Does Block Plugin Update have any unpatched vulnerabilities?

No. All known vulnerabilities in Block Plugin Update have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Block Plugin Update compatible with WordPress 6.7.5?

According to WordPress.org data, Block Plugin Update 3.3.2 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

How often is Block Plugin Update updated?

Block Plugin Update was last updated on Nov 26, 2024. Frequent updates are generally a positive security signal.

What is Block Plugin Update's security score?

Block Plugin Update has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Block Plugin Update Security & Risk Analysis

wordpress.org/plugins/block-specific-plugin-updates

This plugin blocks the updates for specific plugins. You can select the plugins from plugin setting page.

6K active installs v3.3.2 PHP + WP 3.0+ Updated Nov 26, 2024

block-plugin-updatedisable-plugin-updatehide-plugin-update-notificationplugin-update-hider

A · Safe

CVEs total1

Unpatched0

Last CVESep 27, 2023

Plugin page Download

Safety Verdict

Is Block Plugin Update Safe to Use in 2026?

Generally Safe

Score 92/100

Block Plugin Update has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Sep 27, 2023Updated 1yr ago

Risk Assessment

The "block-specific-plugin-updates" plugin, version 3.3.2, exhibits a generally positive security posture with a commendable lack of critical vulnerabilities detected in static analysis. Its attack surface is minimal, with no exposed AJAX handlers, REST API routes, shortcodes, or cron events, and importantly, none of these entry points are unprotected. The code also demonstrates good practices by exclusively using prepared statements for SQL queries and including a nonce check. However, a significant concern arises from the low rate of output escaping (20%), indicating a potential for reflected or stored cross-site scripting (XSS) vulnerabilities if user-supplied data is not properly sanitized before being displayed. The presence of one past medium severity vulnerability (CSRF) in its history, while currently patched, suggests that the plugin has had security issues in the past, emphasizing the need for continued vigilance and timely updates.

Key Concerns

Low output escaping rate
Past medium vulnerability (CSRF)

Vulnerabilities

Block Plugin Update Security Vulnerabilities

CVEs by Year

1 CVE in 2023

2023

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2023-44261medium · 5.3Cross-Site Request Forgery (CSRF)

Block Plugin Update <= 3.3.1 - Cross-Site Request Forgery via bspu_plugin_select.php

Sep 27, 2023 Patched in 3.3.2 (118d)

Code Analysis

Analyzed Mar 16, 2026

Block Plugin Update Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

20% escaped5 total outputs

Data Flows

All sanitized

Data Flow Analysis

1 flows

<bspu_plugin_select> (includes\bspu_plugin_select.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Block Plugin Update Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 3

filterhttp_request_argsblock-specific-plugin-updates.php:27

actionadmin_menuplugin_interface.php:3

actionadmin_initplugin_interface.php:11

Maintenance & Trust

Block Plugin Update Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedNov 26, 2024

PHP min version

Downloads105K

Community Trust

Rating88/100

Number of ratings19

Active installs6K

Alternatives

Block Plugin Update Alternatives

Disable WP Notification

disable-wp-notification

100

Best wordpress plugin to remove all the admin panel notifications in just one click. Including the theme and plugin update notification.

10K No CVEs

Disable Updates – Updates Manager, Disable Automatic Updates, Disable All Updates

webcraftic-updates-manager

100

Disable updates and automatic updates for WordPress core, plugins, and themes, with the option to disable plugin or theme updates individually.

9K No CVEs

WP Disable Automatic Updates

wp-disable-automatic-updates

This plugin allows you to disable all types of automatic Wordpress Updates very simply with some special features.

2K No CVEs

Disable Plugin Deactivation

disable-plugin-deactivation

Use this plugin to disable plugin deactivation, activation, deletion, edit, and update. The new version allows only super admin of the website to only …

100 No CVEs

Manage Customized Plugin Updates

manage-customized-plugin-updates

Are you a web developer or website design company who has installed / customized plugins for your clients and you're having a hard time managing …

90 No CVEs

Developer Profile

Block Plugin Update Developer Profile

Dnesscarkey

5 plugins · 535K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

474 days

View full developer profile

Detection Fingerprints

How We Detect Block Plugin Update

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/block-specific-plugin-updates/plugin_interface.php

HTML / DOM Fingerprints

FAQ