Custom Field Taxonomies Security & Risk Analysis

The 'custom-field-taxonomies' v2.0.3 plugin exhibits a mixed security posture. On one hand, it has a remarkably small attack surface with no apparent AJAX handlers, REST API routes, shortcodes, or cron events directly exposed. This is a significant strength, limiting potential entry points for attackers. Furthermore, the absence of known CVEs in its history suggests a generally stable and well-maintained codebase.

However, the static analysis reveals several areas of concern. A significant portion of SQL queries (56%) are not using prepared statements, which could lead to SQL injection vulnerabilities if user input is not meticulously sanitized before being incorporated into these queries. Compounding this, the taint analysis shows a high number of flows with unsanitized paths, including five high-severity flows. This, combined with a very low rate of proper output escaping (15%), indicates a substantial risk of cross-site scripting (XSS) vulnerabilities, where malicious scripts could be injected and executed.

While the plugin has no known historical vulnerabilities, the current static analysis findings present a notable risk. The lack of robust input sanitization and output escaping, particularly evident in the taint analysis, outweighs the minimal attack surface and clean vulnerability history. A cautious approach is recommended until these code-level risks are addressed.