Userback Security & Risk Analysis

The Userback plugin v1.0.17 exhibits a mixed security posture. On the positive side, the static analysis reveals a relatively small attack surface consisting of only two AJAX handlers, and importantly, none of these entry points appear to be unprotected by authentication checks. The presence of nonce and capability checks on these handlers further strengthens the access control mechanisms. The code also demonstrates good practices by utilizing prepared statements for the majority of its SQL queries and shows an effort towards output escaping, although not universally applied.

However, the vulnerability history presents a significant concern. With two known CVEs and one remaining unpatched, including two medium severity vulnerabilities, the plugin has a track record of security flaws. The common vulnerability types of Missing Authorization and Cross-Site Request Forgery (CSRF) are particularly worrying as they directly relate to how the plugin handles user actions and data. The fact that the last vulnerability was so recent (2025-12-12) suggests a continued pattern of issues that are not being fully addressed.

In conclusion, while the current static analysis shows some positive security indicators like protected entry points and good SQL practices, the historical vulnerability data overshadows these strengths. The presence of unpatched medium severity vulnerabilities, especially those related to authorization and CSRF, indicates a critical need for immediate attention. Users should be wary of the potential for exploitation given this history, and developers should prioritize fixing the existing CVEs and implementing more robust, universal sanitization and escaping.