Custom Login Logo Security & Risk Analysis

The "ideal-wp-login-logo-changer" plugin v1.1.10 exhibits a mixed security posture. While the static analysis reveals a commendable lack of dangerous functions, SQL queries are prepared, and a nonce check is present, there are notable areas for concern. The output escaping is only 52% properly done, indicating a potential for cross-site scripting (XSS) vulnerabilities if unsanitized data reaches output functions. Furthermore, the absence of capability checks on any entry points is a significant weakness, as it suggests that unauthenticated or low-privileged users might be able to trigger plugin functionality, even if the attack surface appears small initially.

The vulnerability history is particularly concerning, with one known medium-severity CVE related to Cross-Site Request Forgery (CSRF). The fact that this vulnerability was last patched relatively recently (2025-03-27) and is now unpatched in this version suggests a pattern of potentially introducing vulnerabilities or failing to maintain up-to-date patches. The absence of critical and high-severity CVEs is positive, but the presence of even a medium vulnerability, especially one that is now unpatched, warrants attention.

Overall, while the plugin avoids common pitfalls like raw SQL or exposed AJAX/REST endpoints, the poor output escaping and lack of capability checks create exploitable avenues, especially when considered alongside the past CSRF vulnerability. The plugin's security is only partially robust, and users should be cautious due to the unpatched medium vulnerability and the identified code quality issues.