Does Bricksable for Bricks Builder have any unpatched vulnerabilities?

No. All known vulnerabilities in Bricksable for Bricks Builder have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Bricksable for Bricks Builder compatible with WordPress 6.9.4?

According to WordPress.org data, Bricksable for Bricks Builder 1.6.83 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Bricksable for Bricks Builder compatible with PHP 7.4+?

Bricksable for Bricks Builder requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Bricksable for Bricks Builder updated?

Bricksable for Bricks Builder was last updated on Mar 3, 2026. Frequent updates are generally a positive security signal.

What is Bricksable for Bricks Builder's security score?

Bricksable for Bricks Builder has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Bricksable for Bricks Builder Security & Risk Analysis

wordpress.org/plugins/bricksable

Elevate your website game with the Bricksable collection of premium elements for Bricks Builder. Designed to speed up your workflow, our customizable …

10K active installs v1.6.83 PHP 7.4+ WP 5.6+ Updated Mar 3, 2026

bricksbricks-builderbricks-element

A · Safe

CVEs total1

Unpatched0

Last CVENov 1, 2024

Plugin page Download

Safety Verdict

Is Bricksable for Bricks Builder Safe to Use in 2026?

Generally Safe

Score 99/100

Bricksable for Bricks Builder has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Nov 1, 2024Updated 1mo ago

Risk Assessment

The static analysis of Bricksable v1.6.83 indicates a generally good security posture with no identified entry points lacking authentication or permission checks. The plugin demonstrates strong practices by using prepared statements for all SQL queries and implementing nonce and capability checks on its internal functions. File operations are notably absent, and there are no critical or high-severity taint flows identified, suggesting a low risk of direct code execution or sensitive data compromise through these channels.

However, a concerning aspect is the output escaping. With 79% of outputs properly escaped, there is still a significant percentage (21%) that are not. This creates a potential attack vector for Cross-Site Scripting (XSS) vulnerabilities, especially given the plugin's history of a medium-severity XSS vulnerability. The single external HTTP request also warrants scrutiny, as it could be a potential avenue for various attacks if not handled securely. The presence of a past vulnerability, even if patched, indicates that the plugin has had security weaknesses in the past.

In conclusion, while Bricksable v1.6.83 benefits from robust input validation and SQL handling, the incomplete output escaping remains a notable weakness that could lead to XSS attacks. The plugin's history, though currently clear of unpatched vulnerabilities, highlights the importance of continued vigilance. Developers should prioritize addressing the unescaped outputs to mitigate the risk of XSS and ensure all external requests are handled with maximum security precautions.

Key Concerns

Unescaped output percentage is 21%
Past medium severity XSS vulnerability
One external HTTP request

Vulnerabilities

Bricksable for Bricks Builder Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-51663medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Bricksable for Bricks Builder <= 1.6.59 - Authenticated (Administrator+) Stored Cross-Site Scripting

Nov 1, 2024 Patched in 1.6.60 (6d)

Code Analysis

Analyzed Mar 16, 2026

Bricksable for Bricks Builder Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

183 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared4 total queries

Output Escaping

79% escaped232 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

settings_page (includes\class-bricksable-settings.php:467)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Bricksable for Bricks Builder Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 23

actionadmin_initincludes\class-bricksable-migration.php:36

actionadmin_initincludes\class-bricksable-migration.php:37

actionadmin_noticesincludes\class-bricksable-migration.php:39

actionadmin_initincludes\class-bricksable-review.php:76

actionadmin_initincludes\class-bricksable-review.php:77

actionadmin_noticesincludes\class-bricksable-review.php:157

actionadmin_noticesincludes\class-bricksable-settings.php:74

actioninitincludes\class-bricksable-settings.php:92

actionadmin_initincludes\class-bricksable-settings.php:95

actionadmin_menuincludes\class-bricksable-settings.php:98

filterupload_mimesincludes\class-bricksable-settings.php:125

actioninitincludes\class-bricksable-settings.php:129

filterbricks/builder/elementsincludes\class-bricksable-settings.php:150

filterbricks/builder/i18nincludes\class-bricksable-settings.php:152

filterbricks/builder/save_messagesincludes\class-bricksable-settings.php:163

actionwp_enqueue_scriptsincludes\class-bricksable.php:133

actionwp_enqueue_scriptsincludes\class-bricksable.php:134

actionadmin_enqueue_scriptsincludes\class-bricksable.php:137

actionadmin_enqueue_scriptsincludes\class-bricksable.php:138

actioninitincludes\class-bricksable.php:146

actioninitincludes\class-bricksable.php:147

actionadmin_initincludes\class-bricksable.php:150

actionadmin_noticesincludes\class-bricksable.php:151

Maintenance & Trust

Bricksable for Bricks Builder Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 3, 2026

PHP min version7.4

Downloads280K

Community Trust

Rating100/100

Number of ratings56

Active installs10K

Alternatives

Bricksable for Bricks Builder Alternatives

Bricks Navigator

brickslabs-bricks-navigator

100

Adds quick links in the WordPress admin bar for users of Bricks theme.

8K No CVEs

Max Addons for Bricks Builder

max-addons-for-bricks

100

Maximise your website building experience with the collection of useful and creative elements for Bricks Builder

1K No CVEs

Webhook for Bricks Forms

webhook-for-bricks-forms

100

Adds form ID and webhook URL pairs to trigger specific webhooks on Bricks form submissions, with debug options.

50 No CVEs

Yabe Ukiyo

yabe-ukiyo

100

Bricks remote templates manager.

50 No CVEs

Bricksed Mobile & Mega Menu for Bricks Builder

bricksed

100

Mobile Menu and Mega menu element for Bricks Builder that enhances your WordPress navigation with advanced features and mobile-friendly design.

40 No CVEs

Developer Profile

Bricksable for Bricks Builder Developer Profile

Bricksable

1 plugin · 10K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

6 days

View full developer profile

Detection Fingerprints

How We Detect Bricksable for Bricks Builder

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/bricksable/assets/css/bricksable.css/wp-content/plugins/bricksable/assets/js/bricksable.js/wp-content/plugins/bricksable/assets/js/bricksable-elementor.js/wp-content/plugins/bricksable/assets/css/bricksable-elementor.css/wp-content/plugins/bricksable/assets/js/bricksable-migration.js/wp-content/plugins/bricksable/assets/js/bricksable-review.js/wp-content/plugins/bricksable/assets/js/bricksable-admin-api.js/wp-content/plugins/bricksable/assets/js/bricksable-post-type.js+1 more

Script Paths

/wp-content/plugins/bricksable/assets/js/bricksable.js/wp-content/plugins/bricksable/assets/js/bricksable-elementor.js/wp-content/plugins/bricksable/assets/js/bricksable-migration.js/wp-content/plugins/bricksable/assets/js/bricksable-review.js/wp-content/plugins/bricksable/assets/js/bricksable-admin-api.js/wp-content/plugins/bricksable/assets/js/bricksable-post-type.js+1 more

Version Parameters

bricksable/assets/css/bricksable.css?ver=bricksable/assets/js/bricksable.js?ver=bricksable/assets/js/bricksable-elementor.js?ver=bricksable/assets/css/bricksable-elementor.css?ver=bricksable/assets/js/bricksable-migration.js?ver=bricksable/assets/js/bricksable-review.js?ver=bricksable/assets/js/bricksable-admin-api.js?ver=bricksable/assets/js/bricksable-post-type.js?ver=bricksable/assets/js/bricksable-taxonomy.js?ver=

HTML / DOM Fingerprints

CSS Classes

bricksable-containerbricksable-section-wrapbricksable-column-wrapbricksable-element

HTML Comments

Data Attributes

data-bricksable-elementdata-bricksable-containerdata-bricksable-section-wrapdata-bricksable-column-wrap

JS Globals

bricksable_editor_settingsbricksable_elements_databricksable_pro_active

REST Endpoints

/wp-json/bricksable/v1/settings/wp-json/bricksable/v1/elements

Shortcode Output

[bricksable_accordion][bricksable_tabs][bricksable_slider]

FAQ