Does CBX 5 Star Rating & Review have any unpatched vulnerabilities?

No. All known vulnerabilities in CBX 5 Star Rating & Review have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is CBX 5 Star Rating & Review compatible with WordPress 5.8.13?

According to WordPress.org data, CBX 5 Star Rating & Review 1.0.7 has been tested up to WordPress 5.8.13. Check the plugin's changelog for the latest compatibility information.

How often is CBX 5 Star Rating & Review updated?

CBX 5 Star Rating & Review was last updated on Sep 21, 2021. Frequent updates are generally a positive security signal.

What is CBX 5 Star Rating & Review's security score?

CBX 5 Star Rating & Review has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

CBX 5 Star Rating & Review Security & Risk Analysis

wordpress.org/plugins/cbxscratingreview

Single Criteria Rating and Review for WordPress and more.

10 active installs v1.0.7 PHP + WP 3.7+ Updated Sep 21, 2021

business-reviewratingrating-feedbackreview

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is CBX 5 Star Rating & Review Safe to Use in 2026?

Generally Safe

Score 85/100

CBX 5 Star Rating & Review has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The cbxscratingreview plugin v1.0.7 exhibits a mixed security posture. On the positive side, it demonstrates good practices by largely utilizing prepared statements for SQL queries and properly escaping a significant majority of its outputs. The absence of any recorded vulnerabilities (CVEs) in its history is also a strong indicator of past security diligence. However, a significant concern arises from the considerable attack surface exposed through its AJAX handlers, with all 10 of them lacking any form of authentication checks. This represents a critical weakness that could allow unauthenticated users to trigger potentially harmful actions. Additionally, the taint analysis, while not revealing critical or high severity issues, did identify 5 flows with unsanitized paths, suggesting potential for input manipulation that could lead to unexpected behavior or further vulnerabilities if exploited in conjunction with other weaknesses. The plugin's reliance on bundled libraries, specifically Select2, also warrants attention, as outdated versions of such libraries can introduce known security flaws. While the plugin has a clean history, the identified security gaps in the code analysis and taint flows necessitate careful consideration for mitigation.

Key Concerns

10 AJAX handlers without auth checks
5 flows with unsanitized paths
Bundled library (Select2) requires review

Vulnerabilities

None known

CBX 5 Star Rating & Review Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

CBX 5 Star Rating & Review Code Analysis

Dangerous Functions

Raw SQL Queries

76 prepared

Unescaped Output

182

488 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

SQL Query Safety

81% prepared94 total queries

Output Escaping

73% escaped670 total outputs

Data Flows

5 unsanitized

Data Flow Analysis

8 flows5 with unsanitized paths

post_more_reviews_ajax_load (public\class-cbxscratingreview-public.php:822)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

10 unprotected

CBX 5 Star Rating & Review Attack Surface

Entry Points18

Unprotected10

AJAX Handlers 10

authwp_ajax_cbxscratingreview_review_rating_admin_editincludes\class-cbxscratingreview.php:207

authwp_ajax_cbxscratingreview_review_rating_frontend_submitincludes\class-cbxscratingreview.php:258

authwp_ajax_cbxscratingreview_post_more_reviewsincludes\class-cbxscratingreview.php:261

noprivwp_ajax_cbxscratingreview_post_more_reviewsincludes\class-cbxscratingreview.php:262

authwp_ajax_cbxscratingreview_post_filter_reviewsincludes\class-cbxscratingreview.php:266

noprivwp_ajax_cbxscratingreview_post_filter_reviewsincludes\class-cbxscratingreview.php:267

authwp_ajax_cbxscratingreview_all_filter_reviewsincludes\class-cbxscratingreview.php:270

noprivwp_ajax_cbxscratingreview_all_filter_reviewsincludes\class-cbxscratingreview.php:271

authwp_ajax_cbxscratingreview_review_rating_front_editincludes\class-cbxscratingreview.php:301

authwp_ajax_cbxscratingreview_review_deleteincludes\class-cbxscratingreview.php:305

Shortcodes 8

[cbxscratingreview_reviewform] public\class-cbxscratingreview-public.php:71

[cbxscratingreview_postavgrating] public\class-cbxscratingreview-public.php:74

[cbxscratingreview_postreviews] public\class-cbxscratingreview-public.php:77

[cbxscratingreview_userdashboard] public\class-cbxscratingreview-public.php:78

[cbxscratingreview_singlereview] public\class-cbxscratingreview-public.php:81

[cbxscratingreview_editreview] public\class-cbxscratingreview-public.php:84

[cbxscratingreviewlratings] public\class-cbxscratingreview-public.php:87

[cbxscratingreviewmrposts] public\class-cbxscratingreview-public.php:88

WordPress Hooks 46

actiondelete_postadmin\class-cbxscratingreview-admin.php:1439

filterwp_mail_content_typeincludes\class-cbxscratingreview-mailhelper.php:107

actionplugins_loadedincludes\class-cbxscratingreview.php:178

actionadmin_initincludes\class-cbxscratingreview.php:192

actionadmin_initincludes\class-cbxscratingreview.php:193

actionadmin_initincludes\class-cbxscratingreview.php:194

actionadmin_menuincludes\class-cbxscratingreview.php:198

filterset-screen-optionincludes\class-cbxscratingreview.php:202

filterset-screen-optionincludes\class-cbxscratingreview.php:203

actionadmin_enqueue_scriptsincludes\class-cbxscratingreview.php:210

actionadmin_enqueue_scriptsincludes\class-cbxscratingreview.php:211

actioncbxscratingreview_review_publishincludes\class-cbxscratingreview.php:214

actioncbxscratingreview_review_unpublishincludes\class-cbxscratingreview.php:215

actioncbxscratingreview_review_delete_afterincludes\class-cbxscratingreview.php:219

actiondelete_userincludes\class-cbxscratingreview.php:222

filterplugin_row_metaincludes\class-cbxscratingreview.php:226

actionupgrader_process_completeincludes\class-cbxscratingreview.php:227

actionadmin_noticesincludes\class-cbxscratingreview.php:228

filterpre_set_site_transient_update_pluginsincludes\class-cbxscratingreview.php:231

filterpre_set_site_transient_update_pluginsincludes\class-cbxscratingreview.php:232

filterpre_set_site_transient_update_pluginsincludes\class-cbxscratingreview.php:233

filtermanage_toplevel_page_cbxscratingreviewreviewlist_columnsincludes\class-cbxscratingreview.php:240

filtermanage_5-star-reviews_page_cbxscratingreviewratingavglist_columnsincludes\class-cbxscratingreview.php:241

actioninitincludes\class-cbxscratingreview.php:255

actionwidgets_initincludes\class-cbxscratingreview.php:274

actionwp_enqueue_scriptsincludes\class-cbxscratingreview.php:276

actionwp_enqueue_scriptsincludes\class-cbxscratingreview.php:277

actionwp_loadedincludes\class-cbxscratingreview.php:297

actionwp_loadedincludes\class-cbxscratingreview.php:298

actioncbxscratingreview_review_update_without_statusincludes\class-cbxscratingreview.php:309

actioncbxscratingreview_review_list_item_afterincludes\class-cbxscratingreview.php:311

actioncbxscratingreview_review_list_item_toolbar_endincludes\class-cbxscratingreview.php:312

filterthe_contentincludes\class-cbxscratingreview.php:315

filterthe_excerptincludes\class-cbxscratingreview.php:316

actionelementor/widgets/widgets_registeredincludes\class-cbxscratingreview.php:319

actionelementor/elements/categories_registeredincludes\class-cbxscratingreview.php:320

actionelementor/editor/before_enqueue_scriptsincludes\class-cbxscratingreview.php:321

actionvc_before_initincludes\class-cbxscratingreview.php:324

actioninitwidgets\vc_widgets\class-cbxscratingreview-editreview-vcwidget.php:17

actioninitwidgets\vc_widgets\class-cbxscratingreview-lratings-vcwidget.php:18

actioninitwidgets\vc_widgets\class-cbxscratingreview-mrposts-vcwidget.php:17

actioninitwidgets\vc_widgets\class-cbxscratingreview-postavgrating-vcwidget.php:17

actioninitwidgets\vc_widgets\class-cbxscratingreview-postreviews-vcwidget.php:17

actioninitwidgets\vc_widgets\class-cbxscratingreview-reviewform-vcwidget.php:17

actioninitwidgets\vc_widgets\class-cbxscratingreview-singlereview-vcwidget.php:17

actioninitwidgets\vc_widgets\class-cbxscratingreview-userdashboard-vcwidget.php:17

Maintenance & Trust

CBX 5 Star Rating & Review Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13

Last updatedSep 21, 2021

PHP min version

Downloads2K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

CBX 5 Star Rating & Review Alternatives

CBX Multi Criteria Rating & Review

cbxmcratingreview

100

Multi Criteria Rating and Review for WordPress with Multi Forms, Question bank and more.

10 No CVEs

Site Reviews

site-reviews

Site Reviews is a complete review management solution that integrates with WooCommerce and SureCart and works similarly to reviews on Amazon, Tripadvi …

70K 13 CVEs

Better Business Reviews – Trustpilot WordPress Plugin

better-business-reviews

Better Business Reviews allows you to display your business reviews from a Trustpilot profile.

3K 1 CVE

Smart Showcase for Google Reviews

smart-showcase-for-google-reviews

100

Smart Showcase for Google Reviews is a WordPress plugin that lets businesses display Google customer reviews on their websites easily.

90 No CVEs

Automatic Update Google Business Profile Reviews

automatic-update-google-business-profile-reviews

100

This Plugins gets average rating from your company\'s Google My Business entry. You can display the rating on your wordpress website.

30 No CVEs

Developer Profile

CBX 5 Star Rating & Review Developer Profile

Sabuj Kundu

9 plugins · 3K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

204 days

View full developer profile

Detection Fingerprints

How We Detect CBX 5 Star Rating & Review

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/cbxscratingreview/assets/css/admin.css/wp-content/plugins/cbxscratingreview/assets/css/font-awesome.min.css/wp-content/plugins/cbxscratingreview/assets/css/frontend.css/wp-content/plugins/cbxscratingreview/assets/js/admin.js/wp-content/plugins/cbxscratingreview/assets/js/frontend.js/wp-content/plugins/cbxscratingreview/assets/js/jquery.barrating.min.js

Script Paths

/wp-content/plugins/cbxscratingreview/assets/js/admin.js/wp-content/plugins/cbxscratingreview/assets/js/jquery.barrating.min.js/wp-content/plugins/cbxscratingreview/assets/js/frontend.js

Version Parameters

cbxscratingreview/assets/css/admin.css?ver=cbxscratingreview/assets/css/font-awesome.min.css?ver=cbxscratingreview/assets/css/frontend.css?ver=cbxscratingreview/assets/js/admin.js?ver=cbxscratingreview/assets/js/jquery.barrating.min.js?ver=cbxscratingreview/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes

cbx-rating-reviewcbx-rating-review-stars

HTML Comments

Data Attributes

data-starsdata-score

JS Globals

cbxscratingreview_params

Shortcode Output

[cbx_rating_review][cbx_rating_review]

FAQ