WP-Safety

Conditional Blocks – Advanced Content Visibility Control for WordPress Security & Risk Analysis

wordpress.org/plugins/conditional-blocks

Easily show/hide WordPress blocks & widgets with powerful, no-code display logic. Perfect for restricting content. Explore advanced scheduling, Ge …

2K active installs v3.3.1 PHP 7.4+ WP 5.5+ Updated Dec 4, 2025
controldisplay-logichiderestrictvisibility
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Conditional Blocks – Advanced Content Visibility Control for WordPress Safe to Use in 2026?

Generally Safe

Score 100/100

Conditional Blocks – Advanced Content Visibility Control for WordPress has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago
Risk Assessment

The "conditional-blocks" plugin v3.3.1 exhibits a generally strong security posture based on the provided static analysis. The absence of any known CVEs and the lack of identified vulnerabilities in its history are positive indicators. The code analysis reveals a commendable practice of using prepared statements for all SQL queries and a reasonable number of capability checks. The attack surface is also zero, with no exposed AJAX handlers, REST API routes, shortcodes, or cron events, further contributing to a secure foundation.

However, there are areas that warrant attention. The presence of unescaped output, while not classified as critical, represents a potential vector for Cross-Site Scripting (XSS) vulnerabilities if the data being output is user-controlled. The lack of nonce checks on any potential entry points, even though the attack surface is currently zero, means that if new entry points are introduced in the future without proper nonce validation, the plugin would be susceptible to CSRF attacks. The taint analysis showing zero flows is excellent but might be limited by the scope or depth of the analysis performed.

In conclusion, the plugin has a solid security foundation with excellent handling of SQL and a minimal attack surface. The primary concerns revolve around the potential for XSS due to unescaped output and the future-proofing against CSRF by not implementing nonce checks. While the vulnerability history is clean, vigilance regarding proper output sanitization and security checks for any future code additions is recommended.

Key Concerns

  • Unescaped output detected
  • No nonce checks found
Vulnerabilities
None known

Conditional Blocks – Advanced Content Visibility Control for WordPress Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Conditional Blocks – Advanced Content Visibility Control for WordPress Release Timeline

v3.3.1Current
v3.2.1
v3.1.6
v3.1.3
v3.1.1
v3.1.0
v3.0.7
v3.0.5
v3.0.4
v3.0.2
v3.0.1
v3.0.0
v2.6.0
v2.5.4
v2.5.3
v2.5.0
v2.4.2
v2.4.0
v2.3.0
v2.0.1
Code Analysis
Analyzed Mar 16, 2026

Conditional Blocks – Advanced Content Visibility Control for WordPress Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
1
2 escaped
Nonce Checks
0
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

67% escaped3 total outputs
Attack Surface

Conditional Blocks – Advanced Content Visibility Control for WordPress Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 28
actionadmin_noticesclasses\class-admin-notices.php:33
actionadmin_initclasses\class-enqueue.php:29
actionadmin_enqueue_scriptsclasses\class-enqueue.php:30
actionenqueue_block_editor_assetsclasses\class-enqueue.php:32
actionconditional_blocks_enqueue_frontend_responsive_cssclasses\class-enqueue.php:34
actionwp_loadedclasses\class-register.php:24
filterrest_pre_dispatchclasses\class-register.php:25
filterrender_blockclasses\class-render.php:47
filterconditional_blocks_register_check_lockdownclasses\class-render.php:50
filterconditional_blocks_register_check_userLoggedInclasses\class-render.php:51
filterconditional_blocks_register_check_userLoggedOutclasses\class-render.php:52
actionrest_api_initclasses\class-rest.php:38
actioninitconditional-blocks.php:83
actionplugins_loadedconditional-blocks.php:85
filterconditional_blocks_register_condition_categoriesintegrations\advanced-custom-fields.php:10
filterconditional_blocks_register_condition_typesintegrations\advanced-custom-fields.php:11
filterconditional_blocks_register_condition_categoriesintegrations\easy-digital-downloads.php:10
filterconditional_blocks_register_condition_typesintegrations\easy-digital-downloads.php:11
filterconditional_blocks_register_condition_categoriesintegrations\fluent-crm.php:12
filterconditional_blocks_register_condition_typesintegrations\fluent-crm.php:13
filterconditional_blocks_register_condition_categoriesintegrations\gtranslate.php:10
filterconditional_blocks_register_condition_typesintegrations\gtranslate.php:11
filterconditional_blocks_register_condition_categoriesintegrations\meta-box.php:11
filterconditional_blocks_register_condition_typesintegrations\meta-box.php:12
filterconditional_blocks_register_condition_categoriesintegrations\paid-memberships-pro.php:10
filterconditional_blocks_register_condition_typesintegrations\paid-memberships-pro.php:11
filterconditional_blocks_register_condition_categoriesintegrations\wp-fusion.php:10
filterconditional_blocks_register_condition_typesintegrations\wp-fusion.php:11
Maintenance & Trust

Conditional Blocks – Advanced Content Visibility Control for WordPress Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 4, 2025
PHP min version7.4
Downloads62K

Community Trust

Rating98/100
Number of ratings15
Active installs2K
Alternatives

Conditional Blocks – Advanced Content Visibility Control for WordPress Alternatives

Anonymous Restricted Content

Anonymous Restricted Content

anonymous-restricted-content

A
91

Simple but yet effective plugin to hide selected posts and pages from anonymous users.

1K 2 CVEs
Approved Comments Only

Approved Comments Only

approved-comments-only

A
85

Restrict user to view the unapproved comments in dashboard.

10 No CVEs
RIACO Hide Products by User Role

RIACO Hide Products by User Role

riaco-hide-products-by-user-role

A
100

Hide WooCommerce products, categories, and variations based on user roles or guest access.

10 No CVEs
Hide Product Categories & Products for WooCommerce

Hide Product Categories & Products for WooCommerce

hide-product-categories-products-for-woocommerce

A
100

Hide WooCommerce products and categories instantly — without deleting any data. Category tree checkboxes, AJAX live search, and visual chip selection.

0 No CVEs
Restrictly – Access Control

Restrictly – Access Control

restrictly-access-control

A
100

Performance-focused access control for WordPress, enforcing rule-based visibility across content, menus, and blocks with a clean core.

0 No CVEs
Developer Profile

Conditional Blocks – Advanced Content Visibility Control for WordPress Developer Profile

Morgan Hvidt

5 plugins · 14K total installs

73
trust score
Avg Security Score
91/100
Avg Patch Time
860 days
View full developer profile
Detection Fingerprints

How We Detect Conditional Blocks – Advanced Content Visibility Control for WordPress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/conditional-blocks/assets/js/conditional-blocks-editor.js/wp-content/plugins/conditional-blocks/assets/css/conditional-blocks-editor.css
Script Paths
/wp-content/plugins/conditional-blocks/assets/js/conditional-blocks-editor.js
Version Parameters
conditional-blocks/assets/js/conditional-blocks-editor.js?ver=conditional-blocks/assets/css/conditional-blocks-editor.css?ver=

HTML / DOM Fingerprints

CSS Classes
conditional-blocks-editor-js
Data Attributes
conditionalblocks
JS Globals
conditionalblocks
FAQ

Frequently Asked Questions about Conditional Blocks – Advanced Content Visibility Control for WordPress