TruVISIBILITY All-In-One Marketing Suite Security & Risk Analysis

wordpress.org/plugins/truvisibility-all-in-one-marketing-suite

The TruVISIBILITY Plugin integrates your website with their all-in-one Marketing Suite featuring a CRM, Email Automation, Forms, & Live Chat/Chatbots.

10 active installs v1.2.6 PHP 7.2+ WP 5.4+ Updated Aug 13, 2025
chatcrmemail-marketingformsmessaging
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is TruVISIBILITY All-In-One Marketing Suite Safe to Use in 2026?

Generally Safe

Score 100/100

TruVISIBILITY All-In-One Marketing Suite has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11mo ago
Risk Assessment

The 'truvisibility-all-in-one-marketing-suite' plugin v1.2.6 demonstrates a generally strong security posture, with no recorded vulnerabilities or critical code issues. The static analysis reveals excellent practices in handling SQL queries and output escaping, both of which are 100% secure. The absence of dangerous functions, file operations, and external HTTP requests also contributes positively to its security. However, the plugin does present a few areas for concern. There is one AJAX handler and one REST API route that lack proper authentication and permission checks, respectively. While the taint analysis showed no unsanitized paths, the presence of unprotected entry points, coupled with zero nonce checks, indicates a potential for unauthorized access or manipulation if these endpoints were to be exploited.

The vulnerability history is notably clean, with zero known CVEs and no previously recorded vulnerabilities. This pattern suggests a diligent approach to security by the developers or a lack of past exploitation attempts. Despite the strengths in SQL and output handling, the unprotected AJAX and REST API endpoints are the primary security weaknesses. The lack of nonce checks further exacerbates this risk, as it bypasses a common WordPress security mechanism. Overall, the plugin is in good shape, but these unprotected entry points and the absence of nonce checks represent a moderate risk that should be addressed to achieve a robust security profile.

Key Concerns

  • AJAX handler without auth check
  • REST API route without permission callback
  • No nonce checks on entry points
Vulnerabilities
None known

TruVISIBILITY All-In-One Marketing Suite Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

TruVISIBILITY All-In-One Marketing Suite Release Timeline

v1.2.6Current
v1.0.1
v1.0.0
Code Analysis
Analyzed Mar 17, 2026

TruVISIBILITY All-In-One Marketing Suite Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
3 prepared
Unescaped Output
0
58 escaped
Nonce Checks
0
Capability Checks
2
File Operations
0
External Requests
1
Bundled Libraries
0

SQL Query Safety

100% prepared3 total queries

Output Escaping

100% escaped58 total outputs
Attack Surface
2 unprotected

TruVISIBILITY All-In-One Marketing Suite Attack Surface

Entry Points17
Unprotected2

AJAX Handlers 1

authwp_ajax_render_admin_panelincludes\class-truvisibility-platform.php:204

REST API Routes 15

GET/wp-json/truvisibility/v1/userservices\class-truvisibility-platform-rest-api.php:53
GET/wp-json/truvisibility/v1/platform/(?P<platform>.+)services\class-truvisibility-platform-rest-api.php:60
GET/wp-json/truvisibility/v1/customersservices\class-truvisibility-platform-rest-api.php:73
GET/wp-json/truvisibility/v1/ordersservices\class-truvisibility-platform-rest-api.php:80
GET/wp-json/truvisibility/v1/productsservices\class-truvisibility-platform-rest-api.php:87
GET/wp-json/truvisibility/v1/products/searchservices\class-truvisibility-platform-rest-api.php:94
GET/wp-json/truvisibility/v1/products/(?P<id>\d+)services\class-truvisibility-platform-rest-api.php:117
GET/wp-json/truvisibility/v1/orders/by-customer/(?P<id>\d+)services\class-truvisibility-platform-rest-api.php:130
GET/wp-json/truvisibility/v1/formsservices\class-truvisibility-platform-rest-api.php:143
GET/wp-json/truvisibility/v1/chatsservices\class-truvisibility-platform-rest-api.php:150
POST/wp-json/truvisibility/v1/authservices\class-truvisibility-platform-rest-api.php:157
POST/wp-json/truvisibility/v1/reset-authservices\class-truvisibility-platform-rest-api.php:164
POST/wp-json/truvisibility/v1/set-accountservices\class-truvisibility-platform-rest-api.php:171
GET/wp-json/truvisibility/v1/get-gdpr-settingsservices\class-truvisibility-platform-rest-api.php:178
POST/wp-json/truvisibility/v1/save-gdpr-settingsservices\class-truvisibility-platform-rest-api.php:185

Shortcodes 1

[truvisibility] includes\class-truvisibility-platform.php:219
WordPress Hooks 18
actionplugins_loadedincludes\class-truvisibility-platform.php:183
actionadmin_enqueue_scriptsincludes\class-truvisibility-platform.php:197
actionadmin_enqueue_scriptsincludes\class-truvisibility-platform.php:198
actionadmin_menuincludes\class-truvisibility-platform.php:199
actionadmin_initincludes\class-truvisibility-platform.php:200
actioninitincludes\class-truvisibility-platform.php:201
actionenqueue_block_assetsincludes\class-truvisibility-platform.php:202
actionwp_enqueue_scriptsincludes\class-truvisibility-platform.php:217
actionwp_enqueue_scriptsincludes\class-truvisibility-platform.php:218
actionrest_api_initincludes\class-truvisibility-platform.php:233
actionwoocommerce_new_orderincludes\class-truvisibility-platform.php:244
actionwoocommerce_update_orderincludes\class-truvisibility-platform.php:246
actionwoocommerce_order_refundedincludes\class-truvisibility-platform.php:247
actionuser_registerincludes\class-truvisibility-platform.php:249
actionwoocommerce_created_customerincludes\class-truvisibility-platform.php:250
actionwoocommerce_new_customerincludes\class-truvisibility-platform.php:251
actionprofile_updateincludes\class-truvisibility-platform.php:253
actionwoocommerce_update_customerincludes\class-truvisibility-platform.php:254
Maintenance & Trust

TruVISIBILITY All-In-One Marketing Suite Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedAug 13, 2025
PHP min version7.2
Downloads2K

Community Trust

Rating100/100
Number of ratings1
Active installs10
Developer Profile

TruVISIBILITY All-In-One Marketing Suite Developer Profile

truvisibility

2 plugins · 10 total installs

89
trust score
Avg Security Score
93/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect TruVISIBILITY All-In-One Marketing Suite

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/truvisibility-all-in-one-marketing-suite/admin/css/truvisibility-platform-admin.min.css/wp-content/plugins/truvisibility-all-in-one-marketing-suite/admin/js/truvisibility-platform-admin-editor.js/wp-content/plugins/truvisibility-all-in-one-marketing-suite/admin/js/truvisibility-platform-admin.js
Script Paths
https://forms.truvisibility.com/static/scripts/embed.jshttps://cdn.jsdelivr.net/npm/@popperjs/core@2.11.8/dist/umd/popper.min.jshttps://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js
Version Parameters
truvisibility-platform-admin.min.css?ver=truvisibility-platform-admin-editor.js?ver=truvisibility-platform-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
truvisibility-platform-connectable-itemtruvisibility-platform-connectable-items
HTML Comments
<!-- TruVISIBILITY All-In-One Marketing Suite -->
Data Attributes
data-truvisibility-form-id
JS Globals
window.truvisibility_platform_config
Shortcode Output
[truvisibility_form
FAQ

Frequently Asked Questions about TruVISIBILITY All-In-One Marketing Suite