Does Layoutist have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Layoutist compatible with WordPress 5.7.15?

According to WordPress.org data, Layoutist 1.0.0 has been tested up to WordPress 5.7.15. Check the plugin's changelog for the latest compatibility information.

Is Layoutist compatible with PHP 5.6+?

Layoutist requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Layoutist updated?

Layoutist was last updated on Aug 28, 2021. Frequent updates are generally a positive security signal.

What is Layoutist's security score?

Layoutist has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Layoutist Security & Risk Analysis

wordpress.org/plugins/layoutist

Free blocks for Elementor page builders.

0 active installs v1.0.0 PHP 5.6+ WP 4.7+ Updated Aug 28, 2021

blockelementortemplate

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Layoutist Safe to Use in 2026?

Generally Safe

Score 85/100

Layoutist has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The Layoutist plugin v1.0.0 demonstrates a mixed security posture. On the positive side, it has a very small attack surface, with only one AJAX handler and no shortcodes, cron events, or REST API routes. Furthermore, it has no known vulnerabilities recorded in its history, suggesting a potentially diligent development process or simply a lack of public scrutiny.

However, several concerning aspects are highlighted in the static analysis. The complete absence of output escaping is a significant weakness, potentially exposing the plugin to Cross-Site Scripting (XSS) vulnerabilities if any user-provided data is displayed without proper sanitization. While SQL queries are prepared, the lack of capability checks on the AJAX handler is also a concern, as it means any authenticated user, regardless of their role, can potentially trigger this endpoint, which could be exploited if combined with other weaknesses. The presence of file operations without further context also warrants caution.

In conclusion, while the plugin's small attack surface and lack of vulnerability history are positive indicators, the critical lack of output escaping and the absence of capability checks on its sole entry point present tangible risks. Addressing these specific issues should be a priority to improve the plugin's overall security.

Key Concerns

Missing output escaping
Missing capability checks on AJAX handler

Vulnerabilities

None known

Layoutist Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Layoutist Release Timeline

v1.0.0Current

Code Analysis

Analyzed Mar 17, 2026

Layoutist Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped2 total outputs

Attack Surface

Layoutist Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_layoutistplugin.php:136

WordPress Hooks 4

actioninitplugin.php:132

actionadmin_enqueue_scriptsplugin.php:133

actionadmin_enqueue_scriptsplugin.php:134

actionadmin_menuplugin.php:135

Maintenance & Trust

Layoutist Maintenance & Trust

Maintenance Signals

WordPress version tested5.7.15

Last updatedAug 28, 2021

PHP min version5.6

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Layoutist Alternatives

Starter Templates – AI-Powered Templates for Elementor & Gutenberg

astra-sites

The growing library of 300+ ready-to-use templates that work with all WordPress themes including Astra, Hello, OceanWP, GeneratePress and more

2.0M 7 CVEs

WDesignKit – Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder

wdesignkit

3000+ Elementor Templates, Gutenberg Templates, Widgets Builder for Elementor, Gutenberg & Bricks, Cloud Workspace & Figma Files, 160+ Widgets Library

30K 3 CVEs

Responsive Plus – Elementor Templates & Starter Sites

responsive-add-ons

Import free and pro Gutenberg and Elementor Templates for the Responsive WordPress theme.

10K 9 CVEs

Noor Starter Templates

noor-starter-templates

Easily create a stunning, high-performing website with just a few clicks.

100 No CVEs

Snap Blocks

snap-blocks

100

Create and manage repeatable content blocks with Elementor or WPBakery. Insert them via shortcode or widget. Flexible and easy to use.

20 No CVEs

Developer Profile

Layoutist Developer Profile

WPizard

4 plugins · 0 total installs

trust score

Avg Security Score

89/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Layoutist

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

FAQ