WP Testimonial Security & Risk Analysis
wordpress.org/plugins/wp-testimonialAdd Testimonials on Your Website.
Is WP Testimonial Safe to Use in 2026?
Generally Safe
Score 85/100WP Testimonial has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The 'wp-testimonial' plugin v1.4 exhibits a generally strong security posture based on the provided static analysis. The absence of any identified dangerous functions, file operations, or external HTTP requests is a positive indicator. Crucially, there are no identified critical or high severity taint flows, and the limited SQL query usage suggests a low risk of SQL injection vulnerabilities, especially since it's not explicitly stated as using prepared statements, which warrants a deduction. The plugin also appears to have no known historical vulnerabilities, contributing to its current perceived safety. However, the complete lack of nonce checks and capability checks across all entry points (even though the attack surface is reported as zero) is a significant concern. This indicates that any potential future additions to the attack surface or unintended entry points would be entirely unprotected, leaving the plugin susceptible to various attacks if new functionalities are introduced without proper security considerations. While the current state is good, the lack of foundational security checks like nonces and capability checks represents a latent risk.
Key Concerns
- Raw SQL queries without prepared statements
- Missing nonce checks
- Missing capability checks
WP Testimonial Security Vulnerabilities
WP Testimonial Release Timeline
WP Testimonial Code Analysis
SQL Query Safety
Output Escaping
WP Testimonial Attack Surface
WordPress Hooks 3
Maintenance & Trust
WP Testimonial Maintenance & Trust
Maintenance Signals
Community Trust
WP Testimonial Alternatives
Testimonial Grid and Testimonial Slider plus Carousel with Rotator Widget
wp-testimonial-with-widget
A quick, easy way to add and display responsive, clean client's testimonial on your website using a shortcode, widget or Gutenberg block.
Kento Testimonial Slider
kento-testimonial-slider
Slide Your Unlimited Testimonial or Clients Feedback By using Shortcode Anywhere With Clients Thumbnail.
Real Testimonials – Testimonial Slider, Collect Customer Reviews and Video Testimonials
testimonial-free
A Customizable Testimonial plugin to Automate Collecting, Filtering, and Publishing Customer Reviews. Testimonial Slider, Grid & More to Grow Sales
Testimonial – Testimonial Slider and Showcase Plugin
testimonial-slider-and-showcase
Display customer testimonials beautifully with responsive slider and grid layouts. Build trust and boost conversions with this WordPress testimonial p …
Testimonial Carousel For Elementor
testimonials-carousel-elementor
The compact Testimonial Carousel for Elementor lets you show long text reviews in Pop-Up of Carousel Slider.
WP Testimonial Developer Profile
21 plugins · 30K total installs
How We Detect WP Testimonial
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/wp-testimonial/css/admin-wpt.cssHTML / DOM Fingerprints
wpt-tabwpt-tab-linksactivewpt-settingwp-testimonialid="wpt_effect"id="wpt_speed"id="wpt_sortby"id="wpt_orderby"id="wpt_content_limit"id="wpt-testimonial-admin-form"+9 morewpt_effectwpt_speedwpt_sortbywpt_orderbywpt_content_limit[wpt_random][wpt_testimonials]