Widget for Yelp Reviews Security & Risk Analysis
wordpress.org/plugins/widget-yelp-reviewsYelp reviews widget and shortcode! Shows Yelp business reviews on your WordPress website to increase user trust and SEO.
Is Widget for Yelp Reviews Safe to Use in 2026?
Generally Safe
Score 100/100Widget for Yelp Reviews has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "widget-yelp-reviews" plugin version 1.8 exhibits a mixed security posture. On the positive side, it has a minimal attack surface with no unprotected entry points and a good number of nonce and capability checks. The plugin also demonstrates good practice by using prepared statements for a significant percentage of its SQL queries. Furthermore, the lack of recorded historical vulnerabilities suggests a generally stable codebase. However, there are significant concerns arising from the static analysis. The taint analysis reveals two high-severity flows with unsanitized paths, indicating potential vulnerabilities where user-supplied data could be manipulated to execute unintended actions. Additionally, a low percentage of properly escaped output (27%) is a major red flag, suggesting that user-generated content displayed on the frontend could be susceptible to Cross-Site Scripting (XSS) attacks. The presence of file operations and external HTTP requests, while not inherently insecure, warrants careful review in conjunction with the taint analysis to ensure these functionalities are not exploited.
Key Concerns
- High severity unsanitized taint flows
- Low percentage of properly escaped output
- File operations present
- External HTTP requests present
Widget for Yelp Reviews Security Vulnerabilities
Widget for Yelp Reviews Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
Widget for Yelp Reviews Attack Surface
Shortcodes 1
WordPress Hooks 10
Scheduled Events 1
Maintenance & Trust
Widget for Yelp Reviews Maintenance & Trust
Maintenance Signals
Community Trust
Widget for Yelp Reviews Alternatives
Reviews Widgets for Google, Yelp & TripAdvisor
fb-reviews-widget
Combine Facebook recommendations with Google, Yelp and TripAdvisor reviews in a widget, block or shortcode. Build a trusted website!
Widgets for Yelp Reviews
reviews-widgets-for-yelp
Embed Yelp reviews fast and easily into your WordPress site. Increase SEO, trust and sales using Yelp reviews.
Yelp Reviews Ticker
yelp-reviews-ticker
Yelp Reviews Ticker is an easy to use widget that allows you to show your business yelp reviews.
Review Map by RevuKangaroo
review-map-by-revukangaroo
Show off your customer's online reviews with Review Map by Revukangaroo.
Proton Reviews
proton-reviews
Proton Reviews is the Best Reviews Funnel for Google and Yelp
Widget for Yelp Reviews Developer Profile
5 plugins · 114K total installs
How We Detect Widget for Yelp Reviews
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/widget-yelp-reviews/static/css/style.css/wp-content/plugins/widget-yelp-reviews/static/js/main.js/wp-content/plugins/widget-yelp-reviews/static/js/main.jswidget-yelp-reviews/static/css/style.css?ver=widget-yelp-reviews/static/js/main.js?ver=HTML / DOM Fingerprints
yrw-erroryrw-business-infoyrw-business-photoyrw-business-ratingyrw-business-reviews-countyrw-business-addressyrw-business-websiteyrw-review-item+5 moredata-business_iddata-countdata-hide_photodata-hide_ratingdata-hide_reviews_countdata-hide_address+2 more<div class="yrw-error"<b>Google Reviews Business</b>: required attribute business_id is not defined