Robokassa payment gateway with Subscriptions support Security & Risk Analysis

The robokassa-subscriptions plugin v1.1.5 exhibits a mixed security posture. While it has no recorded vulnerabilities and a seemingly limited attack surface in terms of direct entry points like AJAX, REST API, and shortcodes, the static analysis reveals significant areas of concern. A substantial portion of its SQL queries are not using prepared statements, and a worrying percentage of output operations are not properly escaped. This combination of raw SQL and unescaped output creates a heightened risk for SQL injection and cross-site scripting (XSS) vulnerabilities, even if no direct flows were flagged as critical in the taint analysis. The presence of unsanitized paths in taint flows further amplifies these risks.

Furthermore, the complete absence of nonce checks and capability checks across its components is a major security oversight. This means that actions, even those related to cron events, could potentially be triggered or manipulated by unauthenticated or unauthorized users. The plugin's vulnerability history being completely clear is a positive sign, but it cannot entirely mitigate the inherent risks identified within the code itself. A strong conclusion would be that while the plugin has not yet demonstrated exploitable vulnerabilities, its internal code quality and lack of fundamental security checks present a significant potential for future security incidents, particularly SQL injection and XSS.