Does Aspect Blocks have any unpatched vulnerabilities?

No. All known vulnerabilities in Aspect Blocks have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Aspect Blocks compatible with WordPress 6.7.5?

According to WordPress.org data, Aspect Blocks 1.1 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Aspect Blocks compatible with PHP 7.0+?

Aspect Blocks requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Aspect Blocks updated?

Aspect Blocks was last updated on Dec 17, 2024. Frequent updates are generally a positive security signal.

What is Aspect Blocks's security score?

Aspect Blocks has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Aspect Blocks Security & Risk Analysis

wordpress.org/plugins/aspect-blocks

🌐 Aspect Blocks is a Gutenberg plugin that leverages Tailwind CSS for seamless style customization, providing a modern and responsive design. 🌟

0 active installs v1.1 PHP 7.0+ WP + Updated Dec 17, 2024

blockstailwindtailwind-cssui-blockswordpress-blocks

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Aspect Blocks Safe to Use in 2026?

Generally Safe

Score 92/100

Aspect Blocks has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The aspect-blocks v1.1 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and ensuring all identified outputs are properly escaped, eliminating risks associated with SQL injection and reflected/stored XSS through output. The absence of file operations and external HTTP requests further reduces the attack surface. However, a significant concern arises from the static analysis, which reveals one unprotected REST API route. This lack of permission validation on an entry point is a critical vulnerability that could allow unauthorized access to plugin functionality. The plugin also has a notable absence of nonce and capability checks on its entry points, which is a missed opportunity for robust access control. Its vulnerability history is clean, with no recorded CVEs, suggesting that, to date, the plugin has not been found to contain critical or high-severity vulnerabilities. This positive track record, combined with the absence of critical taint analysis findings and dangerous functions, indicates a generally careful approach to coding. Despite this, the single unprotected REST API route represents a tangible and immediate security risk that requires attention. The overall security posture is thus a balance between good fundamental coding practices and a critical oversight in access control for its REST API endpoint.

Key Concerns

REST API route without permission callback
0 nonce checks on entry points
0 capability checks on entry points

Vulnerabilities

None known

Aspect Blocks Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Aspect Blocks Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

2 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped2 total outputs

Attack Surface

1 unprotected

Aspect Blocks Attack Surface

Entry Points1

Unprotected1

REST API Routes 1

GET/wp-json/aspect-blocks/v2/metafunctions-rest.php:7

WordPress Hooks 4

actionenqueue_block_assetsaspect-blocks.php:72

actioninitaspect-blocks.php:88

filterblock_categories_allfunctions-blocks.php:46

actionrest_api_initfunctions-rest.php:6

Maintenance & Trust

Aspect Blocks Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedDec 17, 2024

PHP min version7.0

Downloads761

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Aspect Blocks Alternatives

Draft – Tailwind CSS for WordPress.

website-builder

Add Tailwind CSS to WordPress, in seconds.

700 1 unpatched

Page Builder Gutenberg Blocks – CoBlocks

coblocks

CoBlocks is a suite of page builder WordPress blocks for Gutenberg, with 10+ new blocks and a true page builder experience with rows and columns.

300K 1 unpatched

Stackable – Page Builder Gutenberg Blocks

stackable-ultimate-gutenberg-blocks

Custom Blocks that transform your WordPress Block Editor into a page builder

100K 7 CVEs

GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor

gutenkit-blocks-addon

GutenKit – Ultimate no-code Gutenberg blocks to design stunning web pages and visually stunning posts in WordPress block editor.

70K 3 CVEs

Getwid – Gutenberg Blocks

getwid

40+ Gutenberg Blocks, plus multiple pre-made free block templates for the WordPress block editor.

50K 11 CVEs

Developer Profile

Aspect Blocks Developer Profile

Nafis Mahmud Ayon

1 plugin · 0 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Aspect Blocks

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/aspect-blocks/assets/js/tailwind.js

Script Paths

/wp-content/plugins/aspect-blocks/assets/js/tailwind.js

HTML / DOM Fingerprints

CSS Classes

aspect-blocks

Data Attributes

data-attribute-smdata-attribute-mddata-attribute-desktopdata-attribute-custom

JS Globals

tailwind

REST Endpoints

/wp-json/aspect-blocks/v2/meta

FAQ