B2App – Android & iOS native apps builder without using code Security & Risk Analysis

The b2app-no-code-mobile-app-builder plugin version 1.0.0 exhibits a generally positive security posture based on the provided static analysis. The absence of any known vulnerabilities in its history is a strong indicator of mature development practices. Furthermore, the code analysis shows a commendable adherence to security best practices, with 100% of SQL queries using prepared statements and all identified outputs being properly escaped. The plugin also avoids bundled libraries, which can sometimes introduce vulnerabilities if not kept up-to-date.

However, there are several areas that warrant attention and introduce potential risks. The most significant concern stems from the taint analysis, which identified two flows with unsanitized paths. While no critical or high severity issues were reported, unsanitized paths can be a precursor to path traversal or other file system vulnerabilities. Additionally, the complete lack of nonce checks and capability checks on any of the identified entry points (AJAX handlers, REST API routes, shortcodes, cron events) is a critical oversight. This means that any user, regardless of their role or permissions, could potentially trigger actions within the plugin, creating a significant attack surface that is entirely unprotected.

In conclusion, while the plugin demonstrates strengths in data sanitization and SQL handling, the absence of crucial authorization and input validation mechanisms on its entry points presents a notable security weakness. The identified unsanitized paths, though not currently exploited, also require investigation. Developers should prioritize implementing robust nonce and capability checks to mitigate these risks and ensure that the plugin's functionalities are only accessible to authorized users.