Invelity GLS online connect Security & Risk Analysis

The 'invelity-gls-online-connect' plugin v1.2.4 presents a mixed security posture. Its strengths lie in the absence of known vulnerabilities (CVEs) and a lack of extensive attack surface points such as unprotected AJAX handlers, REST API routes, shortcodes, or cron events. The code also demonstrates good practices regarding SQL queries, with 100% using prepared statements, and a decent rate of output escaping (65%).

However, significant concerns arise from the static analysis. The presence of two instances of the 'unserialize' function is a red flag, as it can be exploited for remote code execution if used with untrusted input. This is further underscored by the taint analysis, which identified one flow with unsanitized paths and a high severity, indicating a potential pathway for malicious data to reach a sensitive function. The lack of capability checks on any entry points is also a notable weakness, meaning that authenticated users, regardless of their role, might be able to trigger certain functionalities that should be restricted.

The plugin's vulnerability history is clean, with no recorded CVEs. This suggests that either the plugin has been well-maintained or its functionalities have not been a target for exploitation in the past. Despite the positive historical data, the identified 'unserialize' usage and the high-severity taint flow present a real and immediate risk that warrants attention. Overall, the plugin has good foundational security practices but requires immediate attention to address the identified potential for code injection due to the 'unserialize' function and the high-severity taint flow.