WP-Safety

StylePress for Elementor Security & Risk Analysis

wordpress.org/plugins/full-site-builder-for-elementor

Use Elementor to design your complete website. Reuse header/footer on all pages. No theme required.

700 active installs v1.2.1 PHP + WP 4.9+ Updated Oct 6, 2018
buildereditorelementorpage-buildervisual-editor
63
C · Use Caution
CVEs total1
Unpatched1
Last CVESep 22, 2025
Plugin page Download
Safety Verdict

Is StylePress for Elementor Safe to Use in 2026?

Use With Caution

Score 63/100

StylePress for Elementor has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.

1 known CVE 1 unpatched Last CVE: Sep 22, 2025Updated 7yr ago
Risk Assessment

The "full-site-builder-for-elementor" plugin v1.2.1 exhibits a mixed security posture with several concerning findings. While it implements a reasonable number of nonce and capability checks, the presence of unprotected AJAX handlers and a significant percentage of improperly escaped output are notable weaknesses. The use of the `create_function` is a critical code smell, potentially leading to remote code execution vulnerabilities if user input is not meticulously sanitized. The taint analysis, while not showing critical or high severity flows, still indicates 3 flows with unsanitized paths, which warrants further investigation. The plugin's vulnerability history, with one unpatched medium-severity CVE related to Cross-Site Scripting, reinforces the concerns around input sanitization and output escaping.

Key Concerns

  • Unprotected AJAX handlers
  • Improper output escaping
  • Dangerous function create_function used
  • Unsanitized taint flows found
  • Unpatched medium severity CVE
  • SQL queries without prepared statements
Vulnerabilities
1

StylePress for Elementor Security Vulnerabilities

CVEs by Year

1 CVE in 2025 · unpatched
2025
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2025-58254medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

StylePress for Elementor <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

Sep 22, 2025Unpatched
Code Analysis
Analyzed Mar 16, 2026

StylePress for Elementor Code Analysis

Dangerous Functions
1
Raw SQL Queries
1
1 prepared
Unescaped Output
192
281 escaped
Nonce Checks
8
Capability Checks
1
File Operations
4
External Requests
4
Bundled Libraries
0

Dangerous Functions Found

create_functionadd_action( 'widgets_init', create_function( '', 'return register_widget("stylepress_dtbaker_Widget_extensions\google-maps\google-maps.php:136

SQL Query Safety

50% prepared2 total queries

Output Escaping

59% escaped473 total outputs
Data Flows
3 unsanitized

Data Flow Analysis

6 flows3 with unsanitized paths
<email-subscribe> (extensions\email-subscribe\email-subscribe.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

StylePress for Elementor Attack Surface

Entry Points5
Unprotected2

AJAX Handlers 4

authwp_ajax_stylepress_email_subextensions\email-subscribe\email-subscribe.php:18
authwp_ajax_stylepress_purchase_completeinc\class.plugin.php:86
authwp_ajax_stylepress_get_cssinc\class.plugin.php:87
authwp_ajax_stylepress_save_cssinc\class.plugin.php:88

Shortcodes 1

[stylepress_google_map] extensions\google-maps\google-maps.php:135
WordPress Hooks 95
actionelementor/frontend/widget/before_renderextensions\dynamic-field\dynamic-field.php:247
actionelementor/frontend/element/before_renderextensions\dynamic-field\dynamic-field.php:248
actionelementor/element/section/section_background/before_section_endextensions\dynamic-field\dynamic-field.php:251
actionwp_enqueue_scriptsextensions\email-subscribe\email-subscribe.php:6
actionwp_enqueue_scriptsextensions\form\form-fields.php:6
actionelementor/editor/before_enqueue_scriptsextensions\form\form-fields.php:12
actionelementor_pro/forms/render_field/stylepress-datepickerextensions\form\form-fields.php:20
filterelementor_pro/forms/render/itemextensions\form\form-fields.php:33
actionelementor_pro/forms/render_field/stylepress-descriptionextensions\form\form-fields.php:42
actionelementor_pro/forms/render_field/stylepress-togglestartextensions\form\form-fields.php:50
actionelementor_pro/forms/render_field/stylepress-toggleendextensions\form\form-fields.php:66
filterelementor_pro/forms/field_typesextensions\form\form-fields.php:76
actionelementor/element/form/section_form_options/before_section_endextensions\form\form-fields.php:88
actionwp_enqueue_scriptsextensions\google-maps\google-maps.php:16
actioncustomize_registerextensions\google-maps\google-maps.php:38
actionadmin_initextensions\google-maps\google-maps.php:134
actionwidgets_initextensions\google-maps\google-maps.php:136
actioncustomize_registerextensions\google-maps\google-maps.php:138
actionwp_enqueue_scriptsextensions\modal-popup\modal-popup.php:25
filterstylepress_modal_linkextensions\modal-popup\modal-popup.php:31
actionstylepress/before-renderextensions\modal-popup\modal-popup.php:215
actionstylepress/after-renderextensions\modal-popup\modal-popup.php:218
actionstylepress/modal-popupsextensions\modal-popup\modal-popup.php:223
actionelementor/frontend/widget/before_renderextensions\modal-popup\modal-popup.php:232
actionwp_enqueue_scriptsextensions\page-slider\dtbaker-page-slider.php:7
actionmanage_elementor_library_posts_columnsextensions\shortcode\shortcode.php:44
actionmanage_elementor_library_posts_custom_columnextensions\shortcode\shortcode.php:45
actionelementor/element/button/section_button/before_section_endextensions\skins\button-dynamic.php:29
actionelementor/element/icon-list/section_icon_list/before_section_endextensions\skins\icon-list.php:29
actionelementor/element/image/section_image/after_section_startextensions\skins\image-dynamic.php:29
filterelementor/widget/button/skins_initextensions\skins\skins.php:7
filterelementor/widget/image/skins_initextensions\skins\skins.php:12
filterelementor/widget/icon-list/skins_initextensions\skins\skins.php:19
actionwp_enqueue_scriptsextensions\stylepress-loop\stylepress-loop.php:16
actionwp_enqueue_scriptsextensions\tooltip\tooltip.php:7
actionelementor/frontend/widget/before_renderextensions\tooltip\tooltip.php:113
filterelementor/frontend/builder_content_dataextensions\widget\widget.php:37
filterwoocommerce_template_loader_filesextensions\woocommerce\woocommerce.php:8
actionstylepress/render-innerextensions\woocommerce\woocommerce.php:25
actionwoocommerce_before_main_contentextensions\woocommerce\woocommerce.php:58
actionwoocommerce_after_main_contentextensions\woocommerce\woocommerce.php:59
actionwp_enqueue_scriptsextensions\wp-menu\wp-menu.php:8
actionadmin_enqueue_scriptsextensions\wp-menu\wp-menu.php:14
filterwp_nav_menu_argsextensions\wp-menu\wp-menu.php:31
filterwp_nav_menuextensions\wp-menu\wp-menu.php:66
filterwp_setup_nav_menu_itemextensions\wp-menu\wp-menu.php:99
actionwp_update_nav_menu_itemextensions\wp-menu\wp-menu.php:102
filterwp_edit_nav_menu_walkerextensions\wp-menu\wp-menu.php:105
actionplugins_loadedfull-site-builder-for-elementor.php:55
actionadmin_noticesfull-site-builder-for-elementor.php:58
actionadmin_initinc\class.plugin.php:82
actionadmin_menuinc\class.plugin.php:83
actioninitinc\class.plugin.php:84
actioninitinc\class.plugin.php:85
actionelementor/editor/before_enqueue_scriptsinc\class.plugin.php:89
actionwp_print_footer_scriptsinc\class.plugin.php:90
actionwp_enqueue_scriptsinc\class.plugin.php:91
filtertt_font_get_settings_page_tabsinc\class.plugin.php:92
filtertt_font_get_option_parametersinc\class.plugin.php:93
filtertemplate_includeinc\class.plugin.php:95
actioninitinc\class.plugin.php:97
actionwp_enqueue_scriptsinc\class.plugin.php:98
actionelementor/initinc\class.plugin.php:99
actionelementor/widgets/widgets_registeredinc\class.plugin.php:100
actionelementor/initinc\class.plugin.php:101
actioninitinc\class.plugin.php:104
filternav_menu_item_titleinc\class.plugin.php:105
actionwidgets_initinc\class.plugin.php:107
actionwp_before_admin_bar_renderinc\class.plugin.php:109
filterbody_classinc\class.plugin.php:338
filterbody_classinc\class.plugin.php:389
filterbody_classinc\class.plugin.php:403
filterbody_classinc\class.plugin.php:479
actionadmin_noticesinc\class.plugin.php:579
actionadd_meta_boxesinc\class.plugin.php:594
actionsave_postinc\class.plugin.php:595
actionadmin_enqueue_scriptsinc\class.plugin.php:596
filterparent_fileinc\class.plugin.php:597
filteredit_form_after_titleinc\class.plugin.php:598
filterpage_attributes_dropdown_pages_argsinc\class.plugin.php:599
actionadmin_action_dtbaker_elementor_saveinc\class.plugin.php:607
actionadmin_action_dtbaker_elementor_createinc\class.plugin.php:608
actionadmin_action_stylepress_exportinc\class.plugin.php:609
actionadmin_action_stylepress_downloadinc\class.plugin.php:610
actionadmin_action_stylepress_cloneinc\class.plugin.php:611
actionelementor/element/before_section_endinc\class.plugin.php:1804
actionelementor/element/after_section_endinc\class.plugin.php:1828
actionstylepress/render-innerinc\template-functions.php:194
actionwp_enqueue_scriptsthemes\generatepress\generatepress.php:12
filterstylepress_theme_hooksthemes\generatepress\generatepress.php:18
actionwp_enqueue_scriptsthemes\oceanwp\oceanwp.php:12
filterstylepress_theme_hooksthemes\oceanwp\oceanwp.php:18
actionelementor/element/icon-list/section_icon_list/before_section_endwidgets\skin-icon-list.php:28
actionelementor/element/button/section_button/before_section_endwidgets\skins\button-dynamic.php:26
actionelementor/element/image/section_image/after_section_startwidgets\skins\image-dynamic.php:27
Maintenance & Trust

StylePress for Elementor Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29
Last updatedOct 6, 2018
PHP min version
Downloads74K

Community Trust

Rating84/100
Number of ratings15
Active installs700
Alternatives

StylePress for Elementor Alternatives

FancyNav – Elementor

FancyNav – Elementor

fancynav-elementor

A
85

FancyNav is a mobile navigation for Elementor with many settings. In most cases the widget will go into a header template but it can be put anywhere.

10 No CVEs
Elementor Website Builder – More Than Just a Page Builder

Elementor Website Builder – More Than Just a Page Builder

elementor

A
88

The Elementor Website Builder has it all: drag and drop page builder, pixel perfect design, mobile responsive editing, and more. Get started now!

10.0M 45 CVEs
Page Builder by SiteOrigin

Page Builder by SiteOrigin

siteorigin-panels

A
88

Build responsive page layouts using the widgets you know and love using this simple drag and drop page builder.

500K 8 CVEs
Brizy – Page Builder

Brizy – Page Builder

brizy

B
81

A page builder that is fast & easy, Brizy is a next-gen website builder that anyone can use. No designer or developer skills required.

70K 29 CVEs
Nimble Page Builder

Nimble Page Builder

nimble-builder

A
92

Simple and smart companion that allows you to insert sections into any existing page, create landing pages or entire websites including header and foo &hellip;

30K 1 CVE
Developer Profile

StylePress for Elementor Developer Profile

dtbaker

1 plugin · 700 total installs

68
trust score
Avg Security Score
63/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect StylePress for Elementor

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/full-site-builder-for-elementor/extensions/dynamic-field/dynamic-field.php/wp-content/plugins/full-site-builder-for-elementor/inc/class.plugin.php/wp-content/plugins/full-site-builder-for-elementor/inc/template-functions.php/wp-content/plugins/full-site-builder-for-elementor/extensions/dynamic-field/widget.dynamic-field.php/wp-content/plugins/full-site-builder-for-elementor/extensions/dynamic-field/class.dynamic-field.php

HTML / DOM Fingerprints

CSS Classes
stylepress-dynamic-field-wrap
Data Attributes
data-stylepress-dynamic-field
JS Globals
DtbakerDynamicField
Shortcode Output
<li>{{</span></li>Dynamic ContentDynamic Image?
FAQ

Frequently Asked Questions about StylePress for Elementor