Divvit e-commerce analytics Security & Risk Analysis

The 'divvit-ecommerce-analytics' plugin version 1.0.4 exhibits a mixed security posture. On the positive side, there are no known vulnerabilities in its history, indicating a generally well-maintained codebase. The absence of external HTTP requests and dangerous functions is also a good sign. However, the static analysis reveals significant areas of concern. The fact that 100% of the 27 identified output points are not properly escaped poses a high risk of Cross-Site Scripting (XSS) vulnerabilities. Additionally, the taint analysis shows two flows with unsanitized paths, even though they are not categorized as critical or high severity, these represent potential risks that require investigation. The plugin also lacks any nonces or capability checks, which, combined with the identified unsanitized paths, could allow for unauthorized actions if these paths were exploitable.

While the plugin has a clean vulnerability history and a small attack surface, the lack of output escaping is a critical weakness that could be exploited by attackers to inject malicious scripts into the website. The unsanitized taint flows, though not currently rated as severe, should not be overlooked and could potentially become exploitable in future versions or in combination with other weaknesses. The absence of any authentication or authorization checks on entry points (AJAX, REST API, shortcodes, cron events) is concerning, especially given the taint flow issues, as it means any potential vulnerability could be accessed without any prior authentication. This plugin requires immediate attention to address the unescaped outputs and investigate the unsanitized taint flows to ensure a secure environment.