Polling by Alex Lundin Security & Risk Analysis

The "polling-by-alex-lundin" plugin v1.0.1 exhibits significant security concerns primarily due to a large, unprotected attack surface. While the plugin demonstrates good practices in output escaping and doesn't utilize dangerous functions or perform external HTTP requests, the lack of authentication and permission checks on all AJAX handlers and REST API routes presents a major risk. The static analysis reveals that 5 out of 5 identified entry points are unprotected, meaning any unauthenticated user could potentially interact with these functionalities.

The taint analysis further highlights this concern, identifying 3 high-severity flows with unsanitized paths. This suggests that user-supplied data might be used in a way that could lead to vulnerabilities like injection attacks if not properly handled within these unprotected entry points. The absence of nonce checks on AJAX handlers is a critical oversight that exacerbates the risk of Cross-Site Request Forgery (CSRF) attacks. The vulnerability history is clean, which is a positive indicator, but it does not mitigate the immediate risks identified in the code analysis, especially considering the absence of fundamental security controls.

In conclusion, the plugin has strengths in avoiding common pitfalls like dangerous functions and output escaping. However, the critical lack of authentication and authorization on its primary entry points (AJAX and REST API) combined with high-severity unsanitized taint flows creates a substantial security risk. The clean vulnerability history is a good sign but should not lead to complacency given the evident gaps in basic security implementation.