WP-Safety

Guten Post Layout – An Advanced Post Grid Collection Security & Risk Analysis

wordpress.org/plugins/guten-post-layout

Most advanced post grid WordPress plugin for Gutenberg. Create post grids, lists, and sliders from default posts or custom post types for WordPress.

1K active installs v1.2.6 PHP 7.1+ WP 5.6+ Updated Oct 21, 2024
block-plugingrid-layoutgutenberg-blockspost-blockspost-layout-plugin
91
A · Safe
CVEs total1
Unpatched0
Last CVESep 30, 2024
Plugin page Download
Safety Verdict

Is Guten Post Layout – An Advanced Post Grid Collection Safe to Use in 2026?

Generally Safe

Score 91/100

Guten Post Layout – An Advanced Post Grid Collection has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Sep 30, 2024Updated 1yr ago
Risk Assessment

The 'guten-post-layout' plugin v1.2.6 demonstrates a generally good security posture based on the provided static analysis. The plugin exhibits strong adherence to secure coding practices by using prepared statements for all SQL queries and properly escaping the vast majority (98%) of its output. Furthermore, the attack surface is limited to two AJAX handlers, both of which appear to have nonce checks, which is a positive sign for preventing unauthorized actions. The absence of critical or high-severity taint analysis findings and dangerous functions is also reassuring. However, the vulnerability history reveals one known CVE, a medium severity Cross-Site Scripting (XSS) vulnerability that was patched in the past. While there are no currently unpatched vulnerabilities, this indicates a past susceptibility to XSS, suggesting that vigilance is still necessary. The lack of capability checks on the entry points, despite nonce checks, is a minor concern that could potentially be exploited in conjunction with other weaknesses.

Key Concerns

  • Known CVE exists (even if patched)
  • Missing capability checks on entry points
Vulnerabilities
1

Guten Post Layout – An Advanced Post Grid Collection Security Vulnerabilities

CVEs by Year

1 CVE in 2024
2024
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2024-8288medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Guten Post Layout – An Advanced Post Grid Collection for WordPress Gutenberg <= 1.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via align Attribute

Sep 30, 2024 Patched in 1.2.5 (24d)
Code Analysis
Analyzed Mar 16, 2026

Guten Post Layout – An Advanced Post Grid Collection Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
3
124 escaped
Nonce Checks
2
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

98% escaped127 total outputs
Attack Surface

Guten Post Layout – An Advanced Post Grid Collection Attack Surface

Entry Points2
Unprotected0

AJAX Handlers 2

authwp_ajax_gpl_post_filterclasses\class-gpl-init.php:59
noprivwp_ajax_gpl_post_filterclasses\class-gpl-init.php:60
WordPress Hooks 16
actionadmin_menuadmin\gpl-options.php:21
filteradmin_footer_textadmin\gpl-options.php:22
actionadmin_enqueue_scriptsadmin\gpl-options.php:24
actionplugins_loadedclasses\class-gpl-core.php:46
actioninitclasses\class-gpl-core.php:49
filterregister_taxonomy_argsclasses\class-gpl-core.php:52
filterregister_post_type_argsclasses\class-gpl-core.php:56
actionafter_setup_themeclasses\class-gpl-init.php:45
actionenqueue_block_assetsclasses\class-gpl-init.php:47
actionenqueue_block_editor_assetsclasses\class-gpl-init.php:50
actionafter_setup_themeclasses\class-gpl-init.php:56
actionrest_api_initclasses\rest-api.php:34
actioninitclasses\rest-api.php:106
actionadmin_noticesguten-post-layout.php:41
actionadmin_noticesguten-post-layout.php:43
actioninitsrc\blocks\post-grid\post-grid.php:19
Maintenance & Trust

Guten Post Layout – An Advanced Post Grid Collection Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5
Last updatedOct 21, 2024
PHP min version7.1
Downloads38K

Community Trust

Rating86/100
Number of ratings8
Active installs1K
Alternatives

Guten Post Layout – An Advanced Post Grid Collection Alternatives

Post Layouts for Gutenberg

Post Layouts for Gutenberg

post-layouts

B
79

A beautiful post layouts block to showcase your posts in grid and list layout with multiple templates availability.

2K 1 unpatched
Post Blocks & Tools

Post Blocks & Tools

bnm-blocks

A
99

Post grid, post list, and post slider Gutenberg blocks to design blog and magazine layouts easily.

300 1 CVE
Advanced Blog Post Block

Advanced Blog Post Block

advanced-blog-post-block

B
71

The advanced blog post block enhances content creation with advanced features, layouts, and customization options for dynamic and engaging blogs.

20 1 unpatched
PostCrafts – Advanced Post Blocks to Highlight, Summarize and Beautifully Organize Your Posts

PostCrafts – Advanced Post Blocks to Highlight, Summarize and Beautifully Organize Your Posts

postcrafts

A
100

PostCrafts is the best post grid, blog designer, news, magazine, and WordPress blog plugin that comes with various Gutenberg blocks.

0 No CVEs
Spectra Gutenberg Blocks – Website Builder for the Block Editor

Spectra Gutenberg Blocks – Website Builder for the Block Editor

ultimate-addons-for-gutenberg

A
92

Power-up Gutenberg with advanced blocks for faster website creation. Build your WordPress website effortlessly using powerful building blocks!

1.0M 26 CVEs
Developer Profile

Guten Post Layout – An Advanced Post Grid Collection Developer Profile

Mahmudul Hasan Arif

7 plugins · 40K total installs

85
trust score
Avg Security Score
87/100
Avg Patch Time
19 days
View full developer profile
Detection Fingerprints

How We Detect Guten Post Layout – An Advanced Post Grid Collection

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/guten-post-layout/admin/css/gpl-admin-style.css/wp-content/plugins/guten-post-layout/admin/js/gpl-admin-script.js/wp-content/plugins/guten-post-layout/public/css/gpl-layout-style.css/wp-content/plugins/guten-post-layout/public/css/slick.css/wp-content/plugins/guten-post-layout/public/css/slick-theme.css/wp-content/plugins/guten-post-layout/public/js/slick.min.js/wp-content/plugins/guten-post-layout/public/js/gpl-public-script.js
Script Paths
/wp-content/plugins/guten-post-layout/admin/js/gpl-admin-script.js/wp-content/plugins/guten-post-layout/public/js/slick.min.js/wp-content/plugins/guten-post-layout/public/js/gpl-public-script.js
Version Parameters
guten-post-layout/admin/css/gpl-admin-style.css?ver=guten-post-layout/admin/js/gpl-admin-script.js?ver=guten-post-layout/public/css/gpl-layout-style.css?ver=guten-post-layout/public/css/slick.css?ver=guten-post-layout/public/css/slick-theme.css?ver=guten-post-layout/public/js/slick.min.js?ver=guten-post-layout/public/js/gpl-public-script.js?ver=

HTML / DOM Fingerprints

CSS Classes
gpl-welcome-containergpl-welcome-tabgpl-panel-containgpl-wrappergpl-welcome-headergpl-intro-sectiongpl-video-features-imagegpl-embed-responsive-item+10 more
Data Attributes
data-tab-id
JS Globals
GUTEN_POST_LAYOUT_VERSION
FAQ

Frequently Asked Questions about Guten Post Layout – An Advanced Post Grid Collection