Does Multi Rating & Review Matrix System have any unpatched vulnerabilities?

No. All known vulnerabilities in Multi Rating & Review Matrix System have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Multi Rating & Review Matrix System compatible with WordPress 3.9.40?

According to WordPress.org data, Multi Rating & Review Matrix System 1.0.5 has been tested up to WordPress 3.9.40. Check the plugin's changelog for the latest compatibility information.

How often is Multi Rating & Review Matrix System updated?

Multi Rating & Review Matrix System was last updated on May 26, 2014. Frequent updates are generally a positive security signal.

What is Multi Rating & Review Matrix System's security score?

Multi Rating & Review Matrix System has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Multi Rating & Review Matrix System Security & Risk Analysis

wordpress.org/plugins/rating-review-matrix

IMPORTANT UPGRADE INFO 1.0.4 to 1.0.5

10 active installs v1.0.5 PHP + WP 3.0+ Updated May 26, 2014

ratesratingratingsreviewsvotes

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Multi Rating & Review Matrix System Safe to Use in 2026?

Generally Safe

Score 85/100

Multi Rating & Review Matrix System has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The "rating-review-matrix" v1.0.5 plugin exhibits significant security concerns, primarily due to a large, unprotected attack surface. With 11 AJAX handlers, all of which lack authentication checks, the plugin is highly susceptible to unauthorized actions. This broad exposure is compounded by the complete absence of proper output escaping for the vast majority of outputs, creating a high risk of cross-site scripting (XSS) vulnerabilities. While the plugin has no recorded history of CVEs, this is not an indicator of current security, especially given the static analysis findings.

The taint analysis further highlights critical risks, with 2 high-severity flows indicating potential for serious exploitation. The complete lack of prepared statements for all SQL queries presents a substantial risk of SQL injection vulnerabilities. Although there are some capability checks and a single nonce check, these are insufficient to protect the extensive attack surface. The plugin's strengths are minimal; the absence of file operations and external HTTP requests is a positive, but these do not outweigh the fundamental security flaws identified.

Key Concerns

11 AJAX handlers without auth checks
13 SQL queries, 0% using prepared statements
51 outputs improperly escaped (2% properly escaped)
2 high severity taint flows
Only 1 nonce check for 11 entry points
Only 2 capability checks for 11 entry points

Vulnerabilities

None known

Multi Rating & Review Matrix System Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Multi Rating & Review Matrix System Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared13 total queries

Output Escaping

2% escaped53 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

4 flows3 with unsanitized paths

create_new_matrix_function (loader.php:567)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

11 unprotected

Multi Rating & Review Matrix System Attack Surface

Entry Points11

Unprotected11

AJAX Handlers 11

authwp_ajax_saveRmatrixSettingsadmin-framework\index.php:314

noprivwp_ajax_saveRmatrixSettingsadmin-framework\index.php:315

authwp_ajax_contactDevsRmatrixadmin-framework\index.php:342

authwp_ajax_rmatrixDeleteMatrixloader-admin.php:505

authwp_ajax_rmatrixResetMatrixloader-admin.php:517

authwp_ajax_send_matrix_ratingloader.php:261

noprivwp_ajax_send_matrix_ratingloader.php:262

authwp_ajax_enter_review_ajaxloader.php:562

noprivwp_ajax_enter_review_ajaxloader.php:563

authwp_ajax_create_new_matrixloader.php:565

noprivwp_ajax_rmatrixLoginAjaxloader.php:637

WordPress Hooks 17

actionadmin_initadmin-framework\index.php:11

actionadmin_menuadmin-framework\index.php:12

actionadmin_print_styles-post.phpadmin-framework\index.php:280

actionadmin_print_styles-post-new.phpadmin-framework\index.php:281

actionplugins_loadedloader.php:16

actioninitloader.php:40

actionwp_enqueue_scriptsloader.php:67

filterstyle_loader_srcloader.php:99

filterscript_loader_srcloader.php:100

actionwp_headloader.php:221

actionadd_meta_boxesloader.php:293

actionsave_postloader.php:401

actionply_headloader.php:406

actionply_before_contentloader.php:408

filterthe_contentloader.php:445

actioninitpost_types.php:2

actioninitpost_types.php:29

Maintenance & Trust

Multi Rating & Review Matrix System Maintenance & Trust

Maintenance Signals

WordPress version tested3.9.40

Last updatedMay 26, 2014

PHP min version

Downloads3K

Community Trust

Rating60/100

Number of ratings2

Active installs10

Alternatives

Multi Rating & Review Matrix System Alternatives

Site Reviews

site-reviews

Site Reviews is a complete review management solution that integrates with WooCommerce and SureCart and works similarly to reviews on Amazon, Tripadvi …

70K 13 CVEs

WP Testimonials

testimonial-widgets

Display your Testimonials on your website fast and easily. 21 widget types, 25 widget styles available. (Free Plugin)

10K 2 CVEs

Better Business Reviews – Trustpilot WordPress Plugin

better-business-reviews

Better Business Reviews allows you to display your business reviews from a Trustpilot profile.

3K 1 CVE

Widgets for Amazon Reviews

review-widgets-for-amazon

100

Embed Amazon reviews fast and easily into your WordPress site. Increase SEO, trust and sales using Amazon reviews.

2K No CVEs

Widgets for Yelp Reviews

reviews-widgets-for-yelp

100

Embed Yelp reviews fast and easily into your WordPress site. Increase SEO, trust and sales using Yelp reviews.

2K No CVEs

Developer Profile

Multi Rating & Review Matrix System Developer Profile

phprule

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Multi Rating & Review Matrix System

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/rating-review-matrix/css/rating_simple.css/wp-content/plugins/rating-review-matrix/css/main.css/wp-content/plugins/rating-review-matrix/js/rating_simple.js

Script Paths

/wp-content/plugins/rating-review-matrix/js/rating_simple.js

Version Parameters

rating-review-matrix/rating_simple.css?ver=rating-review-matrix/main.css?ver=rating-review-matrix/rating_simple.js?ver=

HTML / DOM Fingerprints

CSS Classes

line_labelmatrix_line_ratings_rating_lirmatrixRatedrmatrixRatedHoveredmatrix_rowrmatrix

Data Attributes

data-usercanvotedata-position-fielddata-chosen-votedata-proceeddata-fielddbid

JS Globals

rmatrix_loaded

REST Endpoints

/wp-json/rating-review-matrix

FAQ