hiWeb Soft Search Security & Risk Analysis

The hiweb-soft-search plugin v2.0.0.0 exhibits a mixed security posture. On one hand, it avoids the use of dangerous functions, all SQL queries are prepared, and there are no file operations or external HTTP requests. The absence of known historical vulnerabilities is also a positive sign. However, significant concerns arise from the static analysis. The plugin has a single entry point, an AJAX handler, which completely lacks authentication checks. Furthermore, none of the 15 observed output operations are properly escaped, creating a high risk of cross-site scripting (XSS) vulnerabilities. The taint analysis, while showing no critical or high severity flaws, did identify two flows with unsanitized paths, which, in conjunction with the unescaped output, could be exploited. The lack of any capability checks or nonce verification on the AJAX handler further exacerbates these risks, as it can be triggered by any user, including unauthenticated ones, and potentially lead to the execution of malicious scripts.