Does SKT Page Builder have any unpatched vulnerabilities?

No. All known vulnerabilities in SKT Page Builder have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is SKT Page Builder compatible with WordPress 6.9.4?

According to WordPress.org data, SKT Page Builder 5.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is SKT Page Builder compatible with PHP 7.4+?

SKT Page Builder requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is SKT Page Builder updated?

SKT Page Builder was last updated on Feb 12, 2026. Frequent updates are generally a positive security signal.

What is SKT Page Builder's security score?

SKT Page Builder has a WP-Safety security score of 96/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

SKT Page Builder Security & Risk Analysis

wordpress.org/plugins/skt-builder

SKT Page Builder has been designed and developed to assist anyone in creating pages using a drag and drop page builder interface.

2K active installs v5.0 PHP 7.4+ WP 5.0+ Updated Feb 12, 2026

builderdrag-and-dropeditorlanding-pagepage-builder

A · Safe

CVEs total3

Unpatched0

Last CVEMay 28, 2025

Plugin page Download

Safety Verdict

Is SKT Page Builder Safe to Use in 2026?

Generally Safe

Score 96/100

SKT Page Builder has a strong security track record. Known vulnerabilities have been patched promptly.

3 known CVEsLast CVE: May 28, 2025Updated 1mo ago

Risk Assessment

The skt-builder plugin v5.0 exhibits a mixed security posture. On the positive side, it demonstrates strong practices regarding SQL queries, exclusively using prepared statements, and a high percentage of properly escaped output. The absence of critical or high severity taint flows and the lack of currently unpatched CVEs are also encouraging signs. However, significant concerns arise from the substantial attack surface, particularly the presence of 5 AJAX handlers without authentication checks. This leaves a considerable portion of the plugin's functionality vulnerable to unauthorized access and potential manipulation. The historical vulnerability data, while showing no currently unpatched issues, reveals a past pattern of missing authorization vulnerabilities, which aligns with the static analysis findings. This suggests a recurring weakness in how the plugin handles user permissions.

Despite the strengths in data sanitization and query handling, the unprotected AJAX endpoints represent a tangible and immediate risk. The plugin's history, with a notable number of past vulnerabilities including missing authorization, reinforces the need for caution. While the current version appears to have addressed historical unpatched issues, the static analysis highlights a potential for new vulnerabilities if these authorization gaps are not rigorously addressed. The overall risk is moderate, leaning towards concerning due to the direct exposure of functionality via unprotected AJAX handlers.

Key Concerns

Unprotected AJAX handlers
Large attack surface without auth
Historical missing authorization vulnerabilities

Vulnerabilities

SKT Page Builder Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

2 CVEs in 2025

2025

Patched Has unpatched

Severity Breakdown

High

Medium

3 total CVEs

CVE-2025-54005medium · 4.3Missing Authorization

SKT Page Builder <= 4.9 - Missing Authorization

May 28, 2025 Patched in 5.0 (274d)

CVE-2024-12848high · 8.8Missing Authorization

SKT Page Builder <= 4.6 - Authenticated (Subscriber+) Arbitrary File Upload

Jan 8, 2025 Patched in 4.8 (1d)

CVE-2024-1337medium · 4.3Missing Authorization

SKT Page Builder <= 4.1 - Missing Authorization to Authenticated(Subscriber+) Content Injection

Feb 12, 2024 Patched in 4.2 (9d)

Code Analysis

Analyzed Mar 16, 2026

SKT Page Builder Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

46 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

jQuery

Output Escaping

90% escaped51 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

addNewLib (sktbuilder.php:951)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

5 unprotected

SKT Page Builder Attack Surface

Entry Points8

Unprotected5

AJAX Handlers 8

authwp_ajax_sktbuilder_load_libraries_datasktbuilder.php:36

noprivwp_ajax_sktbuilder_load_libraries_datasktbuilder.php:37

authwp_ajax_sktbuilder_load_page_datasktbuilder.php:48

authwp_ajax_sktbuilder_save_page_datasktbuilder.php:51

authwp_ajax_sktbuilder_load_page_templatessktbuilder.php:54

authwp_ajax_sktbuilder_save_page_templatesktbuilder.php:57

authwp_ajax_sktbuilder_add_new_imagesktbuilder.php:60

authwp_ajax_sktbuilder_add_new_videosktbuilder.php:63

WordPress Hooks 18

actionplugins_loadedsktbuilder.php:33

actionpost_action_sktbuildersktbuilder.php:42

actionadmin_enqueue_scriptssktbuilder.php:45

actionsave_postsktbuilder.php:66

actionwp_restore_post_revisionsktbuilder.php:67

filtersktbuilder_libssktbuilder.php:70

actionadd_meta_boxessktbuilder.php:73

actionload-page.phpsktbuilder.php:76

filterpage_row_actionssktbuilder.php:79

filterwxr_export_skip_postmetasktbuilder.php:82

actionadmin_post_sktbuilder_add_librarysktbuilder.php:85

actionadmin_menusktbuilder.php:88

actionwoocommerce_blocks_loadedsktbuilder.php:90

actionadmin_bar_menusktbuilder.php:97

filterthe_contentsktbuilder.php:99

actionwp_enqueue_scriptssktbuilder.php:100

filteradmin_footer_textsktbuilder.php:217

filterupdate_footersktbuilder.php:218

Maintenance & Trust

SKT Page Builder Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 12, 2026

PHP min version7.4

Downloads80K

Community Trust

Rating54/100

Number of ratings7

Active installs2K

Alternatives

SKT Page Builder Alternatives

Elementor Website Builder – More Than Just a Page Builder

elementor

The Elementor Website Builder has it all: drag and drop page builder, pixel perfect design, mobile responsive editing, and more. Get started now!

10.0M 45 CVEs

Page Builder: Pagelayer – Drag and Drop website builder

pagelayer

The most advanced frontend drag & drop page builder. Pagelayer is a light weight but extremely powerful Website Builder.

400K 25 CVEs

Beaver Builder Page Builder – Drag and Drop Website Builder

beaver-builder-lite-version

The Professional's Choice for Drag & Drop WordPress Page Building. Fast, Reliable, and Trusted since 2014.

100K 31 CVEs

Colibri Page Builder

colibri-page-builder

Colibri Page Builder adds drag and drop page builder functionality to the ColibriWP theme.

90K 18 CVEs

TemplateSpare – 1000+ WordPress Starter Templates & Full Site Migration Tool | 1-Click Import/Export & No-Code Builder

templatespare

Imagine this... You’re planning your new website. You’re excited at first—but then reality hits. The design takes months. You wait for the developer t …

10K 1 CVE

Developer Profile

SKT Page Builder Developer Profile

sonalsinha21

153 plugins · 54K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

26 days

View full developer profile

Detection Fingerprints

How We Detect SKT Page Builder

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/skt-builder/assets/css/sktbuilder-frontend-custom.css/wp-content/plugins/skt-builder/sktbuilder/blocks/lib.css/wp-content/plugins/skt-builder/sktbuilder/blocks/animation.css/wp-content/plugins/skt-builder/sktbuilder/blocks/owlcarousel/assets/owl.carousel.css/wp-content/plugins/skt-builder/sktbuilder/blocks/glyphicons/assets/css/glyphicons.css/wp-content/plugins/skt-builder/sktbuilder/blocks/fontawesome/assets/css/fontawesome.css/wp-content/plugins/skt-builder/assets/js/sktbuilder-frontend-custom.js/wp-content/plugins/skt-builder/assets/js/sktbuilder-frontend-custom-front.js+4 more

Script Paths

/wp-content/plugins/skt-builder/assets/js/sktbuilder-frontend-custom.js/wp-content/plugins/skt-builder/assets/js/sktbuilder-frontend-custom-front.js/wp-content/plugins/skt-builder/sktbuilder/sktbuilder-backend-starter.js/wp-content/plugins/skt-builder/assets/js/sktbuilder-backend-custom.js/wp-content/plugins/skt-builder/sktbuilder-wordpress-driver.js

Version Parameters

skt-builder/assets/css/sktbuilder-frontend-custom.css?ver=sktbuilder/blocks/lib.css?ver=sktbuilder/blocks/animation.css?ver=sktbuilder/blocks/owlcarousel/assets/owl.carousel.css?ver=sktbuilder/blocks/glyphicons/assets/css/glyphicons.css?ver=sktbuilder/blocks/fontawesome/assets/css/fontawesome.css?ver=skt-builder/assets/js/sktbuilder-frontend-custom.js?ver=skt-builder/assets/js/sktbuilder-frontend-custom-front.js?ver=sktbuilder/sktbuilder-backend-starter.js?ver=skt-builder/assets/js/sktbuilder-backend-custom.js?ver=skt-builder/assets/css/sktbuilder-backend-custom.css?ver=sktbuilder-wordpress-driver.js?ver=

HTML / DOM Fingerprints

CSS Classes

sktbuilder-frontend-custom

Data Attributes

data-sktbuilder

JS Globals

SktbuilderStarterSktbuilderWordpressDriversktbuilder_backend_custom

REST Endpoints

/wp-json/sktbuilder/

FAQ