WP-Safety

rtBiz Security & Risk Analysis

wordpress.org/plugins/rtbiz

rtBiz - WordPress 4 Business!

10 active installs v1.4.4 PHP + WP 4.1+ Updated Feb 3, 2022
businesscompaniescontactsemail-parsingpeople-management
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is rtBiz Safe to Use in 2026?

Generally Safe

Score 85/100

rtBiz has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago
Risk Assessment

The rtbiz plugin v1.4.4 exhibits a mixed security posture. On the positive side, it demonstrates good practices in SQL query handling, with 90% of queries using prepared statements, and avoids dangerous functions, file operations, and external HTTP requests. The plugin also implements a reasonable number of nonce and capability checks. However, several areas present significant security concerns. The plugin exposes a substantial attack surface through AJAX handlers, with 4 out of 6 lacking proper authentication checks. This is further exacerbated by the taint analysis revealing 5 flows with unsanitized paths, two of which are classified as high severity. The low percentage of properly escaped output (26%) indicates a risk of cross-site scripting (XSS) vulnerabilities. The absence of any recorded historical vulnerabilities is a positive sign, suggesting a degree of past security diligence, but it does not negate the immediate risks identified in the current static and taint analysis.

Key Concerns

  • Unprotected AJAX handlers
  • Taint flow with unsanitized path (High severity)
  • Taint flow with unsanitized path (High severity)
  • Low percentage of properly escaped output
  • Taint flows with unsanitized paths (unspecified severity)
  • Taint flows with unsanitized paths (unspecified severity)
  • Taint flows with unsanitized paths (unspecified severity)
Vulnerabilities
None known

rtBiz Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

rtBiz Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
9 prepared
Unescaped Output
77
27 escaped
Nonce Checks
7
Capability Checks
16
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

90% prepared10 total queries

Output Escaping

26% escaped104 total outputs
Data Flows
5 unsanitized

Data Flow Analysis

5 flows5 with unsanitized paths
ui (admin\classes\metabox\rtbiz-contact-profile-access\class-rtbiz-contact-profile-access.php:13)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
4 unprotected

rtBiz Attack Surface

Entry Points6
Unprotected4

AJAX Handlers 6

authwp_ajax_search_user_from_nameadmin\classes\rtbiz-contact\class-rtbiz-contact.php:51
authwp_ajax_rtbiz_export_contactadmin\classes\rtbiz-contact\class-rtbiz-contact.php:61
authwp_ajax_rtbiz_export_all_contactsadmin\classes\rtbiz-contact\class-rtbiz-contact.php:62
authwp_ajax_update_rtbiz_welcome_paneladmin\classes\rtbiz-dashboard\class-rtbiz-dashboard.php:34
authwp_ajax_rtbiz_install_pluginincludes\class-rtbiz-plugin-check.php:37
authwp_ajax_rtbiz_activate_pluginincludes\class-rtbiz-plugin-check.php:38
WordPress Hooks 62
actionplugins_loadedadmin\classes\rtbiz-access-control\class-rtbiz-access-control.php:51
filteruser_has_capadmin\classes\rtbiz-access-control\class-rtbiz-access-control.php:52
actioninitadmin\classes\rtbiz-attributes\class-rtbiz-attributes.php:28
actionrestrict_manage_postsadmin\classes\rtbiz-attributes\class-rtbiz-attributes.php:29
actionparse_queryadmin\classes\rtbiz-attributes\class-rtbiz-attributes.php:30
actioninitadmin\classes\rtbiz-company\class-rtbiz-company.php:32
actioninitadmin\classes\rtbiz-company\class-rtbiz-company.php:33
actioninitadmin\classes\rtbiz-contact\class-rtbiz-contact.php:39
actioninitadmin\classes\rtbiz-contact\class-rtbiz-contact.php:40
actionadmin_noticesadmin\classes\rtbiz-contact\class-rtbiz-contact.php:45
actionpre_get_postsadmin\classes\rtbiz-contact\class-rtbiz-contact.php:47
actionbefore_delete_postadmin\classes\rtbiz-contact\class-rtbiz-contact.php:49
actionuser_registeradmin\classes\rtbiz-contact\class-rtbiz-contact.php:59
actionmanage_users_custom_columnadmin\classes\rtbiz-contact\class-rtbiz-contact.php:60
actionadmin_noticesadmin\classes\rtbiz-contact\class-rtbiz-contact.php:63
actionadmin_footer-users.phpadmin\classes\rtbiz-contact\class-rtbiz-contact.php:66
actionload-users.phpadmin\classes\rtbiz-contact\class-rtbiz-contact.php:67
actionadmin_noticesadmin\classes\rtbiz-contact\class-rtbiz-contact.php:361
actionadmin_noticesadmin\classes\rtbiz-contact\class-rtbiz-contact.php:364
actionadmin_noticesadmin\classes\rtbiz-contact\class-rtbiz-contact.php:368
actionpre_get_postsadmin\classes\rtbiz-contact\class-rtbiz-contact.php:833
actionrtbiz_after_dashboardadmin\classes\rtbiz-dashboard\class-rtbiz-dashboard.php:37
actionrtbiz_dashboard_add_meta_boxesadmin\classes\rtbiz-dashboard\class-rtbiz-dashboard.php:40
actionrtbiz_welcome_paneladmin\classes\rtbiz-dashboard\class-rtbiz-dashboard.php:42
actionrtbiz_after_dashboardadmin\classes\rtbiz-dashboard\class-rtbiz-dashboard.php:44
actionadd_meta_boxesadmin\classes\rtbiz-entity\class-rtbiz-entity.php:99
actionadmin_initadmin\classes\rtbiz-entity\class-rtbiz-entity.php:100
actionadd_meta_boxesadmin\classes\rtbiz-entity\class-rtbiz-entity.php:101
actionsave_postadmin\classes\rtbiz-entity\class-rtbiz-entity.php:102
actionpre_post_updateadmin\classes\rtbiz-entity\class-rtbiz-entity.php:103
actionbulk_post_updated_messagesadmin\classes\rtbiz-entity\class-rtbiz-entity.php:107
actionpost_updated_messagesadmin\classes\rtbiz-entity\class-rtbiz-entity.php:108
actioncomment_feed_whereadmin\classes\rtbiz-entity\class-rtbiz-entity.php:112
actionpre_get_commentsadmin\classes\rtbiz-entity\class-rtbiz-entity.php:113
actioninitadmin\classes\rtbiz-help\class-rtbiz-help.php:29
actioncurrent_screenadmin\classes\rtbiz-help\class-rtbiz-help.php:212
actionp2p_initadmin\classes\rtbiz-p2p\class-rtbiz-p2p.php:10
filterp2p_post_admin_column_linkadmin\classes\rtbiz-p2p\class-rtbiz-p2p.php:11
actionp2p_initadmin\classes\rtbiz-setting\class-rtbiz-setting.php:33
actionredux/loadedadmin\classes\rtbiz-setting\class-rtbiz-setting.php:38
actioninitadmin\classes\rtbiz-teams\class-rtbiz-teams.php:30
actionrtbiz_team_supportadmin\classes\rtbiz-teams\class-rtbiz-teams.php:31
actionadmin_headadmin\classes\rtbiz-teams\class-rtbiz-teams.php:32
actioncreate_termadmin\classes\rtbiz-teams\class-rtbiz-teams.php:37
actionedit_termadmin\classes\rtbiz-teams\class-rtbiz-teams.php:38
filteradmin_noticesadmin\classes\rtbiz-teams\class-rtbiz-teams.php:42
actionadmin_enqueue_scriptsincludes\class-rtbiz-plugin-check.php:33
actionadmin_noticesincludes\class-rtbiz-plugin-check.php:42
actionwp_loadedincludes\class-rtbiz-posts-to-posts.php:24
actionadmin_noticesincludes\class-rtbiz-posts-to-posts.php:25
actionplugins_loadedincludes\class-rtbiz.php:68
actionadmin_menuincludes\class-rtbiz.php:200
actioncustom_menu_orderincludes\class-rtbiz.php:201
filterplugin_row_metaincludes\class-rtbiz.php:204
actionadmin_initincludes\class-rtbiz.php:207
actionadmin_initincludes\class-rtbiz.php:208
filterrtbiz_modulesincludes\class-rtbiz.php:209
actionafter_setup_themeincludes\class-rtbiz.php:213
actionadmin_enqueue_scriptsincludes\class-rtbiz.php:215
actionadmin_enqueue_scriptsincludes\class-rtbiz.php:216
actionadmin_noticesrtbiz.php:115
actionadmin_initrtbiz.php:116
Maintenance & Trust

rtBiz Maintenance & Trust

Maintenance Signals

WordPress version tested5.9.13
Last updatedFeb 3, 2022
PHP min version
Downloads5K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

rtBiz Alternatives

Get Telephone Contacts of Prospective Customers

Get Telephone Contacts of Prospective Customers

business-contacts-authentic-verifiable-business-leads

A
85

Authentic & verifiable telephone contacts of prospective customers in different sectors, countries & states). We help to fetch verifiable busi …

0 No CVEs
id:CRM Contacts & Companies

id:CRM Contacts & Companies

idcrm-contacts-companies

A
100

This is first free module from id:CRM to organize contacts and companies.

0 No CVEs
Widgets for Google Reviews

Widgets for Google Reviews

wp-reviews-plugin-for-google

A
93

Embed Google reviews fast and easily into your WordPress site. Increase SEO, trust and sales using Google reviews.

900K 4 CVEs
Click to Chat – HoliThemes

Click to Chat – HoliThemes

click-to-chat-for-whatsapp

A
96

WhatsApp Chat🔥. Let's make your Web page visitors contact you through 'WhatsApp', 'WhatsApp Business'. Add matching Widget✅

700K 3 CVEs
Social Chat – Click To Chat App Button

Social Chat – Click To Chat App Button

wp-whatsapp-chat

A
100

WhatsApp Chat🔥 allows you to enhance customer engagement! Integrate "WhatsApp" or "WhatsApp Business" with a single click.

200K 1 CVE
Developer Profile

rtBiz Developer Profile

rtCamp

19 plugins · 119K total installs

75
trust score
Avg Security Score
94/100
Avg Patch Time
883 days
View full developer profile
Detection Fingerprints

How We Detect rtBiz

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/rtbiz/admin/css/rtbiz-admin.css/wp-content/plugins/rtbiz/admin/js/rtbiz-admin.js/wp-content/plugins/rtbiz/admin/js/settings.js/wp-content/plugins/rtbiz/admin/js/acl.js/wp-content/plugins/rtbiz/admin/js/dashboard.js/wp-content/plugins/rtbiz/admin/js/help.js/wp-content/plugins/rtbiz/public/css/rtbiz-public.css/wp-content/plugins/rtbiz/public/js/rtbiz-public.js
Script Paths
/wp-content/plugins/rtbiz/admin/js/rtbiz-admin.js/wp-content/plugins/rtbiz/admin/js/settings.js/wp-content/plugins/rtbiz/admin/js/acl.js/wp-content/plugins/rtbiz/admin/js/dashboard.js/wp-content/plugins/rtbiz/admin/js/help.js/wp-content/plugins/rtbiz/public/js/rtbiz-public.js
Version Parameters
rtbiz/style.css?ver=rtbiz/script.js?ver=

HTML / DOM Fingerprints

CSS Classes
rtbiz-php-older-versionrtbiz-contact-form-wraprtbiz-contact-form-fieldrtbiz-contact-form-labelrtbiz-contact-form-inputrtbiz-company-form-wraprtbiz-company-form-fieldrtbiz-company-form-label+5 more
HTML Comments
<!-- rtBiz admin notices --><!-- rtBiz dashboard widget starts --><!-- rtBiz settings form starts --><!-- rtBiz ACL settings starts -->+1 more
Data Attributes
data-rtbiz-field-iddata-rtbiz-field-typedata-rtbiz-contact-iddata-rtbiz-company-iddata-rtbiz-user-roledata-rtbiz-permission-slug
JS Globals
rtbiz_admin_ajax_urlrtbiz_settings_paramsrtbiz_acl_paramsrtbiz_dashboard_params
REST Endpoints
/wp-json/rtbiz/v1/contacts/wp-json/rtbiz/v1/companies/wp-json/rtbiz/v1/settings/wp-json/rtbiz/v1/acl
Shortcode Output
[rtbiz_contact_form][rtbiz_company_form][rtbiz_dashboard]
FAQ

Frequently Asked Questions about rtBiz