BlossomThemes Email Newsletter Security & Risk Analysis

The 'blossomthemes-email-newsletter' plugin version 2.2.10 presents a mixed security posture. On the positive side, the static analysis shows good practices in several areas. All identified entry points, including AJAX handlers and the shortcode, appear to have authorization checks in place, and there are no detected critical or high severity taint flows with unsanitized paths. Furthermore, all SQL queries utilize prepared statements, and a significant portion of output is properly escaped, mitigating common web vulnerabilities. The absence of file operations also reduces the attack surface.

However, there are areas that warrant attention. The plugin has a history of two medium severity CVEs, specifically SSRF and Missing Authorization, with the last vulnerability being very recent (2024-06-20). While currently unpatched CVEs are zero, this history suggests a recurring pattern of vulnerabilities that attackers could potentially exploit if new ones emerge. The presence of two external HTTP requests could be a vector for SSRF if not handled with extreme care, although the taint analysis did not reveal any unsanitized paths related to these. Finally, the bundled Guzzle library v1.1 is an older version, which may contain known vulnerabilities not yet addressed within this plugin.

In conclusion, while the plugin implements several robust security measures, its past vulnerability history, especially concerning SSRF and authorization, coupled with the outdated bundled library, indicates a need for vigilance. Users should ensure they are on the latest version for any patches and consider the potential risks associated with the plugin's previous security shortcomings.