Poll Maker – Versus Polls, Anonymous Polls, Image Polls Security & Risk Analysis

The Poll Maker plugin version 6.2.7 presents a mixed security posture. While it shows some positive signs, such as a high percentage of SQL queries using prepared statements and a reasonable number of nonce and capability checks, significant concerns remain. A large attack surface is exposed through numerous AJAX handlers (26 total, 24 without authentication checks), and a substantial portion of identified taint flows (13 out of 26 analyzed) are flagged as high severity, indicating potential for serious vulnerabilities like SQL injection or cross-site scripting if input is not properly sanitized. The plugin's history of 23 known CVEs, including several high-severity issues, suggests a pattern of recurring security weaknesses, despite no currently unpatched vulnerabilities. The presence of these historical issues, combined with the identified taint flows and the extensive unprotected AJAX endpoints, points to a need for cautious use and diligent patching.

Overall, the plugin exhibits concerning practices in how it exposes functionality without adequate authorization, which is a common entry point for attacks. The static analysis highlights potential weaknesses in input sanitization and output escaping, as evidenced by the high number of unsanitized paths in taint analysis and the moderate rate of properly escaped outputs. While the plugin's use of prepared statements for SQL is a strength, it's overshadowed by the high number of high-severity taint flows and the significant number of unprotected AJAX endpoints. The history of numerous CVEs across various severe vulnerability types reinforces the perception that this plugin has had persistent security challenges. Users should be aware of these risks and prioritize keeping the plugin updated to the latest available version, assuming future versions address these identified weaknesses.