Age Verification for your checkout page. Verify your customer's identity Security & Risk Analysis

The "agecheckernet" plugin v1.20.6 presents a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and has no detected dangerous functions, file operations, or bundled libraries. The output escaping, while not perfect at 67%, is a reasonable level of protection for many outputs. However, significant security concerns arise from its attack surface and vulnerability history. The plugin exposes two REST API routes without any permission callbacks, creating a direct attack vector that is completely unprotected. This, combined with the absence of nonce checks and capability checks on these entry points, is a serious oversight. The plugin also has a history of vulnerabilities, specifically a medium severity Cross-Site Scripting (XSS) issue, and a recent unpatched CVE indicates a recurring pattern of security weaknesses or a lack of timely patching.

The lack of taint analysis data is not necessarily a strength, as it could imply that such analysis was not performed or that the tools used were unable to identify flows. However, based on the identified unprotected REST API routes, there is a high likelihood of exploitable vulnerabilities. The combination of a substantial unprotected attack surface and a history of unpatched vulnerabilities suggests a moderate to high risk, despite the plugin's use of prepared statements for SQL. Users should be aware of the potential for XSS and other vulnerabilities due to the exposed, unauthenticated REST API endpoints.