Does core plugin for kitestudio themes have any unpatched vulnerabilities?

No. All known vulnerabilities in core plugin for kitestudio themes have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is core plugin for kitestudio themes compatible with WordPress 6.8.5?

According to WordPress.org data, core plugin for kitestudio themes 2.9.3 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is core plugin for kitestudio themes compatible with PHP 7.4+?

core plugin for kitestudio themes requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is core plugin for kitestudio themes updated?

core plugin for kitestudio themes was last updated on Sep 2, 2025. Frequent updates are generally a positive security signal.

What is core plugin for kitestudio themes's security score?

core plugin for kitestudio themes has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

core plugin for kitestudio themes Security Review

Safety Verdict

Is core plugin for kitestudio themes Safe to Use in 2026?

Generally Safe

Score 100/100

core plugin for kitestudio themes has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jun 2, 2022Updated 7mo ago

Risk Assessment

The kitestudio-core plugin v2.9.3 exhibits a generally strong security posture, with excellent adherence to best practices like output escaping and prepared statements. The static analysis reveals a well-controlled attack surface, with all identified entry points protected by authentication checks. Furthermore, the absence of critical or high-severity taint flows is a positive indicator, suggesting that sensitive data is handled with care within the codebase.

However, the presence of 12 unsanitized path flows, while not flagged as critical or high severity in this analysis, represents a potential area for concern. This indicates that file paths might be constructed in a way that could be manipulated by attackers, potentially leading to unintended file access or execution. The plugin's vulnerability history, which includes a past medium-severity Cross-Site Scripting (XSS) vulnerability, also warrants attention. While this vulnerability is currently patched, it highlights a past weakness in input sanitization that should be monitored for recurrence.

In conclusion, kitestudio-core v2.9.3 demonstrates a solid foundation of security practices. The developer's commitment to output escaping and prepared statements is commendable. The primary areas for continued vigilance are the unsanitized path flows and the potential for similar input-related vulnerabilities to emerge, especially given the past XSS issue.

Key Concerns

Unsanitized paths found in taint analysis
Past medium XSS vulnerability

Vulnerabilities

1

core plugin for kitestudio themes Security Vulnerabilities

CVEs by Year

1 CVE in 2022

2022

Patched Has unpatched

Severity Breakdown

Medium

1

1 total CVE

CVE-2022-1951medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

core plugin for kitestudio themes <= 2.2.1 - Reflected Cross-Site Scripting

Jun 2, 2022 Patched in 2.3.1 (600d)

Code Analysis

Analyzed Mar 16, 2026

core plugin for kitestudio themes Code Analysis

Dangerous Functions

0

Raw SQL Queries

2

3 prepared

Unescaped Output

199

1959 escaped

Nonce Checks

6

Capability Checks

1

File Operations

4

External Requests

7

Bundled Libraries

0

SQL Query Safety

60% prepared5 total queries

Output Escaping

91% escaped2158 total outputs

Data Flows

12 unsanitized

Data Flow Analysis

18 flows12 with unsanitized paths

template_library_page (includes\classes\class-kt-core-dashboard.php:515)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

core plugin for kitestudio themes Attack Surface

Entry Points50

Unprotected0

AJAX Handlers 8

authwp_ajax_search_kite_photosincludes\classes\class-kt-core-media.php:49

authwp_ajax_download_mediaincludes\classes\class-kt-core-media.php:50

authwp_ajax_fetch_woocommerce_shortcode_domincludes\elements\shortcodes\woocommerce\ajax-products-tab.php:224

noprivwp_ajax_fetch_woocommerce_shortcode_domincludes\elements\shortcodes\woocommerce\ajax-products-tab.php:225

authwp_ajax_fetch_woocommerce_products_loopincludes\elements\shortcodes\woocommerce\product-loop.php:361

noprivwp_ajax_fetch_woocommerce_products_loopincludes\elements\shortcodes\woocommerce\product-loop.php:362

authwp_ajax_change_attribute_display_typeincludes\widgets\widget-advanced-layered-nav.php:29

noprivwp_ajax_change_attribute_display_typeincludes\widgets\widget-advanced-layered-nav.php:30

Shortcodes 42

[vc_separator] includes\shortcodes.php:33

[vc_text_separator] includes\shortcodes.php:36

[team_member] includes\shortcodes.php:39

[testimonial] includes\shortcodes.php:42

[testimonial_item] includes\shortcodes.php:45

[piechart] includes\shortcodes.php:48

[progressbar] includes\shortcodes.php:51

[socialIcon] includes\shortcodes.php:54

[socialLink] includes\shortcodes.php:57

[textbox] includes\shortcodes.php:60

[custom_title] includes\shortcodes.php:63

[imagebox] includes\shortcodes.php:66

[animatedtext] includes\shortcodes.php:69

[banner] includes\shortcodes.php:72

[modernBanner] includes\shortcodes.php:75

[iconbox_custom] includes\shortcodes.php:78

[iconbox_top_noborder] includes\shortcodes.php:81

[iconbox_rectangle] includes\shortcodes.php:84

[iconbox_circle] includes\shortcodes.php:87

[iconbox_left] includes\shortcodes.php:90

[countdown] includes\shortcodes.php:93

[conterbox] includes\shortcodes.php:96

[embed_video] includes\shortcodes.php:99

[audio_soundcloud] includes\shortcodes.php:102

[button] includes\shortcodes.php:105

[vc_toggle] includes\shortcodes.php:108

[image_carousel] includes\shortcodes.php:111

[showcase] includes\shortcodes.php:114

[showcase_item] includes\shortcodes.php:117

[kt_newsletter] includes\shortcodes.php:120

[kt_newsletter_3] includes\shortcodes.php:121

[kt_newsletter_mailchimp] includes\shortcodes.php:122

[kt_instagram] includes\shortcodes.php:125

[kt_masonry_blog] includes\shortcodes.php:128

[woocommerce_products] includes\shortcodes.php:131

[woocommerce_products_ajax] includes\shortcodes.php:132

[ajax_products_tab] includes\shortcodes.php:134

[product] includes\shortcodes.php:160

[products] includes\shortcodes.php:161

[product_attribute] includes\shortcodes.php:162

[product_categories] includes\shortcodes.php:163

[product_page] includes\shortcodes.php:164

WordPress Hooks 88

actionkite_wc_register_taxonomy_before_importadmin\class-kt-core-admin.php:57

filterimage_resize_dimensionsincludes\aq_resizer.php:82

actionplugins_loadedincludes\class-kt-core.php:222

actionadmin_initincludes\class-kt-core.php:237

actionadmin_enqueue_scriptsincludes\class-kt-core.php:238

actionadmin_enqueue_scriptsincludes\class-kt-core.php:239

actionwp_enqueue_mediaincludes\class-kt-core.php:240

actionelementor/editor/after_enqueue_scriptsincludes\class-kt-core.php:241

actionadmin_noticesincludes\class-kt-core.php:242

actionadmin_noticesincludes\class-kt-core.php:243

actionafter_setup_themeincludes\class-kt-core.php:245

actionwp_enqueue_scriptsincludes\class-kt-core.php:259

actionwp_enqueue_scriptsincludes\class-kt-core.php:260

actioninitincludes\class-kt-core.php:261

actionadmin_menuincludes\classes\class-kt-core-dashboard.php:38

actionadmin_headincludes\classes\class-kt-core-dashboard.php:39

filtermedia_upload_tabsincludes\classes\class-kt-core-media.php:47

actionmedia_upload_kite_mediaincludes\classes\class-kt-core-media.php:48

actionimport_post_metaincludes\classes\class-kt-demo-installer.php:22

filterhttp_request_timeoutincludes\classes\class-kt-demo-installer.php:36

actionimport_startincludes\classes\class-kt-import.php:20

filterintermediate_image_sizes_advancedincludes\classes\class-kt-import.php:22

actionimport_startincludes\classes\class-kt-import.php:24

actionwp_import_insert_postincludes\classes\class-kt-import.php:25

actionimport_endincludes\classes\class-kt-import.php:26

filterwp_import_post_data_processedincludes\classes\class-kt-import.php:27

actionattachment_updatedincludes\classes\class-kt-import.php:36

actionadd_attachmentincludes\classes\class-kt-import.php:37

filterhttp_request_timeoutincludes\classes\class-kt-import.php:107

actioninitincludes\classes\class-kt-instagram-api.php:40

actioninitincludes\classes\class-kt-register-post-type.php:10

actionadd_meta_boxesincludes\classes\class-kt-register-post-type.php:12

actionadmin_print_scripts-post-new.phpincludes\classes\class-kt-register-post-type.php:13

actionadmin_print_scripts-post.phpincludes\classes\class-kt-register-post-type.php:14

actionsave_postincludes\classes\class-kt-register-post-type.php:17

actionwidgets_initincludes\classes\class-kt-register-widgets.php:32

actionadmin_enqueue_scriptsincludes\classes\class-kt-woocommerce.php:43

filterwpml_elementor_widgets_to_translateincludes\compatibility\compatibility.php:305

actioninitincludes\compatibility\compatibility.php:307

filteryith_woocompare_filter_table_fieldsincludes\compatibility\compatibility.php:319

actioninitincludes\deprecated.php:2

actionelementor/elements/categories_registeredincludes\elementor\handler.php:39

actionelementor/widgets/registerincludes\elementor\handler.php:42

actionelementor/widgets/widgets_registeredincludes\elementor\handler.php:44

filterelementor/fonts/additional_fontsincludes\elementor\handler.php:47

filterelementor/icons_manager/additional_tabsincludes\elementor\handler.php:48

actionelementor/element/after_section_endincludes\elementor\handler.php:49

actionelementor/theme/register_locationsincludes\elementor\handler.php:52

filtersingle_templateincludes\elementor\handler.php:55

actionelementor/documents/registerincludes\elementor\handler.php:56

actionelementor/element/parse_cssincludes\elementor\handler.php:58

actionelementor/element/before_section_endincludes\elementor\handler.php:61

actionwoocommerce_shop_loop_item_titleincludes\elements\shortcodes\woocommerce\product-loop.php:99

filterposts_clausesincludes\elements\shortcodes\woocommerce\products.php:215

actionquick_view_product_summaryincludes\functions.php:66

actionquick_view_product_summaryincludes\functions.php:68

actionadd_meta_boxesincludes\general-hooks.php:10

actionadmin_initincludes\general-hooks.php:28

actioninitincludes\general-hooks.php:42

actionvc_base_register_front_jsincludes\general-hooks.php:51

actionvc_load_iframe_jscssincludes\general-hooks.php:56

actionelementor/editor/after_enqueue_scriptsincludes\general-hooks.php:61

actionelementor/frontend/after_register_scriptsincludes\general-hooks.php:67

actionkite_social_share_buttonsincludes\general-hooks.php:81

actionkite_top_rated_product_loopincludes\general-hooks.php:87

actionadmin_menuincludes\general-hooks.php:102

actionadd_meta_boxesincludes\general-hooks.php:103

filterkite_theme_neccessary_pluginsincludes\general-hooks.php:173

actionkite_before_ajax_search_items_loopincludes\general-hooks.php:178

filterwoocommerce_format_price_rangeincludes\general-hooks.php:180

actionkite_after_ajax_search_items_loopincludes\general-hooks.php:182

filterwp_titleincludes\general-hooks.php:223

actionupload_mimesincludes\general-hooks.php:240

filterwp_prepare_attachment_for_jsincludes\general-hooks.php:274

filterwoocommerce_get_item_dataincludes\general-hooks.php:303

actionmc4wp_output_formincludes\general-hooks.php:317

actionbefore_woocommerce_initincludes\general-hooks.php:331

actionadmin_initincludes\shortcodes.php:30

actioninitincludes\shortcodes.php:167

actionwp_footerincludes\shortcodes.php:188

actionload-widgets.phpincludes\widgets\widget-advanced-layered-nav.php:26

actionload-widgets.phpincludes\widgets\widget-instagram.php:16

actionwp_enqueue_scriptsincludes\widgets\widget-progress.php:12

actionload-widgets.phpincludes\widgets\widget-video.php:14

actionpre_get_postsincludes\widgets\widget-woocommerce-in-stock-filter.php:33

actionpre_get_postsincludes\widgets\widget-woocommerce-on-sale-filter.php:33

filterwoocommerce_widget_get_current_page_urlincludes\widgets\widget-woocommerce-rating-filter.php:30

filterwidget_textpublic\class-kt-core-public.php:56

Maintenance & Trust

core plugin for kitestudio themes Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedSep 2, 2025

PHP min version7.4

Downloads56K

Community Trust

Rating0/100

Number of ratings0

Active installs600

Alternatives

core plugin for kitestudio themes Alternatives

EXMAGE – WordPress Image Links

exmage-wp-image-links

A

99

Add images using external links - Save your storage with EXMAGE effortlessly

7K 1 CVE

Stax Addons for WooCommerce and Elementor

stax-woo-addons-for-elementor

A

100

Lightweight WooCommerce widgets for Elementor — product grids, image galleries, and more. Fast, modular, zero bloat.

100 No CVEs

Advanced Gallery Fields

advanced-gallery-fields

A

100

Add beautiful, customizable gallery fields to your posts and pages with full Elementor integration.

50 No CVEs

Essential Addons for Elementor – Popular Elementor Templates & Widgets

essential-addons-for-elementor-lite

B

76

Elementor addon offering 110+ widgets and templates — Elementor Gallery, Slider, Form, Post Grid, Menu, Accordion, WooCommerce & more.

2.0M 56 CVEs

Social Feed Gallery

insta-gallery

A

95

Formerly known as "Instagram Feed", this is the best plugin for displaying Instagram feeds on WordPress. It also supports Instagram reels.

90K 3 CVEs

Developer Profile

core plugin for kitestudio themes Developer Profile

kitestudio

2 plugins · 610 total installs

79

trust score

Avg Security Score

100/100

Avg Patch Time

600 days

View full developer profile

Detection Fingerprints

How We Detect core plugin for kitestudio themes

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/kitestudio-core/admin/css/iziModal.min.css/wp-content/plugins/kitestudio-core/admin/css/iziToast.min.css/wp-content/plugins/kitestudio-core/admin/css/kt-core-admin.css/wp-content/plugins/kitestudio-core/admin/js/iziModal.min.js/wp-content/plugins/kitestudio-core/admin/js/iziToast.min.js/wp-content/plugins/kitestudio-core/admin/js/kt-core-admin.js/wp-content/plugins/kitestudio-core/admin/js/media-refresh.js/wp-content/plugins/kitestudio-core/admin/js/editor.js

Script Paths

/wp-content/plugins/kitestudio-core/admin/js/kt-core-admin.js/wp-content/plugins/kitestudio-core/admin/js/media-refresh.js/wp-content/plugins/kitestudio-core/admin/js/editor.js

Version Parameters

kitestudio-core/admin/css/kt-core-admin.css?ver=kitestudio-core/admin/js/kt-core-admin.js?ver=kitestudio-core/admin/js/media-refresh.js?ver=kitestudio-core/admin/js/editor.js?ver=

HTML / DOM Fingerprints

CSS Classes

kt-admin-wrapperkt-admin-sectionkt-admin-titlekt-import-wrapper

HTML Comments

The code that runs during plugin activation.The code that runs during plugin deactivation.The core plugin class that is used to define internationalization,Since everything within the plugin is registered via hooks,+10 more

Data Attributes

data-kt-text-aligndata-kt-padding-topdata-kt-padding-bottomdata-kt-margin-topdata-kt-margin-bottomdata-kt-display+24 more

JS Globals

kitestudio_vars

Shortcode Output

[kt_testimonials[/kt_testimonials][kt_blog_posts[/kt_blog_posts]

FAQ

core plugin for kitestudio themes Security & Risk Analysis