Does WP Live Social-Proof have any unpatched vulnerabilities?

No. All known vulnerabilities in WP Live Social-Proof have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Live Social-Proof compatible with WordPress 6.8.5?

According to WordPress.org data, WP Live Social-Proof 2.3 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is WP Live Social-Proof compatible with PHP 5.6+?

WP Live Social-Proof requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is WP Live Social-Proof updated?

WP Live Social-Proof was last updated on Oct 16, 2025. Frequent updates are generally a positive security signal.

What is WP Live Social-Proof's security score?

WP Live Social-Proof has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Live Social-Proof Security & Risk Analysis

wordpress.org/plugins/wp-real-time-social-proof

The best animated, live, social-proof plugin for WooCommerce, Easy Digital Downloads or webinars and subscriptions to compel buyer action.

100 active installs v2.3 PHP 5.6+ WP 3.7.4+ Updated Oct 16, 2025

marketingpopuprecent-sales-notificationsocial-proofwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WP Live Social-Proof Safe to Use in 2026?

Generally Safe

Score 100/100

WP Live Social-Proof has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago

Risk Assessment

The "wp-real-time-social-proof" v2.3 plugin exhibits a mixed security posture. On the positive side, it has a zero attack surface from typical entry points like AJAX, REST API, shortcodes, and cron jobs, and all SQL queries are properly prepared, mitigating common injection risks. The plugin also includes a good number of capability checks and nonce checks. However, a significant concern arises from the taint analysis, which found 3 flows with unsanitized paths. Furthermore, the output escaping is only properly implemented in 48% of cases, leaving a substantial portion of outputs vulnerable to cross-site scripting (XSS) attacks.

The plugin has no recorded vulnerability history, which is a positive indicator. This suggests either a history of secure development or that it hasn't been a target for discovered vulnerabilities. However, the absence of historical data shouldn't be interpreted as a guarantee of future security, especially when concerning static and taint analysis findings.

In conclusion, while the plugin demonstrates good practices in areas like SQL sanitization and attack surface reduction, the identified unsanitized paths in taint analysis and the low percentage of properly escaped output are significant weaknesses that require attention. The lack of past vulnerabilities is a strength, but the current code analysis reveals potential risks that could be exploited.

Key Concerns

Unsanitized paths in taint flows (3)
Low percentage of properly escaped output (48%)

Vulnerabilities

None known

WP Live Social-Proof Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WP Live Social-Proof Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

43 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

48% escaped90 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

4 flows3 with unsanitized paths

license_notices (inc\license_manager.php:252)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

WP Live Social-Proof Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 67

actionadmin_menuinc\license_manager.php:24

actionadmin_initinc\license_manager.php:25

actionadmin_noticesinc\license_manager.php:26

actionwprtsp_add_meta_boxesinc\meta.php:29

filterwprtsp_sanitizeinc\meta.php:30

filterwprtsp_varsinc\meta.php:31

actionwprtsp_popup_styleinc\meta.php:32

actionadmin_initinc\meta.php:33

filterwprtsp_register_proofinc\meta.php:464

actionwprtsp_add_meta_boxesinc\meta.php:465

filterwprtsp_sanitizeinc\meta.php:466

filterwprtsp_get_proof_data_conversions_WooCommerceinc\meta.php:468

filterwprtsp_tag_WooCommerce_nameinc\meta.php:469

filterwprtsp_tag_WooCommerce_firstnameinc\meta.php:470

filterwprtsp_tag_WooCommerce_lastnameinc\meta.php:471

filterwprtsp_tag_WooCommerce_locationinc\meta.php:472

filterwprtsp_tag_WooCommerce_actioninc\meta.php:473

filterwprtsp_tag_WooCommerce_productinc\meta.php:474

filterwprtsp_tag_WooCommerce_timeinc\meta.php:475

filterwprtsp_get_proof_data_conversions_Easy_Digital_Downloadsinc\meta.php:477

filterwprtsp_tag_Easy_Digital_Downloads_nameinc\meta.php:478

filterwprtsp_tag_Easy_Digital_Downloads_locationinc\meta.php:479

filterwprtsp_tag_Easy_Digital_Downloads_actioninc\meta.php:480

filterwprtsp_tag_Easy_Digital_Downloads_productinc\meta.php:481

filterwprtsp_tag_Easy_Digital_Downloads_timeinc\meta.php:482

filterwprtsp_get_proof_data_conversions_Generatedinc\meta.php:484

filterwprtsp_tag_Generated_nameinc\meta.php:485

filterwprtsp_tag_Generated_locationinc\meta.php:486

filterwprtsp_tag_Generated_actioninc\meta.php:487

filterwprtsp_tag_Generated_productinc\meta.php:488

filterwprtsp_tag_Generated_timeinc\meta.php:489

actionwprtsp_add_meta_boxesinc\meta.php:1131

filterwprtsp_register_proofpremium\pro.php:35

actionwprtsp_add_meta_boxespremium\pro.php:36

filterwprtsp_sanitizepremium\pro.php:37

filterwprtsp_get_proof_data_livestatspremium\pro.php:38

filterwprtsp_register_proofpremium\pro.php:245

actionwprtsp_add_meta_boxespremium\pro.php:246

filterwprtsp_sanitizepremium\pro.php:247

filterwprtsp_get_proof_data_hotstats_WooCommercepremium\pro.php:248

filterwprtsp_get_proof_data_hotstats_Easy_Digital_Downloadspremium\pro.php:249

filterwprtsp_register_proofpremium\pro.php:495

actionwprtsp_add_meta_boxespremium\pro.php:496

filterwprtsp_sanitizepremium\pro.php:497

filterwprtsp_get_proof_data_ctaspremium\pro.php:498

actionplugins_loadedwprtsp.php:80

actionadmin_initwprtsp.php:81

actioninitwprtsp.php:82

actionadmin_noticeswprtsp.php:83

actionadmin_initwprtsp.php:84

actionadmin_initwprtsp.php:85

filterplugin_row_metawprtsp.php:87

actionadmin_headwprtsp.php:88

actionadmin_enqueue_scriptswprtsp.php:89

actionwp_enqueue_scriptswprtsp.php:90

actionadd_meta_boxes_socialproofwprtsp.php:91

actionadd_meta_boxes_socialproofwprtsp.php:92

actionsave_post_socialproofwprtsp.php:93

actionwprtsp_add_meta_boxeswprtsp.php:94

filterwprtsp_enabledwprtsp.php:95

filterwprtsp_varswprtsp.php:96

actionadmin_menuwprtsp.php:97

actionadmin_menuwprtsp.php:98

filterwprtsp_varswprtsp.php:99

actioncheck_ajax_refererwprtsp.php:101

filterget_user_option_closedpostboxes_socialproofwprtsp.php:102

filterget_user_option_metaboxhidden_socialproofwprtsp.php:103

Maintenance & Trust

WP Live Social-Proof Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedOct 16, 2025

PHP min version5.6

Downloads17K

Community Trust

Rating90/100

Number of ratings6

Active installs100

Alternatives

WP Live Social-Proof Alternatives

Useinfluence

useinfluence

UseInfluence uses 'Social Proof Notifications' to give a conversion BOOST to your website's traffic. Our realtime notifications puts a …

50 1 unpatched

WebToffee eCommerce Marketing Automation – Email marketing, Popups, Email customizer

decorator-woocommerce-email-customizer

Create and send marketing emails and campaigns. Enable email automations, Popups, spin-a-wheel, sign-up forms, and more. Customize WooCommerce emails.

10K 2 CVEs

Hello Bar Popup Builder: Design Engaging Popups on WordPress

hellobar

100

Easily add a Popup to your WordPress site with the official HelloBar WordPress plugin.

3K No CVEs

ProveSource Social Proof

provesource

ProveSource Social Proof increases conversions by up to 17%, boost trust with woocommerce sales notifications and reviews, increase your credibility!

2K 1 CVE

WiserNotify – Social Proof & FOMO Notifications, WooCommerce Sales Popups, Reviews & Announcement Bar

wiser-notify

100

Boost trust & sales with WiserNotify! Show sign-ups, sales popups & reviews. Convert faster with Social proof & FOMO widgets.

1K 1 CVE

Developer Profile

WP Live Social-Proof Developer Profile

Shivanand Sharma

6 plugins · 1K total installs

trust score

Avg Security Score

93/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WP Live Social-Proof

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-real-time-social-proof/js/frontend.js/wp-content/plugins/wp-real-time-social-proof/css/frontend.css

Script Paths

/wp-content/plugins/wp-real-time-social-proof/js/frontend.js

Version Parameters

wp-real-time-social-proof/js/frontend.js?ver=wp-real-time-social-proof/css/frontend.css?ver=

HTML / DOM Fingerprints

CSS Classes

wprtsp-containerwprtsp-itemwprtsp-contentwprtsp-avatarwprtsp-namewprtsp-actionwprtsp-timewprtsp-close+1 more

HTML Comments

Data Attributes

data-wprtsp-iddata-wprtsp-speeddata-wprtsp-positiondata-wprtsp-position-verticaldata-wprtsp-position-horizontaldata-wprtsp-visibility

JS Globals

wprtsp_vars

FAQ