AllWebMenus WordPress Menu Plugin Security & Risk Analysis

The "allwebmenus-wordpress-menu-plugin" v1.1.24 exhibits a concerning security posture, primarily due to its outdated vulnerability history and significant code-level weaknesses. While the static analysis reports a seemingly small attack surface and a lack of immediate critical taint flows, this is overshadowed by the critical historical vulnerabilities, specifically "Unrestricted Upload of File with Dangerous Type" and "PHP Remote File Inclusion." The fact that these critical vulnerabilities are present, even if currently patched (indicated by 0 unpatched CVEs), suggests a history of severe insecure coding practices within the plugin. The code analysis further reveals a lack of output escaping (only 1% properly escaped) and no capability checks for a cron event, which, when combined with the historical RFI vulnerabilities, presents a substantial risk. The heavy reliance on raw SQL queries without prepared statements is another significant concern, increasing the susceptibility to SQL injection attacks. Despite the absence of reported critical taint flows in the *current* analysis, the plugin's past and ongoing coding deficiencies make it a high-risk component. Users should exercise extreme caution, prioritize updating to a version that has addressed these fundamental issues, and consider replacing the plugin if these issues persist in newer versions.