Trusona for WordPress Security & Risk Analysis

The Trusona plugin v2.0.0 exhibits a mixed security posture. On the positive side, the static analysis reveals a limited attack surface with no identified shortcodes, cron events, or REST API routes. Crucially, all SQL queries are properly prepared, and the majority of output is correctly escaped, indicating good development practices for these common vulnerability areas. The absence of dangerous functions and file operations is also a positive sign.

However, several concerns warrant attention. The taint analysis identified one flow with an unsanitized path, which, while not categorized as critical or high, represents a potential risk for path traversal or file inclusion vulnerabilities. The plugin's history is marred by a known medium-severity vulnerability, specifically "Missing Authorization," which remains unpatched. This is a significant red flag, especially given the plugin's entry points, which include AJAX handlers. The lack of capability checks on AJAX handlers, despite the presence of a nonce check, suggests that while some basic protection is in place, authorization might not be sufficiently robust.

In conclusion, while Trusona v2.0.0 demonstrates some strong security foundations, the unpatched medium-severity vulnerability related to missing authorization and the identified unsanitized path flow are significant weaknesses. The absence of capability checks on all entry points, particularly AJAX handlers, further exacerbates these concerns. These factors suggest a moderate to high risk if the plugin is deployed in a production environment without addressing the outstanding vulnerabilities and bolstering authorization mechanisms.