WP-Safety

Content Visibility Security & Risk Analysis

wordpress.org/plugins/content-visibility

Decide when, where, and to whom your blocks are visible.

100 active installs v0.2.9 PHP 7.0+ WP 5.0+ Updated Dec 13, 2022
blockcontentcontentvisibilityshowvisibility
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Content Visibility Safe to Use in 2026?

Generally Safe

Score 85/100

Content Visibility has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago
Risk Assessment

The "content-visibility" plugin v0.2.9 exhibits a strong security posture based on the provided static analysis. The absence of any AJAX handlers, REST API routes, shortcodes, or cron events significantly limits its attack surface. Furthermore, the code demonstrates good practices by exclusively using prepared statements for SQL queries, performing proper output escaping on all identified outputs, and avoiding dangerous functions and file operations. The plugin also correctly implements capability checks, indicating an awareness of access control mechanisms. The lack of any recorded vulnerabilities, past or present, further reinforces this positive assessment.

However, the most significant concern arises from the complete absence of nonce checks. While the attack surface is currently minimal, any future introduction of functionality that could be exploited by Cross-Site Request Forgery (CSRF) attacks would be unprotected. The taint analysis showing zero flows, while positive, might be a reflection of the limited attack surface rather than an exhaustive analysis of all potential data flows within more complex plugins. Therefore, while the current version appears very secure, the lack of nonce checks represents a potential weakness that should be addressed proactively if the plugin's functionality expands.

Key Concerns

  • Missing nonce checks
Vulnerabilities
None known

Content Visibility Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Content Visibility Release Timeline

v0.2.9Current
v0.2.7
v0.2.6
v0.2.5
v0.2.4
v0.2.2
v0.2.1
v0.2.0
v0.1.8
v0.1.7
v0.1.6
v0.1.5
v0.1.4
v0.1.3
v0.1.2
Code Analysis
Analyzed Mar 16, 2026

Content Visibility Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
17 escaped
Nonce Checks
0
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

100% escaped17 total outputs
Attack Surface

Content Visibility Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 12
actionplugins_loadedincludes\content-visibility.php:15
filterregister_block_type_argsincludes\content-visibility.php:24
actionwp_enqueue_scriptsincludes\content-visibility.php:79
filterplugin_row_metaincludes\dashboard\class-dashboard.php:38
actioninitincludes\dashboard\class-dashboard.php:41
actionadmin_initincludes\dashboard\class-settings.php:56
actioncurrent_screenincludes\editor\class-editor.php:50
actionadmin_enqueue_scriptsincludes\editor\class-editor.php:58
filtercontent_visibility_rule_types_and_callbacksincludes\public\class-public-rules.php:53
filtercontent_visibility_rule_types_and_callbacksincludes\public\class-public-rules.php:56
filterpre_render_blockincludes\public\class-public-rules.php:119
filterrender_blockincludes\public\class-public-rules.php:121
Maintenance & Trust

Content Visibility Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10
Last updatedDec 13, 2022
PHP min version7.0
Downloads6K

Community Trust

Rating100/100
Number of ratings5
Active installs100
Alternatives

Content Visibility Alternatives

Responsive Visibility for Blocks Editor (Hide/Show Blocks for Devices)

Responsive Visibility for Blocks Editor (Hide/Show Blocks for Devices)

responsive-visibility

A
100

🌟 Enhance Your WordPress Site with Responsive Visibility for Gutenberg Blocks

60 No CVEs
Content Visibility Date and Time

Content Visibility Date and Time

content-visibility-date-and-time

A
85

A date and time add-on for Content Visibility.

10 No CVEs
Content Visibility Geolocation

Content Visibility Geolocation

content-visibility-geolocation

A
85

A geolocation add-on for Content Visibility.

10 No CVEs
Content Visibility Specific Users

Content Visibility Specific Users

content-visibility-specific-users

A
85

A Specific Users add-on for Content Visibility.

10 No CVEs
Content Visibility RSS Feed

Content Visibility RSS Feed

content-visibility-rss-feed

A
85

As RSS Feed add-on for Content Visibility.

0 No CVEs
Developer Profile

Content Visibility Developer Profile

Rich Tape

6 plugins · 140 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Content Visibility

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/content-visibility/includes/editor/editor.css/wp-content/plugins/content-visibility/includes/public/content-visibility-public.css/wp-content/plugins/content-visibility/includes/editor/editor.js/wp-content/plugins/content-visibility/includes/public/public-rules.js
Script Paths
/wp-content/plugins/content-visibility/includes/editor/editor.js/wp-content/plugins/content-visibility/includes/public/public-rules.js
Version Parameters
content-visibility-publiccontent-visibility-editor

HTML / DOM Fingerprints

CSS Classes
content-visibility-editor-rules-wrappercontent-visibility-editor-rule-controls
HTML Comments
<!-- Content Visibility --><!-- Content Visibility --> <div class="content-visibility-editor-rules-wrapper">
Data Attributes
data-content-visibility-rule-iddata-content-visibility-rule-type
JS Globals
window.ContentVisibility
FAQ

Frequently Asked Questions about Content Visibility