WP REST Yoast Meta Security & Risk Analysis

The wp-rest-yoast-meta plugin v2025.1.0 exhibits a mixed security posture. On the positive side, it demonstrates good practices in areas like SQL query handling, with all queries utilizing prepared statements. Furthermore, all identified output operations are properly escaped, and the plugin does not engage in file operations or external HTTP requests. The absence of any recorded vulnerabilities or CVEs in its history is also a strong positive indicator.

However, significant concerns arise from the static analysis, specifically regarding the attack surface. The plugin exposes two REST API routes that lack permission callbacks, meaning they are unprotected and accessible without authentication. This presents a direct risk, as any unauthenticated user could potentially interact with these endpoints. The lack of any nonce checks across the analyzed code further exacerbates this issue, as it prevents the validation of the request's origin.

While the plugin's vulnerability history is clean, the current lack of authentication on its REST API routes is a critical oversight that could lead to future vulnerabilities. The absence of taint analysis results with critical or high severity is somewhat reassuring, but this could be a consequence of the limited attack surface analyzed in that specific regard. In conclusion, while the plugin adheres to good security practices in data handling and output, the unprotected REST API routes represent a substantial and immediate security weakness.