL injection risks, it could potentially lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is directly rendered without proper sanitization in those unescaped outputs. The plugin's history of zero known vulnerabilities further reinforces its current safety, suggesting a consistent focus on secure development practices. Overall, the plugin is well-secured, with the only notable area for improvement being the consistent proper escaping of all output.
Key Concerns
- Outputs not properly escaped
Quick and Easy Testimonials Security Vulnerabilities
Quick and Easy Testimonials Code Analysis
Output Escaping
Quick and Easy Testimonials Attack Surface
Shortcodes 1
WordPress Hooks 12
Maintenance & Trust
Quick and Easy Testimonials Maintenance & Trust
Maintenance Signals
Community Trust
Quick and Easy Testimonials Alternatives
Reviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor, and More
reviews-feed
No API key required. Display Yelp and Google reviews for any business in a clean, customizable feed on your site.
Rich Showcase for Google Reviews
widget-google-reviews
Display up to 10 Google reviews in less than a minute. Continue collecting new reviews. No limits on connected places, widgets, shortcodes and blocks.
Site Reviews
site-reviews
Site Reviews is a complete review management solution that integrates with WooCommerce and SureCart and works similarly to reviews on Amazon, Tripadvi …
WP Google Review Slider
wp-google-places-review-slider
Display Google reviews on your site and even show user images! No address, no problem! Also works with Service Area Businesses and Products! Lightwei …
WP Customer Reviews
wp-customer-reviews
Allows your visitors to leave business / product reviews. Testimonials are in Microdata / Microformat and may display star ratings in search results.
Quick and Easy Testimonials Developer Profile
7 plugins · 17K total installs
How We Detect Quick and Easy Testimonials
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/quick-and-easy-testimonials/public/css/quick-and-easy-testimonials-public.cssquick-and-easy-testimonials/public/css/quick-and-easy-testimonials-public.css?ver=HTML / DOM Fingerprints
qe-testimonial-wrapperqe-testimonial-metaqe-testimonial-imgqe-testimonial-authorqe-testimonial-nameqe-testimonial-bylineqe-testimonial-textid="qe-testimonial-target="_blank"<div id="qe-testimonial-<div class="qe-testimonial-wrapper">