WP-Safety

Sticky Reviews – Keep Reviews Visible While Scrolling Security & Risk Analysis

wordpress.org/plugins/sticky-review

Display client feedback professionally in your site footer with the Sticky Review plugin. Easy to use and effective for attracting more customers.

0 active installs v1.0.1 PHP 7.1+ WP 5.6+ Updated Feb 4, 2026
feedbackreview-slidersticky-reviewstestimonial-slidertext-slider
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Sticky Reviews – Keep Reviews Visible While Scrolling Safe to Use in 2026?

Generally Safe

Score 100/100

Sticky Reviews – Keep Reviews Visible While Scrolling has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The 'sticky-review' plugin v1.0.1 demonstrates a generally strong security posture based on the provided static analysis. The absence of known CVEs and any recorded historical vulnerabilities is a significant positive indicator, suggesting a mature and well-maintained codebase. Furthermore, the plugin employs good security practices, including 100% use of prepared statements for SQL queries, a substantial number of nonce checks, and proper capability checks, all of which are crucial for preventing common web vulnerabilities.

However, there are areas for improvement. While the attack surface is limited to AJAX handlers, the lack of any reported vulnerabilities might mask potential weaknesses. The fact that 30% of output is not properly escaped presents a moderate risk. Although no critical or high severity taint flows were detected, a 70% output escaping rate means that a non-trivial portion of output could be vulnerable to Cross-Site Scripting (XSS) if not handled carefully by developers or other components.

In conclusion, 'sticky-review' v1.0.1 appears to be a relatively secure plugin, with a commendable lack of historical vulnerabilities and robust handling of database interactions. The primary concern lies in the unescaped output, which warrants attention. While the current security history is excellent, continuous vigilance and addressing the output escaping issue would further solidify its security.

Key Concerns

  • Unescaped output detected (30%)
Vulnerabilities
None known

Sticky Reviews – Keep Reviews Visible While Scrolling Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Sticky Reviews – Keep Reviews Visible While Scrolling Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
2 prepared
Unescaped Output
237
553 escaped
Nonce Checks
12
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared2 total queries

Output Escaping

70% escaped790 total outputs
Data Flows
All sanitized

Data Flow Analysis

3 flows
csf_export (inc\codestar\functions\actions.php:62)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Sticky Reviews – Keep Reviews Visible While Scrolling Attack Surface

Entry Points5
Unprotected0

AJAX Handlers 5

authwp_ajax_csf-get-iconsinc\codestar\functions\actions.php:50
authwp_ajax_csf-exportinc\codestar\functions\actions.php:87
authwp_ajax_csf-importinc\codestar\functions\actions.php:123
authwp_ajax_csf-resetinc\codestar\functions\actions.php:150
authwp_ajax_csf-choseninc\codestar\functions\actions.php:189
WordPress Hooks 46
actionwp_enqueue_scriptsinc\codestar\classes\abstract.class.php:20
actionadmin_menuinc\codestar\classes\admin-options.class.php:107
actionadmin_bar_menuinc\codestar\classes\admin-options.class.php:108
actionnetwork_admin_menuinc\codestar\classes\admin-options.class.php:112
filteradmin_footer_textinc\codestar\classes\admin-options.class.php:493
actionadd_meta_boxes_commentinc\codestar\classes\comment-options.class.php:38
actionedit_commentinc\codestar\classes\comment-options.class.php:39
actioncustomize_registerinc\codestar\classes\customize-options.class.php:43
actioncustomize_save_afterinc\codestar\classes\customize-options.class.php:44
actionwp_enqueue_scriptsinc\codestar\classes\customize-options.class.php:48
actionadd_meta_boxesinc\codestar\classes\metabox-options.class.php:50
actionsave_postinc\codestar\classes\metabox-options.class.php:51
actionedit_attachmentinc\codestar\classes\metabox-options.class.php:52
actionwp_nav_menu_item_custom_fieldsinc\codestar\classes\nav-menu-options.class.php:30
actionwp_update_nav_menu_iteminc\codestar\classes\nav-menu-options.class.php:31
filterwp_edit_nav_menu_walkerinc\codestar\classes\nav-menu-options.class.php:33
actionadmin_initinc\codestar\classes\profile-options.class.php:30
actionshow_user_profileinc\codestar\classes\profile-options.class.php:42
actionedit_user_profileinc\codestar\classes\profile-options.class.php:43
actionpersonal_options_updateinc\codestar\classes\profile-options.class.php:45
actionedit_user_profile_updateinc\codestar\classes\profile-options.class.php:46
actionafter_setup_themeinc\codestar\classes\setup.class.php:73
actioninitinc\codestar\classes\setup.class.php:74
actionswitch_themeinc\codestar\classes\setup.class.php:75
actionadmin_enqueue_scriptsinc\codestar\classes\setup.class.php:76
actionwp_enqueue_scriptsinc\codestar\classes\setup.class.php:77
actionwp_headinc\codestar\classes\setup.class.php:78
filteradmin_body_classinc\codestar\classes\setup.class.php:79
actionadmin_footerinc\codestar\classes\shortcode-options.class.php:47
actioncustomize_controls_print_footer_scriptsinc\codestar\classes\shortcode-options.class.php:48
actionelementor/editor/before_enqueue_scriptsinc\codestar\classes\shortcode-options.class.php:59
actionelementor/editor/footerinc\codestar\classes\shortcode-options.class.php:60
actionelementor/editor/footerinc\codestar\classes\shortcode-options.class.php:61
actionenqueue_block_editor_assetsinc\codestar\classes\shortcode-options.class.php:303
actionmedia_buttonsinc\codestar\classes\shortcode-options.class.php:307
actionadmin_initinc\codestar\classes\taxonomy-options.class.php:41
actionadmin_footerinc\codestar\fields\icon\icon.php:41
actioncustomize_controls_print_footer_scriptsinc\codestar\fields\icon\icon.php:42
actionadmin_print_footer_scriptsinc\codestar\fields\link\link.php:65
actionprint_default_editor_scriptsinc\codestar\fields\wp_editor\wp_editor.php:62
actionadmin_menuinc\codestar\views\welcome.php:19
filterplugin_action_linksinc\codestar\views\welcome.php:20
filterplugin_row_metainc\codestar\views\welcome.php:21
actionplugin_loadedsticky-review.php:18
actionwp_enqueue_scriptssticky-review.php:28
actionwp_footersticky-review.php:135
Maintenance & Trust

Sticky Reviews – Keep Reviews Visible While Scrolling Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 4, 2026
PHP min version7.1
Downloads2K

Community Trust

Rating100/100
Number of ratings1
Active installs0
Alternatives

Sticky Reviews – Keep Reviews Visible While Scrolling Alternatives

Testimonial Customer Feedback

Testimonial Customer Feedback

testimonial-maker

A
100

Display client testimonials with customizable layouts, slider effects, and responsive design. Simple setup with shortcode support.

1K No CVEs
Review & testimonial widgets

Review & testimonial widgets

trustmary

A
91

Add reviews to your website with Trustmary’s review and testimonial widgets: Google Review Widget, Facebook Review Widget, Tripadvisor Review Widget, …

1K 1 CVE
Ace Testimonials Slider

Ace Testimonials Slider

ace-testimonials-slider

A
100

A sleek, responsive, and highly customizable WordPress plugin to showcase client testimonials and customer reviews in a beautiful slider format.

0 No CVEs
UserFeedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds

UserFeedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds

userfeedback-lite

A
88

Ultimate user feedback plugin to ask questions, surveys, polls, from your website in seconds

200K 7 CVEs
kk Star Ratings – Rate Post & Collect User Feedbacks

kk Star Ratings – Rate Post & Collect User Feedbacks

kk-star-ratings

A
96

kk Star Ratings allows blog visitors to involve and interact more effectively with your website by rating posts.

80K 4 CVEs
Developer Profile

Sticky Reviews – Keep Reviews Visible While Scrolling Developer Profile

colorlibplugins

120 plugins · 738K total installs

78
trust score
Avg Security Score
99/100
Avg Patch Time
140 days
View full developer profile
Detection Fingerprints

How We Detect Sticky Reviews – Keep Reviews Visible While Scrolling

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/sticky-review/public/assets/css/review-style.css/wp-content/plugins/sticky-review/public/assets/js/main.js
Script Paths
/wp-content/plugins/sticky-review/public/assets/js/main.js
Version Parameters
sticky-review/public/assets/css/review-style.css?ver=sticky-review/public/assets/js/main.js?ver=

HTML / DOM Fingerprints

CSS Classes
srs-core-uisrs-review-slidersrs-review-containersrs-reviewsrs-currsrs-prevclose_btnsrs_left+9 more
HTML Comments
GET OPTION DATA FROM CODESTAREnd of srs-core-ui
Data Attributes
data-target
JS Globals
SRS_PLUGIN_DIRSRS_VER
FAQ

Frequently Asked Questions about Sticky Reviews – Keep Reviews Visible While Scrolling