Multisite Shared Blocks Security & Risk Analysis

wordpress.org/plugins/multisite-shared-blocks

Share blocks between network's sites.

0 active installs v1.2.0 PHP 7.2+ WP 5.9+ Updated Sep 17, 2025
blockgutenbergmultisitenetworkshare
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Safety Verdict

Is Multisite Shared Blocks Safe to Use in 2026?

Generally Safe

Score 100/100

Multisite Shared Blocks has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9mo ago
Risk Assessment

The multisite-shared-blocks plugin version 1.2.0 demonstrates a generally good security posture due to its limited attack surface and the exclusive use of prepared statements for its SQL queries. The presence of nonce and capability checks, along with a high percentage of properly escaped output, further strengthens its defenses against common web vulnerabilities.

However, the taint analysis reveals two flows with unsanitized paths, flagged as high severity. While the plugin's attack surface is currently zero in terms of direct entry points like AJAX, REST API, or shortcodes, these unsanitized paths represent potential vectors for malicious input manipulation if any indirect entry points exist or are introduced in future versions. The plugin also makes one external HTTP request, which, while not inherently a vulnerability, should be monitored for potential issues related to the target service.

Given the complete absence of recorded vulnerabilities (CVEs), this plugin appears to have a history of being secure. The combination of strong internal coding practices and a clean vulnerability history is positive. Nevertheless, the high-severity taint flows warrant attention as they represent the most significant immediate risk identified in this analysis, despite the absence of a public exploit history.

Key Concerns

  • High severity taint flow with unsanitized path
  • High severity taint flow with unsanitized path
  • External HTTP request present
Vulnerabilities
None known

Multisite Shared Blocks Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Multisite Shared Blocks Release Timeline

v1.2.0Current
v1.1.1
v1.1.0
v1.0.1
Code Analysis
Analyzed Apr 16, 2026

Multisite Shared Blocks Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
14 prepared
Unescaped Output
4
35 escaped
Nonce Checks
1
Capability Checks
4
File Operations
0
External Requests
1
Bundled Libraries
0

SQL Query Safety

100% prepared14 total queries

Output Escaping

90% escaped39 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
handle_flush_action (includes/Admin/Main.php:31)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Multisite Shared Blocks Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 16
actionadmin_initincludes/Admin/Main.php:20
actionadmin_menuincludes/Admin/Main.php:21
actioninitincludes/Blocks/SharedBlock.php:23
filterwp_kses_allowed_htmlincludes/Blocks/SharedBlock.php:150
filterregister_block_type_argsincludes/Gutenberg/SharedBlocksAttributes.php:23
actioninitincludes/Gutenberg/SharedBlocksAttributes.php:24
actionenqueue_block_editor_assetsincludes/Gutenberg/SharedBlocksAttributes.php:25
actiontransition_post_statusincludes/Listener.php:18
actiondeleted_postincludes/Listener.php:19
actionwp_loadedincludes/Preview.php:18
filterpre_render_blockincludes/Rest/RenderBlockRestController.php:326
actionrest_api_initincludes/Rest/Rest.php:20
actionadmin_initmultisite-shared-blocks.php:45
actionplugins_loadedmultisite-shared-blocks.php:52
actionadmin_noticesmultisite-shared-blocks.php:93
filterwp_kses_allowed_htmlviews/preview.php:46
Maintenance & Trust

Multisite Shared Blocks Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8
Last updatedSep 17, 2025
PHP min version7.2
Downloads3K

Community Trust

Rating40/100
Number of ratings1
Active installs0
Developer Profile

Multisite Shared Blocks Developer Profile

petitphp

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Multisite Shared Blocks

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/multisite-shared-blocks/build/blocks/shared-block/index.js/wp-content/plugins/multisite-shared-blocks/build/blocks/shared-block/index.css
Script Paths
/wp-content/plugins/multisite-shared-blocks/build/blocks/shared-block/index.js
Version Parameters
multisite-shared-blocks/build/blocks/shared-block/index.js?ver=multisite-shared-blocks/build/blocks/shared-block/index.css?ver=

HTML / DOM Fingerprints

CSS Classes
wp-block-beapi-multisite-shared-blocks-shared-block
Data Attributes
data-site-iddata-post-iddata-block-iddata-display
JS Globals
multisiteSharedBlocksEditorData
FAQ

Frequently Asked Questions about Multisite Shared Blocks