WP-Safety

Testimonial Grid and Testimonial Slider plus Carousel with Rotator Widget Security & Risk Analysis

wordpress.org/plugins/wp-testimonial-with-widget

A quick, easy way to add and display responsive, clean client's testimonial on your website using a shortcode, widget or Gutenberg block.

9K active installs v3.5.6 PHP + WP 4.0+ Updated Feb 20, 2026
best-testimonial-slider-and-widgetclient-testimonial-slidertestimonialtestimonial-rotatortestimonials-with-widget
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Testimonial Grid and Testimonial Slider plus Carousel with Rotator Widget Safe to Use in 2026?

Generally Safe

Score 100/100

Testimonial Grid and Testimonial Slider plus Carousel with Rotator Widget has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The 'wp-testimonial-with-widget' plugin v3.5.6 exhibits a generally good security posture based on the provided static analysis. The absence of known CVEs and the plugin's consistent record of no recorded vulnerabilities are significant strengths, suggesting a development team that prioritizes security and responsiveness. The code analysis reveals excellent adherence to secure coding practices, with a high percentage of properly escaped outputs, 100% of SQL queries using prepared statements, and robust use of nonce and capability checks. The limited attack surface, with no unprotected entry points and no critical or high severity taint flows, further reinforces this positive assessment. However, the presence of the `unserialize` function is a notable concern, as it can be a vector for remote code execution if not handled with extreme caution and strict input validation, especially if the input originates from an untrusted source. While no vulnerabilities are currently associated with this function in the plugin's history, its inherent risk warrants careful consideration and ongoing monitoring.

Key Concerns

  • Presence of unserialize function
Vulnerabilities
None known

Testimonial Grid and Testimonial Slider plus Carousel with Rotator Widget Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Testimonial Grid and Testimonial Slider plus Carousel with Rotator Widget Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
0 prepared
Unescaped Output
33
498 escaped
Nonce Checks
7
Capability Checks
8
File Operations
3
External Requests
1
Bundled Libraries
0

Dangerous Functions Found

unserialize$info = @unserialize($data);wpos-analytics\includes\class-anylc-admin.php:696

Output Escaping

94% escaped531 total outputs
Data Flows
All sanitized

Data Flow Analysis

1 flows
<solutions-features> (includes\admin\settings\solution-features\solutions-features.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Testimonial Grid and Testimonial Slider plus Carousel with Rotator Widget Attack Surface

Entry Points2
Unprotected0

Shortcodes 2

[sp_testimonials] includes\shortcodes\testimonial-grid.php:156
[sp_testimonials_slider] includes\shortcodes\testimonial-slider.php:181
WordPress Hooks 39
actionadmin_menuincludes\admin\class-wtwp-admin.php:20
actionadd_meta_boxesincludes\admin\class-wtwp-admin.php:26
actionadmin_menuincludes\admin\class-wtwp-admin.php:29
actionadmin_initincludes\admin\class-wtwp-admin.php:32
filtermanage_edit-testimonial_columnsincludes\admin\class-wtwp-admin.php:35
actionmanage_posts_custom_columnincludes\admin\class-wtwp-admin.php:36
filtermanage_edit-testimonial-category_columnsincludes\admin\class-wtwp-admin.php:39
filtermanage_testimonial-category_custom_columnincludes\admin\class-wtwp-admin.php:40
actioninitincludes\admin\supports\gutenberg-block.php:190
actionenqueue_block_assetsincludes\admin\supports\gutenberg-block.php:199
actionenqueue_block_editor_assetsincludes\admin\supports\gutenberg-block.php:223
filterblock_categories_allincludes\admin\supports\gutenberg-block.php:244
actionadmin_enqueue_scriptsincludes\class-wtwp-script.php:20
actionwp_enqueue_scriptsincludes\class-wtwp-script.php:23
actionelementor/editor/after_enqueue_scriptsincludes\class-wtwp-script.php:26
actionsiteorigin_panel_enqueue_admin_scriptsincludes\class-wtwp-script.php:29
actionwidgets_initincludes\widget\wp-widget-testimonials.php:20
actioninitincludes\wtwp-post-types.php:58
actioninitincludes\wtwp-post-types.php:95
actionplugins_loadedwp-testimonials.php:74
actionupdate_option_active_pluginswp-testimonials.php:101
actionadmin_noticeswp-testimonials.php:115
actionadmin_menuwpos-analytics\includes\class-anylc-admin.php:45
actionadmin_menuwpos-analytics\includes\class-anylc-admin.php:48
actionadmin_initwpos-analytics\includes\class-anylc-admin.php:51
actionadmin_noticeswpos-analytics\includes\class-anylc-admin.php:54
actionadmin_footerwpos-analytics\includes\class-anylc-admin.php:57
actionwp_loadedwpos-analytics\includes\class-anylc-admin.php:60
actioninitwpos-analytics\includes\class-anylc-admin.php:63
filtercron_scheduleswpos-analytics\includes\class-anylc-admin.php:66
actionwpos_monthly_cron_hookwpos-analytics\includes\class-anylc-admin.php:69
actionrest_api_initwpos-analytics\includes\class-anylc-admin.php:72
filterrest_pre_serve_requestwpos-analytics\includes\class-anylc-admin.php:585
actionadmin_enqueue_scriptswpos-analytics\includes\class-anylc-script.php:20
actionactivated_pluginwpos-analytics\wpos-analytics.php:244
actionplugins_loadedwpos-analytics\wpos-analytics.php:258
actionadmin_menuwpos-plugins\includes\admin\class-espbw-admin.php:19
actionadmin_enqueue_scriptswpos-plugins\includes\class-espbw-script.php:19
actionplugins_loadedwpos-plugins\wpos-recommendation.php:185

Scheduled Events 1

wpos_monthly_cron_hook
Maintenance & Trust

Testimonial Grid and Testimonial Slider plus Carousel with Rotator Widget Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 20, 2026
PHP min version
Downloads291K

Community Trust

Rating88/100
Number of ratings35
Active installs9K
Alternatives

Testimonial Grid and Testimonial Slider plus Carousel with Rotator Widget Alternatives

Kento Testimonial Slider

Kento Testimonial Slider

kento-testimonial-slider

A
85

Slide Your Unlimited Testimonial or Clients Feedback By using Shortcode Anywhere With Clients Thumbnail.

100 No CVEs
PPM Testimonial

PPM Testimonial

ppm-testimonial

A
85

This plugin will add fade in out testimonials via shortcode in page or post.

90 No CVEs
WP Testimonial

WP Testimonial

wp-testimonial

A
85

Add Testimonials on Your Website.

30 No CVEs
Kento Clients Feedback

Kento Clients Feedback

kento-clients-feedback

A
85

Display Cleants Feedback or Testimonials

10 No CVEs
WP Testimonial Slider

WP Testimonial Slider

wptestimonialslider

A
85

Best Responsive Testimonials slider to display client's testimonials / recommendations.

10 No CVEs
Developer Profile

Testimonial Grid and Testimonial Slider plus Carousel with Rotator Widget Developer Profile

Essential Plugin

33 plugins · 205K total installs

78
trust score
Avg Security Score
99/100
Avg Patch Time
219 days
View full developer profile
Detection Fingerprints

How We Detect Testimonial Grid and Testimonial Slider plus Carousel with Rotator Widget

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-testimonial-with-widget/assets/css/frontend.css/wp-content/plugins/wp-testimonial-with-widget/assets/css/magnific-popup.css/wp-content/plugins/wp-testimonial-with-widget/assets/js/frontend.js/wp-content/plugins/wp-testimonial-with-widget/assets/js/isotope.min.js/wp-content/plugins/wp-testimonial-with-widget/assets/js/jquery.magnific-popup.js/wp-content/plugins/wp-testimonial-with-widget/assets/js/testimonial-script.js/wp-content/plugins/wp-testimonial-with-widget/includes/widget/wp-widget-testimonials.php
Script Paths
/wp-content/plugins/wp-testimonial-with-widget/assets/js/blocks.build.js
Version Parameters
wp-testimonial-with-widget/assets/css/frontend.css?ver=wp-testimonial-with-widget/assets/css/magnific-popup.css?ver=wp-testimonial-with-widget/assets/js/frontend.js?ver=wp-testimonial-with-widget/assets/js/isotope.min.js?ver=wp-testimonial-with-widget/assets/js/jquery.magnific-popup.js?ver=wp-testimonial-with-widget/assets/js/testimonial-script.js?ver=wp-testimonial-with-widget/assets/js/blocks.build.js?ver=

HTML / DOM Fingerprints

CSS Classes
wtwp-testimonial-sliderwtwp-testimonial-gridwtwp-testimonial-singlewtwp-testimonial-wrap
Data Attributes
data-designdata-item-margindata-margin-bottomdata-margin-topdata-arrowsdata-dots+22 more
JS Globals
Wtwpf_Block
Shortcode Output
[testimonial_grid[testimonial_slider
FAQ

Frequently Asked Questions about Testimonial Grid and Testimonial Slider plus Carousel with Rotator Widget