Does Download List Block with Icons have any unpatched vulnerabilities?

No. All known vulnerabilities in Download List Block with Icons have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Download List Block with Icons compatible with WordPress 6.9.4?

According to WordPress.org data, Download List Block with Icons 4.0.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Download List Block with Icons compatible with PHP 8.0+?

Download List Block with Icons requires PHP 8.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Download List Block with Icons updated?

Download List Block with Icons was last updated on Jan 28, 2026. Frequent updates are generally a positive security signal.

What is Download List Block with Icons's security score?

Download List Block with Icons has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Download List Block with Icons Security & Risk Analysis

wordpress.org/plugins/download-list-block-with-icons

Use a Gutenberg Block to manage a download list with file type specific icons. No configuration is necessary.

400 active installs v4.0.2 PHP 8.0+ WP 6.0+ Updated Jan 28, 2026

blockdownloadiconslist

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Download List Block with Icons Safe to Use in 2026?

Generally Safe

Score 100/100

Download List Block with Icons has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The "download-list-block-with-icons" plugin v4.0.2 exhibits a strong security posture based on the provided static analysis and vulnerability history. The plugin has no known CVEs, indicating a history of responsible development or a lack of exploitation. The static analysis further reinforces this by showing all entry points (AJAX handlers and REST API routes) are protected with authentication checks and permission callbacks. Crucially, all SQL queries utilize prepared statements, and the vast majority of output is properly escaped, minimizing the risk of SQL injection and cross-site scripting vulnerabilities. The absence of critical or high-severity taint flows is also a very positive sign.

While the plugin demonstrates excellent security practices, there are minor areas for potential improvement that don't represent immediate severe risks. The presence of one file operation, even if not flagged as problematic in the taint analysis, warrants careful review to ensure it's handled securely. Similarly, while there are nonce and capability checks, the total number of entry points (6) is moderate. The absence of any recorded vulnerabilities historically is a significant strength, suggesting a mature and secure codebase. Overall, this plugin appears to be well-secured, with a focus on robust input validation and output sanitization, leading to a very low-risk profile.

Key Concerns

File operations found in code

Vulnerabilities

None known

Download List Block with Icons Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Download List Block with Icons Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

548 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared4 total queries

Output Escaping

97% escaped567 total outputs

Data Flows

All sanitized

Data Flow Analysis

1 flows

<Icons> (app\Icons\Icons.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Download List Block with Icons Attack Surface

Entry Points6

Unprotected0

AJAX Handlers 4

authwp_ajax_settings_import_fileapp\Dependencies\easySettingsForWordPress\Import.php:60

authwp_ajax_efw_dismiss_admin_noticeapp\Dependencies\easyTransientsForWordPress\Transients.php:124

authwp_ajax_downloadlist_inherit_settingsapp\Plugin\Settings.php:69

authwp_ajax_downloadlist_inherit_settings_get_infoapp\Plugin\Settings.php:70

REST API Routes 2

GET/wp-json/downloadlist/v1/files/app\Plugin\Rest.php:69

GET/wp-json/downloadlist/v1/filetypes/app\Plugin\Rest.php:80

WordPress Hooks 72

actionadmin_action_settings_exportapp\Dependencies\easySettingsForWordPress\Export.php:59

actionadmin_enqueue_scriptsapp\Dependencies\easySettingsForWordPress\Import.php:59

filterupload_mimesapp\Dependencies\easySettingsForWordPress\Import.php:197

actionadmin_menuapp\Dependencies\easySettingsForWordPress\Settings.php:186

actionadmin_initapp\Dependencies\easySettingsForWordPress\Settings.php:187

actionadmin_initapp\Dependencies\easySettingsForWordPress\Settings.php:188

actionrest_api_initapp\Dependencies\easySettingsForWordPress\Settings.php:189

actionadmin_enqueue_scriptsapp\Dependencies\easySettingsForWordPress\Settings.php:190

actioninitapp\Dependencies\easySettingsForWordPress\Settings.php:194

actioninitapp\Dependencies\easySettingsForWordPress\Settings.php:199

actionadmin_noticesapp\Dependencies\easyTransientsForWordPress\Transients.php:115

actionshutdownapp\Dependencies\easyTransientsForWordPress\Transients.php:118

actionadmin_enqueue_scriptsapp\Dependencies\easyTransientsForWordPress\Transients.php:121

filterattachment_fields_to_editapp\Files\Files.php:55

filterattachment_fields_to_saveapp\Files\Files.php:56

actioninitapp\Icons\Icons.php:61

filterpost_updated_messagesapp\Icons\Icons.php:62

filterbulk_post_updated_messagesapp\Icons\Icons.php:63

actionsave_post_dl_iconsapp\Icons\Icons.php:64

actionadd_meta_boxes_dl_iconsapp\Icons\Icons.php:65

actionmanage_dl_icons_posts_custom_columnapp\Icons\Icons.php:66

filterwp_count_postsapp\Icons\Icons.php:67

actiontrashed_postapp\Icons\Icons.php:68

actionwp_enqueue_scriptsapp\Iconsets\Iconsets.php:59

actionenqueue_block_editor_assetsapp\Iconsets\Iconsets.php:60

actionenqueue_block_assetsapp\Iconsets\Iconsets.php:61

actionadmin_action_downloadlist_iconset_defaultapp\Iconsets\Iconsets.php:62

actionpre_get_postsapp\Iconsets\Iconsets.php:63

actionadmin_enqueue_scriptsapp\Plugin\Admin\Admin.php:68

filterplugin_row_metaapp\Plugin\Admin\Admin.php:70

actionadmin_initapp\Plugin\Admin\Admin.php:71

filteradmin_footer_textapp\Plugin\Admin\Admin.php:72

actioninitapp\Plugin\Admin\Admin.php:73

actionadmin_enqueue_scriptsapp\Plugin\Admin\Admin.php:74

actioncurrent_screenapp\Plugin\Admin\Help_System.php:56

filterdownloadlist_light_help_tabsapp\Plugin\Admin\Help_System.php:57

filterdownloadlist_light_help_tabsapp\Plugin\Admin\Help_System.php:58

filterdownloadlist_light_help_tabsapp\Plugin\Admin\Help_System.php:59

filterdownloadlist_light_help_tabsapp\Plugin\Admin\Help_System.php:60

actioninitapp\Plugin\Init.php:103

filterrender_blockapp\Plugin\Init.php:104

actioncli_initapp\Plugin\Init.php:105

actionafter_setup_themeapp\Plugin\Init.php:106

filterwp_prepare_attachment_for_jsapp\Plugin\Init.php:107

filterterm_updated_messagesapp\Plugin\Init.php:108

filterajax_query_attachments_argsapp\Plugin\Init.php:109

filterdownloadlist_generate_classnameapp\Plugin\Init.php:112

filterdownloadlist_api_return_file_dataapp\Plugin\Init.php:113

actionrest_api_initapp\Plugin\Rest.php:59

actioninitapp\Plugin\Settings.php:66

actionadmin_action_downloadlist_reset_cssapp\Plugin\Settings.php:73

actionadmin_action_downloadlist_resetapp\Plugin\Settings.php:74

actioninitapp\Plugin\Taxonomies.php:60

actiondl_icon_set_pre_add_formapp\Plugin\Taxonomies.php:61

actiondl_icon_lists_pre_add_formapp\Plugin\Taxonomies.php:62

filtermanage_edit-dl_icon_set_columnsapp\Plugin\Taxonomies.php:63

filtermanage_edit-dl_icon_lists_columnsapp\Plugin\Taxonomies.php:64

filterajax_term_search_resultsapp\Plugin\Taxonomies.php:65

actiondl_icon_set_add_form_fieldsapp\Plugin\Taxonomies.php:66

actiondl_icon_set_edit_form_fieldsapp\Plugin\Taxonomies.php:67

actioncreated_termapp\Plugin\Taxonomies.php:68

actionedit_termapp\Plugin\Taxonomies.php:69

filtermanage_edit-dl_icons_columnsapp\Plugin\Taxonomies.php:70

filtermanage_dl_icon_set_custom_columnapp\Plugin\Taxonomies.php:71

filterdownloadlist_taxonomiesapp\Plugin\Taxonomies.php:74

actionadmin_initapp\Plugin\Templates.php:56

filtereasy_language_possible_post_typesapp\Plugin\ThirdPartySupport.php:53

actionplugins_loadedapp\Plugin\Updates.php:58

filterdownloadlist_register_iconsetinc\iconsets\bootstrap.php:24

filterdownloadlist_register_iconsetinc\iconsets\customset.php:64

filterdownloadlist_register_iconsetinc\iconsets\dashicons.php:24

filterdownloadlist_register_iconsetinc\iconsets\fontawesome.php:24

Maintenance & Trust

Download List Block with Icons Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 28, 2026

PHP min version8.0

Downloads13K

Community Trust

Rating100/100

Number of ratings7

Active installs400

Alternatives

Download List Block with Icons Alternatives

Advanced Post Block – Showcase Posts with Grid, List, Card Layouts and Filters

advanced-post-block

Advanced Post Block lets you add dynamic post grids, lists, sliders, and tickers. Filter content by category, tag, author, or custom post type.

10K 1 CVE

Gravity Forms Email Blacklist

gravity-forms-email-blacklist

Add-on for Gravity Forms to create a Blacklisting of specific emails or domains for the Email input field to throw a validation error or mark as spam.

10K No CVEs

Latest Posts Block – Dynamic Posts Grid, Posts List, Posts Tile with Stunning Layouts for WordPress Blogs & Pages

latest-posts-block-lite

100

Dynamic Posts Grid, Posts List, Posts Tile with Stunning Layouts for WordPress Blogs & Pages

8K No CVEs

Editor Blocks by Download Manager

wpdm-gutenberg-blocks

100

Editor Blocks by Download Manager is the collection of beautiful ready-to-use custom blocks for the new Gutenberg block editor.

6K 1 CVE

Button Block – Design Stylish, Interactive, and Multi-Functional Buttons

button-block

Get multi-functional buttons

5K 5 CVEs

Developer Profile

Download List Block with Icons Developer Profile

threadi

9 plugins · 950 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Download List Block with Icons

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/download-list-block-with-icons/app/dependencies/easySettingsForWordPress/Files/import.js

Script Paths