SagePay Server Gateway for WooCommerce Security & Risk Analysis

The plugin "sagepay-server-gateway-for-woocommerce" v1.1.3 exhibits a mixed security posture. On the positive side, static analysis reveals a very small attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events. Furthermore, all SQL queries are properly prepared, and there are no file operations, indicating good practices in these areas. However, there are notable concerns. Half of the output operations are not properly escaped, which could lead to Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is involved in these outputs. The presence of an external HTTP request, while not inherently bad, can be a vector for attacks if not handled securely. The lack of nonce checks and capability checks on all entry points (though the entry points are few) is a weakness, as it bypasses standard WordPress security mechanisms for protecting actions and data. The vulnerability history shows a past XSS vulnerability, and while it is currently patched, it suggests a prior weakness in output sanitization or input validation. The absence of currently unpatched vulnerabilities is a positive sign, but the past incident and the identified output escaping issues warrant caution.