WP Media File Type Manager Security & Risk Analysis

The wp-media-file-type-manager plugin v2.3.1 exhibits a mixed security posture. While the attack surface appears minimal with no identified AJAX handlers, REST API routes, shortcodes, or cron events, several concerning code signals raise red flags. The single SQL query is not using prepared statements, and a significant portion of output is not properly escaped, indicating potential vulnerabilities related to data injection or cross-site scripting. The taint analysis revealing unsanitized paths, even if not classified as critical or high, suggests a risk of improper handling of user-supplied data that could lead to unintended file system operations or information disclosure.

The plugin's vulnerability history is also a significant concern. The presence of a known, currently unpatched medium severity CVE suggests a persistent security weakness. The fact that the last vulnerability was reported in the future (2025-06-05) is highly anomalous and likely an error in the data, but the existence of a medium severity CVE that remains unpatched is a clear indicator of an ongoing risk. Coupled with the absence of nonce and capability checks, this plugin presents a notable risk that requires attention and remediation.

In conclusion, despite a seemingly small attack surface, the raw SQL query, poor output escaping, potential taint issues, and a known unpatched vulnerability point to significant security weaknesses. Users of this plugin should exercise extreme caution until these issues are addressed. The reported future vulnerability date is a data anomaly that should be investigated, but the unpatched medium CVE is a concrete and present danger.