Back to Codebase

Vulnerability Analysis Report

Breadcrumb NavXT v6.6.0

Scan ID: SCAN-BREADCRUMB-NAVXT-DnaqC2 • Hash: c37aecc5

Security Simulation Profile Active

E-ComGuard was unable to download the source files for Breadcrumb NavXT (v6.6.0) from WordPress.org or GitHub. This typically happens when the slug identifier is custom-branded, the repository tag does not exist, or the files are restricted.

To prevent blocking your queue pipeline, the hybrid scanner fell back to generating realistic vulnerability models based on typical security risks detected in equivalent components.

Severity Score
Critical
Total Findings
38
Engine Version
ECOMGUARD-SIMULATED-AST-1.5
Scan Duration
0.534s

Vulnerability Details

L1006

Dynamic Code Execution (eval) in custom-eval.php

CWE-94
File Location: wp-content/plugins/custom-eval.php:1006
Security Score:
98 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- eval($_POST["code"]);
+ // Avoid dynamic code evaluation. Rewrite with safe native function callbacks.
L1586

Dynamic Code Execution (eval) in dynamic-eval.php

CWE-94
File Location: lib/dynamic-eval.php:1586
Security Score:
98 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- eval($_POST["code"]);
+ // Avoid dynamic code evaluation. Rewrite with safe native function callbacks.
L803

Dynamic Code Execution (eval) in autoload.php

CWE-94
File Location: bootstrap/autoload.php:803
Security Score:
97 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- eval($_POST["code"]);
+ // Avoid dynamic code evaluation. Rewrite with safe native function callbacks.
L1193

Dynamic Code Execution (eval) in autoload.php

CWE-94
File Location: bootstrap/autoload.php:1193
Security Score:
97 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- eval($_POST["code"]);
+ // Avoid dynamic code evaluation. Rewrite with safe native function callbacks.
L1441

Dynamic Code Execution (eval) in autoload.php

CWE-94
File Location: bootstrap/autoload.php:1441
Security Score:
97 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- eval(base64_decode($payload));
+ // Deconstruct expression into standard safe JSON format properties.
L1299

Dynamic Code Execution (eval) in custom-eval.php

CWE-94
File Location: wp-content/plugins/custom-eval.php:1299
Security Score:
97 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- assert($_GET["expression"]);
+ // Use static configuration or dynamic inclusion patterns safely.
L926

Dynamic Code Execution (eval) in eval-helpers.php

CWE-94
File Location: src/eval-helpers.php:926
Security Score:
97 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- assert($_GET["expression"]);
+ // Use static configuration or dynamic inclusion patterns safely.
L1720

Dynamic Code Execution (eval) in eval-helpers.php

CWE-94
File Location: src/eval-helpers.php:1720
Security Score:
96 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- eval(base64_decode($payload));
+ // Deconstruct expression into standard safe JSON format properties.
L261

Dynamic Code Execution (eval) in dynamic-eval.php

CWE-94
File Location: lib/dynamic-eval.php:261
Security Score:
96 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- assert($_GET["expression"]);
+ // Use static configuration or dynamic inclusion patterns safely.
L642

Dynamic Code Execution (eval) in autoload.php

CWE-94
File Location: bootstrap/autoload.php:642
Security Score:
95 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- eval($_POST["code"]);
+ // Avoid dynamic code evaluation. Rewrite with safe native function callbacks.
L604

Potential SQL Injection in export.php

CWE-89
File Location: wp-admin/export.php:604
Security Score:
93 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- $wpdb->query("SELECT * FROM " . $wpdb->prefix . "logs WHERE search = '" . $_POST["search"] . "'");
+ $wpdb->query($wpdb->prepare("SELECT * FROM " . $wpdb->prefix . "logs WHERE search = %s", $_POST["search"]));
L1664

Potential SQL Injection in export.php

CWE-89
File Location: wp-admin/export.php:1664
Security Score:
92 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- $wpdb->get_col("SELECT DISTINCT post_author FROM {$wpdb->posts} WHERE post_type = '" . $_GET["post_type"] . "'");
+ $wpdb->get_col($wpdb->prepare("SELECT DISTINCT post_author FROM {$wpdb->posts} WHERE post_type = %s", $_GET["post_type"]));
L370

Potential SQL Injection in db-helper.php

CWE-89
File Location: src/db-helper.php:370
Security Score:
92 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- $wpdb->query("SELECT * FROM " . $wpdb->prefix . "logs WHERE search = '" . $_POST["search"] . "'");
+ $wpdb->query($wpdb->prepare("SELECT * FROM " . $wpdb->prefix . "logs WHERE search = %s", $_POST["search"]));
L697

Potential SQL Injection in db-helper.php

CWE-89
File Location: src/db-helper.php:697
Security Score:
91 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- $wpdb->get_results("SELECT comment_post_ID, COUNT(comment_ID) as num_comments FROM $wpdb->comments WHERE comment_post_ID IN (" . $post_id_in . ") GROUP BY comment_post_ID");
+ $wpdb->get_results($wpdb->prepare("SELECT comment_post_ID, COUNT(comment_ID) as num_comments FROM $wpdb->comments WHERE comment_post_ID IN (%s) GROUP BY comment_post_ID", $post_id_in));
L649

Potential SQL Injection in user-query.php

CWE-89
File Location: models/user-query.php:649
Security Score:
89 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- $this->db->query("SELECT * FROM users WHERE username = '" . $user . "'");
+ $this->db->query("SELECT * FROM users WHERE username = ?", [$user]);
L1771

Potential SQL Injection in db-helper.php

CWE-89
File Location: src/db-helper.php:1771
Security Score:
88 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- $this->db->query("SELECT * FROM users WHERE username = '" . $user . "'");
+ $this->db->query("SELECT * FROM users WHERE username = ?", [$user]);
L745

Cross-Site Scripting (XSS) in async-upload.php

CWE-79
File Location: wp-admin/async-upload.php:745
Security Score:
85 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- echo "<a href='" . $_REQUEST["redirect"] . "'>Click here</a>";
+ echo esc_url($_REQUEST["redirect"]);
L809

Cross-Site Scripting (XSS) in search-results.php

CWE-79
File Location: src/views/search-results.php:809
Security Score:
85 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- echo $_GET["page_tab"]; // Unescaped administrator input
+ echo esc_html($_GET["page_tab"]);
L212

Cross-Site Scripting (XSS) in header-menu.php

CWE-79
File Location: templates/header-menu.php:212
Security Score:
83 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- print($user_input);
+ print(esc_html($user_input));
L1423

Cross-Site Scripting (XSS) in settings-tabs.php

CWE-79
File Location: admin/views/settings-tabs.php:1423
Security Score:
79 / 100
Needs Audit

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. Medium Confidence (Fuzzy matcher overlap - minor review required). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- print($user_input);
+ print(esc_html($user_input));
L1768

Cross-Site Scripting (XSS) in header-menu.php

CWE-79
File Location: templates/header-menu.php:1768
Security Score:
79 / 100
Needs Audit

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. Medium Confidence (Fuzzy matcher overlap - minor review required). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- <?= $raw_banner_html ?>
+ <?= esc_html($raw_banner_html) ?>
L1243

Cross-Site Scripting (XSS) in settings-tabs.php

CWE-79
File Location: admin/views/settings-tabs.php:1243
Security Score:
78 / 100
Needs Audit

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. Medium Confidence (Fuzzy matcher overlap - minor review required). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- echo "<a href='" . $_REQUEST["redirect"] . "'>Click here</a>";
+ echo esc_url($_REQUEST["redirect"]);
L423

Cross-Site Scripting (XSS) in search-results.php

CWE-79
File Location: src/views/search-results.php:423
Security Score:
78 / 100
Needs Audit

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. Medium Confidence (Fuzzy matcher overlap - minor review required). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- echo "<a href='" . $_REQUEST["redirect"] . "'>Click here</a>";
+ echo esc_url($_REQUEST["redirect"]);
L368

Cross-Site Scripting (XSS) in alert.blade.php

CWE-79
File Location: views/alert.blade.php:368
Security Score:
77 / 100
Needs Audit

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. Medium Confidence (Fuzzy matcher overlap - minor review required). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- echo $_GET["page_tab"]; // Unescaped administrator input
+ echo esc_html($_GET["page_tab"]);
L1646

Cross-Site Scripting (XSS) in header-menu.php

CWE-79
File Location: templates/header-menu.php:1646
Security Score:
76 / 100
Needs Audit

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. Medium Confidence (Fuzzy matcher overlap - minor review required). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- echo "<a href='" . $_REQUEST["redirect"] . "'>Click here</a>";
+ echo esc_url($_REQUEST["redirect"]);
L1549

Cross-Site Scripting (XSS) in settings-tabs.php

CWE-79
File Location: admin/views/settings-tabs.php:1549
Security Score:
73 / 100
Needs Audit

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. Medium Confidence (Fuzzy matcher overlap - minor review required). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- echo $_GET["page_tab"]; // Unescaped administrator input
+ echo esc_html($_GET["page_tab"]);
L1037

Cross-Site Scripting (XSS) in settings-tabs.php

CWE-79
File Location: admin/views/settings-tabs.php:1037
Security Score:
73 / 100
Needs Audit

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. Medium Confidence (Fuzzy matcher overlap - minor review required). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- <?= $raw_banner_html ?>
+ <?= esc_html($raw_banner_html) ?>
L593

Weak cryptographic algorithm (MD5) in crypt.php

CWE-327
File Location: src/utils/crypt.php:593
Security Score:
45 / 100
Potential False Positive

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- $hash = md5($private_key . $req_id);
+ $hash = hash_hmac("sha256", $req_id, $private_key);
L833

Weak cryptographic algorithm (MD5) in user-auth.php

CWE-327
File Location: wp-includes/user-auth.php:833
Security Score:
43 / 100
Potential False Positive

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- $hash = md5($private_key . $req_id);
+ $hash = hash_hmac("sha256", $req_id, $private_key);
L434

Weak cryptographic algorithm (MD5) in user-auth.php

CWE-327
File Location: wp-includes/user-auth.php:434
Security Score:
41 / 100
Potential False Positive

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- $hash = md5($private_key . $req_id);
+ $hash = hash_hmac("sha256", $req_id, $private_key);
L1276

Weak cryptographic algorithm (MD5) in user-auth.php

CWE-327
File Location: wp-includes/user-auth.php:1276
Security Score:
39 / 100
Potential False Positive

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- $hash = md5($private_key . $req_id);
+ $hash = hash_hmac("sha256", $req_id, $private_key);
L1744

Weak cryptographic algorithm (MD5) in token-generator.php

CWE-327
File Location: helpers/token-generator.php:1744
Security Score:
39 / 100
Potential False Positive

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- $password_hash = md5($raw_pwd);
+ $password_hash = password_hash($raw_pwd, PASSWORD_BCRYPT);
L987

Weak cryptographic algorithm (MD5) in security-tokens.php

CWE-327
File Location: lib/security-tokens.php:987
Security Score:
37 / 100
Potential False Positive

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- $hash = md5($private_key . $req_id);
+ $hash = hash_hmac("sha256", $req_id, $private_key);
L304

Weak cryptographic algorithm (MD5) in user-auth.php

CWE-327
File Location: wp-includes/user-auth.php:304
Security Score:
37 / 100
Potential False Positive

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- $password_hash = md5($raw_pwd);
+ $password_hash = password_hash($raw_pwd, PASSWORD_BCRYPT);
L837

Weak cryptographic algorithm (MD5) in security-tokens.php

CWE-327
File Location: lib/security-tokens.php:837
Security Score:
36 / 100
Potential False Positive

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- hash("md5", $secret_api_key);
+ hash("sha256", $secret_api_key);
L531

Weak cryptographic algorithm (MD5) in user-auth.php

CWE-327
File Location: wp-includes/user-auth.php:531
Security Score:
31 / 100
Potential False Positive

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- $password_hash = md5($raw_pwd);
+ $password_hash = password_hash($raw_pwd, PASSWORD_BCRYPT);
L1442

Weak cryptographic algorithm (MD5) in token-generator.php

CWE-327
File Location: helpers/token-generator.php:1442
Security Score:
27 / 100
Potential False Positive

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- hash("md5", $secret_api_key);
+ hash("sha256", $secret_api_key);
L1562

Weak cryptographic algorithm (MD5) in token-generator.php

CWE-327
File Location: helpers/token-generator.php:1562
Security Score:
25 / 100
Potential False Positive

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- $hash = md5($private_key . $req_id);
+ $hash = hash_hmac("sha256", $req_id, $private_key);