Random Quiz Generator for LifterLMS Security & Risk Analysis

The plugin 'random-quiz-addon-for-lifterlms' v1.0.2 exhibits a concerning security posture due to significant gaps in authentication and output sanitization. While the absence of dangerous functions, SQL injection vulnerabilities through prepared statements, file operations, and external HTTP requests is a positive sign, these strengths are overshadowed by critical weaknesses.

The most alarming findings are the two unprotected AJAX handlers, which represent direct entry points into the plugin without any form of authentication or authorization checks. This is further compounded by a complete lack of output escaping across all identified output points, making it highly susceptible to Cross-Site Scripting (XSS) attacks. The static analysis also revealed no nonce checks or capability checks, reinforcing the lack of security for these AJAX endpoints.

The plugin's vulnerability history is clean, with no recorded CVEs. This might indicate a generally well-maintained codebase or a lack of past significant security findings. However, the current code analysis strongly suggests that the plugin is ripe for exploitation due to the identified security flaws. The conclusion is that while the plugin doesn't suffer from known historical vulnerabilities, its current implementation presents immediate and severe risks that require urgent attention.