Selloship Security & Risk Analysis

The selloship plugin v1.5.16 exhibits a concerning security posture primarily due to significant weaknesses in its authentication and data sanitization. While the absence of known CVEs and the use of prepared statements for SQL queries are positive indicators, they are overshadowed by critical vulnerabilities present in the plugin's code. The static analysis reveals a substantial attack surface with two AJAX handlers, both lacking any form of authentication checks. This means any authenticated user, regardless of their role or permissions, could potentially trigger these handlers, leading to unauthorized actions. Furthermore, the taint analysis identified one flow with unsanitized paths, which, although not classified as critical or high severity, still represents a potential risk for data manipulation or unintended behavior. The low percentage of properly escaped output (13%) suggests a high likelihood of cross-site scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into the user interface. The lack of nonce checks on AJAX handlers further exacerbates the risk of CSRF attacks. In conclusion, despite a clean vulnerability history and good practices in SQL query handling, the exposed AJAX endpoints without authentication, potential XSS issues due to poor output escaping, and unsanitized data flows present significant security risks that require immediate attention. The plugin's design appears to prioritize functionality over robust security measures.