WP-Safety

Responsive Testimonials Security & Risk Analysis

wordpress.org/plugins/responsive-testimonials

A responsive, clean and easy way to display testimonials. Create testimonials, add authors and their jobs and copy-paste the shortcode into any page.

400 active installs v1.3 PHP + WP 3.6+ Updated Jan 29, 2026
client-testimonialscustomersrecommendationsreviewstestimonials
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Responsive Testimonials Safe to Use in 2026?

Generally Safe

Score 100/100

Responsive Testimonials has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The "responsive-testimonials" plugin v1.3 exhibits a generally positive security posture with several strong security practices in place. The absence of known CVEs and critical taint flows is a significant strength, suggesting a history of responsible development and maintenance. Furthermore, the code analysis reveals a relatively small attack surface with no unprotected entry points. The implementation of prepared statements for all SQL queries and the presence of nonce and capability checks are commendable.

However, a notable concern lies in the output escaping. With 72% of outputs properly escaped, there's a 28% chance of unsanitized data being rendered. This could lead to Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is not adequately sanitized before display. While no critical taint flows were detected, this percentage of unescaped output represents a potential risk that warrants attention. The plugin's lack of historical vulnerabilities is a positive indicator, but the current static analysis highlights a specific area for improvement.

In conclusion, the "responsive-testimonials" plugin v1.3 is in a good security state, particularly regarding SQL injection and unauthorized access. The primary area for improvement is to ensure 100% output escaping across all data displayed by the plugin. Addressing this would significantly bolster its security defenses.

Key Concerns

  • Incomplete output escaping (28% unescaped)
Vulnerabilities
None known

Responsive Testimonials Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Responsive Testimonials Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
46
119 escaped
Nonce Checks
3
Capability Checks
6
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

72% escaped165 total outputs
Attack Surface

Responsive Testimonials Attack Surface

Entry Points3
Unprotected0

AJAX Handlers 2

authwp_ajax_cmb2_oembed_handlerinc\cmb2\includes\CMB2_Ajax.php:51
noprivwp_ajax_cmb2_oembed_handlerinc\cmb2\includes\CMB2_Ajax.php:52

Shortcodes 1

[ttml] ttml.php:272
WordPress Hooks 49
filterwp_prepare_attachment_for_jsinc\cmb2\includes\CMB2.php:1549
actionadmin_enqueue_scriptsinc\cmb2\includes\CMB2.php:1567
actioncmb2_save_options-page_fieldsinc\cmb2\includes\CMB2_Ajax.php:54
filterget_post_metadatainc\cmb2\includes\CMB2_Ajax.php:147
filterupdate_post_metadatainc\cmb2\includes\CMB2_Ajax.php:150
filtercmb2_show_oninc\cmb2\includes\CMB2_Hookup.php:79
actionedit_form_topinc\cmb2\includes\CMB2_Hookup.php:115
actionedit_form_before_permalinkinc\cmb2\includes\CMB2_Hookup.php:119
actionedit_form_after_titleinc\cmb2\includes\CMB2_Hookup.php:123
actionedit_form_after_editorinc\cmb2\includes\CMB2_Hookup.php:127
actionadd_meta_boxesinc\cmb2\includes\CMB2_Hookup.php:131
actionadd_meta_boxesinc\cmb2\includes\CMB2_Hookup.php:134
actionadd_attachmentinc\cmb2\includes\CMB2_Hookup.php:135
actionedit_attachmentinc\cmb2\includes\CMB2_Hookup.php:136
actionsave_postinc\cmb2\includes\CMB2_Hookup.php:137
actionpre_get_postsinc\cmb2\includes\CMB2_Hookup.php:144
actionadd_meta_boxes_commentinc\cmb2\includes\CMB2_Hookup.php:152
actionedit_commentinc\cmb2\includes\CMB2_Hookup.php:153
filtermanage_edit-comments_columnsinc\cmb2\includes\CMB2_Hookup.php:156
actionmanage_comments_custom_columninc\cmb2\includes\CMB2_Hookup.php:157
filtermanage_edit-comments_sortable_columnsinc\cmb2\includes\CMB2_Hookup.php:158
actionpre_get_postsinc\cmb2\includes\CMB2_Hookup.php:159
actionshow_user_profileinc\cmb2\includes\CMB2_Hookup.php:168
actionedit_user_profileinc\cmb2\includes\CMB2_Hookup.php:169
actionuser_new_forminc\cmb2\includes\CMB2_Hookup.php:170
actionpersonal_options_updateinc\cmb2\includes\CMB2_Hookup.php:172
actionedit_user_profile_updateinc\cmb2\includes\CMB2_Hookup.php:173
actionuser_registerinc\cmb2\includes\CMB2_Hookup.php:174
filtermanage_users_columnsinc\cmb2\includes\CMB2_Hookup.php:177
filtermanage_users_custom_columninc\cmb2\includes\CMB2_Hookup.php:178
filtermanage_users_sortable_columnsinc\cmb2\includes\CMB2_Hookup.php:179
actionpre_get_postsinc\cmb2\includes\CMB2_Hookup.php:180
actionpre_get_postsinc\cmb2\includes\CMB2_Hookup.php:226
actioncreated_terminc\cmb2\includes\CMB2_Hookup.php:230
actionedited_termsinc\cmb2\includes\CMB2_Hookup.php:231
actiondelete_terminc\cmb2\includes\CMB2_Hookup.php:232
actioncmb2_do_oembedinc\cmb2\includes\helper-functions.php:131
filteris_protected_metainc\cmb2\includes\rest-api\CMB2_REST.php:144
actioninitinc\cmb2\init.php:131
actionplugins_loadedttml.php:16
actionadmin_initttml.php:23
actionadmin_noticesttml.php:32
actionwp_enqueue_scriptsttml.php:40
actionadmin_enqueue_scriptsttml.php:47
actioninitttml.php:58
filterpost_updated_messagesttml.php:93
actioncmb2_initttml.php:132
actionmanage_ttml_posts_custom_columnttml.php:136
filtermanage_ttml_posts_columnsttml.php:137
Maintenance & Trust

Responsive Testimonials Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 29, 2026
PHP min version
Downloads11K

Community Trust

Rating100/100
Number of ratings4
Active installs400
Alternatives

Responsive Testimonials Alternatives

WP Testimonials

WP Testimonials

testimonial-widgets

A
99

Display your Testimonials on your website fast and easily. 21 widget types, 25 widget styles available. (Free Plugin)

10K 2 CVEs
Stars Testimonials — Responsive Reviews & Star Ratings

Stars Testimonials — Responsive Reviews & Star Ratings

stars-testimonials-with-slider-and-masonry-grid

A
95

Testimonials & reviews WordPress plugin for your website. Display responsive website testimonials and customer reviews with ease ⭐

1K 3 CVEs
Widgets for Thumbtack Reviews

Widgets for Thumbtack Reviews

widgets-for-thumbtack-reviews

A
100

Embed Thumbtack reviews fast and easily into your WordPress site. Increase SEO, trust and sales using Thumbtack reviews.

800 No CVEs
Widgets for Ebay Reviews

Widgets for Ebay Reviews

widgets-for-ebay-reviews

A
100

Embed Ebay reviews fast and easily into your WordPress site. Increase SEO, trust and sales using Ebay reviews.

500 No CVEs
Widgets for Capterra Reviews

Widgets for Capterra Reviews

review-widgets-for-capterra

A
100

Embed Capterra reviews fast and easily into your WordPress site. Increase SEO, trust and sales using Capterra reviews.

100 No CVEs
Developer Profile

Responsive Testimonials Developer Profile

WP Darko

8 plugins · 59K total installs

78
trust score
Avg Security Score
98/100
Avg Patch Time
175 days
View full developer profile
Detection Fingerprints

How We Detect Responsive Testimonials

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/responsive-testimonials/css/ttml_custom_style.min.css/wp-content/plugins/responsive-testimonials/css/admin_de_style.min.css/wp-content/plugins/responsive-testimonials/js/ttml_admin.min.js
Script Paths
/wp-content/plugins/responsive-testimonials/js/ttml_admin.min.js

HTML / DOM Fingerprints

CSS Classes
ttml_sliderttml_displayttml_nav
JS Globals
ttml_admin
Shortcode Output
[responsive_testimonial]
FAQ

Frequently Asked Questions about Responsive Testimonials