Does Trip Reviews have any unpatched vulnerabilities?

No. All known vulnerabilities in Trip Reviews have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Trip Reviews compatible with WordPress 6.8.5?

According to WordPress.org data, Trip Reviews 1.0.4 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Trip Reviews compatible with PHP 7.4+?

Trip Reviews requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Trip Reviews updated?

Trip Reviews was last updated on Nov 16, 2025. Frequent updates are generally a positive security signal.

What is Trip Reviews's security score?

Trip Reviews has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Trip Reviews Security Review — Score 100/100 (safe)

Safety Verdict

Is Trip Reviews Safe to Use in 2026?

Generally Safe

Score 100/100

Trip Reviews has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The "trip-reviews" plugin version 1.0.4 demonstrates a generally strong security posture based on the provided static analysis. The code appears to adhere to many WordPress security best practices, including robust use of prepared statements for SQL queries (88%) and proper output escaping (99%). Crucially, all identified entry points, including AJAX handlers and shortcodes, are protected by nonce and capability checks. The absence of direct file operations or external HTTP requests further reduces the potential for common attack vectors. The plugin also has no recorded vulnerabilities (CVEs), indicating a history of secure development or effective patching if any issues have arisen in the past.

While the overall picture is positive, there's a minor area for attention. The presence of 7 AJAX handlers, although secured, represents a moderate attack surface. A complete absence of unauthenticated AJAX handlers would be ideal, but the current implementation with checks is acceptable. The use of bundled libraries like Select2 could present a potential risk if not kept up-to-date, though no specific version issues or vulnerabilities are indicated here. Given the strong adherence to core security principles and a clean vulnerability history, the plugin is considered relatively safe for use.

Vulnerabilities

None known

Trip Reviews Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Trip Reviews Code Analysis

Dangerous Functions

0

Raw SQL Queries

4

30 prepared

Unescaped Output

2

357 escaped

Nonce Checks

7

Capability Checks

7

File Operations

0

External Requests

0

Bundled Libraries

1

Bundled Libraries

Select2

SQL Query Safety

88% prepared34 total queries

Output Escaping

99% escaped359 total outputs

Data Flows

All sanitized

Data Flow Analysis

8 flows

ajax_save_settings (includes\classes\Admin\Pages\class-settingspage.php:651)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Trip Reviews Attack Surface

Entry Points10

Unprotected0

AJAX Handlers 7

authwp_ajax_trpre_save_settingsincludes\classes\Admin\Pages\class-settingspage.php:56

authwp_ajax_trpre_reset_settingsincludes\classes\Admin\Pages\class-settingspage.php:57

authwp_ajax_trpre_load_tabincludes\classes\Admin\Pages\class-settingspage.php:58

authwp_ajax_trpre_load_more_reviewsincludes\classes\Frontend\Display\class-reviewdisplay.php:26

noprivwp_ajax_trpre_load_more_reviewsincludes\classes\Frontend\Display\class-reviewdisplay.php:27

authwp_ajax_trpre_submit_reviewincludes\classes\Frontend\Forms\class-reviewform.php:71

noprivwp_ajax_trpre_submit_reviewincludes\classes\Frontend\Forms\class-reviewform.php:72

Shortcodes 3

[trip_rating_summary] includes\classes\Frontend\Display\class-ratingdisplay.php:24

[trip_review_list] includes\classes\Frontend\Display\class-reviewdisplay.php:28

[trip_review_form] includes\classes\Frontend\Forms\class-reviewform.php:75

WordPress Hooks 23

actionadmin_enqueue_scriptsincludes\classes\Admin\Pages\class-basepage.php:59

filteradmin_body_classincludes\classes\Admin\Pages\class-basepage.php:60

actionadmin_menuincludes\classes\Admin\Pages\class-pagemanager.php:39

filteradmin_titleincludes\classes\Admin\Pages\class-pagemanager.php:40

actionadmin_initincludes\classes\Admin\Pages\class-settingspage.php:55

actioninitincludes\classes\Core\PostTypes\class-tripreview.php:31

actioninitincludes\classes\Core\PostTypes\class-tripreview.php:32

actionadd_meta_boxesincludes\classes\Core\PostTypes\class-tripreview.php:33

actionsave_postincludes\classes\Core\PostTypes\class-tripreview.php:34

actionpre_get_postsincludes\classes\Core\PostTypes\class-tripreview.php:38

actiontransition_post_statusincludes\classes\Core\PostTypes\class-tripreview.php:39

filteruse_block_editor_for_post_typeincludes\classes\Core\PostTypes\class-tripreview.php:40

actionsave_postincludes\classes\Core\PostTypes\class-tripreview.php:451

actionwp_headincludes\classes\Frontend\Display\class-ratingdisplay.php:25

actionadmin_noticestrip-reviews.php:49

actionplugins_loadedtrip-reviews.php:181

actionadmin_inittrip-reviews.php:185

actionadmin_menutrip-reviews.php:186

actionadmin_enqueue_scriptstrip-reviews.php:187

actionwp_enqueue_scriptstrip-reviews.php:191

actionwp_headtrip-reviews.php:192

actionwte_single_trip_tab_content_trip_reviewstrip-reviews.php:197

filteroption_wp_travel_engine_settingstrip-reviews.php:201

Scheduled Events 1

trpre_cleanup_spam_reviews

Maintenance & Trust

Trip Reviews Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedNov 16, 2025

PHP min version7.4

Downloads250

Community Trust

Rating0/100

Number of ratings0

Active installs20

Alternatives

Trip Reviews Alternatives

Site Reviews

site-reviews

A

96

Site Reviews is a complete review management solution that integrates with WooCommerce and SureCart and works similarly to reviews on Amazon, Tripadvi …

70K 13 CVEs

WP Travel Engine – Tour Booking Plugin – Tour Operator Software

wp-travel-engine

B

76

WP Travel Engine is the most popular tour and travel booking WordPress plugin. Used by over 20,000 travel agency websites.

20K 13 CVEs

WP Testimonials

testimonial-widgets

A

99

Display your Testimonials on your website fast and easily. 21 widget types, 25 widget styles available. (Free Plugin)

10K 2 CVEs

WP Travel Engine – Elementor Widgets | Create Travel Booking Website Using WordPress and Elementor

wte-elementor-widgets

A

97

WP Travel Engine – Elementor Widgets provides 20+ Elementor widgets to create travel and tour booking websites using WP Travel Engine and Elementor.

10K 2 CVEs

Widgets for Booking.com Reviews

review-widgets-for-booking-com

A

100

Embed Booking.com reviews fast and easily into your WordPress site. Increase SEO, trust and sales using Booking.com reviews.

8K No CVEs

Developer Profile

Trip Reviews Developer Profile

WP Travel Kit

6 plugins · 490 total installs

93

trust score

Avg Security Score

99/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Trip Reviews

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/trip-reviews/assets/css/trip-reviews-frontend.css/wp-content/plugins/trip-reviews/assets/css/trip-reviews-backend.css/wp-content/plugins/trip-reviews/assets/js/trip-reviews-frontend.js/wp-content/plugins/trip-reviews/assets/js/trip-reviews-backend.js/wp-content/plugins/trip-reviews/assets/js/trip-reviews-admin-script.js

Script Paths

/wp-content/plugins/trip-reviews/assets/css/trip-reviews-frontend.css/wp-content/plugins/trip-reviews/assets/css/trip-reviews-backend.css/wp-content/plugins/trip-reviews/assets/js/trip-reviews-frontend.js/wp-content/plugins/trip-reviews/assets/js/trip-reviews-backend.js/wp-content/plugins/trip-reviews/assets/js/trip-reviews-admin-script.js

Version Parameters

trip-reviews/assets/css/trip-reviews-frontend.css?ver=trip-reviews/assets/css/trip-reviews-backend.css?ver=trip-reviews/assets/js/trip-reviews-frontend.js?ver=trip-reviews/assets/js/trip-reviews-backend.js?ver=trip-reviews/assets/js/trip-reviews-admin-script.js?ver=

HTML / DOM Fingerprints

CSS Classes

trip-reviews-formtrip-reviews-titletrip-reviews-ratingtrip-reviews-review-listtrip-reviews-review-itemtrip-reviews-authortrip-reviews-datetrip-reviews-content

HTML Comments

Data Attributes

data-trip-review-iddata-trip-review-ratingdata-trip-review-user-id

JS Globals

trip_reviews_ajax_object

FAQ

Trip Reviews Security & Risk Analysis

Is Trip Reviews Safe to Use in 2026?

Generally Safe

Trip Reviews Security Vulnerabilities

Trip Reviews Code Analysis

Bundled Libraries

SQL Query Safety

Output Escaping

Data Flow Analysis

Trip Reviews Attack Surface

AJAX Handlers 7

Shortcodes 3

Scheduled Events 1

Trip Reviews Maintenance & Trust

Maintenance Signals

Community Trust

Trip Reviews Alternatives

Site Reviews

WP Travel Engine – Tour Booking Plugin – Tour Operator Software

WP Testimonials

WP Travel Engine – Elementor Widgets | Create Travel Booking Website Using WordPress and Elementor

Widgets for Booking.com Reviews

Trip Reviews Developer Profile

How We Detect Trip Reviews

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Trip Reviews