WP-Safety

Reaktiv CSS Builder Security & Risk Analysis

wordpress.org/plugins/reaktiv-css-builder

Add user generated custom CSS directly in the dashboard.

80 active installs v1.1.0 PHP + WP 3.6+ Updated Jul 20, 2015
csscustom-design
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Reaktiv CSS Builder Safe to Use in 2026?

Generally Safe

Score 85/100

Reaktiv CSS Builder has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago
Risk Assessment

The reaktiv-css-builder plugin v1.1.0 exhibits a generally strong security posture based on the provided static analysis. There are no identified vulnerabilities in its history and the code shows an absence of dangerous functions, external HTTP requests, and direct SQL queries. The use of prepared statements for all SQL queries is a significant positive. Furthermore, the plugin has a limited attack surface with zero identified entry points. Taint analysis also revealed no critical or high severity flows with unsanitized paths, indicating good handling of potential injection vectors.

However, a notable concern is the low percentage of properly escaped output (10% of 20 outputs). This could lead to Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is not adequately sanitized before being displayed. The presence of file operations without further context also warrants caution, as these could be a vector for unintended file modifications or information disclosure if not handled securely. While the absence of known CVEs and the limited attack surface are positive indicators, the poor output escaping is a significant weakness that requires attention.

Key Concerns

  • Low percentage of properly escaped output
  • File operations present without further context
Vulnerabilities
None known

Reaktiv CSS Builder Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Reaktiv CSS Builder Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
18
2 escaped
Nonce Checks
2
Capability Checks
0
File Operations
6
External Requests
0
Bundled Libraries
0

Output Escaping

10% escaped20 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
import_styles (reaktiv-css-builder.php:384)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Reaktiv CSS Builder Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 13
actionwp_enqueue_scriptsreaktiv-css-builder.php:39
actionplugins_loadedreaktiv-css-builder.php:42
actionadmin_initreaktiv-css-builder.php:44
actionadmin_initreaktiv-css-builder.php:45
actionadmin_noticesreaktiv-css-builder.php:46
actionadmin_noticesreaktiv-css-builder.php:47
actionadmin_initreaktiv-css-builder.php:49
actionadmin_enqueue_scriptsreaktiv-css-builder.php:50
actionadmin_initreaktiv-css-builder.php:51
actionadmin_menureaktiv-css-builder.php:52
actionadmin_noticesreaktiv-css-builder.php:53
filterplugin_action_linksreaktiv-css-builder.php:55
filteroption_page_capability_reaktiv-custom-cssreaktiv-css-builder.php:56
Maintenance & Trust

Reaktiv CSS Builder Maintenance & Trust

Maintenance Signals

WordPress version tested4.2.39
Last updatedJul 20, 2015
PHP min version
Downloads5K

Community Trust

Rating100/100
Number of ratings4
Active installs80
Alternatives

Reaktiv CSS Builder Alternatives

Modular Custom CSS

Modular Custom CSS

modular-custom-css

A
92

WordPress core provides custom CSS functionality in the customizer that's specific to the current theme; you can switch themes freely with each t …

500 No CVEs
Multisite Custom CSS

Multisite Custom CSS

multisite-custom-css

A
92

WordPress core provides custom CSS functionality in the customizer that's specific to the current theme; you can switch themes freely with each t …

100 No CVEs
WPCode – Insert Headers and Footers + Custom Code Snippets – WordPress Code Manager

WPCode – Insert Headers and Footers + Custom Code Snippets – WordPress Code Manager

insert-headers-and-footers

A
99

Easily add code snippets in WordPress. Insert header & footer scripts, add PHP code snippets with conditional logic, insert ads pixel code, and more.

3.0M 3 CVEs
Code Snippets

Code Snippets

code-snippets

A
89

An easy, clean and simple way to enhance your site with code snippets.

1.0M 7 CVEs
Simple Custom CSS and JS

Simple Custom CSS and JS

custom-css-js

A
100

Easily add Custom CSS or JS to your website with an awesome editor.

700K 1 CVE
Developer Profile

Reaktiv CSS Builder Developer Profile

Andrew Norcross

18 plugins · 2K total installs

86
trust score
Avg Security Score
88/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Reaktiv CSS Builder

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/reaktiv-css-builder/lib/css/codemirror.css/wp-content/plugins/reaktiv-css-builder/lib/css/reaktiv.admin.css/wp-content/plugins/reaktiv-css-builder/lib/js/codemirror.js/wp-content/plugins/reaktiv-css-builder/lib/js/codemirror.css.js/wp-content/plugins/reaktiv-css-builder/lib/js/reaktiv.admin.js
Script Paths
/wp-content/plugins/reaktiv-css-builder/lib/js/codemirror.js/wp-content/plugins/reaktiv-css-builder/lib/js/codemirror.css.js/wp-content/plugins/reaktiv-css-builder/lib/js/reaktiv.admin.js
Version Parameters
reaktiv-css-builder/lib/css/codemirror.css?ver=reaktiv-css-builder/lib/css/reaktiv.admin.css?ver=reaktiv-css-builder/lib/js/codemirror.js?ver=reaktiv-css-builder/lib/js/codemirror.css.js?ver=reaktiv-css-builder/lib/js/reaktiv.admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
reaktiv-form-wrapreaktiv-custom-css
Data Attributes
data-codemirror
FAQ

Frequently Asked Questions about Reaktiv CSS Builder