Navayan Subscribe Security & Risk Analysis

The "navayan-subscribe" v1.13 plugin exhibits a mixed security posture. While it has a relatively small attack surface with no identified unprotected entry points and a single capability check, significant concerns arise from its handling of SQL queries and output escaping. The fact that 100% of its 14 SQL queries are not using prepared statements is a major red flag, indicating a high risk of SQL injection vulnerabilities. Coupled with only 2% of its 44 output points being properly escaped, this suggests a substantial risk of cross-site scripting (XSS) and other injection-based attacks.

The vulnerability history further exacerbates these concerns. The presence of one unpatched medium-severity CVE, last recorded in June 2025, indicates a known security flaw that remains unfixed, increasing the likelihood of exploitation. While the common vulnerability type being CSRF is noted, the underlying code issues with SQL and output handling are more pervasive and likely contribute to a broader range of potential vulnerabilities. The absence of taint analysis results is also noteworthy, as it prevents a deeper understanding of how data flows within the plugin and if any unsanitized paths exist. Overall, while the plugin has some positive aspects like limited entry points, the critical weaknesses in data handling and the unpatched vulnerability demand immediate attention.