Does ReviewsTap have any unpatched vulnerabilities?

No. All known vulnerabilities in ReviewsTap have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is ReviewsTap compatible with WordPress 6.7.5?

According to WordPress.org data, ReviewsTap 1.1.3 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

How often is ReviewsTap updated?

ReviewsTap was last updated on Jan 6, 2025. Frequent updates are generally a positive security signal.

What is ReviewsTap's security score?

ReviewsTap has a WP-Safety security score of 91/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

ReviewsTap Security & Risk Analysis

wordpress.org/plugins/reviewstap

ReviewsTap helps small businesses collect, monitor and manage reviews across a range of online platforms.

10 active installs v1.1.3 PHP + WP 5.0.0+ Updated Jan 6, 2025

facebook-ratingsfeedbackratingsreviewstripadvisor

A · Safe

CVEs total1

Unpatched0

Last CVEJan 24, 2025

Download

Safety Verdict

Is ReviewsTap Safe to Use in 2026?

Generally Safe

Score 91/100

ReviewsTap has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jan 24, 2025Updated 1yr ago

Risk Assessment

The reviewstap plugin, in version 1.1.3, exhibits a mixed security posture. While it shows strong adherence to output escaping best practices and a clean slate regarding taint analysis and critical/high severity vulnerabilities, several areas warrant attention. The complete lack of capability checks on its sole entry point (a shortcode) and the use of raw SQL queries without prepared statements are significant concerns. The plugin's vulnerability history, though currently clear, previously had a medium severity CSRF vulnerability, indicating a need for ongoing vigilance. The limited attack surface is a positive, but the identified weaknesses in input validation and SQL handling could potentially be exploited in conjunction with other factors.

Key Concerns

Raw SQL queries without prepared statements
Shortcode entry point lacks capability checks
Past medium severity CSRF vulnerability

Vulnerabilities

ReviewsTap Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-24561medium · 6.1Cross-Site Request Forgery (CSRF)

ReviewsTap <= 1.1.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting

Jan 24, 2025 Patched in 1.1.3 (5d)

Code Analysis

Analyzed Mar 17, 2026

ReviewsTap Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

29 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared7 total queries

Output Escaping

88% escaped33 total outputs

Attack Surface

ReviewsTap Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[reviewstap_widget] includes\class.reviewstap-display.php:7

WordPress Hooks 5

actionwidgets_initincludes\class.reviewstap-display.php:13

actionuser_registerincludes\class.reviewstap-general.php:11

actionwoocommerce_created_customerincludes\class.reviewstap-general.php:12

actionwoocommerce_order_status_completedincludes\class.reviewstap-general.php:13

actionadmin_menuincludes\class.reviewstap-setting.php:7

Maintenance & Trust

ReviewsTap Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedJan 6, 2025

PHP min version

Downloads2K

Community Trust

Rating100/100

Number of ratings2

Active installs10

Alternatives

ReviewsTap Alternatives

TargetBay Product and Site Reviews

targetbay-product-and-site-reviews

Generate tons of product reviews for your WooCommerce site with TargetBay

30 No CVEs

GlowReviews – Smart Feedback & Testimonials

glowreviews

100

Collect and display customer feedback with star ratings, image uploads, and WordPress user integration.

0 No CVEs

kk Star Ratings – Rate Post & Collect User Feedbacks

kk-star-ratings

kk Star Ratings allows blog visitors to involve and interact more effectively with your website by rating posts.

80K 4 CVEs

Site Reviews

site-reviews

Site Reviews is a complete review management solution that integrates with WooCommerce and SureCart and works similarly to reviews on Amazon, Tripadvi …

70K 13 CVEs

WP Tripadvisor Review Widgets

review-widgets-for-tripadvisor

100

Embed Tripadvisor reviews fast and easily into your WordPress site. Increase SEO, trust and sales using Tripadvisor reviews.

20K No CVEs

Developer Profile

ReviewsTap Developer Profile

awcode

4 plugins · 110 total installs

trust score

Avg Security Score

97/100

Avg Patch Time

38 days

View full developer profile

Detection Fingerprints

How We Detect ReviewsTap

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/reviewstap/assets/css/style.css/wp-content/plugins/reviewstap/assets/js/main.js

Script Paths

https://app.reviewstap.com/widgets/reviews.js

HTML / DOM Fingerprints

CSS Classes

reviewstap-widget

Data Attributes

data-schemaType='Organization'

JS Globals

reviewsTapWidgetJs_reviewsTapUrl_RTbusinessId

Shortcode Output

<div id='reviewstap-widget' data-schemaType='Organization'></div>

FAQ