Review Stream Security & Risk Analysis
wordpress.org/plugins/review-streamStream your latest and greatest reviews from around the Web to your Wordpress site and display them with SEO-friendly rich-snippet markup.
Is Review Stream Safe to Use in 2026?
Generally Safe
Score 98/100Review Stream has a strong security track record. Known vulnerabilities have been patched promptly.
The "review-stream" v1.6.8 plugin exhibits a generally strong security posture based on the provided static analysis. The absence of unprotected entry points, a low percentage of unescaped output, and the exclusive use of prepared statements for SQL queries are positive indicators. The plugin also demonstrates good practices by performing capability checks and avoiding bundled libraries. However, the static analysis reveals a complete lack of taint analysis data, which hinders a comprehensive understanding of how user input is handled and could potentially mask subtle vulnerabilities. Furthermore, the history of two medium-severity CVEs, particularly cross-site scripting (XSS) vulnerabilities, remains a concern despite being patched. The fact that the last vulnerability was recorded in 2025 suggests a recent history of security issues, even if they are currently addressed. This pattern warrants careful monitoring and emphasizes the importance of prompt patching for any future vulnerabilities.
Key Concerns
- No taint analysis data available
- History of 2 medium severity CVEs
- 0 nonce checks on entry points
Review Stream Security Vulnerabilities
CVEs by Year
Severity Breakdown
2 total CVEs
Review Stream <= 1.6.7 - Authenticated (Administrator+) Stored Cross-Site Scripting
Review Stream <= 1.6.5 - Authenticated (Administrator+) Stored Cross-Site Scripting
Review Stream Code Analysis
Output Escaping
Review Stream Attack Surface
Shortcodes 2
WordPress Hooks 5
Maintenance & Trust
Review Stream Maintenance & Trust
Maintenance Signals
Community Trust
Review Stream Alternatives
Starfish Review Generation & Marketing for WordPress
starfish-reviews
The best WordPress plugin for generating 5-star customer reviews on Google, Facebook, Tripadvisor, and many more platforms.
Redbrick Digital Core
redbrick-digital-core
Bring your Review Engine reviews into your WordPress website via shortcodes and widgets.
WP Star Reviews, Map, and Testimonials
contempo-reviews
This is a plugin that allows users to leave star reviews and for wp administrators to approve and display them according to service, item or location.
Reputation Saver Lite
reputation-saver
Reputation Saver will allow you to manage your online reputation by catching the bad reviews and feedback before it hits your social platforms.
Reviews UP
reviews-up
The Reviews UP Widget is a powerful and easy-to-use WordPress plugin that allows you to showcase customer reviews and testimonials directly on your we …
Review Stream Developer Profile
1 plugin · 400 total installs
How We Detect Review Stream
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/review-stream/js/review-stream-frontend.js/wp-content/plugins/review-stream/css/review-stream-frontend.css/wp-content/plugins/review-stream/js/review-stream-frontend.jsreview-stream/css/review-stream-frontend.css?ver=review-stream/js/review-stream-frontend.js?ver=HTML / DOM Fingerprints
review-stream-widgetreview-stream-reviews-containerreview-stream-review-itemreview-stream-review-authorreview-stream-review-datereview-stream-review-sourcereview-stream-review-titlereview-stream-review-rating+1 more<!-- Review Stream Widget --><!-- /.review-stream-widget --><!-- powered by --><!-- /.review-stream-powered-by -->data-reviewstream-pathdata-reviewstream-countdata-reviewstream-typedata-reviewstream-formatdata-reviewstream-displaydata-reviewstream-schema-direct-only+6 morereviewStreamFrontend<div class="review-stream-widget"<div class="review-stream-reviews-container"<div class="review-stream-powered-by"