Does Testimonial or Reviews have any unpatched vulnerabilities?

No. All known vulnerabilities in Testimonial or Reviews have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Testimonial or Reviews compatible with WordPress 4.9.29?

According to WordPress.org data, Testimonial or Reviews 1.0 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

Is Testimonial or Reviews compatible with PHP 5.4+?

Testimonial or Reviews requires PHP 5.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Testimonial or Reviews updated?

Testimonial or Reviews was last updated on May 22, 2018. Frequent updates are generally a positive security signal.

What is Testimonial or Reviews's security score?

Testimonial or Reviews has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Testimonial or Reviews Security & Risk Analysis

wordpress.org/plugins/testimonial-or-reviews

Testimonial or Reviews to Display your testimonial or reviews into Your Site. Display you Testimonial with clean, responsive and professional way.

20 active installs v1.0 PHP 5.4+ WP 4.4+ Updated May 22, 2018

reviewsreviews-buildertestimonialtestimonial-plugins

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Testimonial or Reviews Safe to Use in 2026?

Generally Safe

Score 85/100

Testimonial or Reviews has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago

Risk Assessment

The 'testimonial-or-reviews' plugin v1.0 exhibits a generally good security posture with a significant reliance on prepared statements for SQL queries and a robust presence of nonce and capability checks. The plugin also demonstrates strong output escaping for the majority of its code, which is a positive indicator. However, the taint analysis reveals a significant concern with a high number of flows (14 out of 18) exhibiting unsanitized paths, including 11 identified as high severity. This indicates potential vulnerabilities where untrusted input might be processed in a way that could lead to security issues, despite the absence of directly exploitable dangerous functions or raw SQL. The plugin's vulnerability history is clean, with no recorded CVEs, which is a strong positive sign. This suggests a history of responsible development or a lack of prior targeting. Overall, while the foundational security practices are commendable, the high number of unsanitized taint flows represents a considerable risk that warrants immediate attention and remediation.

Key Concerns

High number of unsanitized taint flows (14/18)
11 high severity taint flows
Only 37% of output properly escaped

Vulnerabilities

None known

Testimonial or Reviews Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Testimonial or Reviews Code Analysis

Dangerous Functions

Raw SQL Queries

148 prepared

Unescaped Output

1033

612 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

99% prepared150 total queries

Output Escaping

37% escaped1645 total outputs

Data Flows

14 unsanitized

Data Flow Analysis

18 flows14 with unsanitized paths

orphita_testimonial_or_reviews_admin_notices (update.php:313)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Testimonial or Reviews Attack Surface

Entry Points3

Unprotected0

AJAX Handlers 1

authwp_ajax_orphita_testimonial_admin_ajax_dataindex.php:220

Shortcodes 2

[orphita_testimonial_or_reviews] index.php:22

[orphita_testimonial_or_reviews_VC] index.php:33

WordPress Hooks 27

actionvc_before_initindex.php:32

actionadmin_menuindex.php:77

actionadmin_enqueue_scriptsindex.php:103

actionadmin_enqueue_scriptsindex.php:128

actionwp_print_scriptsindex.php:133

actionadmin_enqueue_scriptsindex.php:136

actionadmin_enqueue_scriptsindex.php:185

actionadmin_headindex.php:251

actionadmin_initindex.php:300

actionadmin_menuindex.php:313

actionadmin_headindex.php:359

filterwidget_textindex.php:365

actionadmin_initindex.php:381

actionadmin_noticesindex.php:394

actionadmin_initindex.php:399

filterpre_set_site_transient_update_pluginsPlugin_Updater.php:61

filterplugins_apiPlugin_Updater.php:62

actionadmin_initPlugin_Updater.php:65

filterpre_set_site_transient_update_pluginsPlugin_Updater.php:179

actionadmin_initupdate.php:20

actionadmin_noticesupdate.php:21

actionadmin_initupdate.php:116

actionadmin_initupdate.php:123

actionadmin_initupdate.php:230

actionadmin_initupdate.php:276

actionadmin_noticesupdate.php:335

actionwidgets_initwidget.php:13

Maintenance & Trust

Testimonial or Reviews Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedMay 22, 2018

PHP min version5.4

Downloads2K

Community Trust

Rating100/100

Number of ratings1

Active installs20

Alternatives

Testimonial or Reviews Alternatives

Reviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor, and More

reviews-feed

No API key required. Display Yelp and Google reviews for any business in a clean, customizable feed on your site.

100K 2 CVEs

Rich Showcase for Google Reviews

widget-google-reviews

Display up to 10 Google reviews in less than a minute. Continue collecting new reviews. No limits on connected places, widgets, shortcodes and blocks.

100K 5 CVEs

Site Reviews

site-reviews

Site Reviews is a complete review management solution that integrates with WooCommerce and SureCart and works similarly to reviews on Amazon, Tripadvi …

70K 13 CVEs

WP Google Review Slider

wp-google-places-review-slider

Display Google reviews on your site and even show user images! No address, no problem! Also works with Service Area Businesses and Products! Lightwei …

30K 6 CVEs

WP Customer Reviews

wp-customer-reviews

Allows your visitors to leave business / product reviews. Testimonials are in Microdata / Microformat and may display star ratings in search results.

20K 8 CVEs

Developer Profile

Testimonial or Reviews Developer Profile

WPKIN

5 plugins · 30K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

613 days

View full developer profile

Detection Fingerprints

How We Detect Testimonial or Reviews

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/testimonial-or-reviews/helper/bootstrap.min.js/wp-content/plugins/testimonial-or-reviews/helper/bootstrap.min.css/wp-content/plugins/testimonial-or-reviews/helper/admin.css/wp-content/plugins/testimonial-or-reviews/helper/font-awesome.min.css/wp-content/plugins/testimonial-or-reviews/helper/vendor.js/wp-content/plugins/testimonial-or-reviews/public/style.css/wp-content/plugins/testimonial-or-reviews/helper/drag-drop.js

Script Paths

plugins/testimonial-or-reviews/helper/bootstrap.min.jsplugins/testimonial-or-reviews/helper/vendor.jsplugins/testimonial-or-reviews/helper/drag-drop.js

Version Parameters

testimonial-or-reviews/helper/bootstrap.min.css?ver=testimonial-or-reviews/helper/admin.css?ver=testimonial-or-reviews/helper/font-awesome.min.css?ver=testimonial-or-reviews/helper/vendor.js?ver=testimonial-or-reviews/public/style.css?ver=testimonial-or-reviews/helper/drag-drop.js?ver=testimonial-or-reviews/admin-jquery/testimonial-or-reviews/layouts/index.php

HTML / DOM Fingerprints

CSS Classes

testimonial-or-reviews-settingstestimonial-or-reviews-wrap

HTML Comments

Data Attributes

data-testimonial-iddata-testimonial-settings

JS Globals

orphita_testimonial_drag_drop_ajax

Shortcode Output

[orphita_testimonial_or_reviews[orphita_testimonial_or_reviews_VC

FAQ