WP Calorie Calculator Security & Risk Analysis

The wp-calorie-calculator plugin v4.4.0 demonstrates several positive security practices, including the exclusive use of prepared statements for SQL queries and a high percentage of properly escaped output. The absence of any known vulnerabilities in its history is also a strong indicator of good security maintenance. However, the plugin presents a notable risk due to its attack surface. A significant portion of its entry points, specifically four out of five, lack authentication checks. This means unauthorized users could potentially interact with these components, leading to unintended consequences or exposing them to further exploitation if other vulnerabilities exist.

The static analysis reveals two taint flows with unsanitized paths. While these are not classified as critical or high severity, they represent potential security weaknesses where user-supplied data could be processed without adequate validation or sanitization. This, combined with the unprotected AJAX handlers, creates a scenario where an attacker might be able to inject malicious code or manipulate the plugin's functionality through these unauthenticated entry points. The presence of only one nonce check and one capability check on the entry points further exacerbates this risk, as these fundamental WordPress security mechanisms are not comprehensively applied.