Woo NovaPoshta Shipping Method Security & Risk Analysis

The "woo-novaposhta-shipping-method" v1.0.2 plugin exhibits several significant security concerns, primarily stemming from its unprotected entry points. With all three identified AJAX handlers lacking authentication checks, the plugin presents a substantial attack surface that could be exploited by unauthenticated users. This is further exacerbated by the taint analysis, which revealed two high-severity flows with unsanitized paths, indicating potential for command injection or other critical vulnerabilities if user-supplied data is not properly validated and escaped before being used in sensitive operations.

The absence of any recorded historical vulnerabilities in the plugin is a positive indicator, suggesting a potentially stable codebase in that regard. However, this does not negate the immediate risks identified in the static analysis. The fact that 100% of the SQL queries are executed without prepared statements is a serious oversight, leaving the plugin vulnerable to SQL injection attacks. While the output escaping is reasonably good at 67%, the remaining unescaped outputs could still lead to cross-site scripting (XSS) vulnerabilities.

In conclusion, while the plugin has a clean vulnerability history, the current version has critical flaws in its authentication, input sanitization, and SQL query practices. The presence of unprotected AJAX endpoints and unsanitized tainted paths are immediate red flags. The lack of prepared statements for all SQL queries is also a major concern. Until these issues are addressed, the plugin should be considered high risk.