Does Wiwitness Testimonials have any unpatched vulnerabilities?

No. All known vulnerabilities in Wiwitness Testimonials have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Wiwitness Testimonials compatible with WordPress 3.6.1?

According to WordPress.org data, Wiwitness Testimonials 1.0.0 has been tested up to WordPress 3.6.1. Check the plugin's changelog for the latest compatibility information.

How often is Wiwitness Testimonials updated?

Wiwitness Testimonials was last updated on Sep 23, 2013. Frequent updates are generally a positive security signal.

What is Wiwitness Testimonials's security score?

Wiwitness Testimonials has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Wiwitness Testimonials Security & Risk Analysis

wordpress.org/plugins/wiwitness-testimonials

Collect, manage and display socially verifiable testimonials. Instill confidence in visitors about your website.

10 active installs v1.0.0 PHP + WP 3.0+ Updated Sep 23, 2013

testimonialtestimonial-plugintestimonial-widgettestimonialstestimonials-widget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Wiwitness Testimonials Safe to Use in 2026?

Generally Safe

Score 85/100

Wiwitness Testimonials has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The "wiwitness-testimonials" plugin version 1.0.0 presents a mixed security posture. On the positive side, the static analysis shows no dangerous functions, no raw SQL queries, and no file operations or external HTTP requests, which are excellent indicators of secure coding practices. The absence of any recorded vulnerabilities in its history is also a strong positive. However, a significant concern arises from the complete lack of output escaping for all seven identified output points. This means that any data displayed by the plugin could potentially be manipulated by an attacker to inject malicious content, such as cross-site scripting (XSS) payloads, leading to potential compromise of user sessions and data. The lack of nonce checks and capability checks, while not directly tied to identified attack vectors in this specific analysis, represents missed opportunities for robust access control and could become a vector for abuse if new attack surfaces were introduced in future versions.

Key Concerns

All output is unescaped
No nonce checks
No capability checks

Vulnerabilities

None known

Wiwitness Testimonials Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Wiwitness Testimonials Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped7 total outputs

Attack Surface

Wiwitness Testimonials Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[wiwitness] wiwitness-testimonials.php:39

WordPress Hooks 1

actionwidgets_initwiwitness-testimonials.php:92

Maintenance & Trust

Wiwitness Testimonials Maintenance & Trust

Maintenance Signals

WordPress version tested3.6.1

Last updatedSep 23, 2013

PHP min version

Downloads2K

Community Trust

Rating86/100

Number of ratings3

Active installs10

Alternatives

Wiwitness Testimonials Alternatives

Mi Testimonial Slider

mi-testimonial-slider

Testimonial Slider For Showcase your clients, customer's testimonials. With 20+ trendy designs you can customize your wordpress site

10 No CVEs

Strong Testimonials

strong-testimonials

An easy-to-use testimonial plugin to collect and show customer feedback in WordPress

90K 14 CVEs

BNE Testimonials

bne-testimonials

Display testimonials and reviews on any page or widget area as list or slider. Upgrade to PRO for additional layouts, themes, submission form, API, ra …

1K 1 CVE

TC Testimonials

tc-testimonial

Testimonial Slider carousel is an easy plugin to display testimonials of clients,business partners or affiliates along with title, URL on your website …

400 1 unpatched

Elfsight Testimonials Slider

elfsight-testimonials-slider

Level up your website credibility with trustworthy testimonials

200 3 unpatched

Developer Profile

Wiwitness Testimonials Developer Profile

rajesh bhat

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Wiwitness Testimonials

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

wiwitness-widget

Shortcode Output

<div id="

"></div>
		<script src="http://www.wiwitness.com/wjs/

"></script>

FAQ