Popup Maker – Responsive popup, Exit Intent Pop up, Email Optins, Autoresponder & More Security & Risk Analysis

The "popup-maker-wp" plugin v1.4.4 exhibits a mixed security posture. On the positive side, the plugin demonstrates strong adherence to secure coding practices by utilizing prepared statements for all SQL queries and ensuring a high percentage of output is properly escaped. The absence of critical or high-severity taint flows, raw SQL queries, and file operations are also positive indicators. The plugin's vulnerability history, while showing one past medium vulnerability, currently has no unpatched CVEs, which is a good sign of maintenance.

However, the plugin presents a significant concern regarding its attack surface. With 7 AJAX handlers, 5 of which lack authentication checks, there is a substantial risk of unauthorized access or manipulation of plugin functionalities. While the static analysis did not reveal specific dangerous functions or unsanitized paths in taint flows, the unprotected AJAX endpoints represent a potential entry point for various attacks if further vulnerabilities exist within those handlers. The presence of bundled libraries like Select2 also warrants attention, as outdated versions of such libraries can introduce vulnerabilities, though no specific information on the version's security is provided.

In conclusion, while the plugin has a foundation of good security practices, the large number of unprotected AJAX endpoints is a critical weakness that exposes it to significant risk. Prompt attention to securing these entry points is essential to mitigate potential threats. The absence of current unpatched vulnerabilities and the general adherence to secure coding practices for SQL and output escaping are strengths, but they are overshadowed by the identified attack surface vulnerabilities.