Dashboard Widget for Blocks Collaboratives Notes Security & Risk Analysis

wordpress.org/plugins/bsw-notes-dashboard

Short Description: Adds a compact dashboard widget that lists Gutenberg Notes assigned to the current user.

0 active installs v1.0.0 PHP + WP 6.9+ Updated Feb 26, 2026
commentsdashboardgutenbergnotes
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Dashboard Widget for Blocks Collaboratives Notes Safe to Use in 2026?

Generally Safe

Score 100/100

Dashboard Widget for Blocks Collaboratives Notes has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago
Risk Assessment

The "bsw-notes-dashboard" v1.0.0 plugin exhibits a strong security posture based on the provided static analysis. There are no identified critical or high-severity issues in the code, including a lack of dangerous functions, no file operations, and no external HTTP requests. The plugin also makes good use of prepared statements for its SQL queries and has a high rate of properly escaped output. The presence of capability checks is also a positive sign for access control.

However, the complete absence of nonce checks across all potential entry points (AJAX, REST API) represents a significant concern. While the attack surface is currently zero, if any new entry points are introduced without proper nonce validation, they would be immediately vulnerable to CSRF attacks. The plugin's vulnerability history is clean, with no recorded CVEs, which is excellent. This suggests a commitment to security or a lack of prior exploitation, but the lack of nonce checks is a foundational security practice that should be addressed proactively.

In conclusion, the plugin demonstrates good coding practices in many areas, but the oversight in implementing nonce checks on potential entry points is a notable weakness that introduces a risk of cross-site request forgery vulnerabilities if the attack surface expands. This should be a priority to rectify for a truly robust security profile.

Key Concerns

  • Missing nonce checks on all entry points
Vulnerabilities
None known

Dashboard Widget for Blocks Collaboratives Notes Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Dashboard Widget for Blocks Collaboratives Notes Release Timeline

v1.0.0Current
v0.1
Code Analysis
Analyzed Mar 17, 2026

Dashboard Widget for Blocks Collaboratives Notes Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
4 prepared
Unescaped Output
2
43 escaped
Nonce Checks
0
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared4 total queries

Output Escaping

96% escaped45 total outputs
Attack Surface

Dashboard Widget for Blocks Collaboratives Notes Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 7
actionwp_dashboard_setupbsw-notes-dashboard.php:19
actioncomment_postbsw-notes-dashboard.php:254
actionedit_commentbsw-notes-dashboard.php:255
actiondelete_commentbsw-notes-dashboard.php:256
actiontrashed_commentbsw-notes-dashboard.php:257
actionuntrashed_commentbsw-notes-dashboard.php:258
actionwp_set_comment_statusbsw-notes-dashboard.php:259
Maintenance & Trust

Dashboard Widget for Blocks Collaboratives Notes Maintenance & Trust

Maintenance Signals

WordPress version tested7.0
Last updatedFeb 26, 2026
PHP min version
Downloads239

Community Trust

Rating0/100
Number of ratings0
Active installs0
Developer Profile

Dashboard Widget for Blocks Collaboratives Notes Developer Profile

Bayard Service

3 plugins · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Dashboard Widget for Blocks Collaboratives Notes

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/bsw-notes-dashboard/bsw-notes-dashboard.php

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about Dashboard Widget for Blocks Collaboratives Notes