Does Review Schema have any unpatched vulnerabilities?

No. All known vulnerabilities in Review Schema have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Review Schema compatible with WordPress 3.3.2?

According to WordPress.org data, Review Schema 1.7.1 has been tested up to WordPress 3.3.2. Check the plugin's changelog for the latest compatibility information.

How often is Review Schema updated?

Review Schema was last updated on Feb 8, 2012. Frequent updates are generally a positive security signal.

What is Review Schema's security score?

Review Schema has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Review Schema Security & Risk Analysis

wordpress.org/plugins/review-schema-markup

This plugin will add Schema.org markup options for reviews.

30 active installs v1.7.1 PHP + WP 3.0+ Updated Feb 8, 2012

googlereviewsschema-orgsearch-engine-optimization

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Review Schema Safe to Use in 2026?

Generally Safe

Score 85/100

Review Schema has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 14yr ago

Risk Assessment

The review-schema-markup plugin version 1.7.1 demonstrates a generally strong security posture based on the provided static analysis. The complete absence of identified attack surface points such as AJAX handlers, REST API routes, shortcodes, and cron events is a significant positive indicator. Furthermore, the code signals show a commendable adherence to secure coding practices, with all SQL queries utilizing prepared statements and the presence of both nonce and capability checks, which are crucial for protecting against common WordPress attacks. There are no recorded historical vulnerabilities or CVEs, suggesting a history of stable and secure development.

However, the most notable concern lies in the output escaping. With only 14% of 7 total outputs being properly escaped, there's a substantial risk of cross-site scripting (XSS) vulnerabilities. This means that user-supplied data or data processed by the plugin could be rendered without proper sanitization, allowing malicious scripts to be injected into the frontend of a website. While other security signals are positive, this single weakness presents a tangible and potentially exploitable risk.

Key Concerns

Low output escaping percentage

Vulnerabilities

None known

Review Schema Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Review Schema Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

14% escaped7 total outputs

Attack Surface

Review Schema Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

filterthe_contentreview-schema.php:187

actionadd_meta_boxesreview-schema.php:189

actionsave_postreview-schema.php:190

actionwp_headreview-schema.php:191

actionadmin_menureview-schema.php:194

actionadmin_initreview-schema.php:195

Maintenance & Trust

Review Schema Maintenance & Trust

Maintenance Signals

WordPress version tested3.3.2

Last updatedFeb 8, 2012

PHP min version

Downloads5K

Community Trust

Rating80/100

Number of ratings1

Active installs30

Alternatives

Review Schema Alternatives

Author Product Review

author-product-review

100

This plugin allow author to add Schema.org markup options for product reviews.

60 No CVEs

Widgets for Google Reviews

wp-reviews-plugin-for-google

Embed Google reviews fast and easily into your WordPress site. Increase SEO, trust and sales using Google reviews.

900K 4 CVEs

Reviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor, and More

reviews-feed

No API key required. Display Yelp and Google reviews for any business in a clean, customizable feed on your site.

100K 2 CVEs

Rich Showcase for Google Reviews

widget-google-reviews

Display up to 10 Google reviews in less than a minute. Continue collecting new reviews. No limits on connected places, widgets, shortcodes and blocks.

100K 5 CVEs

WP Google Review Slider

wp-google-places-review-slider

Display Google reviews on your site and even show user images! No address, no problem! Also works with Service Area Businesses and Products! Lightwei …

30K 6 CVEs

Developer Profile

Review Schema Developer Profile

James Swindle

2 plugins · 40 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Review Schema

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/review-schema-markup/review-schema.css

Version Parameters

review-schema-markup/review-schema.css?ver=

HTML / DOM Fingerprints

CSS Classes

inline-ratingreview-ratingbest-ratingreview-star-emptyreview-starreview-datastar-ratingreview-blank

HTML Comments

Data Attributes

itemscopeitemtypeitempropdata-schema_item_namedata-schema_item_urldata-schema_rating

Shortcode Output

<div itemscope itemtype="http://schema.org/Review"><meta itemprop="name"<meta itemprop="author"<meta itemprop="datePublished"

FAQ