The Rating Widget plugin for WordPress is potentially unsafe in versions up to and including 2.8. There is a security risk that allows unauthenticated attackers to access sensitive information such as usernames, paths, and themes of the plugins. This is caused by the ‘rwdbg’ parameter.