Does Pro Author Review have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Pro Author Review compatible with WordPress 5.3.21?

According to WordPress.org data, Pro Author Review 1.1 has been tested up to WordPress 5.3.21. Check the plugin's changelog for the latest compatibility information.

Is Pro Author Review compatible with PHP 7.0.0+?

Pro Author Review requires PHP 7.0.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Pro Author Review updated?

Pro Author Review was last updated on Nov 23, 2019. Frequent updates are generally a positive security signal.

What is Pro Author Review's security score?

Pro Author Review has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Pro Author Review Security & Risk Analysis

wordpress.org/plugins/pro-author-review

Pro Author Review plugin helps a post author to add a review to posts using review criterias with separate ratings, and allow logged in users to rate …

0 active installs v1.1 PHP 7.0.0+ WP 5.0.0+ Updated Nov 23, 2019

rateratingreviewusers-rate

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Pro Author Review Safe to Use in 2026?

Generally Safe

Score 85/100

Pro Author Review has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago

Risk Assessment

The pro-author-review plugin v1.1 exhibits a generally strong security posture with a low overall risk. The plugin demonstrates good security practices by utilizing prepared statements for all SQL queries and a high percentage of properly escaped output. Furthermore, the absence of known CVEs and a clean vulnerability history suggest a commitment to security by the developers. The static analysis reveals a small attack surface with no unprotected entry points, and the presence of nonce and capability checks on its AJAX handlers is commendable.

However, the taint analysis reveals two flows with unsanitized paths, both classified as high severity. While the attack surface is small, these unsanitized flows represent a potential risk of injection vulnerabilities, even if they are not currently exploitable due to other security measures. The presence of a bundled library (Select2) could also be a minor concern if it's outdated or contains its own vulnerabilities, though this is not explicitly stated in the provided data. Despite these minor concerns, the plugin's strengths in input validation and authorization significantly outweigh its weaknesses.

Key Concerns

High severity unsanitized taint flows
Bundled library (Select2) potential risk

Vulnerabilities

None known

Pro Author Review Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Pro Author Review Release Timeline

v1.0

Code Analysis

Analyzed Mar 17, 2026

Pro Author Review Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

181 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

SQL Query Safety

100% prepared2 total queries

Output Escaping

82% escaped221 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

ajax_user_rate_post (includes\class-pro-users-rate.php:54)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Pro Author Review Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 2

authwp_ajax_get_review_template_using_ajaxincludes\admin\class-pro-author-review-metabox.php:17

authwp_ajax_user_rate_postincludes\class-pro-users-rate.php:44

WordPress Hooks 20

actioninitincludes\admin\class-pro-author-review-metabox.php:10

actionadd_meta_boxesincludes\admin\class-pro-author-review-metabox.php:14

actionsave_postincludes\admin\class-pro-author-review-metabox.php:15

actionadmin_enqueue_scriptsincludes\admin\class-pro-author-review-metabox.php:16

actionplugins_loadedincludes\admin\class-pro-author-review-options.php:13

actionadmin_menuincludes\admin\class-pro-author-review-options.php:18

actionadmin_initincludes\admin\class-pro-author-review-options.php:19

actionadmin_noticesincludes\admin\class-pro-author-review-options.php:20

actionrest_api_initincludes\class-pro-author-review-api.php:10

actioninitincludes\class-pro-author-review.php:40

actioninitincludes\class-pro-author-review.php:41

actioninitincludes\class-pro-author-review.php:42

actionwp_enqueue_scriptsincludes\class-pro-author-review.php:47

filterthe_contentincludes\class-pro-author-review.php:48

actionwp_footerincludes\class-pro-author-review.php:49

actioninitincludes\class-pro-users-rate.php:39

actionpra_add_users_rate_templateincludes\class-pro-users-rate.php:45

actionadmin_initincludes\class-pro-users-rate.php:46

actiondelete_postincludes\class-pro-users-rate.php:439

actionwidgets_initincludes\widgets\class-pro-author-reviews-widget.php:13

Maintenance & Trust

Pro Author Review Maintenance & Trust

Maintenance Signals

WordPress version tested5.3.21

Last updatedNov 23, 2019

PHP min version7.0.0

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Pro Author Review Alternatives

Multi Rating & Review Matrix System

rating-review-matrix

IMPORTANT UPGRADE INFO 1.0.4 to 1.0.5

10 No CVEs

WPRS Data Transporter

wprs-data-transporter

Simply transfer your inputs Schema markups for reviews and star ratings data from one theme/plugin to another.

10 No CVEs

kk Star Ratings – Rate Post & Collect User Feedbacks

kk-star-ratings

kk Star Ratings allows blog visitors to involve and interact more effectively with your website by rating posts.

80K 4 CVEs

WP Ultimate Review

wp-ultimate-review

WP Ultimate Review is the perfect plugin to collect & display customers' feedback effortlessly on products, services, & content in WordPress.

70K 1 unpatched

Site Reviews

site-reviews

Site Reviews is a complete review management solution that integrates with WooCommerce and SureCart and works similarly to reviews on Amazon, Tripadvi …

60K 13 CVEs

Developer Profile

Pro Author Review Developer Profile

Mostafa

2 plugins · 90 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Pro Author Review

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/pro-author-review/assets/css/admin/select2.css/wp-content/plugins/pro-author-review/assets/css/admin/review.css/wp-content/plugins/pro-author-review/assets/js/admin/select2/select2.full.js/wp-content/plugins/pro-author-review/assets/js/rtl/jquery.ui.slider-rtl.js/wp-content/plugins/pro-author-review/assets/js/admin/author-review-admin.js

Script Paths

/wp-content/plugins/pro-author-review/assets/js/admin/select2/select2.full.js/wp-content/plugins/pro-author-review/assets/js/rtl/jquery.ui.slider-rtl.js/wp-content/plugins/pro-author-review/assets/js/admin/author-review-admin.js

Version Parameters

pro-author-review/assets/css/admin/select2.css?ver=pro-author-review/assets/css/admin/review.css?ver=pro-author-review/assets/js/admin/select2/select2.full.js?ver=pro-author-review/assets/js/rtl/jquery.ui.slider-rtl.js?ver=pro-author-review/assets/js/admin/author-review-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

pro-author-review-boxreview-wrapperreview-fieldpar-review-total-stars

HTML Comments

Data Attributes

name="_par_post_review_data[who_can_review]"id="who_can_review"name="_par_post_review_data[type]"id="review_type"name="_par_post_review_data[position]"id="review-position"+12 more

JS Globals

get_review_template

FAQ