Does Webvizio have any unpatched vulnerabilities?

No. All known vulnerabilities in Webvizio have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Webvizio compatible with WordPress 6.6.5?

According to WordPress.org data, Webvizio 1.0.4 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

Is Webvizio compatible with PHP 7.2+?

Webvizio requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Webvizio updated?

Webvizio was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Webvizio's security score?

Webvizio has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Webvizio Security & Risk Analysis

wordpress.org/plugins/webvizio

The Ultimate Visual Feedback, Collaboration & Productivity Tool for Web Professionals.

100 active installs v1.0.4 PHP 7.2+ WP 5.7.0+ Updated Unknown

bug-trackingcollaborationproject-managementvisual-feedbackwebsite-feedback

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Webvizio Safe to Use in 2026?

Generally Safe

Score 100/100

Webvizio has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The webvizio plugin v1.0.4 exhibits a generally good security posture, with many positive indicators. The plugin effectively utilizes prepared statements for all SQL queries, demonstrates a high percentage of properly escaped output, and implements nonce and capability checks for all identified AJAX handlers and REST API routes. The absence of dangerous functions, file operations, and recorded vulnerabilities in its history further strengthens this positive assessment. However, a notable concern arises from the presence of 2 REST API routes that lack permission callbacks. While the static analysis didn't reveal any direct taint flows or unsanitized paths, these unprotected REST API routes represent potential entry points for unauthorized access or manipulation if they interact with sensitive data or functionality. The plugin's overall risk is mitigated by its strong adherence to secure coding practices in other areas, but this specific omission warrants attention. A balanced conclusion is that webvizio v1.0.4 is largely secure due to its robust coding practices, but the unprotected REST API routes introduce a specific, albeit potentially minor, risk that should be addressed.

Key Concerns

REST API routes without permission callbacks

Vulnerabilities

None known

Webvizio Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Webvizio Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

25 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

96% escaped26 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

ajax_set_user (webvizio.php:171)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Webvizio Attack Surface

Entry Points7

Unprotected2

AJAX Handlers 5

authwp_ajax_webvizio_connectwebvizio.php:99

authwp_ajax_webvizio_disconnectwebvizio.php:100

authwp_ajax_webvizio_set_userwebvizio.php:101

authwp_ajax_webvizio_remove_userwebvizio.php:102

authwp_ajax_webvizio_change_accountwebvizio.php:103

REST API Routes 2

GET/wp-json/webvizio//checkwebvizio.php:106

POST/wp-json/webvizio//refresh-tokenwebvizio.php:110

WordPress Hooks 5

actionadmin_enqueue_scriptswebvizio.php:22

actionwp_headwebvizio.php:23

actioninitwebvizio.php:24

actionadmin_menuwebvizio.php:91

actionrest_api_initwebvizio.php:105

Maintenance & Trust

Webvizio Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedUnknown

PHP min version7.2

Downloads1K

Community Trust

Rating100/100

Number of ratings7

Active installs100

Alternatives

Webvizio Alternatives

Marker.io – Visual Website Feedback

marker-io

Collect visual website feedback from colleagues and clients on your WordPress site.

4K 2 CVEs

Feedbucket – Website Feedback Tool

feedbucket

Enable your clients and team members to submit feedback using screenshot and recordings on your WordPress site.

1K 1 CVE

PageProofer

pageproofer

100

Allow developers, designers, clients and site visitors to easily leave feedback directly on your website.

50 No CVEs

Superflow: Markup live websites

superflow

Comment and collaborate directly on your live Wordpress website.

30 No CVEs

SureFeedback Cloud

surefeedback-cloud

100

SureFeedback Cloud helps teams collect visual feedback on WordPress sites and designs. Fast client sharing, zero hosting needed.

10 No CVEs

Developer Profile

Webvizio Developer Profile

Alex Malashkevych

1 plugin · 100 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Webvizio

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/webvizio/css/admin.css/wp-content/plugins/webvizio/js/webvizio-admin.js/wp-content/plugins/webvizio/js/webvizio-init.js

Script Paths

/wp-content/plugins/webvizio/js/webvizio-admin.js/wp-content/plugins/webvizio/js/webvizio-init.js

Version Parameters

webvizio-admin-font?ver=webvizio_admin_css?ver=webvizio_admin?ver=webvizio_init?ver=

HTML / DOM Fingerprints

CSS Classes

webvizio-admin-menu-icon

Data Attributes

data-webvizio-user-iddata-webvizio-user-token

JS Globals

webvizio_app_urlwebvizio_api_urlwebvizio_ajax_urlwebvizio_settings_noncewebvizio_user_id

REST Endpoints

/wp-json/webvizio/check/wp-json/webvizio/refresh-token

FAQ