WP-Safety

RC Post Rating Security & Risk Analysis

wordpress.org/plugins/rc-post-rating

This plugin adds the ability for users to provide feedback on pages / posts via up / down rating (up/downvoting) buttons.

0 active installs v1.0.10 PHP 7.3+ WP 4.6+ Updated Jan 30, 2026
post-ratingrate-pagerate-postuser-feedbackvotes
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is RC Post Rating Safe to Use in 2026?

Generally Safe

Score 100/100

RC Post Rating has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago
Risk Assessment

The "rc-post-rating" plugin version 1.0.10 exhibits a generally good security posture due to its adherence to secure coding practices. The absence of dangerous functions, all SQL queries utilizing prepared statements, and a high percentage of properly escaped output indicate careful development. Furthermore, the plugin has no recorded vulnerability history, suggesting a stable and well-maintained codebase. However, there are notable areas of concern that slightly detract from its overall security. The presence of one unprotected REST API route represents a direct attack vector. Additionally, the lack of nonce checks on any entry points, combined with only one capability check across the entire plugin, leaves it vulnerable to potential unauthorized actions if an attacker can manipulate these entry points. While no critical vulnerabilities were found in static analysis or taint flows, and there are no known CVEs, these weaknesses in authentication and authorization mechanisms could be exploited.

Key Concerns

  • Unprotected REST API route
  • No nonce checks on entry points
  • Limited capability checks
Vulnerabilities
None known

RC Post Rating Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

RC Post Rating Release Timeline

v1.0.10Current
v1.0.9
v1.0.8
v1.0.7
v1.0.6
v1.0.5
Code Analysis
Analyzed Apr 16, 2026

RC Post Rating Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
4
108 escaped
Nonce Checks
0
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

96% escaped112 total outputs
Attack Surface
1 unprotected

RC Post Rating Attack Surface

Entry Points2
Unprotected1

REST API Routes 1

POST/wp-json/rc-post-rating/v1/rate/(?P<mode>[a-z]+)/(?P<id>\d+)includes/rest.php:13

Shortcodes 1

[rc_post_rating] includes/shortcode.php:142
WordPress Hooks 13
actioninitincludes/block.php:84
filtermanage_posts_columnsincludes/columns.php:11
filtermanage_pages_columnsincludes/columns.php:34
actionmanage_posts_custom_columnincludes/columns.php:53
actionmanage_page_posts_custom_columnincludes/columns.php:62
actionrest_api_initincludes/rest.php:11
actionadmin_menuincludes/settings.php:12
actionadmin_initincludes/settings.php:13
actionwp_dashboard_setupincludes/stats.php:31
actionwp_enqueue_scriptsrc-post-rating.php:45
actionadmin_enqueue_scriptsrc-post-rating.php:52
filterplugin_row_metarc-post-rating.php:64
actionactivated_pluginrc-post-rating.php:79
Maintenance & Trust

RC Post Rating Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 30, 2026
PHP min version7.3
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

RC Post Rating Alternatives

Rate My Post – Star Rating Plugin by FeedbackWP

Rate My Post – Star Rating Plugin by FeedbackWP

rate-my-post

A
96

Add Star Rating to WordPress posts & pages, collect feedbacks from users and improve website SEO with Schema markup for Rich Snippets.

20K 7 CVEs
Helpful – Article Feedback Plugin

Helpful – Article Feedback Plugin

daext-helpful

A
100

Easily add a "Was it helpful?" survey on your blog or knowledge base pages with this article feedback plugin.

600 No CVEs
KAGG Generator

KAGG Generator

kagg-fast-post-generator

A
100

The plugin generates posts/pages. Useful to generate millions of records in the wp_posts table.

20 No CVEs
UserFeedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds

UserFeedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds

userfeedback-lite

A
88

Ultimate user feedback plugin to ask questions, surveys, polls, from your website in seconds

200K 9 CVEs
kk Star Ratings – Rate Post & Collect User Feedbacks

kk Star Ratings – Rate Post & Collect User Feedbacks

kk-star-ratings

A
96

kk Star Ratings allows blog visitors to involve and interact more effectively with your website by rating posts.

80K 4 CVEs
Developer Profile

RC Post Rating Developer Profile

Rick Curran

4 plugins · 1K total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect RC Post Rating

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/rc-post-rating/js/rc-post-rating.js/wp-content/plugins/rc-post-rating/js/rc-post-rating-admin.js/wp-content/plugins/rc-post-rating/css/rc-post-rating-admin.css
Version Parameters
rc-post-rating/js/rc-post-rating.js?ver=rc-post-rating/js/rc-post-rating-admin.js?ver=rc-post-rating/css/rc-post-rating-admin.css?ver=

HTML / DOM Fingerprints

CSS Classes
rcpr-post-rating-wraprcpr-post-rating-buttonsrcpr-post-rating-uprcpr-post-rating-downshow-for-sr
Data Attributes
aria-labelledby
JS Globals
wpApiSettings
REST Endpoints
/rc-post-rating/v1/rate/
Shortcode Output
rc_post_rating
FAQ

Frequently Asked Questions about RC Post Rating