Blog-Writer Security & Risk Analysis
wordpress.org/plugins/blog-writerBlog-Writer is a Gutenberg block plugin for designing highly customizable and responsive desktop and mobile menus.
Is Blog-Writer Safe to Use in 2026?
Generally Safe
Score 100/100Blog-Writer has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The 'blog-writer' plugin v1.0.0 demonstrates a mixed security posture. On the positive side, the code shows good practices with a high percentage of properly escaped outputs and no observed dangerous functions, file operations, or external HTTP requests. Furthermore, all SQL queries utilize prepared statements, which is excellent. The absence of any recorded vulnerabilities in its history is also a strong indicator of a historically secure plugin.
However, the static analysis reveals a significant concern: a single REST API route that lacks permission callbacks. This represents an unprotected entry point into the plugin's functionality. While the current taint analysis shows no issues, this open REST API endpoint could potentially be exploited if it interacts with sensitive data or performs critical actions without proper authorization. The lack of nonce checks and capability checks on this entry point amplifies this risk.
In conclusion, while 'blog-writer' v1.0.0 benefits from good coding practices in many areas and a clean vulnerability history, the unprotected REST API route is a critical weakness that needs immediate attention. This single entry point poses a tangible security risk that could be exploited by attackers. Addressing this would significantly improve the plugin's overall security.
Key Concerns
- REST API route without permission callbacks
- No nonce checks
- No capability checks
Blog-Writer Security Vulnerabilities
Blog-Writer Code Analysis
Output Escaping
Blog-Writer Attack Surface
REST API Routes 1
WordPress Hooks 6
Maintenance & Trust
Blog-Writer Maintenance & Trust
Maintenance Signals
Community Trust
Blog-Writer Alternatives
Responsive Columns
responsive-columns
Adaptive column counts, gap controls, and Masonry layouts for core Columns and Query Loop blocks — no custom blocks required.
Block Visibility Scope
block-visibility-scope
Provide responsive visibility control to all WordPress blocks. Easily hide or show blocks on specific screen sizes (Extra Small to XXL).
Responsive Picture Block
responsive-picture-block
Create truly responsive, art-directed images in the block editor. Wrap multiple Image blocks (Desktop/Tablet/Mobile/Custom) and render a single HTML e …
Classic Editor
classic-editor
Enables the previous "classic" editor and the old-style Edit Post screen with TinyMCE, Meta Boxes, etc. Supports all plugins that extend this screen.
Starter Templates – AI-Powered Templates for Elementor & Gutenberg
astra-sites
The growing library of 300+ ready-to-use templates that work with all WordPress themes including Astra, Hello, OceanWP, GeneratePress and more
Blog-Writer Developer Profile
1 plugin · 0 total installs
How We Detect Blog-Writer
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/blog-writer/assets/css/bootstrap-grid.css/wp-content/plugins/blog-writer/assets/css/blocks-main.cssblog-writer/assets/css/bootstrap-grid.css?ver=blog-writer/assets/css/blocks-main.css?ver=HTML / DOM Fingerprints
lp-course-listlp-course-itemcourse-thumbnailcourse-titlecourse-instructorcourse-ratingcourse-price<!-- Exit if access directly --><!-- Create a new query --><!-- Start the loop for displaying courses --><!-- Set up post data -->+12 moredata-block="blog-writer/after-login"data-block="blog-writer/before-login"data-block="blog-writer/menu-desktop"data-block="blog-writer/menu-mobile"/wp-json/gsp/v1/menu<div class="lp-course-list d-flex"><div class="lp-course-item"><div class="course-thumbnail"><h2 class="course-title">