Fullscreen Galleria Security & Risk Analysis

The "fullscreen-galleria" plugin version 1.6.12 exhibits a mixed security posture. While the static analysis reveals no critical issues like dangerous functions, direct SQL injection vulnerabilities through prepared statements, or insecure file operations, there are notable areas of concern. The absence of any nonce checks or capability checks across its entry points, including four shortcodes, is a significant weakness. This means that users, even those with limited privileges, could potentially trigger functionality within these shortcodes without proper authorization, opening the door to unintended actions.

The plugin's vulnerability history shows one medium-severity Cross-Site Scripting (XSS) vulnerability, most recently patched on March 25, 2024. While the current version is unpatched for this specific CVE, the presence of past XSS issues coupled with the lack of input sanitization and output escaping in a significant portion (35%) of its outputs suggests a recurring pattern of insecure handling of user-supplied data. The static analysis also indicates that all SQL queries are executed without prepared statements, which, while not directly leading to an exploit in this analysis, represents a bad practice that could be exploited in conjunction with other vulnerabilities.

In conclusion, the plugin has some strengths in avoiding explicitly dangerous functions and external requests. However, the lack of robust authorization checks on its entry points, the historical pattern of XSS vulnerabilities, and the pervasive use of raw SQL queries without prepared statements present considerable risks. These issues suggest that the plugin requires further security hardening to ensure the safety of WordPress sites using it.