WP-Safety

Trustlocal Widgets Security & Risk Analysis

wordpress.org/plugins/trustlocal-widgets

A simple way to add Trustlocal Widget shortcodes and blocks to your WordPress site.

100 active installs v1.0.1 PHP 7.4+ WP 5.0+ Updated Apr 8, 2026
ratingreviewsscoretrustlocalwidgets
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Trustlocal Widgets Safe to Use in 2026?

Generally Safe

Score 100/100

Trustlocal Widgets has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The trustlocal-widgets plugin v1.0.1 demonstrates a generally strong security posture based on the provided static analysis. The absence of dangerous functions, 100% use of prepared statements for SQL queries, and a very high percentage of properly escaped output are excellent indicators of secure coding practices. The plugin also correctly implements nonce and capability checks for its AJAX handlers, and there are no recorded vulnerabilities in its history. This suggests a development team that is mindful of security principles and has likely maintained a clean security record.

However, a minor area for improvement lies in the plugin's attack surface. While all entry points have checks, the presence of two AJAX handlers and three shortcodes, totaling five entry points, creates a potential area for future vulnerabilities if checks are ever inadvertently removed or bypassed. The single external HTTP request, while not inherently a vulnerability, could be a vector for certain types of attacks if the external service is compromised or if the request is not handled securely. Despite these minor points, the overall risk assessment for this plugin is low, given the robust checks and clean history.

Key Concerns

  • External HTTP request observed
  • Moderate attack surface (5 entry points)
Vulnerabilities
None known

Trustlocal Widgets Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Trustlocal Widgets Release Timeline

v1.0.1Current
vv1.0.0
Code Analysis
Analyzed Apr 16, 2026

Trustlocal Widgets Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
2 prepared
Unescaped Output
3
165 escaped
Nonce Checks
2
Capability Checks
2
File Operations
0
External Requests
1
Bundled Libraries
0

SQL Query Safety

100% prepared2 total queries

Output Escaping

98% escaped168 total outputs
Attack Surface

Trustlocal Widgets Attack Surface

Entry Points5
Unprotected0

AJAX Handlers 2

authwp_ajax_trustlocal_test_connectionadmin/class-trustlocal-admin.php:37
authwp_ajax_trustlocal_clear_cacheadmin/class-trustlocal-admin.php:38

Shortcodes 3

[trustlocal_score] includes/class-trustlocal-shortcodes.php:19
[trustlocal_score_google] includes/class-trustlocal-shortcodes.php:20
[trustlocal_reviews] includes/class-trustlocal-shortcodes.php:21
WordPress Hooks 15
actionadmin_menuadmin/class-trustlocal-admin.php:13
actionadmin_initadmin/class-trustlocal-admin.php:14
actionadmin_enqueue_scriptsadmin/class-trustlocal-admin.php:15
actionadmin_enqueue_scriptsadmin/class-trustlocal-admin.php:16
actioninitincludes/class-trustlocal-blocks.php:19
actionenqueue_block_editor_assetsincludes/class-trustlocal-blocks.php:20
actionwp_enqueue_scriptsincludes/class-trustlocal-scripts.php:18
actionwp_footerincludes/class-trustlocal-scripts.php:19
filterscript_loader_tagincludes/class-trustlocal-scripts.php:159
filterscript_loader_tagincludes/class-trustlocal-scripts.php:271
actionelementor/elements/categories_registeredincludes/elementor/class-trustlocal-elementor.php:17
actionelementor/widgets/registerincludes/elementor/class-trustlocal-elementor.php:18
actionelementor/frontend/after_register_scriptsincludes/elementor/class-trustlocal-elementor.php:19
filterscript_loader_tagincludes/elementor/class-trustlocal-elementor.php:41
actionplugins_loadedtrustlocal-widgets.php:74
Maintenance & Trust

Trustlocal Widgets Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedApr 8, 2026
PHP min version7.4
Downloads523

Community Trust

Rating0/100
Number of ratings0
Active installs100
Alternatives

Trustlocal Widgets Alternatives

Trustoo Widgets

Trustoo Widgets

trustoo-widgets

A
100

A simple way to add Trustoo Widget shortcodes and blocks to your WordPress site.

100 No CVEs
OmniReview – Fetch Reviews From Anywhere

OmniReview – Fetch Reviews From Anywhere

omnireview

A
100

OmniReview lets you collect, sync, manage and display reviews from multiple platforms using customizable widgets.

0 No CVEs
Site Reviews

Site Reviews

site-reviews

A
96

Site Reviews is a complete review management solution that integrates with WooCommerce and SureCart and works similarly to reviews on Amazon, Tripadvi …

60K 13 CVEs
Reviews and Rating – Google Reviews

Reviews and Rating – Google Reviews

g-business-reviews-rating

A
90

Completely restriction-free Google reviews and rating as Shortcode/Widget. Extensive display options; delicious themes; includes Structured Data.

20K 2 CVEs
WP Testimonials

WP Testimonials

testimonial-widgets

A
99

Display your Testimonials on your website fast and easily. 21 widget types, 25 widget styles available. (Free Plugin)

10K 2 CVEs
Developer Profile

Trustlocal Widgets Developer Profile

Trustlocal

1 plugin · 100 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Trustlocal Widgets

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/trustlocal-widgets/admin/css/admin-styles.css
Version Parameters
trustlocal-widgets/admin/css/admin-styles.css?ver=

HTML / DOM Fingerprints

CSS Classes
copy-shortcodecopiedtoplevel_page_trustlocal-widgetstrustlocal-widgets-admin
Data Attributes
data-shortcode
JS Globals
ajaxurl
FAQ

Frequently Asked Questions about Trustlocal Widgets