Zedna eBook download Security & Risk Analysis

The ebook-download plugin version 1.5 exhibits a mixed security posture. While the static analysis shows a commendable lack of direct attack surface entry points like AJAX handlers, REST API routes, and shortcodes, indicating good design in preventing common web attacks, there are significant underlying concerns. The taint analysis reveals flows with unsanitized paths, including one of high severity. This suggests a potential for directory traversal or similar path manipulation vulnerabilities, even if not directly exposed through typical entry points. The plugin's vulnerability history, with one known high-severity CVE for 'Improper Limitation of a Pathname to a Restricted Directory' from 2016, strongly corroborates these taint analysis findings. Although the CVE is currently patched, the pattern of path-related vulnerabilities is a red flag. Furthermore, the moderate percentage of SQL queries not using prepared statements and a significant portion of output not being properly escaped present further risks of SQL injection and Cross-Site Scripting (XSS) respectively. The presence of nonce checks is positive, but the complete absence of capability checks on potential entry points is a weakness. In conclusion, while the plugin has mitigated some common attack vectors, the lingering risks from unsanitized paths and less-than-ideal handling of SQL and output present notable security weaknesses that warrant careful consideration.