Bonzer Custom Fields Creator Security & Risk Analysis

The "bonzer-custom-fields" v1.1.1 plugin exhibits a mixed security posture. On one hand, it demonstrates good practices in its SQL query handling, with 100% of queries using prepared statements, and it has no recorded vulnerability history, suggesting a potentially stable and well-maintained codebase. However, significant concerns arise from its attack surface and code analysis.

The plugin exposes a substantial attack surface through 6 AJAX handlers, with an alarming 5 of them lacking authentication checks. This means potentially sensitive operations could be triggered by any visitor to the site. Furthermore, the taint analysis reveals 4 flows with unsanitized paths, which, while not currently classified as critical or high severity, indicate potential pathways for malicious input to reach sensitive functions or the filesystem. The presence of `shell_exec` is a critical function that, when combined with unsanitized inputs, can lead to remote code execution. The output escaping is also problematic, with nearly half of the outputs not being properly escaped, increasing the risk of cross-site scripting (XSS) vulnerabilities.

While the lack of known CVEs is positive, it should not be relied upon as the sole indicator of security. The significant number of unprotected entry points and the concerning taint analysis results present immediate risks that need to be addressed. The plugin has strengths in its SQL handling and lack of history, but these are overshadowed by the present, identifiable vulnerabilities in its attack surface and code execution/output handling.