
Pro Missa Security & Risk Analysis
wordpress.org/plugins/promissaThis plugin will give you shortcodes and widgets with the latest masses and events of Pro Missa.
Is Pro Missa Safe to Use in 2026?
Generally Safe
Score 85/100Pro Missa has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "promissa" plugin version 1.4.1 presents a mixed security posture. While it demonstrates good practices in handling SQL queries with prepared statements and no recorded vulnerability history, several significant concerns are raised by the static analysis. The presence of unprotected AJAX handlers creates a direct attack vector, as these can be triggered without proper authentication. Furthermore, the high percentage of unsanitized output flows in the taint analysis is a serious red flag, indicating a strong likelihood of cross-site scripting (XSS) vulnerabilities. The plugin also lacks nonce and capability checks, which are fundamental security mechanisms for WordPress plugins, especially when dealing with user-initiated actions or sensitive data.
Despite the absence of known CVEs, the identified code signals and taint analysis results point to inherent security weaknesses that could be exploited. The unprotected entry points and the significant proportion of improperly escaped outputs create a tangible risk of various attacks. The lack of any recorded vulnerabilities in its history might suggest it hasn't been extensively targeted or thoroughly audited, rather than indicating an inherently secure design. Therefore, while the plugin avoids common pitfalls like raw SQL queries, its reliance on unimplemented security checks and the presence of unsanitized data flows warrant caution and remediation.
Key Concerns
- Unprotected AJAX handlers
- Unsanitized output flows
- Missing nonce checks
- Missing capability checks
- Dangerous function (ini_set)
Pro Missa Security Vulnerabilities
Pro Missa Release Timeline
Pro Missa Code Analysis
Dangerous Functions Found
SQL Query Safety
Output Escaping
Data Flow Analysis
Pro Missa Attack Surface
AJAX Handlers 2
Shortcodes 5
WordPress Hooks 17
Maintenance & Trust
Pro Missa Maintenance & Trust
Maintenance Signals
Community Trust
Pro Missa Alternatives
Pro Missa Developer Profile
1 plugin · 0 total installs
How We Detect Pro Missa
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/promissa/js/global.min.jshttps://cdnjs.cloudflare.com/ajax/libs/jquery-autocomplete/1.0.7/jquery.auto-complete.min.jshttps://cdnjs.cloudflare.com/ajax/libs/fullcalendar/4.2.0/moment-timezone/main.min.jshttps://cdnjs.cloudflare.com/ajax/libs/fullcalendar/4.2.0/core/main.min.jshttps://cdnjs.cloudflare.com/ajax/libs/fullcalendar/4.2.0/core/locales-all.min.jshttps://cdnjs.cloudflare.com/ajax/libs/fullcalendar/4.2.0/daygrid/main.min.jshttps://cdnjs.cloudflare.com/ajax/libs/fullcalendar/4.2.0/timegrid/main.min.js+2 morepromissa/js/global.min.js?ver=1.4.0HTML / DOM Fingerprints
globalProMissaEvents/wp-json/promissa/v1/calendar[promissa_calendar][promissa_agenda]