AMP Contact FORM 7 – AMPCF7 Security & Risk Analysis

The "amp-contact-form-7" plugin v1.0.1 exhibits a concerning security posture due to a significant lack of input validation and authorization checks on its entry points. All identified entry points, which consist of two AJAX handlers, are unprotected, meaning any unauthenticated user can trigger them. The taint analysis revealing two flows with unsanitized paths, although not flagged as critical or high severity, directly correlates with these unprotected AJAX handlers and represents a potential risk. The complete absence of output escaping on all identified outputs is also a major weakness, opening the door for Cross-Site Scripting (XSS) vulnerabilities. Despite a clean vulnerability history, this does not negate the immediate risks identified in the code analysis. The plugin's strengths lie in its use of prepared statements for SQL queries, which is a good practice. However, the critical deficiencies in authorization and output sanitization far outweigh this positive aspect, making the plugin a high-risk component without further remediation.