WP Image Zoom Security & Risk Analysis

The wp-image-zoooom v1.61 plugin exhibits a mixed security posture. On the positive side, the code analysis reveals no critical or high severity taint flows, no dangerous functions, and all SQL queries utilize prepared statements. The plugin also includes a reasonable number of nonce and capability checks, and it does not perform external HTTP requests. However, significant concerns arise from the presence of an unprotected AJAX handler, which represents a direct entry point for potential exploitation without proper authorization verification. Furthermore, a concerningly low percentage of output escaping (24%) suggests a susceptibility to Cross-Site Scripting (XSS) vulnerabilities where user-supplied data might be rendered directly on the page.

The vulnerability history of this plugin is a major red flag. Having two past medium severity vulnerabilities, specifically including Remote File Inclusion and CSRF, indicates a pattern of introducing exploitable flaws. While there are currently no unpatched CVEs, the nature of past vulnerabilities is concerning. The RFI vulnerability, in particular, is severe and could lead to arbitrary code execution. The presence of CSRF vulnerabilities also points to potential weaknesses in how user actions are validated. The plugin's reliance on the bundled TinyMCE library, while common, also presents a potential risk if the bundled version is outdated and contains known vulnerabilities.

In conclusion, while wp-image-zoooom v1.61 demonstrates some good security practices like prepared statements and limited external calls, the unprotected AJAX endpoint and the history of severe vulnerability types (RFI, CSRF) coupled with insufficient output escaping create a substantial risk. Users should exercise extreme caution, and immediate patching or removal should be considered until these issues are addressed and verified.