Does MIR blocks and shortcodes have any unpatched vulnerabilities?

No. All known vulnerabilities in MIR blocks and shortcodes have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is MIR blocks and shortcodes compatible with WordPress 5.2.24?

According to WordPress.org data, MIR blocks and shortcodes 1.0.0 has been tested up to WordPress 5.2.24. Check the plugin's changelog for the latest compatibility information.

How often is MIR blocks and shortcodes updated?

MIR blocks and shortcodes was last updated on Sep 6, 2019. Frequent updates are generally a positive security signal.

What is MIR blocks and shortcodes's security score?

MIR blocks and shortcodes has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

MIR blocks and shortcodes Security & Risk Analysis

wordpress.org/plugins/mir-blocks-and-shortcodes

It's a block / shortcode toolbox which makes your wordpress live much easier.

0 active installs v1.0.0 PHP + WP 5.1+ Updated Sep 6, 2019

blockblocksshortcodeshortcodestools

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is MIR blocks and shortcodes Safe to Use in 2026?

Generally Safe

Score 85/100

MIR blocks and shortcodes has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago

Risk Assessment

The "mir-blocks-and-shortcodes" v1.0.0 plugin exhibits a very strong initial security posture based on the provided static analysis. The complete absence of dangerous functions, raw SQL queries, unescaped output, file operations, and external HTTP requests is highly commendable. The use of prepared statements for all SQL queries further strengthens this, indicating robust data handling practices. Furthermore, the lack of any recorded vulnerabilities in its history suggests a commitment to security or a lack of past issues, which is generally positive.

However, the static analysis reveals a significant area of concern: the complete absence of nonce checks and capability checks across all entry points, which total seven shortcodes. While there are no AJAX handlers or REST API routes to assess for authentication bypass, the unprotected shortcodes represent a potential attack vector. If these shortcodes handle any user-supplied input or perform actions that could be exploited, the lack of proper authorization checks could lead to unauthorized execution of functionality, particularly if the shortcodes themselves become the target of input manipulation.

In conclusion, while the code quality regarding data handling and sanitization appears excellent, the omission of essential security checks like nonces and capability checks on its shortcodes presents a tangible risk. This oversight, despite an otherwise clean history and code analysis, necessitates careful consideration. The plugin's strengths lie in its secure coding practices for data manipulation, but its weakness lies in the lack of robust authorization for its core functionalities.

Key Concerns

Missing nonce checks on shortcodes
Missing capability checks on shortcodes

Vulnerabilities

None known

MIR blocks and shortcodes Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

MIR blocks and shortcodes Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

MIR blocks and shortcodes Attack Surface

Entry Points7

Unprotected0

Shortcodes 7

[msc_accordion] frontend-templates\function\msc-accordion-tab.php:15

[msc_accordion] frontend-templates\function\msc-accordion.php:16

[msc_presentation_box_1] frontend-templates\function\msc-presentation-box-1.php:24

[msc_presentation_box_2] frontend-templates\function\msc-presentation-box-2.php:39

[msc_progress_bar] frontend-templates\function\msc-progress-bar.php:18

[msc_rotating_icon_circle] frontend-templates\function\msc-rotating-icon-circle.php:20

[msc_stats] frontend-templates\function\msc-stats.php:25

WordPress Hooks 14

actioninitfrontend-templates\function\msc-accordion-tab.php:70

actioninitfrontend-templates\function\msc-accordion.php:115

filterwidget_textfrontend-templates\function\msc-general.php:2

filterblock_categoriesfrontend-templates\function\msc-general.php:3

actionwp_enqueue_scriptsfrontend-templates\function\msc-general.php:43

actionenqueue_block_editor_assetsfrontend-templates\function\msc-general.php:55

actioninitfrontend-templates\function\msc-presentation-box-1.php:145

actioninitfrontend-templates\function\msc-presentation-box-2.php:261

actioninitfrontend-templates\function\msc-progress-bar.php:99

actioninitfrontend-templates\function\msc-rotating-icon-circle.php:99

actioninitfrontend-templates\function\msc-stats.php:127

filteradmin_footer_textinc\Base\BaseController.php:17

filterupdate_footerinc\Base\BaseController.php:18

actionplugins_loadedinc\Base\BaseController.php:19

Maintenance & Trust

MIR blocks and shortcodes Maintenance & Trust

Maintenance Signals

WordPress version tested5.2.24

Last updatedSep 6, 2019

PHP min version

Downloads982

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

MIR blocks and shortcodes Alternatives

oik

Over 80 advanced, powerful shortcodes, and 9 blocks for displaying the content of your WordPress website.

2K 7 CVEs

Uix Shortcodes

uix-shortcodes

Uix Shortcodes brings an amazing set of beautiful and useful elements to your site that lets you do nifty things with very little effort.

400 3 CVEs

Dev Content Blocks

dev-content-blocks

Content blocks for global content, with revisions. Use HTML without formatting being broken. Not only for devs.

300 No CVEs

oik-css

Allows internal CSS styling to be included in the content of the page.

10 No CVEs

Saiy2k Nostr Components

saiy2k-nostr-components

100

Gutenberg blocks and shortcodes for Nostr web components. Display Nostr zap buttons, follow buttons, posts, profiles.

0 No CVEs

Developer Profile

MIR blocks and shortcodes Developer Profile

Daniel Ehrenhofer

1 plugin · 0 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect MIR blocks and shortcodes

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/mir-blocks-and-shortcodes/frontend-templates/assets/css/animate.min.css/wp-content/plugins/mir-blocks-and-shortcodes/frontend-templates/assets/css/msc_style.css/wp-content/plugins/mir-blocks-and-shortcodes/frontend-templates/assets/js/popper.min.js/wp-content/plugins/mir-blocks-and-shortcodes/frontend-templates/assets/js/bootstrap.js/wp-content/plugins/mir-blocks-and-shortcodes/frontend-templates/assets/js/msc_scripts.js/wp-content/plugins/mir-blocks-and-shortcodes/assets/css/msc_block_style.css/wp-content/plugins/mir-blocks-and-shortcodes/assets/css/msc_block_style.css/wp-content/plugins/mir-blocks-and-shortcodes/frontend-templates/assets/css/msc_style.css+1 more

Script Paths

/wp-content/plugins/mir-blocks-and-shortcodes/frontend-templates/assets/js/popper.min.js/wp-content/plugins/mir-blocks-and-shortcodes/frontend-templates/assets/js/bootstrap.js/wp-content/plugins/mir-blocks-and-shortcodes/frontend-templates/assets/js/msc_scripts.js/wp-content/plugins/mir-blocks-and-shortcodes/frontend-templates/assets/js/msc_scripts.js

HTML / DOM Fingerprints

CSS Classes

msc-content-areamsc-inner-contentcenterBlockac-containerac-custom

HTML Comments

msc-inner-content msc-content-area

Data Attributes

data-block="mir-blocks-and-shortcodes/msc-accordion-tab"

JS Globals

msc_parameters

Shortcode Output

<section class="msc-content-area">
    				<div class="msc-inner-content">

</div><!-- msc-inner-content -->
						</section><!-- msc-content-area -->

<div class="centerBlock"></div>

FAQ