SV Proven Expert Security & Risk Analysis
wordpress.org/plugins/sv-provenexpertShow Review Stars via ProvenExpert.com in WordPress
Is SV Proven Expert Safe to Use in 2026?
Mostly Safe
Score 70/100SV Proven Expert is generally safe to use though it hasn't been updated recently. 1 past CVE were resolved. Keep it updated.
The "sv-provenexpert" plugin v2.0.06 exhibits a mixed security posture. On the positive side, the static analysis reveals a clean codebase with no identified dangerous functions, file operations, or external HTTP requests. Importantly, all SQL queries are prepared, and output is consistently escaped, which are strong indicators of good secure coding practices in these areas. There are also no identified vulnerabilities in taint analysis.
However, significant concerns arise from the vulnerability history. The presence of one unpatched medium-severity CVE, historically associated with Cross-Site Request Forgery (CSRF), indicates a past weakness that has not been remediated. The lack of any explicit capability checks or nonce checks in the static analysis is also a red flag, especially considering the common vulnerability type and the potential for unauthenticated or improperly authenticated actions if the plugin's functionality relies on such checks that weren't detected or were implemented inadequately.
In conclusion, while the current codebase appears robust against common static analysis threats like SQL injection and XSS through proper escaping and prepared statements, the unpatched historical vulnerability and the absence of explicit security checks in the static analysis create an unacceptable risk. The plugin has demonstrated a past susceptibility to CSRF, and without clear evidence of mitigation for this and other potential unauthorized actions, its overall security remains questionable, especially for a plugin that might handle sensitive data or user interactions.
Key Concerns
- Unpatched medium vulnerability (CVE)
- No capability checks found
- No nonce checks found
SV Proven Expert Security Vulnerabilities
CVEs by Year
Severity Breakdown
1 total CVE
SV Proven Expert <= 2.0.06 - Cross-Site Request Forgery
SV Proven Expert Code Analysis
SV Proven Expert Attack Surface
Maintenance & Trust
SV Proven Expert Maintenance & Trust
Maintenance Signals
Community Trust
SV Proven Expert Alternatives
Widgets for Google Reviews
wp-reviews-plugin-for-google
Embed Google reviews fast and easily into your WordPress site. Increase SEO, trust and sales using Google reviews.
Reviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor, and More
reviews-feed
No API key required. Display Yelp and Google reviews for any business in a clean, customizable feed on your site.
Rich Showcase for Google Reviews
widget-google-reviews
Display up to 10 Google reviews in less than a minute. Continue collecting new reviews. No limits on connected places, widgets, shortcodes and blocks.
Customer Reviews for WooCommerce
customer-reviews-woocommerce
Customer Reviews for WooCommerce plugin helps you get more sales with social proof. Set up automated review reminders and increase conversion rate.
Site Reviews
site-reviews
Site Reviews is a complete review management solution that integrates with WooCommerce and SureCart and works similarly to reviews on Amazon, Tripadvi …
SV Proven Expert Developer Profile
8 plugins · 2K total installs
How We Detect SV Proven Expert
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/sv-provenexpert/assets/css/style.css/wp-content/plugins/sv-provenexpert/assets/js/script.js/wp-content/plugins/sv-provenexpert/lib/core_plugin/dependencies/sv_dependencies.js/wp-content/plugins/sv-provenexpert/assets/js/script.js/wp-content/plugins/sv-provenexpert/lib/core_plugin/dependencies/sv_dependencies.jssv-provenexpert/assets/css/style.css?ver=sv-provenexpert/assets/js/script.js?ver=sv-provenexpert/lib/core_plugin/dependencies/sv_dependencies.js?ver=