WP-Safety

Pattern Wrangler – Manage Block Patterns and Pattern Categories Security & Risk Analysis

wordpress.org/plugins/pattern-wrangler

Curate and manage your block patterns, registered patterns, synced patterns, and pattern categories efficiently with Pattern Wrangler.

300 active installs v2.3.1 PHP 7.2+ WP 6.8+ Updated Mar 8, 2026
block-patternspatternpattern-builderpatternssynced-patterns
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Pattern Wrangler – Manage Block Patterns and Pattern Categories Safe to Use in 2026?

Generally Safe

Score 100/100

Pattern Wrangler – Manage Block Patterns and Pattern Categories has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 26d ago
Risk Assessment

The 'pattern-wrangler' plugin version 2.3.5 exhibits a generally good security posture, with several positive indicators such as the absence of dangerous functions, all SQL queries using prepared statements, and a very high percentage of properly escaped outputs. The plugin also demonstrates a strong adherence to WordPress security best practices with a significant number of nonce and capability checks. The vulnerability history being completely clear is another positive sign, suggesting a history of responsible development.

However, there are notable concerns within the attack surface. Specifically, 2 out of 17 REST API routes lack permission callbacks. While the static analysis did not reveal any critical or high-severity taint flows, these unprotected REST API endpoints represent potential entry points for attackers to exploit if vulnerabilities exist in their underlying logic. The absence of any recorded vulnerabilities in the plugin's history is encouraging, but it is crucial to remember that past security performance does not guarantee future immunity. Therefore, while the plugin has strong fundamental security practices, the unprotected REST API endpoints introduce a specific area of risk that warrants attention and mitigation.

Key Concerns

  • REST API routes without permission callbacks
Vulnerabilities
None known

Pattern Wrangler – Manage Block Patterns and Pattern Categories Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Pattern Wrangler – Manage Block Patterns and Pattern Categories Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
1 prepared
Unescaped Output
3
168 escaped
Nonce Checks
26
Capability Checks
61
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared1 total queries

Output Escaping

98% escaped171 total outputs
Attack Surface
2 unprotected

Pattern Wrangler – Manage Block Patterns and Pattern Categories Attack Surface

Entry Points24
Unprotected2

AJAX Handlers 6

authwp_ajax_dlx_pw_save_optionsphp\Admin.php:35
authwp_ajax_dlx_pw_save_network_settingsphp\Admin.php:38
authwp_ajax_dlx_pw_reset_optionsphp\Admin.php:41
authwp_ajax_dlx_pw_reset_network_settingsphp\Admin.php:44
authwp_ajax_dlx_pw_dismiss_ratings_nagphp\Admin.php:47
authwp_ajax_dlxpw_pattern_previewphp\Preview.php:41

REST API Routes 17

POST/wp-json/dlxplugins/pattern-wrangler/v1/process_imagephp\Blocks.php:52
GET/wp-json/dlxplugins/pattern-wrangler/v1/patterns/allphp\Rest.php:47
GET/wp-json/dlxplugins/pattern-wrangler/v1/categories/allphp\Rest.php:65
POST/wp-json/dlxplugins/pattern-wrangler/v1/patterns/createphp\Rest.php:83
POST/wp-json/dlxplugins/pattern-wrangler/v1/categories/updatephp\Rest.php:98
POST/wp-json/dlxplugins/pattern-wrangler/v1/categories/createphp\Rest.php:113
POST/wp-json/dlxplugins/pattern-wrangler/v1/categories/edit-registeredphp\Rest.php:128
POST/wp-json/dlxplugins/pattern-wrangler/v1/categories/deletephp\Rest.php:143
POST/wp-json/dlxplugins/pattern-wrangler/v1/categories/disablephp\Rest.php:158
POST/wp-json/dlxplugins/pattern-wrangler/v1/categories/enablephp\Rest.php:173
POST/wp-json/dlxplugins/pattern-wrangler/v1/categories/mapphp\Rest.php:188
POST/wp-json/dlxplugins/pattern-wrangler/v1/patterns/updatephp\Rest.php:203
POST/wp-json/dlxplugins/pattern-wrangler/v1/patterns/deletephp\Rest.php:218
POST/wp-json/dlxplugins/pattern-wrangler/v1/patterns/pausephp\Rest.php:233
POST/wp-json/dlxplugins/pattern-wrangler/v1/patterns/publishphp\Rest.php:248
POST/wp-json/dlxplugins/pattern-wrangler/v1/patterns/tagphp\Rest.php:263
GET/wp-json/dlxplugins/pattern-wrangler/v1/patterns/get/(?P<id>\d+)php\Rest.php:278

Shortcodes 1

[wp_block] php\Patterns.php:128
WordPress Hooks 57
actioninitpattern-wrangler.php:105
actionplugins_loadedpattern-wrangler.php:132
actionadmin_menuphp\Admin.php:27
actionadmin_initphp\Admin.php:30
actioncurrent_screenphp\Admin.php:32
actionadmin_initphp\Admin.php:50
filtermanage_wp_block_posts_columnsphp\Admin.php:53
actionmanage_wp_block_posts_custom_columnphp\Admin.php:56
actionenqueue_block_assetsphp\Admin.php:59
actioninitphp\Blocks.php:26
actionrest_api_initphp\Blocks.php:27
filteruse_block_editor_for_postphp\Blocks.php:29
actionenqueue_block_editor_assetsphp\Blocks.php:172
filterpost_row_actionsphp\Drafts.php:24
actionadmin_initphp\Drafts.php:27
actionadmin_noticesphp\Drafts.php:30
actionnetwork_admin_menuphp\Network_Admin.php:27
actionadmin_enqueue_scriptsphp\Patterns.php:59
actionadmin_enqueue_scriptsphp\Patterns.php:62
actioninitphp\Patterns.php:65
actioninitphp\Patterns.php:68
actioninitphp\Patterns.php:71
actioninitphp\Patterns.php:74
actioninitphp\Patterns.php:77
actioninitphp\Patterns.php:80
actionrest_api_initphp\Patterns.php:83
actioninitphp\Patterns.php:86
actioninitphp\Patterns.php:89
actioninitphp\Patterns.php:92
filterregister_post_type_argsphp\Patterns.php:95
actionrest_api_initphp\Patterns.php:98
filterrest_wp_pattern_category_queryphp\Patterns.php:101
filterrest_wp_block_queryphp\Patterns.php:104
actioninitphp\Patterns.php:107
actioninitphp\Patterns.php:110
filterpost_type_labels_wp_blockphp\Patterns.php:113
filtermanage_wp_block_posts_columnsphp\Patterns.php:116
actionmanage_wp_block_posts_custom_columnphp\Patterns.php:119
filterbulk_actions-edit-wp_blockphp\Patterns.php:122
actionhandle_bulk_actions-edit-wp_blockphp\Patterns.php:125
actioncustomize_registerphp\Patterns.php:133
filtermap_meta_capphp\Patterns.php:136
actionafter_setup_themephp\Patterns.php:152
actioninitphp\Patterns.php:157
filtershould_load_remote_block_patternsphp\Patterns.php:158
filtershould_load_remote_block_patternsphp\Patterns.php:163
actioninitphp\Patterns.php:168
actionadmin_noticesphp\Patterns.php:173
filterpost_row_actionsphp\Preview.php:29
filterquery_varsphp\Preview.php:32
filtertemplate_includephp\Preview.php:35
actionenqueue_block_editor_assetsphp\Preview.php:38
filterdlxpw_pattern_preview_idphp\Preview.php:52
filterdlxpw_pattern_preview_noncephp\Preview.php:59
actionrest_api_initphp\Rest.php:27
actionwp_enqueue_scriptstemplates\pattern-preview.php:127
actionwp_headtemplates\pattern-preview.php:180
Maintenance & Trust

Pattern Wrangler – Manage Block Patterns and Pattern Categories Maintenance & Trust

Maintenance Signals

WordPress version tested7.0
Last updatedMar 8, 2026
PHP min version7.2
Downloads6K

Community Trust

Rating100/100
Number of ratings4
Active installs300
Alternatives

Pattern Wrangler – Manage Block Patterns and Pattern Categories Alternatives

BlockMeister – Block Pattern Builder

BlockMeister – Block Pattern Builder

blockmeister

A
91

Visually create custom block patterns. No coding skills needed! Categorize them easily and use keywords for easy discoverability.

1K 1 CVE
Pattern Manager

Pattern Manager

pattern-manager

A
85

Manage your theme's pattern PHP files the easy way, with Pattern Manager by WP Engine.

400 No CVEs
Block Pattern Builder For WordPress – Boost Up Gutenberg Patterns

Block Pattern Builder For WordPress – Boost Up Gutenberg Patterns

create-block-patterns

A
100

Create custom block patterns and browse ready-made patterns from the WordPress.org library to enhance your Gutenberg block pattern collection.

0 No CVEs
Better Block Patterns

Better Block Patterns

better-block-patterns

A
85

Build better WordPress websites faster with our custom block patterns for the Block Editor (Gutenberg).

1K No CVEs
Block Patterns for Food Bloggers

Block Patterns for Food Bloggers

block-patterns-for-food-bloggers

A
100

A beautiful collection of block patterns for food bloggers.

800 No CVEs
Developer Profile

Pattern Wrangler – Manage Block Patterns and Pattern Categories Developer Profile

Ronald Huereca

11 plugins · 29K total installs

78
trust score
Avg Security Score
99/100
Avg Patch Time
93 days
View full developer profile
Detection Fingerprints

How We Detect Pattern Wrangler – Manage Block Patterns and Pattern Categories

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/pattern-wrangler/dist/index.asset.php/wp-content/plugins/pattern-wrangler/build/index.js/wp-content/plugins/pattern-wrangler/build/index.css
Script Paths
/wp-content/plugins/pattern-wrangler/build/index.js
Version Parameters
pattern-wrangler/build/index.js?ver=pattern-wrangler/build/index.css?ver=

HTML / DOM Fingerprints

CSS Classes
dlxpw-pattern-editor-wrapper
Data Attributes
data-cydata-pw-block-editor
JS Globals
dlxpw
FAQ

Frequently Asked Questions about Pattern Wrangler – Manage Block Patterns and Pattern Categories