WP-Safety

Pixobe Designer Security & Risk Analysis

wordpress.org/plugins/pixobe-designer

Design Anything — From Greeting Cards to Custom Images.

10 active installs v3.0.4 PHP + WP 5.6+ Updated Jan 5, 2026
design-editorgraphic-design-toolgreeting-card-makerimage-editorvisual-editor
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Pixobe Designer Safe to Use in 2026?

Generally Safe

Score 100/100

Pixobe Designer has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago
Risk Assessment

The pixobe-designer plugin v3.0.4 exhibits a generally good security posture, with several positive indicators. The absence of dangerous functions, raw SQL queries, and file operations is commendable. Furthermore, the high percentage of properly escaped output and the presence of nonce and capability checks suggest a developer conscious of common security pitfalls. The plugin also has a clean vulnerability history, with no known CVEs, indicating a lack of past exploitable issues.

However, there are specific areas of concern that warrant attention. The plugin exposes two REST API routes without permission callbacks, creating a potential attack surface that could be exploited by unauthenticated users. While the static analysis did not reveal any critical taint flows or unsanitized paths, the unprotected REST API endpoints represent a tangible risk. The vulnerability history being completely clean could also indicate a lack of extensive security auditing or a recent emergence of the plugin into widespread use.

In conclusion, pixobe-designer v3.0.4 demonstrates good security development practices in many areas. The primary weakness lies in the unprotected REST API endpoints, which should be addressed to prevent potential unauthorized access or data manipulation. Continued vigilance and perhaps more thorough security testing or auditing would further strengthen its security profile.

Key Concerns

  • REST API routes without permission callbacks
Vulnerabilities
None known

Pixobe Designer Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Pixobe Designer Release Timeline

v2.0.0
Code Analysis
Analyzed Apr 16, 2026

Pixobe Designer Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
3
45 escaped
Nonce Checks
2
Capability Checks
6
File Operations
0
External Requests
2
Bundled Libraries
0

Output Escaping

94% escaped48 total outputs
Attack Surface
2 unprotected

Pixobe Designer Attack Surface

Entry Points3
Unprotected2

REST API Routes 2

POST/wp-json/pixobe-designer/v1/posts/(?P<id>\d+)/design-dataincludes/rest.php:21
GET/wp-json/pixobe-designer/v1/design/(?P<post_id>\d+)includes/rest.php:36

Shortcodes 1

[pixobe_designer] includes/common.php:78
WordPress Hooks 16
actionwp_enqueue_scriptsfunctions.php:32
actionadmin_menuincludes/admin.php:41
actionadmin_enqueue_scriptsincludes/admin.php:177
actionwp_enqueue_scriptsincludes/common.php:97
actionwp_enqueue_scriptsincludes/common.php:117
actionsave_postincludes/designer-metaboxes.php:107
actionadd_meta_boxesincludes/designer-metaboxes.php:124
actionadmin_enqueue_scriptsincludes/designer-metaboxes.php:125
actioninitincludes/designer-post-type.php:171
actioninitincludes/designer-post-type.php:172
actioninitincludes/designer-post-type.php:173
filtersingle_templateincludes/designer-post-type.php:175
filterarchive_templateincludes/designer-post-type.php:176
filtertaxonomy_templateincludes/designer-post-type.php:178
filteruse_block_editor_for_post_typeincludes/designer-post-type.php:180
actionrest_api_initincludes/rest.php:51
Maintenance & Trust

Pixobe Designer Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 5, 2026
PHP min version
Downloads3K

Community Trust

Rating100/100
Number of ratings5
Active installs10
Alternatives

Pixobe Designer Alternatives

Page Builder by SiteOrigin

Page Builder by SiteOrigin

siteorigin-panels

A
88

Build responsive page layouts using the widgets you know and love using this simple drag and drop page builder.

500K 8 CVEs
Brizy – Page Builder

Brizy – Page Builder

brizy

B
81

A page builder that is fast & easy, Brizy is a next-gen website builder that anyone can use. No designer or developer skills required.

70K 31 CVEs
ThumbPress – Image Management Suite for Performance and Optimization

ThumbPress – Image Management Suite for Performance and Optimization

image-sizes

A
100

Disable Thumbnails, Regenerate Thumbnails, Compress Images, Convert to WebP, Find Unused and Large Images, Edit Images, and more with ThumbPress.

30K No CVEs
Nimble Page Builder

Nimble Page Builder

nimble-builder

A
92

Simple and smart companion that allows you to insert sections into any existing page, create landing pages or entire websites including header and foo &hellip;

30K 1 CVE
Forget About Shortcode Buttons

Forget About Shortcode Buttons

forget-about-shortcode-buttons

A
91

A visual way to add CSS buttons in the rich text editor and to your themes.

20K 2 CVEs
Developer Profile

Pixobe Designer Developer Profile

Pixobe

5 plugins · 210 total installs

90
trust score
Avg Security Score
94/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Pixobe Designer

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/pixobe-designer/assets/css/grid.css
Script Paths
https://graphic-designer.pixobe.com/build/graphic-designer.esm.js
Version Parameters
pixobe-designer/assets/css/grid.css?ver=

HTML / DOM Fingerprints

CSS Classes
p-sectionp-wpgallery
Data Attributes
p-wpgallery
FAQ

Frequently Asked Questions about Pixobe Designer