Does ReviewsTap have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is ReviewsTap compatible with WordPress 6.7.5?

According to WordPress.org data, ReviewsTap 1.1.3 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

How often is ReviewsTap updated?

ReviewsTap was last updated on Jan 6, 2025. Frequent updates are generally a positive security signal.

What is ReviewsTap's security score?

ReviewsTap has a WP-Safety security score of 91/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

ReviewsTap Security & Risk Analysis

wordpress.org/plugins/reviewstap

ReviewsTap helps small businesses collect, monitor and manage reviews across a range of online platforms.

10 active installs v1.1.3 PHP + WP 5.0.0+ Updated Jan 6, 2025

facebook-ratingsfeedbackratingsreviewstripadvisor

A · Safe

CVEs total1

Unpatched0

Last CVEJan 24, 2025

Download

Safety Verdict

Is ReviewsTap Safe to Use in 2026?

Generally Safe

Score 91/100

ReviewsTap has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Jan 24, 2025Updated 1yr ago

Risk Assessment

The reviewstap plugin, in version 1.1.3, exhibits a mixed security posture. While it shows strong adherence to output escaping best practices and a clean slate regarding taint analysis and critical/high severity vulnerabilities, several areas warrant attention. The complete lack of capability checks on its sole entry point (a shortcode) and the use of raw SQL queries without prepared statements are significant concerns. The plugin's vulnerability history, though currently clear, previously had a medium severity CSRF vulnerability, indicating a need for ongoing vigilance. The limited attack surface is a positive, but the identified weaknesses in input validation and SQL handling could potentially be exploited in conjunction with other factors.

Key Concerns

Raw SQL queries without prepared statements
Shortcode entry point lacks capability checks
Past medium severity CSRF vulnerability

Vulnerabilities

1 published

ReviewsTap Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-24561medium · 6.1Cross-Site Request Forgery (CSRF)

ReviewsTap <= 1.1.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting

Jan 24, 2025 Patched in 1.1.3 (5d)

Version History

ReviewsTap Release Timeline

v1.1.3Current

v1.1.21 CVE

v1.1.11 CVE

v1.1.01 CVE

v1.0.91 CVE

v1.0.81 CVE

v1.0.71 CVE

v1.0.61 CVE

v1.0.51 CVE

v1.0.41 CVE

v1.0.31 CVE

v1.0.21 CVE

v1.0.11 CVE

v1.0.01 CVE

Code Analysis

Analyzed Mar 17, 2026

ReviewsTap Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

29 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared7 total queries

Output Escaping

88% escaped33 total outputs

Attack Surface

ReviewsTap Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[reviewstap_widget] includes\class.reviewstap-display.php:7

WordPress Hooks 5

actionwidgets_initincludes\class.reviewstap-display.php:13

actionuser_registerincludes\class.reviewstap-general.php:11

actionwoocommerce_created_customerincludes\class.reviewstap-general.php:12

actionwoocommerce_order_status_completedincludes\class.reviewstap-general.php:13

actionadmin_menuincludes\class.reviewstap-setting.php:7

Maintenance & Trust

ReviewsTap Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedJan 6, 2025

PHP min version

Downloads2K

Community Trust

Rating100/100

Number of ratings2

Active installs10

Alternatives

ReviewsTap Alternatives

TargetBay Product and Site Reviews

targetbay-product-and-site-reviews

Generate tons of product reviews for your WooCommerce site with TargetBay

40 No CVEs

CodeX BVWP

codex-bvwp

100

Integrate your WordPress/WooCommerce with BazaarVoice. Gain your customers trust with real UGC (user generated content) including ratings and reviews …

0 No CVEs

GlowReviews – Smart Feedback & Testimonials

glowreviews

100

Collect customer feedback with star ratings, moderation, image uploads, and flexible testimonial layouts.

0 No CVEs

kk Star Ratings – Rate Post & Collect User Feedbacks

kk-star-ratings

kk Star Ratings allows blog visitors to involve and interact more effectively with your website by rating posts.

80K 4 CVEs

Site Reviews

site-reviews

Site Reviews is a complete review management solution that integrates with WooCommerce and SureCart and works similarly to reviews on Amazon, Tripadvi …

60K 13 CVEs

Developer Profile

ReviewsTap Developer Profile

awcode

4 plugins · 210 total installs

trust score

Avg Security Score

97/100

Avg Patch Time

38 days

View full developer profile

Detection Fingerprints

How We Detect ReviewsTap

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/reviewstap/assets/css/style.css/wp-content/plugins/reviewstap/assets/js/main.js

Script Paths

https://app.reviewstap.com/widgets/reviews.js

HTML / DOM Fingerprints

CSS Classes

reviewstap-widget

Data Attributes

data-schemaType='Organization'

JS Globals

reviewsTapWidgetJs_reviewsTapUrl_RTbusinessId

Shortcode Output

<div id='reviewstap-widget' data-schemaType='Organization'></div>

FAQ

ReviewsTap Security & Risk Analysis

Is ReviewsTap Safe to Use in 2026?

Generally Safe

Key Concerns

ReviewsTap Security Vulnerabilities

CVEs by Year

Severity Breakdown

ReviewsTap Release Timeline

ReviewsTap Code Analysis

SQL Query Safety

Output Escaping

ReviewsTap Attack Surface

Shortcodes 1

ReviewsTap Maintenance & Trust

Maintenance Signals

Community Trust

ReviewsTap Alternatives

TargetBay Product and Site Reviews

CodeX BVWP

GlowReviews – Smart Feedback & Testimonials

kk Star Ratings – Rate Post & Collect User Feedbacks

Site Reviews

ReviewsTap Developer Profile

How We Detect ReviewsTap

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about ReviewsTap