Aeroscroll Gallery – Infinite Scroll Image Gallery & Post Grid with Photo Gallery Security & Risk Analysis

The aeroscroll-gallery plugin exhibits a mixed security posture. On the positive side, it demonstrates strong adherence to secure coding practices by utilizing prepared statements for all SQL queries and performing capability checks on a significant portion of its entry points. The absence of dangerous functions is also a good sign. However, several critical areas raise concerns. The presence of 4 REST API routes without permission callbacks exposes potential vulnerabilities for unauthenticated users. The taint analysis revealed 2 flows with unsanitized paths and one high-severity flow, indicating a risk of malicious input being processed in a way that could lead to unintended actions, potentially related to file system access given the plugin's file operation count.

The vulnerability history is particularly concerning, with one known medium-severity CVE, specifically a 'Path Traversal' vulnerability, which is still unpatched. This, combined with the taint analysis findings, strongly suggests a recurring pattern of issues related to handling user-supplied path information insecurely. While the plugin has strengths in database interaction and access control for many endpoints, the combination of unprotected REST API routes and identified path-related vulnerabilities presents a tangible risk that requires immediate attention. The unpatched CVE indicates a lack of timely security patching, further exacerbating the risk.