Does Kento Star Rate have any unpatched vulnerabilities?

No. All known vulnerabilities in Kento Star Rate have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Kento Star Rate compatible with WordPress 4.2.39?

According to WordPress.org data, Kento Star Rate 1.1 has been tested up to WordPress 4.2.39. Check the plugin's changelog for the latest compatibility information.

How often is Kento Star Rate updated?

Kento Star Rate was last updated on Jun 9, 2015. Frequent updates are generally a positive security signal.

What is Kento Star Rate's security score?

Kento Star Rate has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Kento Star Rate Security & Risk Analysis

wordpress.org/plugins/kento-star-rate

Ajax Five Star Ratings for Post, Page or Excerpt

10 active installs v1.1 PHP + WP 3.8+ Updated Jun 9, 2015

ajax-ratingsajax-star-ratefive-starpost-starstar-ratings

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Kento Star Rate Safe to Use in 2026?

Generally Safe

Score 85/100

Kento Star Rate has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago

Risk Assessment

The "kento-star-rate" v1.1 plugin exhibits significant security concerns despite a clean vulnerability history. The static analysis reveals a critical weakness in its handling of two AJAX handlers, both of which lack authentication checks. This creates a substantial attack surface that could be exploited by unauthenticated users. Furthermore, the taint analysis indicates two high-severity flows with unsanitized paths, suggesting potential for malicious data to be processed without proper validation, which could lead to vulnerabilities like cross-site scripting (XSS) or even more severe issues depending on the context. The plugin also has a concerning trend of not properly escaping output, with 0% of its 18 outputs being properly escaped, increasing the risk of XSS attacks. While the absence of known CVEs is a positive indicator of past security diligence or obscurity, the current code analysis points to immediate and pressing risks that need to be addressed.

Key Concerns

Unprotected AJAX handlers
High severity unsanitized paths in taint flows
No output escaping
Missing nonce checks on AJAX handlers
No capability checks

Vulnerabilities

None known

Kento Star Rate Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Kento Star Rate Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

22% prepared9 total queries

Output Escaping

0% escaped18 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

3 flows3 with unsanitized paths

<kento-star-rate-admin> (kento-star-rate-admin.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Kento Star Rate Attack Surface

Entry Points2

Unprotected2

AJAX Handlers 2

authwp_ajax_kento_star_rate_ajaxindex.php:172

noprivwp_ajax_kento_star_rate_ajaxindex.php:173

WordPress Hooks 7

actioninitindex.php:27

filterthe_contentindex.php:252

filterwp_headindex.php:281

actionwp_headindex.php:326

actionadmin_initindex.php:393

actionadmin_menuindex.php:394

actionadmin_enqueue_scriptsindex.php:423

Maintenance & Trust

Kento Star Rate Maintenance & Trust

Maintenance Signals

WordPress version tested4.2.39

Last updatedJun 9, 2015

PHP min version

Downloads5K

Community Trust

Rating70/100

Number of ratings4

Active installs10

Alternatives

Kento Star Rate Alternatives

kk Star Ratings – Rate Post & Collect User Feedbacks

kk-star-ratings

kk Star Ratings allows blog visitors to involve and interact more effectively with your website by rating posts.

80K 4 CVEs

Strong Testimonials

strong-testimonials

An easy-to-use testimonial plugin to collect and show customer feedback in WordPress

90K 14 CVEs

Testimonial – Testimonial Slider and Showcase Plugin

testimonial-slider-and-showcase

Display customer testimonials beautifully with responsive slider and grid layouts. Build trust and boost conversions with this WordPress testimonial p …

30K 2 CVEs

Review & testimonial widgets

trustmary

Add reviews to your website with Trustmary’s review and testimonial widgets: Google Review Widget, Facebook Review Widget, Tripadvisor Review Widget, …

1K 1 CVE

Aggregate Rating Schema Generator for Blogs

aggregate-rating-schema-generator-for-blogs

Boost your blog with user reviews and ratings. Use Schema markup for aggregate ratings to improve SEO and engagement.

70 No CVEs

Developer Profile

Kento Star Rate Developer Profile

PluginsPoint

20 plugins · 600 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

8 days

View full developer profile

Detection Fingerprints

How We Detect Kento Star Rate

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/kento-star-rate/css/style.css/wp-content/plugins/kento-star-rate/js/kento-star-rate-ajax.js

Script Paths

/wp-content/plugins/kento-star-rate/js/kento-star-rate-ajax.js

HTML / DOM Fingerprints

CSS Classes

ksr-holderksr-stars-ksr-starksr-bg-colorksr-mouseenter-colorksr-currentrate-colorksr-rate-bubbleksr-rate-status-

Data Attributes

vote_countcurrentrateratepostid

JS Globals

kento_star_rate_ajax

FAQ