Ninja Galleries Security & Risk Analysis

The ninja-galleries plugin v1.0.24 presents a mixed security posture. On the positive side, it exhibits strong adherence to secure coding practices by utilizing prepared statements for all SQL queries, implementing nonce checks, and performing capability checks on its entry points. The absence of known CVEs and a clean vulnerability history further contribute to a generally positive impression. However, a significant concern arises from the taint analysis, where all analyzed flows (6 out of 6) show unsanitized paths. While no critical or high-severity taint issues were identified, this indicates a potential for uncontrolled data propagation within the plugin. Additionally, the static analysis reveals that only 25% of output is properly escaped. This could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is not adequately sanitized before being displayed to users. The plugin's attack surface is relatively small with only two shortcodes, and importantly, all entry points are protected, which is a strong security measure. Despite the lack of critical identified vulnerabilities, the prevalence of unsanitized paths in taint flows and the low output escaping rate warrant careful consideration and potential remediation.