WP-Safety

GutenDraw – Visualize Ideas with Excalidraw Security & Risk Analysis

wordpress.org/plugins/gutendraw

GutenDraw: share your story with interactive diagrams and flowcharts directly in the WordPress that resonates with your audience

100 active installs v1.3.1 PHP 7.4+ WP 5.0+ Updated Feb 2, 2025
diagramsexcalidrawgutenbergmediasketching
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is GutenDraw – Visualize Ideas with Excalidraw Safe to Use in 2026?

Generally Safe

Score 92/100

GutenDraw – Visualize Ideas with Excalidraw has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The plugin "gutendraw" v1.3.1 demonstrates a generally strong security posture based on the provided static analysis. The absence of known CVEs, coupled with the plugin's use of prepared statements for all SQL queries and a high percentage of properly escaped output, indicates a commitment to secure coding practices. Furthermore, the presence of nonce and capability checks on entry points is a positive sign. However, the analysis does reveal a potential concern: one identified flow with unsanitized paths. While this did not translate to a critical or high severity issue in the taint analysis, it represents an area that warrants further investigation and could indicate a latent risk if not properly mitigated. The complete lack of external HTTP requests, file operations, and shortcodes also contributes to a reduced attack surface.

Key Concerns

  • Flow with unsanitized paths found
Vulnerabilities
None known

GutenDraw – Visualize Ideas with Excalidraw Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

GutenDraw – Visualize Ideas with Excalidraw Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
8 prepared
Unescaped Output
3
77 escaped
Nonce Checks
2
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared8 total queries

Output Escaping

96% escaped80 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths
redirect (includes\System\Admin.php:79)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

GutenDraw – Visualize Ideas with Excalidraw Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 13
actioninitincludes\Blocks\ImageBlock.php:11
actionplugins_loadedincludes\Plugin.php:14
actionrest_api_initincludes\Rest\Routes.php:8
actioninitincludes\System\Admin.php:12
actionadmin_menuincludes\System\Admin.php:19
filtersubmenu_fileincludes\System\Admin.php:20
actionwp_loadedincludes\System\Admin.php:21
actionscript_loader_tagincludes\System\Admin.php:22
actionadmin_menuincludes\System\Admin.php:24
actioninitincludes\System\Feedback.php:10
actionadmin_footerincludes\System\Feedback.php:15
actioninitincludes\System\I18n.php:10
actioninitincludes\System\Shortcode.php:10
Maintenance & Trust

GutenDraw – Visualize Ideas with Excalidraw Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedFeb 2, 2025
PHP min version7.4
Downloads2K

Community Trust

Rating100/100
Number of ratings1
Active installs100
Alternatives

GutenDraw – Visualize Ideas with Excalidraw Alternatives

NinjaDraw – Create Diagrams, Sketches & Visual Workflows

NinjaDraw – Create Diagrams, Sketches & Visual Workflows

ninjadraw

A
100

NinjaDraw - the all-in-one WordPress diagramming tool built on Excalidraw. Create flowcharts, mind maps, wireframes, and hand-drawn diagrams easily.

40 No CVEs
Algori Social Share Buttons

Algori Social Share Buttons

social-share-buttons-lite

A
92

Algori Social Share Buttons is a Gutenberg Block Plugin that enables you add Social Media Share Buttons to your website.

1K No CVEs
Inline Tweet Sharer – Twitter Sharing Plugin

Inline Tweet Sharer – Twitter Sharing Plugin

inline-tweet-sharer

A
100

Inline Tweet Sharer is a plugin that allows you to easily and simply create links to share your content on twitter. These links share whatever the anc …

300 1 CVE
Image Slider Blocks

Image Slider Blocks

image-slider-block

A
85

An image slider block plugin for Gutenberg blocks

100 No CVEs
Drop it

Drop it

dropit

A
85

Easily insert free photos from unsplash.com and gifs from Giphy.com right from Gutenberg's sidebar.

80 No CVEs
Developer Profile

GutenDraw – Visualize Ideas with Excalidraw Developer Profile

Avirtum

6 plugins · 11K total installs

76
trust score
Avg Security Score
96/100
Avg Patch Time
324 days
View full developer profile
Detection Fingerprints

How We Detect GutenDraw – Visualize Ideas with Excalidraw

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/gutendraw/assets/css/style.css/wp-content/plugins/gutendraw/assets/vendor/excalidraw/excalidraw.min.js/wp-content/plugins/gutendraw/assets/vendor/excalidraw/excalidraw.min.css
Script Paths
/wp-content/plugins/gutendraw/assets/js/editor.js/wp-content/plugins/gutendraw/assets/js/settings.js
Version Parameters
gutendraw/assets/css/style.css?ver=gutendraw/assets/vendor/excalidraw/excalidraw.min.js?ver=gutendraw/assets/vendor/excalidraw/excalidraw.min.css?ver=gutendraw/assets/js/editor.js?ver=gutendraw/assets/js/settings.js?ver=

HTML / DOM Fingerprints

Data Attributes
data-element-type="text"data-element-type="rectangle"data-element-type="arrow"data-element-type="line"data-element-type="ellipse"data-element-type="image"+5 more
JS Globals
window.EXCALIDRAW_EXPORT_SOURCEwindow.EXCALIDRAW_ASSET_PATH
REST Endpoints
/wp-json/gutendraw/v1/wp-json/gutendraw/public/v1
Shortcode Output
[gutendraw
FAQ

Frequently Asked Questions about GutenDraw – Visualize Ideas with Excalidraw