PayHere Payment Gateway – Beta Security & Risk Analysis

The plugin "payhere-payment-gateway-beta" v2.5.3 presents a mixed security posture. On the positive side, the static analysis indicates robust practices regarding SQL queries, as all are properly prepared, and a high percentage of output escaping is correctly implemented. The absence of file operations and the lack of recorded historical vulnerabilities are also positive indicators. However, significant concerns arise from the attack surface. The plugin exposes three AJAX handlers, all of which lack authentication checks. This is a critical oversight that could allow unauthenticated users to trigger potentially sensitive actions. Furthermore, the complete absence of nonce checks on these AJAX actions exacerbates this risk, making them vulnerable to Cross-Site Request Forgery (CSRF) attacks.

The taint analysis did not reveal any specific vulnerabilities, which is a positive sign. However, the lack of analysis flows suggests that either the analysis was incomplete or the plugin's code paths are not complex enough to trigger the taint analysis tool. The plugin's history of zero known CVEs is encouraging, suggesting a history of secure development or limited exposure. Despite the positive aspects of data handling and the clean vulnerability history, the unprotected AJAX endpoints represent a substantial security risk that needs immediate attention.