WP-Safety

Design Blocks – Gutenberg Blocks collection Security & Risk Analysis

wordpress.org/plugins/exclusive-blocks

Design Blocks - The Best Gutenberg Blocks Collection

10 active installs v1.2.2 PHP + WP 4.7+ Updated Aug 22, 2024
blockseditorexclusivegutenberggutenberg-blocks
71
B · Generally Safe
CVEs total1
Unpatched1
Last CVEApr 1, 2025
Plugin page Download
Safety Verdict

Is Design Blocks – Gutenberg Blocks collection Safe to Use in 2026?

Mostly Safe

Score 71/100

Design Blocks – Gutenberg Blocks collection is generally safe to use though it hasn't been updated recently. 1 past CVE were resolved. Keep it updated.

1 known CVE 1 unpatched Last CVE: Apr 1, 2025Updated 1yr ago
Risk Assessment

The "exclusive-blocks" plugin v1.2.2 exhibits a mixed security posture. While it shows good practices in certain areas, such as a low number of dangerous functions and a reasonable percentage of properly escaped outputs, significant concerns arise from its attack surface. A notable portion of its AJAX handlers (4 out of 7) lack authentication checks, presenting a direct entry point for potential attackers. The presence of a critical taint flow with an unsanitized path further exacerbates this risk, suggesting that user-supplied input could be used to manipulate file operations or other sensitive actions without proper validation.

Key Concerns

  • Unprotected AJAX handlers
  • Unsanitized path in taint flow
  • Unpatched medium severity CVE
  • SQL queries not using prepared statements
  • Improper output escaping
Vulnerabilities
1

Design Blocks – Gutenberg Blocks collection Security Vulnerabilities

CVEs by Year

1 CVE in 2025 · unpatched
2025
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2025-31815medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Design Blocks <= 1.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Apr 1, 2025Unpatched
Code Analysis
Analyzed Mar 17, 2026

Design Blocks – Gutenberg Blocks collection Code Analysis

Dangerous Functions
0
Raw SQL Queries
2
2 prepared
Unescaped Output
34
101 escaped
Nonce Checks
5
Capability Checks
5
File Operations
1
External Requests
5
Bundled Libraries
0

SQL Query Safety

50% prepared4 total queries

Output Escaping

75% escaped135 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths
form_action_url (appsero\client\License.php:778)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
4 unprotected

Design Blocks – Gutenberg Blocks collection Attack Surface

Entry Points7
Unprotected4

AJAX Handlers 7

authwp_ajax_exb_ajax_save_elements_settingadmin\class-dashboard-settings.php:35
authwp_ajax_exb_post_paginationincludes\class-render-blocks.php:57
noprivwp_ajax_exb_post_paginationincludes\class-render-blocks.php:58
authwp_ajax_exb_import_get_prebuilt_dataincludes\class-template-library.php:123
authwp_ajax_exb_import_reload_prebuilt_dataincludes\class-template-library.php:124
authwp_ajax_exb_import_get_new_connection_dataincludes\class-template-library.php:125
authwp_ajax_exb_import_process_dataincludes\class-template-library.php:126
WordPress Hooks 34
actionadmin_menuadmin\class-dashboard-settings.php:33
actionadmin_enqueue_scriptsadmin\class-dashboard-settings.php:34
actionswitch_themeappsero\client\Insights.php:134
actionswitch_themeappsero\client\Insights.php:135
actionadmin_footerappsero\client\Insights.php:147
actionadmin_noticesappsero\client\Insights.php:165
actionadmin_initappsero\client\Insights.php:168
filtercron_schedulesappsero\client\Insights.php:174
actionadmin_menuappsero\client\License.php:222
actionafter_switch_themeappsero\client\License.php:769
actionswitch_themeappsero\client\License.php:770
filterpre_set_site_transient_update_pluginsappsero\client\Updater.php:42
filterplugins_apiappsero\client\Updater.php:43
filterpre_set_site_transient_update_themesappsero\client\Updater.php:52
actionplugins_loadedexclusive-blocks.php:56
actionsave_postincludes\class-enqueue-css.php:44
actionsave_post_wp_blockincludes\class-enqueue-css.php:45
actioninitincludes\class-enqueue-css.php:46
filterwidget_update_callbackincludes\class-enqueue-css.php:47
actioncustomize_save_afterincludes\class-enqueue-css.php:48
actionwp_enqueue_scriptsincludes\class-enqueue-css.php:57
actionwp_headincludes\class-enqueue-css.php:58
actionwp_footerincludes\class-enqueue-css.php:59
actionenqueue_block_editor_assetsincludes\class-enqueue.php:44
actionenqueue_block_assetsincludes\class-enqueue.php:45
actionwp_enqueue_scriptsincludes\class-enqueue.php:47
actionenqueue_block_editor_assetsincludes\class-enqueue.php:48
filterblock_categories_allincludes\class-enqueue.php:49
filterexclusiveblocks_do_contentincludes\class-enqueue.php:50
actionadmin_initincludes\class-render-blocks.php:54
actioninitincludes\class-render-blocks.php:56
filterredirect_canonicalincludes\class-render-blocks.php:59
actionrest_api_initincludes\class-rest.php:55
actiondelete_block_library_folderincludes\class-template-library.php:131

Scheduled Events 1

delete_block_library_folder
Maintenance & Trust

Design Blocks – Gutenberg Blocks collection Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8
Last updatedAug 22, 2024
PHP min version
Downloads3K

Community Trust

Rating100/100
Number of ratings1
Active installs10
Alternatives

Design Blocks – Gutenberg Blocks collection Alternatives

Spectra Gutenberg Blocks – Website Builder for the Block Editor

Spectra Gutenberg Blocks – Website Builder for the Block Editor

ultimate-addons-for-gutenberg

A
92

Power-up Gutenberg with advanced blocks for faster website creation. Build your WordPress website effortlessly using powerful building blocks!

1.0M 26 CVEs
Kadence Blocks — Page Builder Toolkit for Gutenberg Editor

Kadence Blocks — Page Builder Toolkit for Gutenberg Editor

kadence-blocks

A
86

20+ AI-powered Gutenberg Blocks with endless options, enabling top-notch efficiency for high-performance dynamic website creation.

600K 32 CVEs
Page Builder: Pagelayer – Drag and Drop website builder

Page Builder: Pagelayer – Drag and Drop website builder

pagelayer

A
88

The most advanced frontend drag & drop page builder. Pagelayer is a light weight but extremely powerful Website Builder.

400K 26 CVEs
Superb Addons: Blocks, Patterns & Theme Designer for the Block Editor & FSE

Superb Addons: Blocks, Patterns & Theme Designer for the Block Editor & FSE

superb-blocks

A
100

Create beautiful WordPress websites easily with 10+ blocks, 200+ patterns, 100+ pre-built pages, animations and Theme Designer. No coding needed!

80K No CVEs
GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor

GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor

gutenkit-blocks-addon

A
93

GutenKit – Ultimate no-code Gutenberg blocks to design stunning web pages and visually stunning posts in WordPress block editor.

70K 3 CVEs
Developer Profile

Design Blocks – Gutenberg Blocks collection Developer Profile

devscred

2 plugins · 60 total installs

74
trust score
Avg Security Score
71/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Design Blocks – Gutenberg Blocks collection

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/exclusive-blocks/admin/assets/css/admin-notice.css/wp-content/plugins/exclusive-blocks/admin/assets/css/admin-style.css/wp-content/plugins/exclusive-blocks/admin/assets/js/admin-script.js
Script Paths
/wp-content/plugins/exclusive-blocks/admin/assets/js/admin-script.js
Version Parameters
exclusive-blocks/admin/assets/js/admin-script.js?ver=

HTML / DOM Fingerprints

CSS Classes
exb-elements-dashboard-wrapperexb-elements-dashboard-shape-3
JS Globals
js_exb_settings
FAQ

Frequently Asked Questions about Design Blocks – Gutenberg Blocks collection