Does Gutenverse Companion have any unpatched vulnerabilities?

No. All known vulnerabilities in Gutenverse Companion have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Gutenverse Companion compatible with WordPress 6.7.5?

According to WordPress.org data, Gutenverse Companion 2.1.8 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Gutenverse Companion compatible with PHP 7.0+?

Gutenverse Companion requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Gutenverse Companion updated?

Gutenverse Companion was last updated on Mar 13, 2026. Frequent updates are generally a positive security signal.

What is Gutenverse Companion's security score?

Gutenverse Companion has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Gutenverse Companion Security & Risk Analysis

wordpress.org/plugins/gutenverse-companion

Companion plugin for Gutenverse base themes

6K active installs v2.1.8 PHP 7.0+ WP + Updated Mar 13, 2026

basicblockeditortemplatethemes

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Gutenverse Companion Safe to Use in 2026?

Generally Safe

Score 100/100

Gutenverse Companion has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 22d ago

Risk Assessment

The plugin "gutenverse-companion" v2.1.8 exhibits a mixed security posture. On the positive side, the code demonstrates strong practices in its SQL querying, exclusively using prepared statements, and all identified output operations are properly escaped. Furthermore, the plugin has no recorded vulnerability history, suggesting a generally stable codebase.

However, significant concerns arise from the attack surface. All three identified entry points – two AJAX handlers and one REST API route – lack proper authentication or permission checks. This presents a considerable risk, as any unauthenticated user could potentially interact with these endpoints and trigger unintended or malicious actions. The presence of one flow with an unsanitized path in the taint analysis, while not classified as critical or high, still warrants attention as it indicates a potential avenue for path traversal or similar vulnerabilities.

In conclusion, while the plugin benefits from secure data handling practices and a clean vulnerability history, the lack of access control on its entry points is a critical weakness. The presence of an unsanitized path also adds to the risk. These issues, if exploited, could lead to unauthorized access or data manipulation, overriding the strengths in other security aspects.

Key Concerns

AJAX handlers without auth checks
REST API routes without permission callbacks
Flows with unsanitized paths
No nonce checks on AJAX handlers

Vulnerabilities

None known

Gutenverse Companion Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Gutenverse Companion Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

35 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped35 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths

save_site_settings (includes\class-api.php:460)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

Gutenverse Companion Attack Surface

Entry Points3

Unprotected3

AJAX Handlers 2

authwp_ajax_gutenverse_companion_notice_closeincludes\class-init.php:217

authwp_ajax_gutenverse_unibiz_dismiss_promotion_noticeincludes\class-init.php:218

REST API Routes 1

POST/wp-json/gutenverse-essence/v1/gutenverse-essence-proxyincludes\essential\class-api.php:32

WordPress Hooks 48

actionadmin_enqueue_scriptsincludes\class-dashboard.php:41

actionenqueue_block_editor_assetsincludes\class-dashboard.php:42

actionadmin_menuincludes\class-dashboard.php:44

actionadmin_menuincludes\class-dashboard.php:45

filtersubmenu_fileincludes\class-dashboard.php:46

filteradmin_titleincludes\class-dashboard.php:47

actionadmin_initincludes\class-dashboard.php:59

actionrest_api_initincludes\class-init.php:92

actionafter_setup_themeincludes\class-init.php:93

actioninitincludes\class-init.php:94

actioninitincludes\class-init.php:95

actionadmin_enqueue_scriptsincludes\class-init.php:96

actionwp_enqueue_scriptsincludes\class-init.php:97

filtergutenverse_themes_override_mechanismincludes\class-init.php:209

filtergutenverse_template_pathincludes\class-init.php:211

filtergutenverse_themes_templateincludes\class-init.php:212

filtergutenverse_themes_override_mechanismincludes\class-init.php:213

filtergutenverse_stylesheet_directoryincludes\class-init.php:215

actionadmin_enqueue_scriptsincludes\class-init.php:216

actionrest_api_initincludes\essential\class-api.php:25

actiongutenverse_include_frontendincludes\essential\class-assets.php:26

actiongutenverse_include_blockincludes\essential\class-assets.php:28

filtergutenverse_block_configincludes\essential\class-assets.php:29

filtergutenverse_dashboard_configincludes\essential\class-assets.php:30

actioninitincludes\essential\class-blocks.php:22

actiongutenverse_after_init_frameworkincludes\essential\class-init.php:94

filtergutenverse_dashboard_configincludes\essential\class-init.php:95

actiongutenverse_custom_font_proincludes\essential\class-style-generator.php:27

actiongutenverse_generated_styleincludes\essential\class-style-generator.php:28

actiongutenverse_generated_styleincludes\essential\class-style-generator.php:29

actiongutenverse_generated_styleincludes\essential\class-style-generator.php:30

actiongutenverse_generated_styleincludes\essential\class-style-generator.php:31

actiongutenverse_section_styleincludes\essential\class-style-generator.php:32

actiongutenverse_column_styleincludes\essential\class-style-generator.php:33

actiongutenverse_form_builder_styleincludes\essential\class-style-generator.php:34

filtergutenverse_block_style_instanceincludes\essential\class-style-generator.php:35

actionrest_api_initincludes\gutenverse-theme\class-gutenverse-theme.php:40

actionadmin_menuincludes\gutenverse-theme\class-gutenverse-theme.php:41

actionadmin_initincludes\gutenverse-theme\class-gutenverse-theme.php:42

actionadmin_enqueue_scriptsincludes\gutenverse-theme\class-gutenverse-theme.php:43

actionadmin_menuincludes\gutenverse-theme\class-gutenverse-theme.php:44

filterwp_theme_json_data_themeincludes\gutenverse-theme\class-gutenverse-theme.php:47

actionwp_enqueue_scriptsincludes\gutenverse-theme\class-gutenverse-theme.php:48

actionrest_api_initincludes\lite-plus\class-lite-plus-theme.php:47

actionadmin_menuincludes\lite-plus\class-lite-plus-theme.php:48

actionadmin_menuincludes\lite-plus\class-lite-plus-theme.php:49

actionadmin_initincludes\lite-plus\class-lite-plus-theme.php:50

actionadmin_enqueue_scriptsincludes\lite-plus\class-lite-plus-theme.php:51

Maintenance & Trust

Gutenverse Companion Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedMar 13, 2026

PHP min version7.0

Downloads44K

Community Trust

Rating0/100

Number of ratings0

Active installs6K

Alternatives

Gutenverse Companion Alternatives

FSE Themes Builder

gutenverse-themes-builder

100

Begin creating your theme effortlessly, with no coding required.

100 No CVEs

Starter Templates – AI-Powered Templates for Elementor & Gutenberg

astra-sites

The growing library of 300+ ready-to-use templates that work with all WordPress themes including Astra, Hello, OceanWP, GeneratePress and more

2.0M 7 CVEs

Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns

essential-blocks

Gutenberg block editor with AI. 70+ Gutenberg blocks, patterns, WooCommerce blocks, post grid, gallery, menu with Gutenberg block library.

200K 28 CVEs

Genesis Custom Blocks

genesis-custom-blocks

100

Custom blocks for WordPress made easy.

10K No CVEs

Better Block Editor (BBE)

better-block-editor

100

Better Block Editor (BBE) — responsive layout controls, on-scroll animations, and pre-made site templates for Block Editor.

4K No CVEs

Developer Profile

Gutenverse Companion Developer Profile

Jegstudio

6 plugins · 57K total installs

trust score

Avg Security Score

98/100

Avg Patch Time

27 days

View full developer profile

Detection Fingerprints

How We Detect Gutenverse Companion

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/gutenverse-companion/assets/css/companion.css/wp-content/plugins/gutenverse-companion/assets/js/companion.js

Script Paths

/wp-content/plugins/gutenverse-companion/lib/dependencies/companion.asset.php

Version Parameters

gutenverse-companion/assets/css/companion.css?ver=gutenverse-companion/assets/js/companion.js?ver=

HTML / DOM Fingerprints

CSS Classes

gutenverse-companion-dashboard

Data Attributes

data-gutenverse-componentdata-gutenverse-type

JS Globals

GutenverseRootConfigGutenverseCompanionConfig

REST Endpoints

/wp-json/gutenverse-server/v1/wp-json/gutenverse-banner/v1/unibizdata

FAQ