Does Blockbuddy have any unpatched vulnerabilities?

No. All known vulnerabilities in Blockbuddy have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Blockbuddy compatible with WordPress 5.1.0?

According to WordPress.org data, Blockbuddy 0.1 has been tested up to WordPress 5.1.0. Check the plugin's changelog for the latest compatibility information.

How often is Blockbuddy updated?

Blockbuddy was last updated on Feb 24, 2019. Frequent updates are generally a positive security signal.

What is Blockbuddy's security score?

Blockbuddy has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Blockbuddy Security & Risk Analysis

wordpress.org/plugins/blockbuddy

Gutenberg Block to easily query and display content from any post type!

10 active installs v0.1 PHP + WP 5.0.0+ Updated Feb 24, 2019

blockgutenberg

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Blockbuddy Safe to Use in 2026?

Generally Safe

Score 85/100

Blockbuddy has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago

Risk Assessment

The blockbuddy plugin version 0.1 presents a mixed security picture. On the positive side, the static analysis shows no dangerous functions, no raw SQL queries, no file operations, and no external HTTP requests, all of which are good security practices. The plugin also boasts a clean vulnerability history with zero recorded CVEs, suggesting a track record of security. However, a significant concern arises from the complete lack of output escaping. With 30 total outputs and 0% properly escaped, this indicates a high probability of cross-site scripting (XSS) vulnerabilities. Furthermore, the absence of any nonce or capability checks across the identified entry points (though the attack surface is currently zero) means that if any entry points were to be introduced or become accessible, they would be entirely unprotected.

Key Concerns

0% of output properly escaped
0 capability checks on entry points
0 nonce checks on entry points

Vulnerabilities

None known

Blockbuddy Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Blockbuddy Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped30 total outputs

Attack Surface

Blockbuddy Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 10

actioninitblock-buddy.php:28

actioninitblock-buddy.php:33

actionenqueue_block_editor_assetsclass.block-buddy-admin.php:20

actionenqueue_block_assetsclass.custom-query-block.php:32

actionrest_api_initclass.custom-query-block.php:34

actioninittrunk\block-buddy.php:28

actioninittrunk\block-buddy.php:33

actionenqueue_block_editor_assetstrunk\class.block-buddy-admin.php:20

actionenqueue_block_assetstrunk\class.custom-query-block.php:32

actionrest_api_inittrunk\class.custom-query-block.php:34

Maintenance & Trust

Blockbuddy Maintenance & Trust

Maintenance Signals

WordPress version tested5.1.0

Last updatedFeb 24, 2019

PHP min version

Downloads2K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

Blockbuddy Alternatives

Classic Editor

classic-editor

100

Enables the previous "classic" editor and the old-style Edit Post screen with TinyMCE, Meta Boxes, etc. Supports all plugins that extend this screen.

9.0M No CVEs

Starter Templates – AI-Powered Templates for Elementor & Gutenberg

astra-sites

The growing library of 300+ ready-to-use templates that work with all WordPress themes including Astra, Hello, OceanWP, GeneratePress and more

2.0M 7 CVEs

Advanced Editor Tools

tinymce-advanced

100

Extends and enhances the block editor (Gutenberg) and the classic editor (TinyMCE).

2.0M 1 CVE

Spectra Gutenberg Blocks – Website Builder for the Block Editor

ultimate-addons-for-gutenberg

Power-up Gutenberg with advanced blocks for faster website creation. Build your WordPress website effortlessly using powerful building blocks!

1.0M 26 CVEs

Disable Gutenberg

disable-gutenberg

100

Disable Gutenberg Block Editor and restore the Classic Editor and original Edit Post screen (TinyMCE, meta boxes, etc.).

600K No CVEs

Developer Profile

Blockbuddy Developer Profile

Aaron Rutley

2 plugins · 10K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Blockbuddy

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/blockbuddy/dist/blocks.build.js/wp-content/plugins/blockbuddy/dist/blocks.editor.build.css

Script Paths

/wp-content/plugins/blockbuddy/dist/blocks.build.js

Version Parameters

blockbuddy/style.css?ver=blockbuddy/script.js?ver=

HTML / DOM Fingerprints

CSS Classes

wp-block-cqb-block-custom-query-block

Data Attributes

data-block="cqb/block-custom-query-block"

JS Globals

window.customQueryBlockInitwindow.CustomQueryBlock

REST Endpoints

/wp-json/custom-query-block/v1

FAQ