Conditional Block Visibility Security & Risk Analysis
wordpress.org/plugins/conditional-block-visibilityManage block visibility based on user roles, login status, or device type.
Is Conditional Block Visibility Safe to Use in 2026?
Generally Safe
Score 92/100Conditional Block Visibility has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "conditional-block-visibility" plugin v1.0.3 exhibits an exceptionally strong security posture based on the provided static analysis. The absence of any AJAX handlers, REST API routes, shortcodes, or cron events significantly minimizes its attack surface, and critically, all identified entry points are either non-existent or properly authenticated. The code analysis reveals no dangerous functions, all SQL queries are prepared, and all output is properly escaped, indicating good development practices for data handling and presentation.
The lack of taint analysis findings and zero recorded vulnerabilities, including critical or high severity ones, further reinforces this positive assessment. The plugin's vulnerability history is clean, suggesting a history of secure development and maintenance. The presence of a capability check also indicates some level of access control is being considered. However, the absence of nonce checks is a minor concern, though its impact is mitigated by the very limited attack surface.
In conclusion, this plugin appears to be very secure. The primary strengths lie in its minimal attack surface and the absence of known vulnerabilities or critical code flaws. The only minor area for improvement would be the addition of nonce checks, even with its current limited entry points, to adhere to the most robust WordPress security standards.
Key Concerns
- Missing nonce checks
Conditional Block Visibility Security Vulnerabilities
Conditional Block Visibility Code Analysis
Output Escaping
Conditional Block Visibility Attack Surface
WordPress Hooks 2
Maintenance & Trust
Conditional Block Visibility Maintenance & Trust
Maintenance Signals
Community Trust
Conditional Block Visibility Alternatives
Advanced Access Manager – Access Governance for WordPress
advanced-access-manager
Access Governance for WordPress. Control roles, users, content, admin areas, and APIs to prevent broken access controls and excessive privileges.
PublishPress Capabilities – User Role Editor, Access Permissions, User Capabilities, Admin Menus
capability-manager-enhanced
PublishPress Capabilities is the access control plugin. You can manage user capabilities, permissions, user roles, admin menus and more.
PublishPress Blocks – Block Controls, Block Visibility, Block Permissions
advanced-gutenberg
PublishPress Blocks is your complete solution for the WordPress block editor. You can control block permissions, styles, visibility, usage and more.
Hide Admin Bar Based on User Roles
hide-admin-bar-based-on-user-roles
Hide the WordPress Admin Bar for specific user roles, capabilities, devices, pages, or time windows. The ultimate toolbar control plugin for membershi …
User Roles and Capabilities
user-roles-and-capabilities
Manage user roles and Capabilities, create new roles and change default role.
Conditional Block Visibility Developer Profile
2 plugins · 10 total installs
How We Detect Conditional Block Visibility
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/conditional-block-visibility/assets/js/block-visibility.build.js/wp-content/plugins/conditional-block-visibility/assets/css/style.cssassets/js/block-visibility.build.jsconditional-block-visibility/assets/js/block-visibility.build.js?ver=conditional-block-visibility/assets/css/style.css?ver=HTML / DOM Fingerprints
cbv-visibility-desktopcbv-visibility-tabletcbv-visibility-mobilevisibilityconditionalBlockVisibilityData