Does Reservation have any unpatched vulnerabilities?

No. All known vulnerabilities in Reservation have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Reservation compatible with WordPress 5.2.24?

According to WordPress.org data, Reservation 1.0 has been tested up to WordPress 5.2.24. Check the plugin's changelog for the latest compatibility information.

Is Reservation compatible with PHP 5.6+?

Reservation requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Reservation updated?

Reservation was last updated on Dec 19, 2019. Frequent updates are generally a positive security signal.

What is Reservation's security score?

Reservation has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Reservation Security & Risk Analysis

wordpress.org/plugins/reservation

Navotar Car Rental Reservation Plugin enables you to get your car rental reservations directly from your website which is synced real time with the Ca …

100 active installs v1.0 PHP 5.6+ WP 4.9+ Updated Dec 19, 2019

car-rental-reservation-plugincar-rental-softwareonline-car-rental-pluginonline-reservation-modulewordpress-car-rental-plugin

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Reservation Safe to Use in 2026?

Generally Safe

Score 85/100

Reservation has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago

Risk Assessment

The "reservation" v1.0 plugin presents a mixed security posture. On the positive side, the plugin demonstrates good security practices by utilizing prepared statements for all SQL queries and implementing nonces and capability checks on a significant number of entry points. The absence of known CVEs and historically unpatched vulnerabilities is also a strong indicator of diligent security development and maintenance. However, the static analysis reveals some areas of concern that warrant attention.

The taint analysis flags two high-severity flows with unsanitized paths. While these are not classified as critical, unsanitized paths can lead to various vulnerabilities if user-controlled input is not properly validated or escaped before being used in sensitive operations. The plugin also exhibits a relatively high rate of unescaped output at 19%, which could expose users to Cross-Site Scripting (XSS) vulnerabilities if certain output is rendered without proper sanitization.

In conclusion, while the plugin has a solid foundation with respect to SQL injection prevention and access control for its entry points, the identified high-severity taint flows and the proportion of unescaped output represent potential risks. Addressing these specific findings is crucial for improving the plugin's overall security and mitigating potential exploitation.

Key Concerns

High severity unsanitized paths in taint analysis
Unescaped output (19%)

Vulnerabilities

None known

Reservation Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Reservation Code Analysis

Dangerous Functions

Raw SQL Queries

3 prepared

Unescaped Output

134

564 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared3 total queries

Output Escaping

81% escaped698 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

10 flows3 with unsanitized paths

NTRAreservationGetHours (include\get_hour.php:6)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Reservation Attack Surface

Entry Points32

Unprotected0

AJAX Handlers 30

noprivwp_ajax_NTRAGetCountryinclude\country.php:3

authwp_ajax_NTRAGetCountryinclude\country.php:4

noprivwp_ajax_NTRAGetStateinclude\country.php:55

authwp_ajax_NTRAGetStateinclude\country.php:56

noprivwp_ajax_NTRAcreateReservtioninclude\createReservation.php:4

authwp_ajax_NTRAcreateReservtioninclude\createReservation.php:5

noprivwp_ajax_NTRAreservationGetHoursinclude\get_hour.php:4

authwp_ajax_NTRAreservationGetHoursinclude\get_hour.php:5

noprivwp_ajax_NTRALocationCheckinginclude\location.php:3

authwp_ajax_NTRALocationCheckinginclude\location.php:4

noprivwp_ajax_NTRALocationdropoffinclude\location.php:56

authwp_ajax_NTRALocationdropoffinclude\location.php:57

noprivwp_ajax_NTRAreservationLogininclude\login.php:2

authwp_ajax_NTRAreservationLogininclude\login.php:3

noprivwp_ajax_NTRAmisChargesinclude\mscharges.php:4

authwp_ajax_NTRAmisChargesinclude\mscharges.php:5

noprivwp_ajax_NTRAreservationPromoinclude\promocode.php:6

authwp_ajax_NTRAreservationPromoinclude\promocode.php:7

noprivwp_ajax_NTRApromoinclude\promocode.php:84

authwp_ajax_NTRApromoinclude\promocode.php:85

noprivwp_ajax_NTRAreservationReserveinclude\reserve.php:3

authwp_ajax_NTRAreservationReserveinclude\reserve.php:4

noprivwp_ajax_NTRAreservationSummaryinclude\summary.php:22

authwp_ajax_NTRAreservationSummaryinclude\summary.php:23

noprivwp_ajax_NTRAreservationTermsinclude\terms.php:3

authwp_ajax_NTRAreservationTermsinclude\terms.php:4

noprivwp_ajax_NTRAlistVicheleinclude\vehicle.php:3

authwp_ajax_NTRAlistVicheleinclude\vehicle.php:4

noprivwp_ajax_NTRAvicheleListinclude\vicheleList.php:4

authwp_ajax_NTRAvicheleListinclude\vicheleList.php:5

Shortcodes 2

[navotarBoxSearch] include\shortcode.php:243

[navotarRectSearch] include\shortcode.php:372

WordPress Hooks 19

actionadmin_initadmin\setting\options.php:7

actionadmin_initadmin\setting\options.php:8

actionadmin_initadmin\setting\options.php:9

actionadmin_initadmin\setting\options.php:10

actionadmin_initadmin\setting\options.php:11

actioninitinclude\login.php:110

actionhttp_api_curlinclude\summary.php:5

filterhttp_request_timeoutinclude\summary.php:11

filterhttp_request_argsinclude\summary.php:16

actioninitreservation.php:37

actionwp_headreservation.php:38

actioninitreservation.php:39

actionadmin_menureservation.php:40

actionwp_enqueue_scriptsreservation.php:41

actionadmin_initreservation.php:42

filtertemplate_includereservation.php:43

actionadmin_enqueue_scriptsreservation.php:44

actionadmin_enqueue_scriptsreservation.php:45

actionwp_headreservation.php:46

Maintenance & Trust

Reservation Maintenance & Trust

Maintenance Signals

WordPress version tested5.2.24

Last updatedDec 19, 2019

PHP min version5.6

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs100

Alternatives

Reservation Alternatives

Ibexrentacar

ibexrentacar

Turn your WordPress blog into a full online booking system connected to your Ibexrentacar. Technology and innovation for your car rental company.

10 No CVEs

Sofcar for WP

sofcar-for-wp

Sofcar is a customizable car rental booking engine with online payment gateways, automatic email notifications, fully compatible with all WordPress Th …

10 No CVEs

Developer Profile

Reservation Developer Profile

Navotar

1 plugin · 100 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Reservation

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/reservation/css/font.css/wp-content/plugins/reservation/css/jquery.datetimepicker.min.css/wp-content/plugins/reservation/js/ajax.js/wp-content/plugins/reservation/js/datepick.js/wp-content/plugins/reservation/js/jquery.datetimepicker.js/wp-content/plugins/reservation/css/adminstyle.css/wp-content/plugins/reservation/js/my-script.js/wp-content/plugins/reservation/js/nicEdit.js

Script Paths

site_urlplugin_url

Version Parameters

adminstyle.css?ver=my-script.js?ver=

HTML / DOM Fingerprints

CSS Classes

navotarcol-md-5checkboxbtnbtn-default

HTML Comments

Data Attributes

data-toggledata-target

JS Globals

site_urlplugin_urlMS_Ajax

Shortcode Output

<div class="navotar"><div id="error10"<div class="nicEdit-panel<div id="nicEdit_reserver_content"

FAQ