Simple 5 Star Rating Security & Risk Analysis
wordpress.org/plugins/simple-5-star-ratingThis plugin will help readers to interact with you by giving stars to your content. On the basis of star reviews you can plan your further writing con …
Is Simple 5 Star Rating Safe to Use in 2026?
Generally Safe
Score 85/100Simple 5 Star Rating has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The security posture of the "simple-5-star-rating" plugin version 1.0 presents significant concerns due to its unprotected entry points. All four identified AJAX handlers lack authentication checks, exposing them to potential unauthorized access and manipulation. While the static analysis did not reveal dangerous functions, external requests, or file operations, the absence of nonces and capability checks on these AJAX handlers is a critical oversight. The plugin also exhibits poor SQL query hygiene, with all four queries being unescaped and not using prepared statements, which is a strong indicator of potential SQL injection vulnerabilities. Despite this, the plugin has no recorded vulnerability history, suggesting either a lack of past scrutiny or a fortunate absence of exploitation. However, the current code practices, particularly the unprotected AJAX endpoints and raw SQL, outweigh this historical lack of issues, indicating a substantial risk that requires immediate attention.
Key Concerns
- AJAX handlers without authentication checks
- SQL queries not using prepared statements
- AJAX handlers without nonce checks
- AJAX handlers without capability checks
- Unescaped output
Simple 5 Star Rating Security Vulnerabilities
Simple 5 Star Rating Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
Simple 5 Star Rating Attack Surface
AJAX Handlers 4
WordPress Hooks 1
Maintenance & Trust
Simple 5 Star Rating Maintenance & Trust
Maintenance Signals
Community Trust
Simple 5 Star Rating Alternatives
YASR – Yet Another Star Rating Plugin for WordPress
yet-another-stars-rating
Boost the way people interact with your site with an easy WordPress stars rating system! With schema.org rich snippets YASR will improve your SEO
Strong Testimonials
strong-testimonials
An easy-to-use testimonial plugin to collect and show customer feedback in WordPress
kk Star Ratings – Rate Post & Collect User Feedbacks
kk-star-ratings
kk Star Ratings allows blog visitors to involve and interact more effectively with your website by rating posts.
Testimonial – Testimonial Slider and Showcase Plugin
testimonial-slider-and-showcase
Display customer testimonials beautifully with responsive slider and grid layouts. Build trust and boost conversions with this WordPress testimonial p …
Reviews and Rating – Google Reviews
g-business-reviews-rating
Completely restriction-free Google reviews and rating as Shortcode/Widget. Extensive display options; delicious themes; includes Structured Data.
Simple 5 Star Rating Developer Profile
1 plugin · 0 total installs
How We Detect Simple 5 Star Rating
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/simple-5-star-rating/css/mycss.css/wp-content/plugins/simple-5-star-rating/js/dataInsertJ.js/wp-content/plugins/simple-5-star-rating/js/dataInsertJ.jssimple-5-star-rating/css/mycss.css?ver=1.0.0HTML / DOM Fingerprints
fa-starfa-star-half-fullcheckedtihom_rating_divtihom-rating-post-idtihom-rating-plugin-urltihom-rating-textid='tihom_rating_div'id='tihom-rating-post-id'id='tihom-rating-plugin-url'id='one'id='two'id='three'+3 moreinsertrating_ajax/wp-json/wp/v2/posts<div id='tihom_rating_div'></div>