WP-Safety

AVE – Elementor & Gutenberg Addons Security & Risk Analysis

wordpress.org/plugins/advanced-visual-elements

A collection of addons you can't find in standard builders - customize and display visuals to spice up your website's looks!

50 active installs v2.0.6 PHP 7.4+ WP 6.0.0+ Updated Apr 3, 2025
addonelementorgutenbergshortcodevisual
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is AVE – Elementor & Gutenberg Addons Safe to Use in 2026?

Generally Safe

Score 92/100

AVE – Elementor & Gutenberg Addons has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The "advanced-visual-elements" plugin version 2.0.6 exhibits a mixed security posture. While it demonstrates some good practices, such as a high percentage of SQL queries using prepared statements and a significant number of capability checks, several critical concerns arise from the static analysis. The presence of unprotected AJAX handlers represents a substantial attack surface, directly exposing functionality to potential abuse without proper authorization. The use of the `unserialize` function is a significant red flag, as it can lead to remote code execution vulnerabilities if untrusted data is processed. Although no critical or high-severity taint flows were identified, the single flow with unsanitized paths warrants attention. The absence of any recorded vulnerability history might suggest a lack of past exploitation or diligent patching by developers, but it does not guarantee future security.

Key Concerns

  • Unprotected AJAX handlers
  • Dangerous function: unserialize
  • Unsanitized paths in taint analysis
  • Low output escaping percentage
  • Bundled outdated library: Freemius v1.0
Vulnerabilities
None known

AVE – Elementor & Gutenberg Addons Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

AVE – Elementor & Gutenberg Addons Code Analysis

Dangerous Functions
1
Raw SQL Queries
2
3 prepared
Unescaped Output
777
188 escaped
Nonce Checks
4
Capability Checks
9
File Operations
1
External Requests
2
Bundled Libraries
1

Dangerous Functions Found

unserialize$hash = unserialize($body_vimeo);includes\class-adv-vis-ele-helpers.php:102

Bundled Libraries

Freemius1.0

SQL Query Safety

60% prepared5 total queries

Output Escaping

19% escaped965 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

5 flows1 with unsanitized paths
quick_preview (admin\class-adv-vis-ele-admin.php:591)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
4 unprotected

AVE – Elementor & Gutenberg Addons Attack Surface

Entry Points5
Unprotected4

AJAX Handlers 4

authwp_ajax_adv_vis_ele_ajax_load_more_elementsincludes\class-adv-vis-ele.php:56
authwp_ajax_adv_vis_ele_ajax_import_settingsincludes\class-adv-vis-ele.php:57
authwp_ajax_adv_vis_ele_ajax_full_importincludes\class-adv-vis-ele.php:58
authwp_ajax_adv_vis_ele_ajax_quick_saveincludes\class-adv-vis-ele.php:59

Shortcodes 1

[ave-element] public\class-adv-vis-ele-public.php:150
WordPress Hooks 31
actionelementor/widgets/widgets_registeredadmin\class-adv-vis-ele-elementor.php:7
actionplugins_loadedincludes\class-adv-vis-ele.php:44
actionwp_headincludes\class-adv-vis-ele.php:51
actionadmin_enqueue_scriptsincludes\class-adv-vis-ele.php:53
actionadmin_enqueue_scriptsincludes\class-adv-vis-ele.php:54
actionadmin_menuincludes\class-adv-vis-ele.php:55
actionedit_form_after_editorincludes\class-adv-vis-ele.php:60
actionpublish_adv-vis-elementincludes\class-adv-vis-ele.php:61
actiondraft_adv-vis-elementincludes\class-adv-vis-ele.php:62
actiontransition_post_statusincludes\class-adv-vis-ele.php:63
actionmanage_adv-vis-element_posts_custom_columnincludes\class-adv-vis-ele.php:70
filtermanage_adv-vis-element_posts_columnsincludes\class-adv-vis-ele.php:77
filterpost_row_actionsincludes\class-adv-vis-ele.php:78
filterpost_row_actionsincludes\class-adv-vis-ele.php:85
actionadmin_initincludes\class-adv-vis-ele.php:92
actionadmin_initincludes\class-adv-vis-ele.php:93
filterplugin_action_links_wp-ave/wp-ave.phpincludes\class-adv-vis-ele.php:94
filteradmin_body_classincludes\class-adv-vis-ele.php:95
filterparent_fileincludes\class-adv-vis-ele.php:96
actionpost_submitbox_misc_actionsincludes\class-adv-vis-ele.php:97
filterwp_loadedincludes\class-adv-vis-ele.php:98
actioninitincludes\class-adv-vis-ele.php:99
filteruse_block_editor_for_post_typeincludes\class-adv-vis-ele.php:100
actionadmin_footerincludes\class-adv-vis-ele.php:107
actionupgrader_process_completeincludes\class-adv-vis-ele.php:113
actionadmin_footerincludes\class-adv-vis-ele.php:121
actionwp_enqueue_scriptsincludes\class-adv-vis-ele.php:132
actionwp_enqueue_scriptsincludes\class-adv-vis-ele.php:133
actionelementor/frontend/after_enqueue_stylesincludes\class-adv-vis-ele.php:134
actioninitincludes\class-adv-vis-ele.php:154
actionafter_uninstallwp-ave.php:96
Maintenance & Trust

AVE – Elementor & Gutenberg Addons Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedApr 3, 2025
PHP min version7.4
Downloads4K

Community Trust

Rating100/100
Number of ratings1
Active installs50
Alternatives

AVE – Elementor & Gutenberg Addons Alternatives

Sectionly

Sectionly

sectionly

A
100

Sectionly is a plugin as well as an add-on for the visual composer and elementor page builder.it contains the elements/widgets/shortcodes that are com …

0 No CVEs
CBX Map for Google Map & OpenStreetMap

CBX Map for Google Map & OpenStreetMap

cbxgooglemap

A
96

Easy google map and open streetmap embed using shortcode, Responsive.

900 4 CVEs
Blocks to Shortcode – Use blocks everywhere: in page templates, Elementor, etc.

Blocks to Shortcode – Use blocks everywhere: in page templates, Elementor, etc.

blocks-to-shortcode

A
100

Easily convert blocks into shortcodes and reuse them anywhere on your site - in posts, pages, widgets, templates, and page builders like Elementor.

300 No CVEs
Awesome Progress Bar

Awesome Progress Bar

awesome-progess-bar

A
99

Awesome Progress Bar is a lightweight plugin for WordPress that allows you to easily add customizable progress bars to your site.

10 1 CVE
PASS Addons – Templates, Widgets, and Resources for Elementor

PASS Addons – Templates, Widgets, and Resources for Elementor

pass-addons

A
100

Kickstart your website in minutes with Elementor widgets, templates, starter sites, and resources that make building easy and fast!

10 No CVEs
Developer Profile

AVE – Elementor & Gutenberg Addons Developer Profile

wp-ave.com

3 plugins · 800 total installs

85
trust score
Avg Security Score
87/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect AVE – Elementor & Gutenberg Addons

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/advanced-visual-elements/admin/css/adv-vis-ele-admin.css/wp-content/plugins/advanced-visual-elements/vendor/fontawesome-5.15.1/css/all.min.css/wp-content/plugins/advanced-visual-elements/admin/js/wp-color-picker-alpha.js/wp-content/plugins/advanced-visual-elements/admin/js/adv-vis-ele-admin.js/wp-content/plugins/advanced-visual-elements/public/css/adv-vis-ele-public.css/wp-content/plugins/advanced-visual-elements/public/js/adv-vis-ele-public.js
Script Paths
/wp-content/plugins/advanced-visual-elements/vendor/fontawesome-5.15.1/css/all.min.css/wp-content/plugins/advanced-visual-elements/admin/js/wp-color-picker-alpha.js/wp-content/plugins/advanced-visual-elements/admin/js/adv-vis-ele-admin.js/wp-content/plugins/advanced-visual-elements/public/css/adv-vis-ele-public.css/wp-content/plugins/advanced-visual-elements/public/js/adv-vis-ele-public.js
Version Parameters
advanced-visual-elements/admin/css/adv-vis-ele-admin.css?ver=advanced-visual-elements/vendor/fontawesome-5.15.1/css/all.min.css?ver=advanced-visual-elements/admin/js/wp-color-picker-alpha.js?ver=advanced-visual-elements/admin/js/adv-vis-ele-admin.js?ver=advanced-visual-elements/public/css/adv-vis-ele-public.css?ver=advanced-visual-elements/public/js/adv-vis-ele-public.js?ver=

HTML / DOM Fingerprints

CSS Classes
adv-vis-ele-backend-wrapperadv-vis-ele-frontend-wrapperave-terminal-loader
HTML Comments
<!-- Created with Advanced Visual Elements -->
Data Attributes
data-ave-typedata-ave-settings
JS Globals
ADV_VIS_ELE_PLUGIN_URLADV_VIS_ELE_VERSIONwpave_fs
REST Endpoints
/wp-json/advanced-visual-elements/v1
Shortcode Output
[ave_testimonials][ave_progress_bar][ave_counter][ave_countdown]
FAQ

Frequently Asked Questions about AVE – Elementor & Gutenberg Addons