WP Restaurant Price List Security & Risk Analysis

The "wp-restaurant-price-list" v1.4.1 plugin exhibits a mixed security posture. On the positive side, it has a very limited attack surface, with only one shortcode and no exposed AJAX handlers or REST API routes that are accessible without authentication or permission checks. The code also demonstrates good practices regarding database interactions, with 100% of SQL queries using prepared statements and no file operations or external HTTP requests detected.

However, a significant concern arises from the complete lack of output escaping. With 35 total outputs analyzed and 0% properly escaped, this indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities. Any data rendered by the plugin, particularly if it originates from user input or other potentially untrusted sources, is vulnerable to malicious injection. The absence of nonce checks and capability checks on its single entry point also means that potentially sensitive actions or data retrieval could be performed without proper authorization or protection against Cross-Site Request Forgery (CSRF).

The plugin's vulnerability history is currently clean, with no recorded CVEs. This, combined with the static analysis findings, suggests that while the plugin has not been historically exploited, the current version contains a critical weakness in its output handling that could be easily exploited. The bundling of the Select2 library also warrants attention for potential versioning issues, although no specific vulnerabilities are listed.