WP-Safety

Gutena Kit – Gutenberg Blocks and Templates Security & Risk Analysis

wordpress.org/plugins/gutena-kit

Provide advanced controls, powerful blocks and beautiful pre-made templates that help you build websites in less time!

1K active installs v2.0.7 PHP 5.6+ WP 6.5+ Updated Feb 19, 2026
blocksfull-site-editinggutenbergpage-builderwordpress-blocks
79
B · Generally Safe
CVEs total1
Unpatched1
Last CVEApr 1, 2025
Plugin page Download
Safety Verdict

Is Gutena Kit – Gutenberg Blocks and Templates Safe to Use in 2026?

Mostly Safe

Score 79/100

Gutena Kit – Gutenberg Blocks and Templates is generally safe to use. 1 past CVE were resolved. Keep it updated.

1 known CVE 1 unpatched Last CVE: Apr 1, 2025Updated 1mo ago
Risk Assessment

The "gutena-kit" v2.0.7 plugin exhibits a mixed security posture. While it demonstrates good practices in SQL query handling and output escaping, with 100% prepared statements and 97% properly escaped outputs, significant concerns arise from its attack surface. Specifically, 3 out of 10 AJAX handlers lack authentication checks, creating potential entry points for unauthorized actions. The presence of the `unserialize` function is a critical code signal that, if not handled with extreme care, can lead to deserialization vulnerabilities, especially when combined with unsanitized input. Taint analysis reveals 3 flows with unsanitized paths, indicating potential data leakage or manipulation risks that could be exploited if these flows interact with sensitive functions.

The plugin's vulnerability history, with one known medium-severity CVE related to Cross-Site Scripting, further highlights potential weaknesses in input validation and output encoding. The fact that this CVE is currently unpatched is a major red flag. The pattern of past vulnerabilities suggests a recurring issue with sanitizing user-provided data, which, when combined with the identified unsanitized taint flows and unprotected AJAX endpoints, points to a heightened risk profile. While the plugin has strengths in certain areas, the combination of unprotected entry points, the presence of `unserialize`, and unpatched historical vulnerabilities necessitates careful attention and remediation.

Key Concerns

  • Unpatched Medium CVE
  • 3 AJAX handlers without auth checks
  • Unserialized function usage
  • 3 Flows with unsanitized paths
Vulnerabilities
1

Gutena Kit – Gutenberg Blocks and Templates Security Vulnerabilities

CVEs by Year

1 CVE in 2025 · unpatched
2025
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2025-31805medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Gutena Kit – Gutenberg Blocks and Templates <= 2.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting

Apr 1, 2025Unpatched
Code Analysis
Analyzed Mar 16, 2026

Gutena Kit – Gutenberg Blocks and Templates Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
0 prepared
Unescaped Output
15
420 escaped
Nonce Checks
17
Capability Checks
16
File Operations
3
External Requests
4
Bundled Libraries
0

Dangerous Functions Found

unserialize$data = unserialize( $raw );includes\demo-import\merlin\includes\class-merlin-customizer-importer.php:74

Output Escaping

97% escaped435 total outputs
Data Flows
3 unsanitized

Data Flow Analysis

4 flows3 with unsanitized paths
<class-gutenakit-demosetup> (includes\demo-import\class-gutenakit-demosetup.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
3 unprotected

Gutena Kit – Gutenberg Blocks and Templates Attack Surface

Entry Points10
Unprotected3

AJAX Handlers 10

authwp_ajax_save_global_typographyincludes\class-gutena-kit.php:180
authwp_ajax_manage_gutena_blocksincludes\class-gutena-kit.php:182
authwp_ajax_activate_gutena_themeincludes\class-gutena-kit.php:184
authwp_ajax_merlin_contentincludes\demo-import\merlin\class-merlin.php:336
authwp_ajax_merlin_get_total_content_import_itemsincludes\demo-import\merlin\class-merlin.php:337
authwp_ajax_merlin_pluginsincludes\demo-import\merlin\class-merlin.php:338
authwp_ajax_merlin_child_themeincludes\demo-import\merlin\class-merlin.php:339
authwp_ajax_merlin_activate_licenseincludes\demo-import\merlin\class-merlin.php:340
authwp_ajax_merlin_update_selected_import_data_infoincludes\demo-import\merlin\class-merlin.php:341
authwp_ajax_merlin_import_finishedincludes\demo-import\merlin\class-merlin.php:342
WordPress Hooks 56
actiontgmpa_registeradmin\class-gutena-kit-admin.php:92
actionadmin_print_stylesadmin\class-gutena-kit-admin.php:100
actionplugins_loadedincludes\class-gutena-kit.php:162
actionadmin_enqueue_scriptsincludes\class-gutena-kit.php:175
actionadmin_enqueue_scriptsincludes\class-gutena-kit.php:176
actionadmin_menuincludes\class-gutena-kit.php:177
actionactivated_pluginincludes\class-gutena-kit.php:178
actionenqueue_block_editor_assetsincludes\class-gutena-kit.php:179
actionblock_categories_allincludes\class-gutena-kit.php:199
actionwp_enqueue_scriptsincludes\class-gutena-kit.php:201
actionwp_enqueue_scriptsincludes\class-gutena-kit.php:202
actionafter_setup_themeincludes\class-gutena-kit.php:203
filterblock_type_metadataincludes\class-gutena-kit.php:206
filterrender_blockincludes\class-gutena-kit.php:207
actionadmin_initincludes\demo-import\class-gutenakit-demosetup.php:54
actionimport_startincludes\demo-import\class-gutenakit-demosetup.php:56
actionmerlin_after_all_importincludes\demo-import\class-gutenakit-demosetup.php:58
filtermerlin_import_filesincludes\demo-import\class-gutenakit-demosetup.php:63
actionadmin_initincludes\demo-import\merlin\class-merlin.php:327
actionadmin_initincludes\demo-import\merlin\class-merlin.php:328
actionafter_switch_themeincludes\demo-import\merlin\class-merlin.php:329
actionadmin_initincludes\demo-import\merlin\class-merlin.php:330
actionadmin_menuincludes\demo-import\merlin\class-merlin.php:331
actionadmin_initincludes\demo-import\merlin\class-merlin.php:332
actionadmin_initincludes\demo-import\merlin\class-merlin.php:333
actionadmin_footerincludes\demo-import\merlin\class-merlin.php:334
filtertgmpa_loadincludes\demo-import\merlin\class-merlin.php:335
filterpt-importer/new_ajax_request_response_dataincludes\demo-import\merlin\class-merlin.php:343
actionimport_endincludes\demo-import\merlin\class-merlin.php:344
actionimport_startincludes\demo-import\merlin\class-merlin.php:345
actionadmin_initincludes\demo-import\merlin\class-merlin.php:346
actionmerlin_widget_settings_arrayincludes\demo-import\merlin\includes\class-merlin-hooks.php:18
actionimport_startincludes\demo-import\merlin\includes\class-merlin-hooks.php:19
filterintermediate_image_sizes_advancedincludes\demo-import\merlin\includes\class-merlin-hooks.php:64
actioninitincludes\demo-import\tgmpa\class-tgm-plugin-activation.php:264
actionadmin_menuincludes\demo-import\tgmpa\class-tgm-plugin-activation.php:413
actionadmin_headincludes\demo-import\tgmpa\class-tgm-plugin-activation.php:414
filterinstall_plugin_complete_actionsincludes\demo-import\tgmpa\class-tgm-plugin-activation.php:417
filterupdate_plugin_complete_actionsincludes\demo-import\tgmpa\class-tgm-plugin-activation.php:418
actionadmin_noticesincludes\demo-import\tgmpa\class-tgm-plugin-activation.php:421
actionadmin_initincludes\demo-import\tgmpa\class-tgm-plugin-activation.php:422
actionadmin_enqueue_scriptsincludes\demo-import\tgmpa\class-tgm-plugin-activation.php:423
actionload-plugins.phpincludes\demo-import\tgmpa\class-tgm-plugin-activation.php:428
actionswitch_themeincludes\demo-import\tgmpa\class-tgm-plugin-activation.php:431
actionswitch_themeincludes\demo-import\tgmpa\class-tgm-plugin-activation.php:434
actionadmin_initincludes\demo-import\tgmpa\class-tgm-plugin-activation.php:439
actionswitch_themeincludes\demo-import\tgmpa\class-tgm-plugin-activation.php:444
filterupgrader_source_selectionincludes\demo-import\tgmpa\class-tgm-plugin-activation.php:800
actionplugins_loadedincludes\demo-import\tgmpa\class-tgm-plugin-activation.php:2032
filtertgmpa_table_data_itemsincludes\demo-import\tgmpa\class-tgm-plugin-activation.php:2156
filterupgrader_source_selectionincludes\demo-import\tgmpa\class-tgm-plugin-activation.php:2899
actionadmin_initincludes\demo-import\tgmpa\class-tgm-plugin-activation.php:3069
actionupgrader_process_completeincludes\demo-import\tgmpa\class-tgm-plugin-activation.php:3164
filterupgrader_post_installincludes\demo-import\tgmpa\class-tgm-plugin-activation.php:3223
filterupgrader_post_installincludes\demo-import\tgmpa\class-tgm-plugin-activation.php:3368
actionwp_headpublic\class-gutena-kit-public.php:627
Maintenance & Trust

Gutena Kit – Gutenberg Blocks and Templates Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 19, 2026
PHP min version5.6
Downloads16K

Community Trust

Rating0/100
Number of ratings0
Active installs1K
Alternatives

Gutena Kit – Gutenberg Blocks and Templates Alternatives

Page Builder Gutenberg Blocks – CoBlocks

Page Builder Gutenberg Blocks – CoBlocks

coblocks

B
72

CoBlocks is a suite of page builder WordPress blocks for Gutenberg, with 10+ new blocks and a true page builder experience with rows and columns.

300K 1 unpatched
Stackable – Page Builder Gutenberg Blocks

Stackable – Page Builder Gutenberg Blocks

stackable-ultimate-gutenberg-blocks

A
95

Custom Blocks that transform your WordPress Block Editor into a page builder

100K 7 CVEs
Greenshift – animation and page builder blocks

Greenshift – animation and page builder blocks

greenshift-animation-and-page-builder-blocks

A
89

More than 20 special blocks for Gutenberg to build complex pages and animations with highest possible web vitals score.

70K 19 CVEs
GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor

GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor

gutenkit-blocks-addon

A
93

GutenKit – Ultimate no-code Gutenberg blocks to design stunning web pages and visually stunning posts in WordPress block editor.

70K 3 CVEs
Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor

Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor

gutentor

B
74

Advanced yet easy, Gutenberg editor page builder blocks. Create a masterpiece, pixel perfect website using modern WordPress Gutenberg blocks.

30K 1 unpatched
Developer Profile

Gutena Kit – Gutenberg Blocks and Templates Developer Profile

Saad Iqbal

84 plugins · 1.4M total installs

76
trust score
Avg Security Score
96/100
Avg Patch Time
287 days
View full developer profile
Detection Fingerprints

How We Detect Gutena Kit – Gutenberg Blocks and Templates

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/gutena-kit/build/index.css/wp-content/plugins/gutena-kit/build/index.js/wp-content/plugins/gutena-kit/assets/css/admin-style.css/wp-content/plugins/gutena-kit/assets/js/gutena-kit-admin.js/wp-content/plugins/gutena-kit/assets/js/bundle.js
Generator Patterns
Gutena Kit
Script Paths
/wp-content/plugins/gutena-kit/build/index.js/wp-content/plugins/gutena-kit/assets/js/gutena-kit-admin.js/wp-content/plugins/gutena-kit/assets/js/bundle.js
Version Parameters
gutena-kit/build/index.css?ver=gutena-kit/build/index.js?ver=gutena-kit/assets/css/admin-style.css?ver=gutena-kit/assets/js/gutena-kit-admin.js?ver=gutena-kit/assets/js/bundle.js?ver=

HTML / DOM Fingerprints

CSS Classes
gutena-kit-admin-wrapper
HTML Comments
<!-- Gutena Kit --><div class="gutena-kit-admin-wrapper">
Data Attributes
data-gutenakit-admin
JS Globals
gutenaKitAdmin
FAQ

Frequently Asked Questions about Gutena Kit – Gutenberg Blocks and Templates