ReviewX – Multi-Criteria Reviews for WooCommerce with Google Reviews & Schema Security & Risk Analysis

The reviewx plugin v2.3.6 presents a mixed security posture. While the static analysis shows a clean slate regarding immediate exploitable entry points like AJAX handlers, REST API routes, and shortcodes without proper authorization checks, and no critical or high severity taint flows were detected, there are significant underlying concerns. The plugin has a history of 9 CVEs, with 3 high and 6 medium severity vulnerabilities, indicating a pattern of recurring security flaws such as improper input validation, missing authorization, and cross-site scripting. This historical context is concerning, especially given the recent vulnerability discovered on August 16, 2024.

The static analysis also reveals some weaknesses. Only 4% of output escaping is properly implemented, suggesting a high risk of Cross-Site Scripting (XSS) vulnerabilities, even if not flagged by the taint analysis in this specific version. The fact that 19% of SQL queries are not using prepared statements also points to a potential for SQL injection vulnerabilities. The bundling of Guzzle, a common library, might introduce risks if it's an outdated or vulnerable version, though the analysis doesn't specify this.

Overall, while the current version appears to have closed known vulnerabilities and lacks immediate critical entry points, the historical pattern of numerous high and medium severity issues, coupled with poor output escaping and a percentage of raw SQL queries, suggests a plugin that requires vigilance. Users should be aware of the plugin's past security record and monitor for future updates and potential discoveries.