Beam me up Scotty – Back to Top Button Security & Risk Analysis

The static analysis of 'beam-me-up-scotty' v1.0.23 reveals a plugin with a seemingly small attack surface and generally good practices in some areas. Notably, there are no identified AJAX handlers, REST API routes, shortcodes, or cron events, which are common entry points for vulnerabilities. The plugin also avoids dangerous functions and file operations, and uses prepared statements for all its SQL queries. However, a significant concern arises from the output escaping, where only 67% of outputs are properly escaped, leaving a substantial portion potentially vulnerable to Cross-Site Scripting (XSS) attacks. The lack of nonce and capability checks across all identified entry points is also a serious oversight, as it means any potential entry points could be exploited without proper authorization or validation.

The vulnerability history paints a more concerning picture. With a total of two known CVEs, and one still unpatched, the plugin has a documented track record of security flaws. The common vulnerability type being Cross-Site Scripting aligns with the findings in the static analysis regarding unescaped output. The fact that a medium severity vulnerability was last patched on April 1st, 2025, suggests that the plugin's maintainers are addressing issues, but the existence of an unpatched vulnerability, especially given the XSS findings, poses a direct and immediate risk to users.

In conclusion, while 'beam-me-up-scotty' v1.0.23 demonstrates some positive security attributes like the absence of certain risky functionalities and the use of prepared statements, the high percentage of unescaped output and the critical lack of authorization checks create a significant risk. Combined with the history of known vulnerabilities, one of which remains unpatched, this plugin should be approached with caution. The potential for XSS and unauthorized access, despite the limited attack surface, makes it a moderate to high-risk plugin for deployment.