WP-Stateless – Elementor Website Builder Addon Security & Risk Analysis

The "wp-stateless-elementor-website-builder-addon" plugin v0.0.4 exhibits a concerning security posture due to a significant number of unprotected entry points. While the static analysis indicates a lack of dangerous functions, raw SQL queries, file operations, external requests, and potential output escaping issues, the presence of two AJAX handlers without authentication checks is a critical weakness. This means that any user, regardless of their role or permissions, could potentially trigger these AJAX actions, opening the door for unauthorized operations or information disclosure.

The vulnerability history shows no recorded CVEs, which is a positive sign. However, this alone does not negate the risks identified in the code. The absence of taint analysis results is neutral, as it might imply no such flows were detected or the analysis tooling had limitations. The plugin demonstrates good practices by not bundling external libraries and by utilizing prepared statements for SQL queries, but these strengths are overshadowed by the critical exposure of AJAX endpoints.

In conclusion, while the plugin avoids some common pitfalls, the unprotected AJAX handlers represent a significant and immediate security risk. The lack of explicit capability checks and nonce validation on these entry points makes them prime targets for exploitation. Further investigation into the functionality of these AJAX handlers is crucial to understand the full impact of this vulnerability.