Enormail Sign Up Forms Security & Risk Analysis

The enormail-sign-up-forms plugin v1.2.0 presents a concerning security posture primarily due to its unprotected entry points. While the plugin demonstrates some good practices, such as a high percentage of SQL queries using prepared statements and a decent number of capability checks, the presence of two AJAX handlers without any authentication checks represents a significant risk. Furthermore, the taint analysis reveals three high-severity flows with unsanitized paths, indicating potential for cross-site scripting (XSS) or other injection vulnerabilities if input from these flows is not properly sanitized before use.

The plugin's vulnerability history is currently clean, with no recorded CVEs. This is a positive indicator, suggesting the developers may have a good understanding of secure coding. However, the absence of past vulnerabilities does not negate the risks identified in the static analysis. The clean history could be a result of limited usage, lack of public auditing, or simply good fortune. The presence of unsanitized taint flows is a red flag that requires immediate attention, regardless of past history.

In conclusion, while the plugin has some strengths in its SQL handling and capability checks, the critical weakness lies in its unprotected AJAX endpoints and high-severity unsanitized taint flows. These issues create a notable attack surface that could be exploited. Addressing the unsanitized taint flows and implementing proper authentication on AJAX handlers are paramount to improving the plugin's security.