GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor Security & Risk Analysis
wordpress.org/plugins/gutenkit-blocks-addonGutenKit – Ultimate no-code Gutenberg blocks to design stunning web pages and visually stunning posts in WordPress block editor.
70K active installs v2.4.5 PHP 7.4+ WP 6.1+ Updated Feb 24, 2026
block-editorgutenberg-blocksmega-menupage-builderwordpress-blocks
Safety Verdict
Is GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor Safe to Use in 2026?
Generally Safe
Score 93/100GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor has a strong security track record. Known vulnerabilities have been patched promptly.
3 known CVEsLast CVE: Sep 22, 2025Updated 1mo ago
Risk Assessment
The GutenKit Blocks Addon plugin exhibits a mixed security posture. On the positive side, it demonstrates strong practices regarding SQL queries, exclusively using prepared statements, and has a high percentage of properly escaped output. Nonce and capability checks are also present in a reasonable number of entry points. However, a significant concern lies in its attack surface. With 17 REST API routes, a substantial 16 of them lack proper permission callbacks, leaving them unprotected. This is exacerbated by the taint analysis revealing two flows with unsanitized paths, indicating potential avenues for malicious input to be processed without adequate sanitization. The plugin's vulnerability history is also a point of concern. Three known CVEs, including one critical and two medium, have been identified. Although currently unpatched CVEs are zero, the recurring nature of cross-site scripting and missing authorization vulnerabilities suggests underlying architectural weaknesses that need continuous attention. The presence of external HTTP requests, while not inherently a vulnerability, adds to the overall attack surface and requires careful monitoring for any unintended data leakage or supply chain risks. In conclusion, while the plugin shows good practices in areas like SQL and output escaping, the large unprotected attack surface, identified taint flows, and past critical vulnerabilities necessitate a cautious approach.
Key Concerns
- Large attack surface without auth checks
- Flows with unsanitized paths found
- Past critical vulnerability history
- Past medium vulnerability history
Vulnerabilities
3GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor Security Vulnerabilities
CVEs by Year
1 CVE in 2024
2 CVEs in 2025
Patched Has unpatched
Severity Breakdown
Critical
1
Medium
2
3 total CVEs
CVE-2025-57900medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
GutenKit <= 2.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
Sep 22, 2025 Patched in 2.4.3 (17d)
CVE-2025-46253medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
GutenKit <= 2.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
Apr 22, 2025 Patched in 2.2.3 (9d)
GutenKit <= 2.1.0 - Unauthenticated Arbitrary File Upload
Oct 10, 2024 Patched in 2.1.1 (1d)
Code Analysis
Analyzed Mar 16, 2026GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor Code Analysis
Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
4
50 escaped
Nonce Checks
13
Capability Checks
18
File Operations
0
External Requests
8
Bundled Libraries
0
Output Escaping
93% escaped54 total outputs
Data Flows
2 unsanitizedData Flow Analysis
2 flows2 with unsanitized paths
filter_by_parent_class (includes\Core\ClassManager.php:130)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
16 unprotected GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor Attack Surface
Entry Points17
Unprotected16
REST API Routes 17
WordPress Hooks 75
Maintenance & Trust
GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor Maintenance & Trust
Maintenance Signals
WordPress version tested6.9.4
Last updatedFeb 24, 2026
PHP min version7.4
Downloads427K
Community Trust
Rating92/100
Number of ratings41
Active installs70K
Alternatives
GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor Alternatives
Nexter Blocks – Gutenberg Blocks, Page Builder & AI Website Builder
the-plus-addons-for-block-editor
A
95
90+ Gutenberg Blocks & AI Website Builder with 1000+ Templates. Complete Page Builder, Popup Builder, Mega Menu, Form Builder & More. No Code.
10K 8 CVEs
Fusionberg Blocks
fusionberg-blocks
A
100
Advance Gutenberg Blocks for WordPress.
0 No CVEs
Page Builder Gutenberg Blocks – CoBlocks
coblocks
B
72
CoBlocks is a suite of page builder WordPress blocks for Gutenberg, with 10+ new blocks and a true page builder experience with rows and columns.
300K 1 unpatched
Stackable – Page Builder Gutenberg Blocks
stackable-ultimate-gutenberg-blocks
A
95
Custom Blocks that transform your WordPress Block Editor into a page builder
100K 7 CVEs
Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor
gutentor
B
74
Advanced yet easy, Gutenberg editor page builder blocks. Create a masterpiece, pixel perfect website using modern WordPress Gutenberg blocks.
30K 1 unpatched
Developer Profile
GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor Developer Profile
Ataur R
2 plugins · 70K total installs
92
trust score
Avg Security Score
97/100
Avg Patch Time
9 days
Detection Fingerprints
How We Detect GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
Asset Paths
/wp-content/plugins/gutenkit-blocks-addon/build/styles/gutenkit-main-style.css/wp-content/plugins/gutenkit-blocks-addon/build/styles/gutenkit-editor.css/wp-content/plugins/gutenkit-blocks-addon/build/styles/gutenkit-frontend.css/wp-content/plugins/gutenkit-blocks-addon/build/blocks/accordion/accordion.css/wp-content/plugins/gutenkit-blocks-addon/build/blocks/advanced-button/advanced-button.css/wp-content/plugins/gutenkit-blocks-addon/build/blocks/advanced-heading/advanced-heading.css/wp-content/plugins/gutenkit-blocks-addon/build/blocks/advanced-image/advanced-image.css/wp-content/plugins/gutenkit-blocks-addon/build/blocks/advanced-list/advanced-list.css+193 moreScript Paths
/wp-content/plugins/gutenkit-blocks-addon/build/blocks/accordion/accordion.js/wp-content/plugins/gutenkit-blocks-addon/build/blocks/advanced-button/advanced-button.js/wp-content/plugins/gutenkit-blocks-addon/build/blocks/advanced-heading/advanced-heading.js/wp-content/plugins/gutenkit-blocks-addon/build/blocks/advanced-image/advanced-image.js/wp-content/plugins/gutenkit-blocks-addon/build/blocks/advanced-list/advanced-list.js/wp-content/plugins/gutenkit-blocks-addon/build/blocks/advanced-tooltip/advanced-tooltip.js+109 moreVersion Parameters
gutenkit-blocks-addon/style.css?ver=gutenkit-blocks-addon/editor.css?ver=gutenkit-blocks-addon/frontend.css?ver=gutenkit-blocks-addon/accordion.css?ver=gutenkit-blocks-addon/advanced-button.css?ver=gutenkit-blocks-addon/advanced-heading.css?ver=gutenkit-blocks-addon/advanced-image.css?ver=gutenkit-blocks-addon/advanced-list.css?ver=gutenkit-blocks-addon/advanced-tooltip.css?ver=gutenkit-blocks-addon/alert.css?ver=gutenkit-blocks-addon/animated-text.css?ver=gutenkit-blocks-addon/blockquote.css?ver=gutenkit-blocks-addon/blog-posts.css?ver=gutenkit-blocks-addon/breadcrumb.css?ver=gutenkit-blocks-addon/button-group.css?ver=gutenkit-blocks-addon/call-to-action.css?ver=gutenkit-blocks-addon/carousel.css?ver=gutenkit-blocks-addon/checkbox-list.css?ver=gutenkit-blocks-addon/circle-progress.css?ver=gutenkit-blocks-addon/clients-logo.css?ver=gutenkit-blocks-addon/countdown.css?ver=gutenkit-blocks-addon/divider.css?ver=gutenkit-blocks-addon/draggable-color-picker.css?ver=gutenkit-blocks-addon/dual-heading.css?ver=gutenkit-blocks-addon/event-schedule.css?ver=gutenkit-blocks-addon/flip-box.css?ver=gutenkit-blocks-addon/gallery.css?ver=gutenkit-blocks-addon/google-maps.css?ver=gutenkit-blocks-addon/heading-style.css?ver=gutenkit-blocks-addon/icon-box.css?ver=gutenkit-blocks-addon/image-box.css?ver=gutenkit-blocks-addon/image-comparison.css?ver=gutenkit-blocks-addon/image-hotspots.css?ver=gutenkit-blocks-addon/instagram-feed.css?ver=gutenkit-blocks-addon/label.css?ver=gutenkit-blocks-addon/layer-slider.css?ver=gutenkit-blocks-addon/list-grid.css?ver=gutenkit-blocks-addon/logo-carousel.css?ver=gutenkit-blocks-addon/mailchimp-form.css?ver=gutenkit-blocks-addon/modal-popup.css?ver=gutenkit-blocks-addon/navigation-menu.css?ver=gutenkit-blocks-addon/number-counter.css?ver=gutenkit-blocks-addon/offcanvas.css?ver=gutenkit-blocks-addon/owl-carousel.css?ver=gutenkit-blocks-addon/page-title.css?ver=gutenkit-blocks-addon/parallax-scrolling.css?ver=gutenkit-blocks-addon/post-navigation-link.css?ver=gutenkit-blocks-addon/price-box.css?ver=gutenkit-blocks-addon/price-table.css?ver=gutenkit-blocks-addon/pricing-table.css?ver=gutenkit-blocks-addon/progress-bar.css?ver=gutenkit-blocks-addon/quiz.css?ver=gutenkit-blocks-addon/range-slider.css?ver=gutenkit-blocks-addon/ratings.css?ver=gutenkit-blocks-addon/responsive-slider.css?ver=gutenkit-blocks-addon/scroll-to-top.css?ver=gutenkit-blocks-addon/section.css?ver=gutenkit-blocks-addon/services-box.css?ver=gutenkit-blocks-addon/share-buttons.css?ver=gutenkit-blocks-addon/show-hide.css?ver=gutenkit-blocks-addon/simpler-slider.css?ver=gutenkit-blocks-addon/single-post.css?ver=gutenkit-blocks-addon/slider.css?ver=gutenkit-blocks-addon/social-icons.css?ver=gutenkit-blocks-addon/star-rating.css?ver=gutenkit-blocks-addon/step-flow.css?ver=gutenkit-blocks-addon/sticky-bar.css?ver=gutenkit-blocks-addon/tabs.css?ver=gutenkit-blocks-addon/testimonial.css?ver=gutenkit-blocks-addon/timeline.css?ver=gutenkit-blocks-addon/title.css?ver=gutenkit-blocks-addon/toggle-content.css?ver=gutenkit-blocks-addon/tooltip.css?ver=gutenkit-blocks-addon/testimonial-slider.css?ver=gutenkit-blocks-addon/user-login.css?ver=gutenkit-blocks-addon/user-profile.css?ver=gutenkit-blocks-addon/video-playlist.css?ver=gutenkit-blocks-addon/video-popup.css?ver=gutenkit-blocks-addon/products.css?ver=gutenkit-blocks-addon/categories.css?ver=gutenkit-blocks-addon/cart.css?ver=gutenkit-blocks-addon/checkout.css?ver=gutenkit-blocks-addon/product-slider.css?ver=gutenkit-blocks-addon/product-grid.css?ver=gutenkit-blocks-addon/product-carousel.css?ver=gutenkit-blocks-addon/product-filter.css?ver=gutenkit-blocks-addon/product-search.css?ver=gutenkit-blocks-addon/product-recent.css?ver=gutenkit-blocks-addon/product-featured.css?ver=gutenkit-blocks-addon/product-sale.css?ver=gutenkit-blocks-addon/product-best-selling.css?ver=gutenkit-blocks-addon/product-top-rated.css?ver=gutenkit-blocks-addon/product-grouped.css?ver=gutenkit-blocks-addon/product-variable.css?ver=gutenkit-blocks-addon/product-simple.css?ver=gutenkit-blocks-addon/product-external.css?ver=gutenkit-blocks-addon/product-addon.css?ver=gutenkit-blocks-addon/add-to-cart.css?ver=gutenkit-blocks-addon/button.css?ver=gutenkit-blocks-addon/price.css?ver=gutenkit-blocks-addon/title.css?ver=gutenkit-blocks-addon/rating.css?ver=gutenkit-blocks-addon/image.css?ver=gutenkit-blocks-addon/description.css?ver=gutenkit-blocks-addon/short-description.css?ver=gutenkit-blocks-addon/sku.css?ver=gutenkit-blocks-addon/stock-status.css?ver=gutenkit-blocks-addon/weight.css?ver=gutenkit-blocks-addon/dimensions.css?ver=gutenkit-blocks-addon/upsells.css?ver=gutenkit-blocks-addon/cross-sells.css?ver=gutenkit-blocks-addon/related-products.css?ver=gutenkit-blocks-addon/reviews.css?ver=gutenkit-blocks-addon/custom-field.css?ver=gutenkit-blocks-addon/add-to-cart-button.css?ver=gutenkit-blocks-addon/variation-swatches.css?ver=gutenkit-blocks-addon/quick-view.css?ver=gutenkit-blocks-addon/accordion.js?ver=gutenkit-blocks-addon/advanced-button.js?ver=gutenkit-blocks-addon/advanced-heading.js?ver=gutenkit-blocks-addon/advanced-image.js?ver=gutenkit-blocks-addon/advanced-list.js?ver=gutenkit-blocks-addon/advanced-tooltip.js?ver=gutenkit-blocks-addon/alert.js?ver=gutenkit-blocks-addon/animated-text.js?ver=gutenkit-blocks-addon/blockquote.js?ver=gutenkit-blocks-addon/blog-posts.js?ver=gutenkit-blocks-addon/breadcrumb.js?ver=gutenkit-blocks-addon/button-group.js?ver=gutenkit-blocks-addon/call-to-action.js?ver=gutenkit-blocks-addon/carousel.js?ver=gutenkit-blocks-addon/checkbox-list.js?ver=gutenkit-blocks-addon/circle-progress.js?ver=gutenkit-blocks-addon/clients-logo.js?ver=gutenkit-blocks-addon/countdown.js?ver=gutenkit-blocks-addon/divider.js?ver=gutenkit-blocks-addon/draggable-color-picker.js?ver=gutenkit-blocks-addon/dual-heading.js?ver=gutenkit-blocks-addon/event-schedule.js?ver=gutenkit-blocks-addon/flip-box.js?ver=gutenkit-blocks-addon/gallery.js?ver=gutenkit-blocks-addon/google-maps.js?ver=gutenkit-blocks-addon/heading-style.js?ver=gutenkit-blocks-addon/icon-box.js?ver=gutenkit-blocks-addon/image-box.js?ver=gutenkit-blocks-addon/image-comparison.js?ver=gutenkit-blocks-addon/image-hotspots.js?ver=gutenkit-blocks-addon/instagram-feed.js?ver=gutenkit-blocks-addon/label.js?ver=gutenkit-blocks-addon/layer-slider.js?ver=gutenkit-blocks-addon/list-grid.js?ver=gutenkit-blocks-addon/logo-carousel.js?ver=gutenkit-blocks-addon/mailchimp-form.js?ver=gutenkit-blocks-addon/modal-popup.js?ver=gutenkit-blocks-addon/navigation-menu.js?ver=gutenkit-blocks-addon/number-counter.js?ver=gutenkit-blocks-addon/offcanvas.js?ver=gutenkit-blocks-addon/owl-carousel.js?ver=gutenkit-blocks-addon/page-title.js?ver=gutenkit-blocks-addon/parallax-scrolling.js?ver=gutenkit-blocks-addon/post-navigation-link.js?ver=gutenkit-blocks-addon/price-box.js?ver=gutenkit-blocks-addon/price-table.js?ver=gutenkit-blocks-addon/pricing-table.js?ver=gutenkit-blocks-addon/progress-bar.js?ver=gutenkit-blocks-addon/quiz.js?ver=gutenkit-blocks-addon/range-slider.js?ver=gutenkit-blocks-addon/ratings.js?ver=gutenkit-blocks-addon/responsive-slider.js?ver=gutenkit-blocks-addon/scroll-to-top.js?ver=gutenkit-blocks-addon/section.js?ver=gutenkit-blocks-addon/services-box.js?ver=gutenkit-blocks-addon/share-buttons.js?ver=gutenkit-blocks-addon/show-hide.js?ver=gutenkit-blocks-addon/simpler-slider.js?ver=gutenkit-blocks-addon/single-post.js?ver=gutenkit-blocks-addon/slider.js?ver=gutenkit-blocks-addon/social-icons.js?ver=gutenkit-blocks-addon/star-rating.js?ver=gutenkit-blocks-addon/step-flow.js?ver=gutenkit-blocks-addon/sticky-bar.js?ver=gutenkit-blocks-addon/tabs.js?ver=gutenkit-blocks-addon/testimonial.js?ver=gutenkit-blocks-addon/timeline.js?ver=gutenkit-blocks-addon/title.js?ver=gutenkit-blocks-addon/toggle-content.js?ver=gutenkit-blocks-addon/tooltip.js?ver=gutenkit-blocks-addon/testimonial-slider.js?ver=gutenkit-blocks-addon/user-login.js?ver=gutenkit-blocks-addon/user-profile.js?ver=gutenkit-blocks-addon/video-playlist.js?ver=gutenkit-blocks-addon/video-popup.js?ver=gutenkit-blocks-addon/products.js?ver=gutenkit-blocks-addon/categories.js?ver=gutenkit-blocks-addon/cart.js?ver=gutenkit-blocks-addon/checkout.js?ver=gutenkit-blocks-addon/product-slider.js?ver=gutenkit-blocks-addon/product-grid.js?ver=gutenkit-blocks-addon/product-carousel.js?ver=gutenkit-blocks-addon/product-filter.js?ver=gutenkit-blocks-addon/product-search.js?ver=gutenkit-blocks-addon/product-recent.js?ver=gutenkit-blocks-addon/product-featured.js?ver=gutenkit-blocks-addon/product-sale.js?ver=gutenkit-blocks-addon/product-best-selling.js?ver=gutenkit-blocks-addon/product-top-rated.js?ver=gutenkit-blocks-addon/product-grouped.js?ver=gutenkit-blocks-addon/product-variable.js?ver=gutenkit-blocks-addon/product-simple.js?ver=gutenkit-blocks-addon/product-external.js?ver=gutenkit-blocks-addon/product-addon.js?ver=gutenkit-blocks-addon/add-to-cart.js?ver=gutenkit-blocks-addon/button.js?ver=gutenkit-blocks-addon/price.js?ver=gutenkit-blocks-addon/title.js?ver=gutenkit-blocks-addon/rating.js?ver=gutenkit-blocks-addon/image.js?ver=gutenkit-blocks-addon/description.js?ver=gutenkit-blocks-addon/short-description.js?ver=gutenkit-blocks-addon/sku.js?ver=gutenkit-blocks-addon/stock-status.js?ver=gutenkit-blocks-addon/weight.js?ver=gutenkit-blocks-addon/dimensions.js?ver=gutenkit-blocks-addon/upsells.js?ver=gutenkit-blocks-addon/cross-sells.js?ver=gutenkit-blocks-addon/related-products.js?ver=gutenkit-blocks-addon/reviews.js?ver=gutenkit-blocks-addon/custom-field.js?ver=gutenkit-blocks-addon/add-to-cart-button.js?ver=gutenkit-blocks-addon/variation-swatches.js?ver=gutenkit-blocks-addon/quick-view.js?ver=HTML / DOM Fingerprints
CSS Classes
gutenkit-advanced-headinggutenkit-block-icon-boxgutenkit-modal-popup-wrappergutenkit-tabs-containergutenkit-testimonial-slidergutenkit-accordion-wrapgutenkit-progress-bar-containergutenkit-animated-text-container+9 moreHTML Comments
GutenKit is a powerful blocks addon for gutenberg builder.Data Attributes
data-gutenkit-blockdata-gutenkit-typeJS Globals
GutenKitBlocksREST Endpoints
/wp-json/gutenkit/v1/media-upload-from-url/wp-json/gutenkit/v1/global-settings/wp-json/gutenkit/v1/mailchimp FAQ