elpix Rate Post in Comment Security & Risk Analysis
wordpress.org/plugins/elpix-rate-post-in-commentStar rating for posts and pages integrated in comment-functionality of wordpress.
Is elpix Rate Post in Comment Safe to Use in 2026?
Generally Safe
Score 85/100elpix Rate Post in Comment has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The 'elpix-rate-post-in-comment' plugin version 1.1.0.1 exhibits a mixed security posture. On the positive side, it demonstrates good practices by avoiding dangerous functions, performing all SQL queries using prepared statements, and including a nonce check. The absence of known CVEs and a history of past vulnerabilities also suggests a potentially stable and well-maintained codebase. However, there are significant concerns regarding output escaping, with 100% of outputs not being properly escaped. This presents a substantial risk of Cross-Site Scripting (XSS) vulnerabilities, as user-supplied data could be injected into the page and executed by other users' browsers.
While the static analysis shows no critical or high-severity taint flows and a small attack surface with no immediately apparent unprotected entry points, the lack of output escaping is a critical oversight. The plugin's vulnerability history is clean, which is a positive indicator, but it does not mitigate the identified risk of XSS. The overall risk is elevated due to the high likelihood of XSS due to unescaped output, despite the plugin's other seemingly secure attributes. Addressing the output escaping is paramount to improving the plugin's security.
Key Concerns
- Output escaping issues
elpix Rate Post in Comment Security Vulnerabilities
elpix Rate Post in Comment Code Analysis
Output Escaping
elpix Rate Post in Comment Attack Surface
Shortcodes 1
WordPress Hooks 10
Maintenance & Trust
elpix Rate Post in Comment Maintenance & Trust
Maintenance Signals
Community Trust
elpix Rate Post in Comment Alternatives
kk Star Ratings – Rate Post & Collect User Feedbacks
kk-star-ratings
kk Star Ratings allows blog visitors to involve and interact more effectively with your website by rating posts.
Rate My Post – Star Rating Plugin by FeedbackWP
rate-my-post
Add Star Rating to WordPress posts & pages, collect feedbacks from users and improve website SEO with Schema markup for Rich Snippets.
YASR – Yet Another Star Rating Plugin for WordPress
yet-another-stars-rating
Boost the way people interact with your site with an easy WordPress stars rating system! With schema.org rich snippets YASR will improve your SEO
Review & Product Review by Review Builder
review-builder
Review & Product Review by Review Builder plugin allows you to build a review and star rating section so customers can leave a review for your pro …
Kento Star Rate
kento-star-rate
Ajax Five Star Ratings for Post, Page or Excerpt
elpix Rate Post in Comment Developer Profile
1 plugin · 10 total installs
How We Detect elpix Rate Post in Comment
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/elpix-rate-post-in-comment/elpix-rate-post.css/wp-content/plugins/elpix-rate-post-in-comment/elpix-rate-post.js/wp-content/plugins/elpix-rate-post-in-comment/elpix-rate-post.jselpix-rate-post-in-comment/elpix-rate-post.css?ver=elpix-rate-post-in-comment/elpix-rate-post.js?ver=HTML / DOM Fingerprints
comment-form-ratingcomment-rating-boxstar_linkstar_setstar_not_setcommentratingboxcommentratingid="elpix-post-rating"name="elpix-post-rating"id="elpix-post-rating"name="elpix-post-rating"id="elpix-post-rating"name="elpix-post-rating"<p class="comment-rating"><span class="star_set" ></span><span class="star_not_set" ></span>