Does Blockskit Import have any unpatched vulnerabilities?

No. All known vulnerabilities in Blockskit Import have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Blockskit Import compatible with WordPress 6.4.8?

According to WordPress.org data, Blockskit Import 0.0.6 has been tested up to WordPress 6.4.8. Check the plugin's changelog for the latest compatibility information.

Is Blockskit Import compatible with PHP 4.6+?

Blockskit Import requires PHP 4.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Blockskit Import updated?

Blockskit Import was last updated on Feb 12, 2024. Frequent updates are generally a positive security signal.

What is Blockskit Import's security score?

Blockskit Import has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Blockskit Import Security & Risk Analysis

wordpress.org/plugins/blockskit-import

A easy plugin to import starter sites.

100 active installs v0.0.6 PHP 4.6+ WP 4.6+ Updated Feb 12, 2024

demo-datademo-data-importerone-click-demo-import

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Blockskit Import Safe to Use in 2026?

Generally Safe

Score 85/100

Blockskit Import has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago

Risk Assessment

The "blockskit-import" v0.0.6 plugin exhibits a generally good security posture with no recorded vulnerabilities or critical code signals. The plugin demonstrates strong adherence to secure coding practices, with 100% of SQL queries utilizing prepared statements and all output properly escaped. Additionally, all identified code signals are of low risk, with no dangerous functions, file operations, or tainted data flows. The presence of nonce and capability checks, though not comprehensive across all entry points, indicates an awareness of WordPress security best practices.

However, the plugin does present a notable concern regarding its attack surface. With two AJAX handlers, one of which lacks any authentication or permission checks, there is a direct entry point for unauthenticated requests. While the static analysis did not reveal exploitable vulnerabilities in this specific area, this unprotected endpoint significantly increases the potential for abuse if future code modifications or undiscovered flaws emerge. The plugin's history of zero CVEs is a positive indicator, suggesting diligent development, but the single unprotected AJAX handler remains the most significant risk factor identified in this assessment.

Key Concerns

AJAX handler without authentication

Vulnerabilities

None known

Blockskit Import Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Blockskit Import Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

9 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped9 total outputs

Attack Surface

1 unprotected

Blockskit Import Attack Surface

Entry Points2

Unprotected1

AJAX Handlers 2

authwp_ajax_blockskit_import_getting_startedblockskit-import.php:58

authwp_ajax_bk_import_install_blockskitincludes\admin-notices.php:177

WordPress Hooks 11

filteradvanced_import_demo_listsblockskit-import.php:56

filteradmin_menublockskit-import.php:57

filteradmin_enqueue_scriptsblockskit-import.php:59

filteradmin_enqueue_scriptsblockskit-import.php:60

filteradvanced_export_include_optionsblockskit-import.php:61

actionadvanced_import_replace_post_idsblockskit-import.php:62

actionswitch_themedemo\functions.php:28

actionadmin_enqueue_scriptsincludes\admin-notices.php:6

actionadmin_noticesincludes\admin-notices.php:40

actionadmin_initincludes\admin-notices.php:46

actionswitch_themeincludes\admin-notices.php:57

Maintenance & Trust

Blockskit Import Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8

Last updatedFeb 12, 2024

PHP min version4.6

Downloads6K

Community Trust

Rating0/100

Number of ratings0

Active installs100

Alternatives

Blockskit Import Alternatives

Keon Toolset

keon-toolset

100

Import dummy data for themes developed by Keon Themes.

30K No CVEs

Blockskit

blockskit

100

An easy plugin to import starter sites and add different effects to the image.

8K No CVEs

Kortez Toolset

kortez-toolset

Import dummy data for themes developed by Kortez Themes.

1K No CVEs

Cyclone Demo Importer

cyclone-demo-importer

Import Dummy data for themes developed by Cyclone Themes.

10K No CVEs

Candid Advanced Toolset

candid-advanced-toolset

Import Dummy data for themes developed by Candid Themes.

1K No CVEs

Developer Profile

Blockskit Import Developer Profile

BlockskitDev

39 plugins · 17K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Blockskit Import

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/blockskit-import/assets/blockskit-import.css/wp-content/plugins/blockskit-import/assets/blockskit-import.js

Script Paths

/wp-content/plugins/blockskit-import/assets/blockskit-import.js

Version Parameters

blockskit-import/assets/blockskit-import.css?ver=blockskit-import/assets/blockskit-import.js?ver=

HTML / DOM Fingerprints

CSS Classes

ads-containerads-screenshotads-noticeplugin-install-noticeads-gsm-btn

Data Attributes

data-namedata-slugaria-label

JS Globals

blockskit_import

FAQ