Cryptocurrency Payments for Paid Memberships Pro (PMPro) by CryptoPay Security & Risk Analysis

The cryptocurrency-payments-for-paid-memberships-pro plugin v1.1.2 presents a mixed security posture. On the positive side, there are no known vulnerabilities (CVEs) recorded for this plugin, and the static analysis indicates a relatively small attack surface, with all identified AJAX handlers having authentication checks. Furthermore, the absence of dangerous functions, file operations, and external HTTP requests is commendable, as is the high percentage of properly escaped output and the presence of nonce checks.

However, significant concerns arise from the static analysis regarding SQL query handling. All 8 SQL queries are executed without using prepared statements, leaving the plugin highly susceptible to SQL injection vulnerabilities. Additionally, the complete lack of capability checks on the identified AJAX endpoints, despite them having authentication, could lead to privilege escalation if an authenticated user can perform actions they shouldn't be able to. The taint analysis showing zero flows is positive, but it may be limited in scope or the static analysis tools might not have fully detected potential injection points given the raw SQL usage.

Given the lack of historical vulnerabilities, it's possible the plugin's developers have a good understanding of security, or these potential vulnerabilities have simply gone unnoticed or unexploited. However, the presence of unescaped output and the significant risk of SQL injection due to raw SQL queries are critical weaknesses that demand immediate attention. While the overall structure appears sound with no external dependencies or known exploits, the unaddressed SQL and capability check deficiencies represent a substantial risk.