WP-Safety

Widgets for Alibaba Reviews Security & Risk Analysis

wordpress.org/plugins/widgets-for-alibaba-reviews

Embed Alibaba reviews fast and easily into your WordPress site. Increase SEO, trust and sales using Alibaba reviews.

0 active installs v13.2.7 PHP 7.0+ WP 6.2+ Updated Jan 20, 2026
alibabaratingsrecommendationsreviewstestimonials
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Widgets for Alibaba Reviews Safe to Use in 2026?

Generally Safe

Score 100/100

Widgets for Alibaba Reviews has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The "widgets-for-alibaba-reviews" plugin version 13.2.7 exhibits a mixed security posture. While it demonstrates strong adherence to secure coding practices by properly escaping all output, utilizing prepared statements for the vast majority of its SQL queries, and including a substantial number of nonce and capability checks, there are significant areas of concern. The presence of a dangerous `unserialize` function, even if not explicitly shown to be exploitable in taint analysis, introduces a potential risk if user-controlled input is ever passed to it without proper sanitization.

More critically, the plugin has an exposed attack surface with three identified entry points, all of which lack authentication or permission checks. This includes one AJAX handler and two REST API routes. The taint analysis, while showing no critical or high severity flows, did identify one flow with an unsanitized path, which combined with the unprotected entry points, represents a notable risk. The plugin's vulnerability history is clean, with no recorded CVEs, which is a positive indicator of past security diligence. However, this does not negate the risks identified in the current version's code analysis.

Key Concerns

  • Unprotected AJAX handler
  • Unprotected REST API routes
  • Use of unserialize function
  • Flow with unsanitized path
Vulnerabilities
None known

Widgets for Alibaba Reviews Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Widgets for Alibaba Reviews Code Analysis

Dangerous Functions
1
Raw SQL Queries
1
54 prepared
Unescaped Output
3
1363 escaped
Nonce Checks
41
Capability Checks
4
File Operations
3
External Requests
10
Bundled Libraries
0

Dangerous Functions Found

unserialize$wpRepoResponse = unserialize(wp_remote_retrieve_body($wpResponse));trustindex-plugin.class.php:7043

SQL Query Safety

98% prepared55 total queries

Output Escaping

100% escaped1366 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

7 flows1 with unsanitized paths
<admin> (include\admin.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
3 unprotected

Widgets for Alibaba Reviews Attack Surface

Entry Points3
Unprotected3

AJAX Handlers 1

authwp_ajax_list_trustindex_widgetswidgets-for-alibaba-reviews.php:110

REST API Routes 2

GET/wp-json/trustindex/v1/get-widgetstrustindex-plugin.class.php:7185
GET/wp-json/trustindex/v1/setup-completetrustindex-plugin.class.php:7190
WordPress Hooks 36
filterrocket_minify_excluded_external_jsinclude\cache-plugin-filters.php:13
filterrocket_exclude_jsinclude\cache-plugin-filters.php:14
filterrocket_delay_js_exclusionsinclude\cache-plugin-filters.php:15
filterlitespeed_optimize_js_excludesinclude\cache-plugin-filters.php:16
filtersgo_javascript_combine_excluded_external_pathsinclude\cache-plugin-filters.php:17
filtersgo_css_combine_excludeinclude\cache-plugin-filters.php:18
filterrocket_rucss_safelistinclude\cache-plugin-filters.php:58
filterscript_loader_taginclude\cache-plugin-filters.php:63
filterstyle_loader_taginclude\cache-plugin-filters.php:78
actionenqueue_block_editor_assetsstatic\block-editor\block-editor.php:10
actioninitstatic\block-editor\block-editor.php:11
filterfilesystem_methodtrustindex-plugin.class.php:1046
actionadmin_noticestrustindex-plugin.class.php:1064
actionhttp_api_curltrustindex-plugin.class.php:6121
filtermce_external_pluginstrustindex-plugin.class.php:6922
filtermce_buttonstrustindex-plugin.class.php:6923
actionadmin_initwidgets-for-alibaba-reviews.php:28
actionplugins_loadedwidgets-for-alibaba-reviews.php:31
actionwp_headwidgets-for-alibaba-reviews.php:32
actionwp_insert_sitewidgets-for-alibaba-reviews.php:61
actionadmin_menuwidgets-for-alibaba-reviews.php:73
filterplugin_action_linkswidgets-for-alibaba-reviews.php:74
filterplugin_row_metawidgets-for-alibaba-reviews.php:75
actionwidgets_initwidgets-for-alibaba-reviews.php:77
actionwidgets_initwidgets-for-alibaba-reviews.php:78
actioninitwidgets-for-alibaba-reviews.php:80
actioninitwidgets-for-alibaba-reviews.php:86
filterscript_loader_tagwidgets-for-alibaba-reviews.php:87
actionelementor/controls/controls_registeredwidgets-for-alibaba-reviews.php:93
actionelementor/widgets/registerwidgets-for-alibaba-reviews.php:97
actionelementor/widgets/widgets_registeredwidgets-for-alibaba-reviews.php:103
actioninitwidgets-for-alibaba-reviews.php:109
actionadmin_enqueue_scriptswidgets-for-alibaba-reviews.php:111
actionrest_api_initwidgets-for-alibaba-reviews.php:112
actionadmin_noticeswidgets-for-alibaba-reviews.php:145
actionadmin_noticeswidgets-for-alibaba-reviews.php:206
Maintenance & Trust

Widgets for Alibaba Reviews Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 20, 2026
PHP min version7.0
Downloads8K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Widgets for Alibaba Reviews Alternatives

WP Testimonials

WP Testimonials

testimonial-widgets

A
99

Display your Testimonials on your website fast and easily. 21 widget types, 25 widget styles available. (Free Plugin)

10K 2 CVEs
Widgets for Thumbtack Reviews

Widgets for Thumbtack Reviews

widgets-for-thumbtack-reviews

A
100

Embed Thumbtack reviews fast and easily into your WordPress site. Increase SEO, trust and sales using Thumbtack reviews.

800 No CVEs
Widgets for Ebay Reviews

Widgets for Ebay Reviews

widgets-for-ebay-reviews

A
100

Embed Ebay reviews fast and easily into your WordPress site. Increase SEO, trust and sales using Ebay reviews.

500 No CVEs
Widgets for Capterra Reviews

Widgets for Capterra Reviews

review-widgets-for-capterra

A
100

Embed Capterra reviews fast and easily into your WordPress site. Increase SEO, trust and sales using Capterra reviews.

100 No CVEs
Widgets for SourceForge Reviews

Widgets for SourceForge Reviews

widgets-for-sourceforge-reviews

A
100

Embed SourceForge reviews fast and easily into your WordPress site. Increase SEO, trust and sales using SourceForge reviews.

0 1 CVE
Developer Profile

Widgets for Alibaba Reviews Developer Profile

Trustindex

32 plugins · 976K total installs

87
trust score
Avg Security Score
99/100
Avg Patch Time
87 days
View full developer profile
Detection Fingerprints

How We Detect Widgets for Alibaba Reviews

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/widgets-for-alibaba-reviews/assets/css/widgets-for-alibaba-reviews.css/wp-content/plugins/widgets-for-alibaba-reviews/assets/js/widgets-for-alibaba-reviews.js
Script Paths
https://cdn.trustindex.io/loader.js
Version Parameters
widgets-for-alibaba-reviews/assets/css/widgets-for-alibaba-reviews.css?ver=widgets-for-alibaba-reviews/assets/js/widgets-for-alibaba-reviews.js?ver=

HTML / DOM Fingerprints

CSS Classes
trustindex-notification-row
Data Attributes
data-ccm-injected
JS Globals
trustindex_pm_alibabaTrustindexPlugin_alibaba
REST Endpoints
/wp-json/trustindex/v1/settings
FAQ

Frequently Asked Questions about Widgets for Alibaba Reviews