Does Testimonials King Light have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Testimonials King Light compatible with WordPress 4.8.28?

According to WordPress.org data, Testimonials King Light 0.1 has been tested up to WordPress 4.8.28. Check the plugin's changelog for the latest compatibility information.

How often is Testimonials King Light updated?

Testimonials King Light was last updated on Jul 4, 2017. Frequent updates are generally a positive security signal.

What is Testimonials King Light's security score?

Testimonials King Light has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Testimonials King Light Security & Risk Analysis

wordpress.org/plugins/testimonial-king-light

Easy to use most customizable free testimonials plugin with colour animation effect.

10 active installs v0.1 PHP + WP 3.1+ Updated Jul 4, 2017

random-testimonialstestimonialstestimonials-slider

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Testimonials King Light Safe to Use in 2026?

Generally Safe

Score 85/100

Testimonials King Light has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

The "testimonial-king-light" v0.1 plugin exhibits a generally strong security posture, adhering to several best practices. The absence of any known vulnerabilities in its history is a positive indicator. The code analysis reveals that all SQL queries utilize prepared statements, which is excellent. Furthermore, the plugin implements nonce and capability checks for its entry points, and a high percentage of its output is properly escaped. However, there are a few areas for concern that warrant attention. The presence of the `move_uploaded_file` function in the code signals a potential risk if not handled with extreme care, as file uploads can be a common vector for attacks. While the taint analysis did not reveal any critical or high-severity issues, two flows with unsanitized paths were identified. This suggests that even with other security measures in place, there's a possibility of improper handling of file paths, which could lead to unexpected behavior or security bypasses. The total number of entry points is low, and all are protected, which is a good sign. Overall, the plugin is built with a good foundation of security practices, but the identified potential for unsanitized paths and the presence of a dangerous file operation function require careful review and mitigation to ensure robust security.

Key Concerns

Dangerous function `move_uploaded_file` detected
Taint flows with unsanitized paths found

Vulnerabilities

None known

Testimonials King Light Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Testimonials King Light Release Timeline

v0.1Current

Code Analysis

Analyzed Apr 16, 2026

Testimonials King Light Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

121 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

move_uploaded_filemove_uploaded_file( sanitize_file_name($file['tmp_name']) , $uploadfile );includes/testimonial-king-form.php:37

Output Escaping

82% escaped147 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths

gmctk_selected_tpl (includes/testimonial-king-opt.php:203)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Testimonials King Light Attack Surface

Entry Points3

Unprotected0

AJAX Handlers 1

authwp_ajax_gmctk_selected_tplincludes/testimonial-king-opt.php:215

Shortcodes 2

[GMCTK_FORM] includes/testimonial-king-form.php:119

[GMCTK] includes/testimonial-king-sc.php:129

WordPress Hooks 13

actionadmin_enqueue_scriptsincludes/testimonial-king-admin.php:35

actionadmin_enqueue_scriptsincludes/testimonial-king-admin.php:36

actionwp_enqueue_scriptsincludes/testimonial-king-assests.php:35

filtermanage_gmctk_testimonial_posts_columnsincludes/testimonial-king-cpc.php:18

actionmanage_gmctk_testimonial_posts_custom_columnincludes/testimonial-king-cpc.php:39

actioninitincludes/testimonial-king-cpt.php:45

actionadd_meta_boxesincludes/testimonial-king-meta.php:13

actionsave_postincludes/testimonial-king-meta.php:94

actionadmin_menuincludes/testimonial-king-opt.php:11

actionadmin_initincludes/testimonial-king-opt.php:25

actioninitincludes/testimonial-king-taxonomy.php:39

actioninitincludes/testimonial-king-vc.php:34

actioninitincludes/testimonial-king-vc.php:115

Maintenance & Trust

Testimonials King Light Maintenance & Trust

Maintenance Signals

WordPress version tested4.8.28

Last updatedJul 4, 2017

PHP min version

Downloads2K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

Testimonials King Light Alternatives

Strong Testimonials

strong-testimonials

An easy-to-use testimonial plugin to collect and show customer feedback in WordPress

90K 15 CVEs

BNE Testimonials

bne-testimonials

Display testimonials and reviews on any page or widget area as list or slider. Upgrade to PRO for additional layouts, themes, submission form, API, ra …

1K 1 CVE

Simple Testimonials

simple-testimonials

Easily manage testimonials and display them anywhere on your blog in seconds, via blocks, widgets or shortcodes.

300 No CVEs

Elfsight Testimonials Slider

elfsight-testimonials-slider

Level up your website credibility with trustworthy testimonials

200 3 unpatched

Video Testimonial slider

video-testimonial-slider

Video Testimonial Slider plugin for WordPress website. Using plugin to display client Review and Testimonial with video popup through shortcode.

40 No CVEs

Developer Profile

Testimonials King Light Developer Profile

gauravchaware

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Testimonials King Light

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/testimonial-king-light/admin/js/gmctk.js/wp-content/plugins/testimonial-king-light/admin/css/slick.css/wp-content/plugins/testimonial-king-light/admin/css/slick-theme.css/wp-content/plugins/testimonial-king-light/admin/js/slick.min.js/wp-content/plugins/testimonial-king-light/admin/js/form.js/wp-content/plugins/testimonial-king-light/admin/js/jquery.validate.min.js

Script Paths

/wp-content/plugins/testimonial-king-light/admin/js/gmctk.js/wp-content/plugins/testimonial-king-light/admin/js/slick.min.js/wp-content/plugins/testimonial-king-light/admin/js/form.js/wp-content/plugins/testimonial-king-light/admin/js/jquery.validate.min.js

Version Parameters

testimonial-king-light/admin/js/gmctk.js?ver=0.1

HTML / DOM Fingerprints

CSS Classes

gmctknamegmctemailgmctkcitationgmctkdescform-group

Data Attributes

gmctknamegmctemailgmctkcitationgmctkdesc

JS Globals

WP_GMCTK

Shortcode Output

<form id="gmctkform" action="" method="POST" enctype="multipart/form-data"><label for="gmctkname">Full Name</label><input type="text" class="form-control" name="title"<label for="gmctemail">Email </label>

FAQ