WP-Safety

Youtube Like Rating Security & Risk Analysis

wordpress.org/plugins/youtube-like-rating

Youtube Like Thumbs Up Or Thumbs Down System For Voting On Posts And Comments.

10 active installs v1.0 PHP + WP 3.0+ Updated Jun 30, 2014
dislike-ratinglikelike-ratingratingyoutube-like-rating
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Youtube Like Rating Safe to Use in 2026?

Generally Safe

Score 85/100

Youtube Like Rating has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago
Risk Assessment

The "youtube-like-rating" v1.0 plugin exhibits a concerning security posture, primarily due to a lack of proper authorization checks on its entry points. While the plugin demonstrates good practice by utilizing prepared statements for all SQL queries and avoiding file operations and external HTTP requests, these strengths are overshadowed by critical weaknesses. The presence of two AJAX handlers without any authentication or capability checks presents a significant attack vector. Furthermore, the taint analysis revealed flows with unsanitized paths, including one of high severity. This, combined with 100% of outputs not being properly escaped, indicates a strong possibility of cross-site scripting (XSS) vulnerabilities. The complete absence of nonce checks on AJAX handlers is a critical oversight, making the plugin susceptible to Cross-Site Request Forgery (CSRF) attacks. Despite a clean vulnerability history, the static analysis strongly suggests that the plugin is not robustly secured and requires immediate attention to address the identified risks.

Key Concerns

  • AJAX handlers without auth checks
  • Unescaped output
  • High severity taint flow
  • Missing nonce checks on AJAX
  • Unsanitized paths in taint analysis
Vulnerabilities
None known

Youtube Like Rating Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Youtube Like Rating Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
34 prepared
Unescaped Output
17
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared34 total queries

Output Escaping

0% escaped17 total outputs
Data Flows
3 unsanitized

Data Flow Analysis

3 flows3 with unsanitized paths
youtubeLikeRating_options (YoutubeLikeRating.php:403)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Youtube Like Rating Attack Surface

Entry Points2
Unprotected2

AJAX Handlers 2

authwp_ajax_process_voteYoutubeLikeRating.php:19
noprivwp_ajax_process_voteYoutubeLikeRating.php:20
WordPress Hooks 7
actioninitYoutubeLikeRating.php:18
actionadmin_menuYoutubeLikeRating.php:21
actioninitYoutubeLikeRating.php:381
filterthe_contentYoutubeLikeRating.php:383
filtercomment_textYoutubeLikeRating.php:385
filterthe_contentYoutubeLikeRating.php:387
filtercomment_textYoutubeLikeRating.php:388
Maintenance & Trust

Youtube Like Rating Maintenance & Trust

Maintenance Signals

WordPress version tested3.7.41
Last updatedJun 30, 2014
PHP min version
Downloads2K

Community Trust

Rating100/100
Number of ratings2
Active installs10
Alternatives

Youtube Like Rating Alternatives

Comments Like Dislike

Comments Like Dislike

comments-like-dislike

A
99

Like Dislike for WordPress Comments

9K 3 CVEs
Like Button Rating ♥ LikeBtn

Like Button Rating ♥ LikeBtn

likebtn-like-button

A
96

Add Like button to posts, pages, comments, WooCommerce, BuddyPress, bbPress, UM, custom posts! Sort content by likes! Get instant stats and insights!

4K 5 CVEs
GD Rating System

GD Rating System

gd-rating-system

A
85

Powerful, highly customizable and versatile ratings plugin to allow your users to vote for anything you want.

1K 12 CVEs
CTC Rating 🎉

CTC Rating 🎉

ctc-rating

A
100

🌟 CTC Rating allows users to easily add a thumbs up 👍 and thumbs down 👎 rating system to your WordPress posts. Users can also view the total number of …

60 No CVEs
Comments Reactions

Comments Reactions

comments-reactions

A
85

Improve your comment system with funny emoji reactions.

10 No CVEs
Developer Profile

Youtube Like Rating Developer Profile

Ruchita Ladha

1 plugin · 10 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Youtube Like Rating

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/youtube-like-rating/style/YoutubeLikeRating.css/wp-content/plugins/youtube-like-rating/style/tipTip.css/wp-content/plugins/youtube-like-rating/js/YoutubeLikeRating.js/wp-content/plugins/youtube-like-rating/js/jquery.tipTip.minified.js
Script Paths
/wp-content/plugins/youtube-like-rating/js/YoutubeLikeRating.js/wp-content/plugins/youtube-like-rating/js/jquery.tipTip.minified.js
Version Parameters
youtube-like-rating/style/YoutubeLikeRating.css?ver=youtube-like-rating/style/tipTip.css?ver=youtube-like-rating/js/YoutubeLikeRating.js?ver=youtube-like-rating/js/jquery.tipTip.minified.js?ver=

HTML / DOM Fingerprints

CSS Classes
rating-buttonthumb-up-buttonup-like-activedown-likeup-likedownn-likethumb-down-buttonpost-vote-count+1 more
Data Attributes
post-idvote-directionpost-vote-countthumb-total-count
JS Globals
ratingAjax
Shortcode Output
<div class="rating-button" title="I like this"><img class="thumb-up-button" vote-direction="1" src=""> <div class="up-like-active" >Like </div></div> <div class="rating-button" title="I dislike this "> <img class="thumb-down-button" vote-direction="-1" src=""><div class="down-like" >Dislike </div> </div><div style="float:right" class="post-vote-count"> <div class="thumb-total-count" style="width:100px;float:right;text-align:right;padding-right:5px;font-size:19px;padding-bottom:10px;" title="
FAQ

Frequently Asked Questions about Youtube Like Rating