PopX – Popup Builder for Boost Sales, Conversions, Optins, Email Newsletters and Lead Generation Security & Risk Analysis

The plugin 'popx-popup-builder' version 1.0.2 presents a mixed security posture. On the positive side, the plugin demonstrates good practices regarding SQL query handling, exclusively using prepared statements, and shows a high percentage of properly escaped output, indicating an effort to prevent cross-site scripting vulnerabilities. It also correctly implements nonce and capability checks for some entry points and has no recorded vulnerability history, suggesting a generally stable codebase.

However, significant concerns arise from the attack surface. The presence of two AJAX handlers without authentication checks creates a direct risk. This means that any user, regardless of their logged-in status or role, can potentially trigger these functionalities, which could lead to unauthorized actions or information disclosure if these handlers are not inherently safe. The lack of taint analysis results is also noted, though the absence of critical or high severity flows is a good sign.

In conclusion, while the plugin avoids common pitfalls like raw SQL queries and has a clean vulnerability record, the unprotected AJAX endpoints are a critical weakness that needs immediate attention. The strength in its SQL and output sanitization is commendable, but the exposed entry points overshadow these positives, leading to a moderate overall risk.