Gellum Delivery Calculator for WooCommerce Security & Risk Analysis

The gellum-delivery-calculator plugin v1.1.3 exhibits a generally good security posture based on the provided static analysis. It effectively utilizes prepared statements for all SQL queries, a critical practice for preventing SQL injection vulnerabilities. The plugin also demonstrates a high rate of proper output escaping, mitigating risks of cross-site scripting (XSS) attacks. The absence of file operations and external HTTP requests further reduces the potential attack surface.

However, a notable concern is the lack of capability checks on AJAX handlers. While nonces are present on two of these handlers, the absence of explicit capability checks means that any user, regardless of their role or permissions, could potentially interact with these endpoints. This creates a significant risk if the AJAX handlers perform sensitive operations or expose information. The taint analysis revealing zero flows is a positive sign, indicating no immediate critical or high-severity vulnerabilities were detected by that specific method. The plugin's clean vulnerability history with no recorded CVEs suggests it has been relatively secure in the past, or that vulnerabilities have been promptly addressed.

In conclusion, while the plugin has strong foundations in preventing common web vulnerabilities like SQL injection and XSS, the unauthenticated AJAX handlers represent a significant weakness. The lack of capability checks on these entry points needs to be addressed to ensure that only authorized users can trigger plugin functionalities. The absence of any recorded vulnerabilities historically is a positive indicator, but the current analysis highlights a specific area requiring improvement.