NBP Kurs Walut Security & Risk Analysis
wordpress.org/plugins/kursy-walut-nbpPL:Wtyczka dodaje widget kursów walut z Narodowego Banku Polskiego. EN: The plugin adds table of exchange rates bank NBP.
Is NBP Kurs Walut Safe to Use in 2026?
Generally Safe
Score 85/100NBP Kurs Walut has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "kursy-walut-nbp" plugin version 1.0.0 exhibits a mixed security posture. On the positive side, there are no identified critical or high severity vulnerabilities in its history, and static analysis reveals no dangerous functions, raw SQL queries, or external HTTP requests. The absence of taint analysis findings further suggests a generally clean codebase in terms of input sanitization for known attack vectors.
However, several areas raise significant concerns. The plugin has a complete lack of nonce checks and capability checks, which is particularly worrying given its file operation. Furthermore, a significant portion of its output (92%) is not properly escaped, creating a substantial risk of cross-site scripting (XSS) vulnerabilities. The presence of file operations without any apparent authentication or authorization mechanisms is a critical oversight that could lead to unauthorized file modifications or deletions.
In conclusion, while the plugin benefits from a clean vulnerability history and absence of common injection flaws, the severe lack of output escaping and the presence of file operations without proper security checks represent significant and exploitable weaknesses. These issues should be prioritized for immediate remediation to prevent potential security breaches.
Key Concerns
- Lack of nonce checks
- Lack of capability checks
- Unescaped output (92%)
- File operations without auth checks
NBP Kurs Walut Security Vulnerabilities
NBP Kurs Walut Code Analysis
Output Escaping
NBP Kurs Walut Attack Surface
WordPress Hooks 1
Maintenance & Trust
NBP Kurs Walut Maintenance & Trust
Maintenance Signals
Community Trust
NBP Kurs Walut Alternatives
Kursy walut (Exchange rates)
kursy-walut-exchange-rates
PL:
Currency Converter Widget
currency-converter-widget
Free, fast, and beautiful currency converter widget with 170+ currencies, live exchange rates, and 11 widget styles.
Multi Currency, Currency Switcher, Exchange Rates for WooCommerce – Mudra
woo-exchange-rate
Allows to add exchange rates for WooCommerce store
Exchange Rates
exchange-rates
Currency Converter & Exchange Rates Widgets, easy-to-use, with beautiful UI. 🔑 No API key needed, ❤️ plug and play.
Exchange Rates Widget
exchange-rates-widget
❤️ Is a magic and easy-to-use with beautiful UI widget. Included 190+ world currencies with popular cryptocurrencies.
NBP Kurs Walut Developer Profile
2 plugins · 110 total installs
How We Detect NBP Kurs Walut
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/kursy-walut-nbp/css/style.css/wp-content/plugins/kursy-walut-nbp/js/nbp-script.js/wp-content/plugins/kursy-walut-nbp/js/nbp-script.jskursy-walut-nbp/css/style.css?ver=kursy-walut-nbp/js/nbp-script.js?ver=HTML / DOM Fingerprints
nbp-widget-wrapperdata-nbp-currency-codenbp_ajax_object[nbp_currency_table]