WP-Safety

Widgets for Expedia Reviews Security & Risk Analysis

wordpress.org/plugins/widgets-for-expedia-reviews

Embed Expedia reviews fast and easily into your WordPress site. Increase SEO, trust and sales using Expedia reviews.

100 active installs v13.2.7 PHP 7.0+ WP 6.2+ Updated Jan 20, 2026
expediahotelsratingsrestaurantreviews
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Widgets for Expedia Reviews Safe to Use in 2026?

Generally Safe

Score 100/100

Widgets for Expedia Reviews has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The "widgets-for-expedia-reviews" plugin v13.2.7 exhibits a mixed security posture. On the positive side, it demonstrates strong practices in output escaping, with 100% of outputs properly escaped, and a high adherence to using prepared statements for SQL queries. The absence of known CVEs and a clean vulnerability history are also significant strengths, suggesting a generally well-maintained codebase. However, there are critical concerns regarding the plugin's attack surface. A significant portion of its entry points, specifically all 3 identified, lack proper authentication or permission checks. This includes 1 AJAX handler and 2 REST API routes that do not implement capability checks, making them prime targets for unauthorized access or manipulation if exploited. Additionally, the presence of the `unserialize` function, while not directly tied to a vulnerability in the provided data, introduces a potential risk if user-supplied data is ever passed to it without robust sanitization, which is highlighted by a flow with an unsanitized path in the taint analysis.

Key Concerns

  • Unprotected AJAX handler
  • Unprotected REST API routes
  • Unsanitized path in taint flow
  • Dangerous function (unserialize) present
Vulnerabilities
None known

Widgets for Expedia Reviews Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Widgets for Expedia Reviews Code Analysis

Dangerous Functions
1
Raw SQL Queries
1
54 prepared
Unescaped Output
3
1363 escaped
Nonce Checks
41
Capability Checks
4
File Operations
3
External Requests
10
Bundled Libraries
0

Dangerous Functions Found

unserialize$wpRepoResponse = unserialize(wp_remote_retrieve_body($wpResponse));trustindex-plugin.class.php:7043

SQL Query Safety

98% prepared55 total queries

Output Escaping

100% escaped1366 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

7 flows1 with unsanitized paths
<admin> (include\admin.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
3 unprotected

Widgets for Expedia Reviews Attack Surface

Entry Points3
Unprotected3

AJAX Handlers 1

authwp_ajax_list_trustindex_widgetswidgets-for-expedia-reviews.php:110

REST API Routes 2

GET/wp-json/trustindex/v1/get-widgetstrustindex-plugin.class.php:7185
GET/wp-json/trustindex/v1/setup-completetrustindex-plugin.class.php:7190
WordPress Hooks 36
filterrocket_minify_excluded_external_jsinclude\cache-plugin-filters.php:13
filterrocket_exclude_jsinclude\cache-plugin-filters.php:14
filterrocket_delay_js_exclusionsinclude\cache-plugin-filters.php:15
filterlitespeed_optimize_js_excludesinclude\cache-plugin-filters.php:16
filtersgo_javascript_combine_excluded_external_pathsinclude\cache-plugin-filters.php:17
filtersgo_css_combine_excludeinclude\cache-plugin-filters.php:18
filterrocket_rucss_safelistinclude\cache-plugin-filters.php:58
filterscript_loader_taginclude\cache-plugin-filters.php:63
filterstyle_loader_taginclude\cache-plugin-filters.php:78
actionenqueue_block_editor_assetsstatic\block-editor\block-editor.php:10
actioninitstatic\block-editor\block-editor.php:11
filterfilesystem_methodtrustindex-plugin.class.php:1046
actionadmin_noticestrustindex-plugin.class.php:1064
actionhttp_api_curltrustindex-plugin.class.php:6121
filtermce_external_pluginstrustindex-plugin.class.php:6922
filtermce_buttonstrustindex-plugin.class.php:6923
actionadmin_initwidgets-for-expedia-reviews.php:28
actionplugins_loadedwidgets-for-expedia-reviews.php:31
actionwp_headwidgets-for-expedia-reviews.php:32
actionwp_insert_sitewidgets-for-expedia-reviews.php:61
actionadmin_menuwidgets-for-expedia-reviews.php:73
filterplugin_action_linkswidgets-for-expedia-reviews.php:74
filterplugin_row_metawidgets-for-expedia-reviews.php:75
actionwidgets_initwidgets-for-expedia-reviews.php:77
actionwidgets_initwidgets-for-expedia-reviews.php:78
actioninitwidgets-for-expedia-reviews.php:80
actioninitwidgets-for-expedia-reviews.php:86
filterscript_loader_tagwidgets-for-expedia-reviews.php:87
actionelementor/controls/controls_registeredwidgets-for-expedia-reviews.php:93
actionelementor/widgets/registerwidgets-for-expedia-reviews.php:97
actionelementor/widgets/widgets_registeredwidgets-for-expedia-reviews.php:103
actioninitwidgets-for-expedia-reviews.php:109
actionadmin_enqueue_scriptswidgets-for-expedia-reviews.php:111
actionrest_api_initwidgets-for-expedia-reviews.php:112
actionadmin_noticeswidgets-for-expedia-reviews.php:145
actionadmin_noticeswidgets-for-expedia-reviews.php:206
Maintenance & Trust

Widgets for Expedia Reviews Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 20, 2026
PHP min version7.0
Downloads16K

Community Trust

Rating100/100
Number of ratings3
Active installs100
Alternatives

Widgets for Expedia Reviews Alternatives

WP Tripadvisor Review Widgets

WP Tripadvisor Review Widgets

review-widgets-for-tripadvisor

A
100

Embed Tripadvisor reviews fast and easily into your WordPress site. Increase SEO, trust and sales using Tripadvisor reviews.

20K No CVEs
Widgets for Opentable Reviews

Widgets for Opentable Reviews

review-widgets-for-opentable

A
100

Embed Opentable reviews fast and easily into your WordPress site. Increase SEO, trust and sales using Opentable reviews.

70 No CVEs
Widgets for Hotels.com Reviews

Widgets for Hotels.com Reviews

review-widgets-for-hotels-com

A
100

Embed Hotels.com reviews fast and easily into your WordPress site. Increase SEO, trust and sales using Hotels.com reviews.

50 No CVEs
Review Widgets for Szallas.hu

Review Widgets for Szallas.hu

review-widgets-for-szallas-hu

A
100

Szállás.hu review widgets. Show your szallas.hu reviews on your WordPress website to build trust and increase your SEO.

40 No CVEs
Widgets for Foursquare Reviews

Widgets for Foursquare Reviews

review-widgets-for-foursquare

A
100

Embed Foursquare reviews fast and easily into your WordPress site. Increase SEO, trust and sales using Foursquare reviews.

10 No CVEs
Developer Profile

Widgets for Expedia Reviews Developer Profile

Trustindex

32 plugins · 976K total installs

87
trust score
Avg Security Score
99/100
Avg Patch Time
87 days
View full developer profile
Detection Fingerprints

How We Detect Widgets for Expedia Reviews

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/widgets-for-expedia-reviews/include/elementor-widgets.php/wp-content/plugins/widgets-for-expedia-reviews/include/trustindex-plugin.class.php/wp-content/plugins/widgets-for-expedia-reviews/include/cache-plugin-filters.php
Script Paths
https://cdn.trustindex.io/loader.js
Version Parameters
widgets-for-expedia-reviews/style.css?ver=widgets-for-expedia-reviews/widgets-for-expedia-reviews.php?ver=widgets-for-expedia-reviews/js/admin-script.js?ver=

HTML / DOM Fingerprints

CSS Classes
trustindex-notification-rowti-close-notificationti-hide-notification
Data Attributes
data-ccm-injected
JS Globals
TrustindexPlugin_expedia
REST Endpoints
/wp-json/widgets-for-expedia-reviews/v1/endpoint
FAQ

Frequently Asked Questions about Widgets for Expedia Reviews