WP Beacon

Trustindex

@trustindex · wordpress.org profile ↗
Member since
2019-01-17
Location
Hungary
Employer
Trustindex.io
Job title
IT staff
Authored
37 (3 closed)
SVN commit access
15
Readme contributor
0
Combined install base
975k+ across 37 plugins

Alerts (0)

No open alerts.

Show 3 resolved alerts
Critical code_pattern Widgets for Google Reviews Resolved · no_longer_matches 7d ago
Slugwp-reviews-plugin-for-google
Patternunserialize_after_remote_call
Kindbuiltin
Version13.2.9
Hit count1
First hit
File
trustindex-plugin.class.php
Line
7,088
Snippet
L7078: $wpResponse = wp_remote_post( → L7088: $wpRepoResponse = unserialize(wp_remote_retrieve_body($wpResponse));
Explanationa remote HTTP fetch (`wp_remote_*`/`curl_exec`) is followed by `unserialize`/`maybe_unserialize` within the same file — classic PHP Object Injection C2 gadget used by EP and most WP supply-chain backdoors. Legit plugins essentially never do this.
View raw JSON
{
    "slug": "wp-reviews-plugin-for-google",
    "pattern": "unserialize_after_remote_call",
    "kind": "builtin",
    "version": "13.2.9",
    "hit_count": 1,
    "first_hit": {
        "file": "trustindex-plugin.class.php",
        "line": 7088,
        "snippet": "L7078: $wpResponse = wp_remote_post(  \u2192  L7088: $wpRepoResponse = unserialize(wp_remote_retrieve_body($wpResponse));"
    },
    "explanation": "a remote HTTP fetch (`wp_remote_*`/`curl_exec`) is followed by `unserialize`/`maybe_unserialize` within the same file \u2014 classic PHP Object Injection C2 gadget used by EP and most WP supply-chain backdoors. Legit plugins essentially never do this."
}
Critical code_scan_delta Widgets for Google Reviews Resolved · fp_wporg_official_api 7d ago
Slugwp-reviews-plugin-for-google
Previous version13.2.9
Current version13.2.9
New findings
PatternKindFileLineSnippetConfidence
unserialize_after_remote_callbuiltintrustindex-plugin.class.php7,088L7078: $wpResponse = wp_remote_post( → L7088: $wpRepoResponse = unserialize(wp_remote_retrieve_body($wpResponse));high
New finding count1
View raw JSON
{
    "slug": "wp-reviews-plugin-for-google",
    "previous_version": "13.2.9",
    "current_version": "13.2.9",
    "new_findings": [
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "trustindex-plugin.class.php",
            "line": 7088,
            "snippet": "L7078: $wpResponse = wp_remote_post(  \u2192  L7088: $wpRepoResponse = unserialize(wp_remote_retrieve_body($wpResponse));",
            "confidence": "high"
        }
    ],
    "new_finding_count": 1
}
High code_scan_delta WP Tripadvisor Review Widgets Resolved · false_positive_cdn_known_good 2d ago
Slugreview-widgets-for-tripadvisor
Previous version13.2.9
Current version13.2.9
New findings
PatternKindFileLineSnippetConfidenceDetails
remote_enqueuebuiltinreview-widgets-for-tripadvisor.php81wp_register_script('trustindex-loader-js', 'https://cdn.trustindex.io/loader.js', [], true, [medium
Url
https://cdn.trustindex.io/loader.js
Url host
cdn.trustindex.io
New finding count1
View raw JSON
{
    "slug": "review-widgets-for-tripadvisor",
    "previous_version": "13.2.9",
    "current_version": "13.2.9",
    "new_findings": [
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "review-widgets-for-tripadvisor.php",
            "line": 81,
            "snippet": "wp_register_script('trustindex-loader-js', 'https://cdn.trustindex.io/loader.js', [], true, [",
            "confidence": "medium",
            "details": {
                "url": "https://cdn.trustindex.io/loader.js",
                "url_host": "cdn.trustindex.io"
            }
        }
    ],
    "new_finding_count": 1
}

Plugins authored (37)

Plugin Version Installs Last updated Status
Widgets for Google Reviews ·wp-reviews-plugin-for-google 13.2.9 900k+ 18d ago Active
WP Tripadvisor Review Widgets ·review-widgets-for-tripadvisor 13.2.9 20k+ 18d ago Active
Widgets for Social Photo Feed ·social-photo-feed-widget 1.8.1 10k+ 9d ago Active
WP Testimonials ·testimonial-widgets 1.4.13 10k+ 18d ago Active
Widgets for Reviews & Recommendations ·free-facebook-reviews-and-recommendations-widgets 13.2.9 8k+ 18d ago Active
Widgets for Booking.com Reviews ·review-widgets-for-booking-com 13.2.9 8k+ 18d ago Active
Widgets for Airbnb Reviews ·review-widgets-for-airbnb 13.2.9 6k+ 18d ago Active
Customer Reviews Collector for WooCommerce ·customer-reviews-collector-for-woocommerce 4.7.5 5k+ 18d ago Active
Widgets for Amazon Reviews ·review-widgets-for-amazon 13.2.9 2k+ 18d ago Active
Widgets for Yelp Reviews ·reviews-widgets-for-yelp 13.2.9 2k+ 18d ago Active
Review widget addon for Elementor ·review-widget-addon-for-elementor 2.2.1 1k+ 11mo ago Active
Widgets for Thumbtack Reviews ·widgets-for-thumbtack-reviews 13.2.9 800 18d ago Active
Review widget addon for Divi ·review-widget-addon-for-divi 1.1.1 500 1y ago Active
Widgets for Ebay Reviews ·widgets-for-ebay-reviews 13.2.9 500 18d ago Active
Widgets for Social Post Feed ·widgets-for-social-post-feed 1.8.1 400 9d ago Active
Customer Reviews for WooCommerce ·customer-reviews-for-woocommerce 3.2.1 200 3y ago Active
Widgets for Zillow Reviews ·widgets-for-zillow-reviews 13.2.9 200 18d ago Active
Widgets for Expedia Reviews ·widgets-for-expedia-reviews 13.2.9 100 18d ago Active
Widgets for Capterra Reviews ·review-widgets-for-capterra 13.2.9 100 18d ago Active
Widgets for Tiktok Feed ·widgets-for-tiktok-video-feed 1.8.1 80 9d ago Active
Widgets for Opentable Reviews ·review-widgets-for-opentable 13.2.9 70 18d ago Active
Widgets for Youtube Video Feed ·widgets-for-youtube-video-feed 1.8.1 60 9d ago Active
Widgets for Hotels.com Reviews ·review-widgets-for-hotels-com 13.2.9 50 18d ago Active
Review Widgets for Szallas.hu ·review-widgets-for-szallas-hu 13.2.9 40 18d ago Active
Widgets for WordPress Reviews ·reviews-widgets 13.2.9 30 18d ago Active
Widgets for Pinterest Feed ·widgets-for-pinterest-feed 1.8.1 10 9d ago Active
Widgets for Árukereső Reviews ·review-widgets-for-arukereso 13.2.9 10 18d ago Active
Widgets for AliExpress Reviews ·widgets-for-aliexpress-reviews 13.2.9 10 18d ago Active
Widgets for Foursquare Reviews ·review-widgets-for-foursquare 13.2.9 10 18d ago Active
Widgets for SourceForge Reviews ·widgets-for-sourceforge-reviews 13.2.9 18d ago Active
Widgets for Alibaba Reviews ·widgets-for-alibaba-reviews 13.2.9 18d ago Active
Widgets for Vimeo Feed ·widgets-for-vimeo-feed 1.8.1 9d ago Active
Widgets for Google Feed ·widgets-for-google-feed 1.8.1 9d ago Active
Widgets for Bookatable Reviews ·review-widgets-for-bookatable 6.8.1 Closed
Widgets for Trustpilot Reviews ·review-widgets-for-trustpilot 6.3.1 Closed
Widgets for Twitter Feed ·widgets-for-twitter-feed 1.8.1 9d ago Active
Tripadvisor Reviews Widgets ·trustindex-tripadvisor-reviews-widgets 1.0 Closed

SVN commit access (15)

Plugins this account has pushed commits to, reconstructed from plugins.svn.wordpress.org. A new name showing up here on an established plugin is the strongest ownership-transfer signal.

Plugin Primary author Installs Commits First Latest Status
Widgets for Reviews & Recommendations trustindex 8k+ 291 7y ago 18d ago Active
WP Tripadvisor Review Widgets trustindex 20k+ 241 6y ago 18d ago Active
Widgets for Yelp Reviews trustindex 2k+ 237 6y ago 18d ago Active
Widgets for Booking.com Reviews trustindex 8k+ 234 6y ago 18d ago Active
Widgets for Amazon Reviews trustindex 2k+ 225 6y ago 18d ago Active
Widgets for Airbnb Reviews trustindex 6k+ 214 5y ago 18d ago Active
Widgets for Google Reviews trustindex 900k+ 200 6y ago 18d ago Active
Widgets for Thumbtack Reviews trustindex 800 189 5y ago 18d ago Active
Widgets for Ebay Reviews trustindex 500 133 4y ago 18d ago Active
Widgets for Social Photo Feed trustindex 10k+ 52 2y ago 9d ago Active
Customer Reviews Collector for WooCommerce trustindex 5k+ 47 3y ago 18d ago Active
Widgets for Social Post Feed trustindex 400 39 2y ago 9d ago Active
WP Testimonials trustindex 10k+ 32 4y ago 18d ago Active
Review widget addon for Elementor trustindex 1k+ 18 4y ago 11mo ago Active
Review widget addon for Divi trustindex 500 4 4y ago 1y ago Active