Taxonomy Term List Visual Composer Addon Security & Risk Analysis

The plugin "taxonomy-term-listing-visual-composer-addon" v1.6 exhibits a mixed security posture. On the positive side, the code shows strong adherence to secure database practices, with all SQL queries utilizing prepared statements. There are no recorded vulnerabilities in its history, suggesting a generally stable development history. However, significant concerns arise from its attack surface. The presence of two AJAX handlers lacking authentication checks is a substantial risk, potentially allowing unauthorized users to trigger plugin functionality. Additionally, the plugin has a low overall output escaping rate (69%), indicating that some data may not be properly sanitized before being displayed, which could lead to cross-site scripting (XSS) vulnerabilities.

The absence of taint analysis flows in the static analysis results, while not directly indicating a vulnerability, means that potential data flow issues might have been missed. Combined with the unprotected AJAX endpoints and the moderate rate of unescaped output, there is a clear pathway for attackers to potentially exploit these weaknesses. The lack of nonce checks on AJAX handlers further exacerbates this risk. While the plugin has a clean vulnerability history, this does not negate the immediate risks identified in the current code analysis.