WDV One Page Docs – Documentation Plugin for WordPress Security & Risk Analysis

The plugin "wdv-one-page-docs" v1.2.4 exhibits a mixed security posture. On the positive side, the static analysis reveals a small attack surface with no identified AJAX handlers or REST API routes that are unprotected. Furthermore, there are no dangerous functions, file operations, or external HTTP requests, which are all good indicators. However, the code signals raise significant concerns, particularly the low percentage of properly escaped output (36%) and the complete absence of nonce checks. The data also indicates that 25% of SQL queries are not using prepared statements, which could lead to SQL injection vulnerabilities.

The vulnerability history is a major red flag. The plugin has a known medium severity CVE that is currently unpatched, and the common vulnerability type being "Missing Authorization" in the past suggests a pattern of insecure access control. This, combined with the static analysis findings of no nonce checks and limited capability checks, points to a potential for privilege escalation or unauthorized data access if an attacker can exploit these weaknesses or the unpatched CVE.

In conclusion, while the plugin has some strengths in its limited attack surface and absence of certain dangerous functions, the low output escaping, lack of nonce checks, non-prepared SQL queries, and critically, the unpatched medium severity CVE with a history of authorization issues, present significant risks. Users should be cautious and prioritize patching the known vulnerability and addressing the identified code weaknesses.