WP-Safety

Greenshift – animation and page builder blocks Security & Risk Analysis

wordpress.org/plugins/greenshift-animation-and-page-builder-blocks

More than 20 special blocks for Gutenberg to build complex pages and animations with highest possible web vitals score.

70K active installs v12.8.7 PHP 7.3+ WP 6.6+ Updated Mar 9, 2026
animationfull-site-editinggutenberg-blockspage-builderwoocommerce-blocks
89
A · Safe
CVEs total19
Unpatched0
Last CVEMar 6, 2026
Plugin page Download
Safety Verdict

Is Greenshift – animation and page builder blocks Safe to Use in 2026?

Generally Safe

Score 89/100

Greenshift – animation and page builder blocks has a strong security track record. Known vulnerabilities have been patched promptly.

19 known CVEsLast CVE: Mar 6, 2026Updated 25d ago
Risk Assessment

The greenshift-animation-and-page-builder-blocks plugin v12.8.7 exhibits a mixed security posture. While it demonstrates good practices like using prepared statements for all SQL queries and a high percentage of properly escaped output, several areas raise significant concerns. The attack surface is moderately large, with 18 entry points, and a notable 8 of these lack authentication checks, including a majority of its REST API routes. This significantly increases the potential for unauthorized actions. The plugin also has a history of 19 known CVEs, with 2 high and 17 medium severity vulnerabilities previously identified. Although no currently unpatched vulnerabilities are listed for this specific version, the historical pattern suggests a tendency to introduce security flaws, particularly concerning authorization, information exposure, and cross-site scripting.

Key Concerns

  • REST API routes without permission callbacks
  • AJAX handlers without authorization checks
  • History of high severity vulnerabilities
  • History of medium severity vulnerabilities
  • Flows with unsanitized paths
Vulnerabilities
19

Greenshift – animation and page builder blocks Security Vulnerabilities

CVEs by Year

1 CVE in 2022
2022
3 CVEs in 2023
2023
4 CVEs in 2024
2024
7 CVEs in 2025
2025
4 CVEs in 2026
2026
Patched Has unpatched

Severity Breakdown

High
2
Medium
17

19 total CVEs

CVE-2026-2371medium · 5.3Missing Authorization

Greenshift <= 12.8.3 - Missing Authorization to Unauthenticated Private Reusable Block Disclosure via 'gspb_el_reusable_load'

Mar 6, 2026 Patched in 12.8.4 (1d)
CVE-2026-2589medium · 5.3Exposure of Sensitive Information to an Unauthorized Actor

Greenshift – animation and page builder blocks <= 12.8.3 - Unauthenticated Sensitive Information Exposure via Settings Backup

Mar 5, 2026 Patched in 12.8.4 (1d)
CVE-2026-2593medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Greenshift – animation and page builder blocks <= 12.8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

Mar 5, 2026 Patched in 12.8.6 (1d)
CVE-2026-1927medium · 5.4Missing Authorization

GreenShift - Animation and Page Builder Blocks <= 12.6 - Missing Authorization to Authenticated (Subscriber+) Information Disclosure of AI API Keys and Stored Cross-Site Scripting via custom_css

Feb 5, 2026 Patched in 12.6.1 (27d)
CVE-2025-11841medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Greenshift – animation and page builder blocks <= 12.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Chart Data Attributes

Nov 3, 2025 Patched in 12.2.8 (1d)
CVE-2025-57884medium · 4.3Missing Authorization

Greenshift <= 12.1.1 - Missing Authorization

Aug 22, 2025 Patched in 12.1.2 (4d)
CVE-2025-49301medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Greenshift <= 11.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

Jun 5, 2025 Patched in 11.5.7 (7d)
CVE-2025-3616high · 8.8Unrestricted Upload of File with Dangerous Type

Greenshift 11.4 - 11.4.5 - Authenticated (Subscriber+) Arbitrary File Upload

Apr 21, 2025 Patched in 11.4.6 (1d)
CVE-2025-30873medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Greenshift <= 11.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Mar 27, 2025 Patched in 11.1 (7d)
CVE-2025-26884medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Greenshift <= 10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting

Feb 22, 2025 Patched in 10.9 (10d)
CVE-2024-6155medium · 6.4Missing Authorization

Greenshift – animation and page builder blocks <= 9.0.0 - Missing Authorization to Authenticated (Subscriber+) Server-Side Request Forgery and Stored Cross-Site Scripting

Jan 8, 2025 Patched in 9.0.1 (1d)
CVE-2024-11181medium · 4.3Authorization Bypass Through User-Controlled Key

Greenshift – animation and page builder blocks <= 9.9.9.3 - Authenticated (Contributor+) Post Disclosure

Dec 11, 2024 Patched in 9.9.9.4 (1d)
CVE-2024-50419medium · 5.3Missing Authorization

Greenshift – animation and page builder blocks <=9.7 - Missing Authorization

Oct 24, 2024 Patched in 9.8 (7d)
CVE-2024-44005medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Greenshift – animation and page builder blocks <= 9.3.7 - Authenticated (Contributor+) Stored Cross-Site Scripting

Sep 16, 2024 Patched in 9.4 (9d)
CVE-2024-35765medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Greenshift – animation and page builder blocks <= 8.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

Jun 17, 2024 Patched in 8.9.4 (5d)
CVE-2023-6636high · 7.2Unrestricted Upload of File with Dangerous Type

Greenshift – animation and page builder blocks <= 7.6.2 - Authenticated (Administrator+) Arbitrary File Upload

Dec 12, 2023 Patched in 7.6.3 (42d)
CVE-2023-22707medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Greenshift – animation and page builder blocks <= 4.9.9 - Authenticated (Author+) Stored Cross-Site Scripting

Jan 27, 2023 Patched in 5.0.0 (361d)
CVE-2023-0378medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Greenshift – animation and page builder blocks <= 4.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Jan 27, 2023 Patched in 5.0 (361d)
CVE-2022-4653medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Greenshift – animation and page builder blocks <= 4.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Dec 23, 2022 Patched in 4.8.9 (396d)
Code Analysis
Analyzed Mar 16, 2026

Greenshift – animation and page builder blocks Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
5 prepared
Unescaped Output
37
587 escaped
Nonce Checks
23
Capability Checks
42
File Operations
7
External Requests
14
Bundled Libraries
0

SQL Query Safety

100% prepared5 total queries

Output Escaping

94% escaped624 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

10 flows1 with unsanitized paths
<import-demo> (templates\admin\import-demo.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
8 unprotected

Greenshift – animation and page builder blocks Attack Surface

Entry Points18
Unprotected8

AJAX Handlers 8

authwp_ajax_gspb_get_layoutsinit.php:3613
authwp_ajax_gspb_get_layout_by_idinit.php:3614
authwp_ajax_gspb_get_categoriesinit.php:3615
authwp_ajax_gspb_get_saved_blockinit.php:3616
authwp_ajax_gspb_generate_stylebooksettings.php:33
authwp_ajax_gspb_el_reusable_loadsettings.php:49
noprivwp_ajax_gspb_el_reusable_loadsettings.php:50
authwp_ajax_gspb_settings_add_fontsettings.php:52

REST API Routes 9

GET/wp-json/greenshift/v1/global_settings/init.php:2587
GET/wp-json/greenshift/v1/public_assets/init.php:2610
GET/wp-json/greenshift/v1/figma_settings/init.php:2625
GET/wp-json/greenshift/v1/license_settings/init.php:2650
GET/wp-json/greenshift/v1/css_settings/init.php:2663
GET/wp-json/greenshift/v1/global_wp_settings/init.php:2678
GET/wp-json/greenshift/v1/convert-svgstring-from-svg-image/init.php:2693
GET/wp-json/greenshift/v1/get-csv-to-json/init.php:2709
POST/wp-json/greenshift/v1/update-custom-jsinit.php:2738

Shortcodes 1

[wp_reusable_render] settings.php:47
WordPress Hooks 55
actioninitblockrender\element\block.php:13
actionadmin_post_greenshift_formblockrender\element\block.php:15
actionadmin_post_nopriv_greenshift_formblockrender\element\block.php:16
filterblock_bindings_supported_attributes_greenshift-blocks/elementblockrender\element\block.php:129
actionwp_footerblockrender\element\block.php:860
actionwp_footerblockrender\element\block.php:867
actioninitblockrender\map\block.php:13
actioninitblockrender\social-share\block.php:14
actioninitblockrender\toc\block.php:11
actionadmin_menuedd\EddLicensePage.php:168
actionadmin_initedd\EddLicensePage.php:169
actionadmin_initedd\EddLicensePage.php:170
actionadmin_initedd\EddLicensePage.php:171
actionadmin_noticesedd\EddLicensePage.php:172
actionwpedd\EddLicensePage.php:762
actiongreenshift_check_cron_hookedd\EddLicensePage.php:763
actionwp_abilities_api_categories_initincludes\abilities.php:21
actionwp_abilities_api_initincludes\abilities.php:32
filterwp_img_tag_add_loading_attrincludes\helper.php:457
actionadmin_post_greenshift_exportincludes\importer.php:222
actioninitincludes\jsoptimization.php:11
filterscript_loader_tagincludes\jsoptimization.php:20
actionwp_enqueue_scriptsincludes\jsoptimization.php:21
actioninitinit.php:105
filterrender_blockinit.php:106
filterrender_blockinit.php:112
filterrender_blockinit.php:114
actionenqueue_block_editor_assetsinit.php:1812
actioninitinit.php:2161
actionwp_enqueue_scriptsinit.php:2163
filterpll_copy_post_metasinit.php:2181
actionenqueue_block_assetsinit.php:2195
actionrest_api_initinit.php:2583
filterupload_mimesinit.php:3604
filterscript_loader_taginit.php:3936
filterwp_insert_post_dataplugin.php:69
filtertemplate_includeplugin.php:76
actioninitplugin.php:174
actionplugins_loadedplugin.php:184
actionactivated_pluginplugin.php:211
filterbody_classsettings.php:27
filteradmin_body_classsettings.php:29
actionadmin_menusettings.php:30
actionwp_footersettings.php:31
actionwp_headsettings.php:32
actionadmin_initsettings.php:34
actionadmin_enqueue_scriptssettings.php:35
filterblock_categories_allsettings.php:36
filterblock_editor_settings_allsettings.php:37
filtermanage_wp_block_posts_columnssettings.php:41
actionmanage_wp_block_posts_custom_columnsettings.php:42
filteruse_block_editor_for_postsettings.php:44
filteruse_block_editor_for_post_typesettings.php:45
actionwp_enqueue_scriptssettings.php:61
actionwp_enqueue_scriptssettings.php:80

Scheduled Events 1

greenshift_check_cron_hook
Maintenance & Trust

Greenshift – animation and page builder blocks Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 9, 2026
PHP min version7.3
Downloads3.5M

Community Trust

Rating96/100
Number of ratings105
Active installs70K
Alternatives

Greenshift – animation and page builder blocks Alternatives

Ghost Kit – Page Builder Blocks, Motion Effects & Extensions

Ghost Kit – Page Builder Blocks, Motion Effects & Extensions

ghostkit

A
97

Create engaging websites using over 25 advanced blocks featuring motion effects, smooth animations, and robust extensions.

7K 2 CVEs
Nova Blocks by Pixelgrade

Nova Blocks by Pixelgrade

nova-blocks

A
96

A collection of distinctive Gutenberg blocks, committed to making your site shine like a newborn star.

900 3 CVEs
ComboBlocks — Block Library & Page Builder

ComboBlocks — Block Library & Page Builder

combo-blocks

A
100

Landing Page Builder, Blog Builder, eCommerce Builder, Niche Site Builder, News Site Builder and More.

100 No CVEs
Advanced Block Controls (ABC) — Core Blocks Page Builder and Full Site Editing Toolkit

Advanced Block Controls (ABC) — Core Blocks Page Builder and Full Site Editing Toolkit

advanced-block-controls

A
100

Enhancing core Gutenberg blocks with advanced page builder controls, eliminating the need for third-party blocks to build professional websites.

80 No CVEs
Gutenwave Blocks – Gutenberg Page Builder Blocks for Block Editor & FSE

Gutenwave Blocks – Gutenberg Page Builder Blocks for Block Editor & FSE

gutenwave-blocks

A
100

Build stunning websites with Gutenberg. Free responsive blocks, starter templates & full site editing support in one lightweight plugin.

50 No CVEs
Developer Profile

Greenshift – animation and page builder blocks Developer Profile

wpsoul

3 plugins · 75K total installs

85
trust score
Avg Security Score
96/100
Avg Patch Time
65 days
View full developer profile
Detection Fingerprints

How We Detect Greenshift – animation and page builder blocks

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/greenshift-animation-and-page-builder-blocks/assets/css/greenshift-frontend.css/wp-content/plugins/greenshift-animation-and-page-builder-blocks/assets/js/greenshift-frontend.js/wp-content/plugins/greenshift-animation-and-page-builder-blocks/blocks/src/custom-icons/style.css/wp-content/plugins/greenshift-animation-and-page-builder-blocks/blocks/src/parallax/style.css/wp-content/plugins/greenshift-animation-and-page-builder-blocks/blocks/src/parallax/edit.js/wp-content/plugins/greenshift-animation-and-page-builder-blocks/blocks/src/parallax/view.js/wp-content/plugins/greenshift-animation-and-page-builder-blocks/blockrender/element/element.js
Script Paths
/wp-content/plugins/greenshift-animation-and-page-builder-blocks/assets/js/greenshift-frontend.js/wp-content/plugins/greenshift-animation-and-page-builder-blocks/blockrender/element/element.js
Version Parameters
greenshift-animation-and-page-builder-blocks/assets/css/greenshift-frontend.css?ver=greenshift-animation-and-page-builder-blocks/assets/js/greenshift-frontend.js?ver=greenshift-animation-and-page-builder-blocks/blocks/src/custom-icons/style.css?ver=greenshift-animation-and-page-builder-blocks/blocks/src/parallax/style.css?ver=greenshift-animation-and-page-builder-blocks/blocks/src/parallax/edit.js?ver=greenshift-animation-and-page-builder-blocks/blocks/src/parallax/view.js?ver=greenshift-animation-and-page-builder-blocks/blockrender/element/element.js?ver=

HTML / DOM Fingerprints

CSS Classes
greenshift-elementgsap-element-wrapgreenshift-block-parallaxgreenshift-block-parallax-inner
HTML Comments
<!-- greenshift-animation-and-page-builder-blocks --><!-- GreenShift - Animation and Page Builder Blocks -->
Data Attributes
data-gs-parallax-directiondata-gs-parallax-speeddata-gs-parallax-typedata-gs-parallax-offsetdata-gs-parallax-smoothnessdata-gs-parallax-color-start+8 more
JS Globals
window.greenshift_animation_params
FAQ

Frequently Asked Questions about Greenshift – animation and page builder blocks