OAuth client Single Sign On for WordPress ( OAuth 2.0 SSO ) Security & Risk Analysis

The "oauth-client-for-user-authentication" plugin v3.1.1 presents a mixed security posture. On the positive side, the static analysis reveals a lack of direct attack vectors such as AJAX handlers, REST API routes, shortcodes, or cron events that are exposed without authentication. Furthermore, SQL queries are exclusively using prepared statements, and a high percentage of output is properly escaped. However, several concerning signals exist. The presence of 5 flows with unsanitized paths, despite no critical or high severity taint flows being reported, warrants attention as it suggests potential for vulnerabilities if these paths are ever exposed to user input. The plugin also makes 4 external HTTP requests, which could be exploited if not handled securely. A significant concern is the plugin's history of 2 high severity vulnerabilities, specifically Missing Authorization and Cross-site Scripting. While currently unpatched CVEs are 0, the recurring nature of these vulnerability types in the past indicates a potential for similar weaknesses to re-emerge in future versions if code review and secure coding practices are not rigorously applied. The lack of capability checks in the code signals is also a weakness, as it implies that some functionalities might be accessible to users who should not have access.