Does Besan Block have any unpatched vulnerabilities?

No. All known vulnerabilities in Besan Block have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Besan Block compatible with WordPress 6.6.5?

According to WordPress.org data, Besan Block 1.4.1 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

Is Besan Block compatible with PHP 7.0+?

Besan Block requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Besan Block updated?

Besan Block was last updated on Apr 17, 2025. Frequent updates are generally a positive security signal.

What is Besan Block's security score?

Besan Block has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Besan Block Security & Risk Analysis

wordpress.org/plugins/besan-block

[Deprecated!] Add a responsive and accessible data chart block to posts and pages.

10 active installs v1.4.1 PHP 7.0+ WP 5.0+ Updated Apr 17, 2025

chartdatagraph

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Besan Block Safe to Use in 2026?

Generally Safe

Score 100/100

Besan Block has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11mo ago

Risk Assessment

The "besan-block" v1.4.1 plugin exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The absence of any known CVEs, unpatched vulnerabilities, or critical taint flows is a significant positive indicator. Furthermore, the plugin demonstrates good practices by exclusively using prepared statements for SQL queries and properly escaping a high percentage of its output. The attack surface appears minimal, with no identified AJAX handlers, REST API routes, shortcodes, or cron events, which reduces potential entry points for attackers.

However, a few areas warrant attention. The presence of a "Dangerous functions: 1 (preg_replace(/e))" signal suggests a potential for regular expression-based vulnerabilities if not handled with extreme care. While no specific taint flows were identified in the analysis, the `preg_replace` function can be exploited for code injection or denial-of-service attacks if user-supplied input is not rigorously sanitized before being passed to it. The lack of nonce checks and capability checks on any potential, though currently non-existent, entry points is a theoretical concern for future development or if the attack surface expands without these security measures being implemented.

Key Concerns

Dangerous function: preg_replace(/e)
No nonce checks
No capability checks

Vulnerabilities

None known

Besan Block Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Besan Block Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

preg_replace(/e)preg_replace( '/(https:\/\/docs.google.com\/spreadsheets\/d\/)|\/esource\blocks\chart\data\sheet-data.php:54

Output Escaping

80% escaped5 total outputs

Attack Surface

Besan Block Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 8

actionenqueue_block_editor_assetsinc\assets.php:19

actionadmin_enqueue_scriptsinc\assets.php:20

actionadmin_menuinc\options-page.php:19

actionadmin_initinc\options-page.php:20

actionadmin_noticesinc\plugins-page.php:16

filterplugin_action_links_besan-block/besan-block.phpinc\plugins-page.php:18

filterplugin_row_metainc\plugins-page.php:19

actioninitsource\blocks\chart\register.php:16

Maintenance & Trust

Besan Block Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedApr 17, 2025

PHP min version7.0

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Besan Block Alternatives

Graphina – Charts and Graphs For Elementor

graphina-elementor-charts-and-graphs

Most Powerful Data visualization plugin for WordPress Elementor. The easiest way to build gorgeous Charts & Graphs on your Elementor website.

10K 7 CVEs

WP Charts and Graphs – WordPress Chart Plugin

wp-charts-and-graphs

100

WP Charts and Graphs provides stunning, interactive charts to visualize any numbers on an attractive way using different charts.

1K No CVEs

iChart – Easy Charts and Graphs

ichart

Create Responsive Charts and graphs iChart! COVID-19 widget for Live Data. Sidebar ticker Widget for CORONA stats. Add beautiful graphs & charts t …

400 1 CVE

Venngage Infographics

venngage

Create and embed your Venngage infographics, charts and data visualizations into your WordPress site

100 No CVEs

Charts Blocks for Gutenberg

charts-blocks

Responsive, Interactive and Animated Charts in just two simple clicks. Select a Chart Block, Upload your CSV file and DONE. It's that easy!

60 No CVEs

Developer Profile

Besan Block Developer Profile

Joni Halabi

3 plugins · 50 total installs

trust score

Avg Security Score

93/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Besan Block

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/besan-block/build/besan-block.min.js/wp-content/plugins/besan-block/build/besan-block-editor.min.css

HTML / DOM Fingerprints

CSS Classes

besan-block-editor-wrapper

HTML Comments

+5 more

Data Attributes

data-api-key

JS Globals

besanOptions

FAQ