Does Best Rating & Pageviews have any unpatched vulnerabilities?

No. All known vulnerabilities in Best Rating & Pageviews have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Best Rating & Pageviews compatible with WordPress 6.9.4?

According to WordPress.org data, Best Rating & Pageviews 4.0.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Best Rating & Pageviews compatible with PHP 7.4.0+?

Best Rating & Pageviews requires PHP 7.4.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Best Rating & Pageviews updated?

Best Rating & Pageviews was last updated on Feb 10, 2026. Frequent updates are generally a positive security signal.

What is Best Rating & Pageviews's security score?

Best Rating & Pageviews has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Best Rating & Pageviews Security & Risk Analysis

wordpress.org/plugins/best-rating-pageviews

Add Star rating, pageviews and adds a tool for analyzing the effectiveness of content with the supplied shortcode.

20 active installs v4.0.0 PHP 7.4.0+ WP 5.9+ Updated Feb 10, 2026

pageviewspopularratingstarswidget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Best Rating & Pageviews Safe to Use in 2026?

Generally Safe

Score 100/100

Best Rating & Pageviews has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The plugin "best-rating-pageviews" v4.0.0 exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices regarding SQL queries, utilizing prepared statements for all operations. It also appears to have a clean vulnerability history with no recorded CVEs, which is a strong indicator of robust security development. The use of nonce checks and capability checks for some entry points further strengthens its defenses.

However, there are significant concerns. The presence of two unprotected AJAX handlers significantly expands the attack surface without proper authentication or authorization checks. Furthermore, the taint analysis revealed two flows with unsanitized paths, which, while not classified as critical or high severity, still represent potential vulnerabilities that could be exploited if user-controlled input is not handled meticulously. The high percentage of properly escaped output (88%) is good but leaves room for improvement, as the remaining 12% could still pose a risk if exploitable context is found.

In conclusion, while the plugin benefits from a clean vulnerability record and secure SQL handling, the unprotected AJAX endpoints and the identified unsanitized paths are notable weaknesses. A prudent approach would be to address these specific code-level issues to further harden the plugin's security.

Key Concerns

Unprotected AJAX handlers present
Flows with unsanitized paths
Unescaped output (12%)

Vulnerabilities

None known

Best Rating & Pageviews Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Best Rating & Pageviews Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

97 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

Output Escaping

88% escaped110 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

5 flows2 with unsanitized paths

save_plugin_set (admin\class-brpv-admin.php:428)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Best Rating & Pageviews Attack Surface

Entry Points4

Unprotected2

AJAX Handlers 2

authwp_ajax_brpv_ajax_funcincludes\class-brpv.php:259

noprivwp_ajax_brpv_ajax_funcincludes\class-brpv.php:260

Shortcodes 2

[pageviews] includes\class-brpv.php:262

[pageratings] includes\class-brpv.php:263

WordPress Hooks 22

actionadmin_noticesbest-rating-pageviews.php:151

actionbefore_woocommerce_initbest-rating-pageviews.php:172

actionshutdownincludes\class-brpv-autoloader.php:96

actionplugins_loadedincludes\class-brpv.php:188

actionadmin_enqueue_scriptsincludes\class-brpv.php:205

actionadmin_enqueue_scriptsincludes\class-brpv.php:206

actioninitincludes\class-brpv.php:209

actionadmin_footerincludes\class-brpv.php:212

actionadmin_menuincludes\class-brpv.php:220

actionadmin_initincludes\class-brpv.php:223

actionadmin_initincludes\class-brpv.php:226

filterbrpv_f_flag_save_if_emptyincludes\class-brpv.php:229

filterplugin_action_linksincludes\class-brpv.php:238

actionwp_enqueue_scriptsincludes\class-brpv.php:255

actionwp_enqueue_scriptsincludes\class-brpv.php:256

actionwp_headincludes\class-brpv.php:258

actionwidgets_initincludes\class-brpv.php:278

actionadmin_print_footer_scriptsincludes\common-libs\class-icpd-promo.php:146

actionadmin_noticesincludes\common-libs\class-icpd-set-admin-notices.php:68

actionadmin_print_footer_scriptsincludes\feedback\class-brpv-feedback.php:83

actionadmin_initincludes\feedback\class-brpv-feedback.php:90

filterwp_mail_content_typeincludes\feedback\class-brpv-feedback.php:275

Maintenance & Trust

Best Rating & Pageviews Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 10, 2026

PHP min version7.4.0

Downloads5K

Community Trust

Rating86/100

Number of ratings3

Active installs20

Alternatives

Best Rating & Pageviews Alternatives

WP Popular Posts

wordpress-popular-posts

A highly customizable, easy-to-use popular posts plugin!

100K 7 CVEs

WebberZone Top 10 — Popular Posts

top-10

Track post views and page views, and display popular posts and trending content on your WordPress site.

20K 10 CVEs

WP Testimonials

testimonial-widgets

Display your Testimonials on your website fast and easily. 21 widget types, 25 widget styles available. (Free Plugin)

10K 2 CVEs

Smart Recent Posts Widget

smart-recent-posts-widget

Provides advanced recent posts widget,you can display it with thumbnails, excerpt, date, author, comment count and more.

9K 1 unpatched

Statify Widget

statify-widget

Data privacy conform widget for list popular content (pages, posts, custom post types) – based on Statify plugin.

4K 1 CVE

Developer Profile

Best Rating & Pageviews Developer Profile

icopydoc

14 plugins · 16K total installs

trust score

Avg Security Score

94/100

Avg Patch Time

102 days

View full developer profile

Detection Fingerprints

How We Detect Best Rating & Pageviews

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/best-rating-pageviews/assets/css/style.css/wp-content/plugins/best-rating-pageviews/assets/js/backend.js/wp-content/plugins/best-rating-pageviews/assets/js/frontend.js/wp-content/plugins/best-rating-pageviews/assets/css/admin.css

Script Paths

/wp-content/plugins/best-rating-pageviews/assets/js/frontend.js/wp-content/plugins/best-rating-pageviews/assets/js/backend.js

Version Parameters

/wp-content/plugins/best-rating-pageviews/assets/css/style.css?ver=/wp-content/plugins/best-rating-pageviews/assets/js/backend.js?ver=/wp-content/plugins/best-rating-pageviews/assets/js/frontend.js?ver=/wp-content/plugins/best-rating-pageviews/assets/css/admin.css?ver=

HTML / DOM Fingerprints

CSS Classes

brpv-rating-starsbrpv-starbrpv-post-stats

HTML Comments

Data Attributes

data-brpv-iddata-brpv-post-type

JS Globals

brpv_frontend_params

FAQ