Does Super Blank have any unpatched vulnerabilities?

No. All known vulnerabilities in Super Blank have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Super Blank compatible with WordPress 6.9.4?

According to WordPress.org data, Super Blank 1.3.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Super Blank compatible with PHP 7.4+?

Super Blank requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Super Blank updated?

Super Blank was last updated on Jan 16, 2026. Frequent updates are generally a positive security signal.

What is Super Blank's security score?

Super Blank has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Super Blank Security & Risk Analysis

wordpress.org/plugins/super-blank

The best way in the world to make a website. Start from blank, and build any design you want.

10K active installs v1.3.1 PHP 7.4+ WP 5.9+ Updated Jan 16, 2026

blank-templatesuper-blank

A · Safe

CVEs total1

Unpatched0

Last CVESep 23, 2025

Plugin page Download

Safety Verdict

Is Super Blank Safe to Use in 2026?

Generally Safe

Score 99/100

Super Blank has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Sep 23, 2025Updated 2mo ago

Risk Assessment

The "super-blank" v1.3.1 plugin exhibits a mixed security posture. While it demonstrates good practices in areas like output escaping and avoiding dangerous functions, significant concerns arise from its attack surface. A large number of AJAX handlers (10 out of 11) lack proper authentication checks, creating a substantial entry point for potential unauthorized actions. The taint analysis, though limited in scope, did reveal two flows with unsanitized paths, which could indicate a risk of injection vulnerabilities if these paths are exposed to user input without proper sanitization, even if no critical or high severity vulnerabilities were immediately identified.

The plugin's vulnerability history shows one previously disclosed medium severity CVE, which was patched, and the absence of currently unpatched vulnerabilities is positive. However, the pattern of "Missing Authorization" in past vulnerabilities aligns with the current findings of unprotected AJAX handlers, suggesting a recurring weakness in access control implementation. The presence of only two nonce checks across 11 entry points further exacerbates the risk associated with the unprotected AJAX handlers.

In conclusion, while the plugin avoids common pitfalls like dangerous functions and generally handles output well, the extensive unprotected AJAX endpoints and the historical pattern of authorization issues present a notable risk. The taint analysis, though limited, also hints at potential for unaddressed path sanitization issues. Users should exercise caution, and developers should prioritize implementing robust authentication and authorization checks for all AJAX endpoints.

Key Concerns

High number of AJAX handlers without auth checks
Taint analysis found unsanitized paths
Low number of nonce checks on entry points
Previous medium severity CVE (Missing Authorization)

Vulnerabilities

Super Blank Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-54741medium · 4.3Missing Authorization

Super Blank <= 1.2.0 - Authenticated (Subscriber+) Arbitrary Content Deletion

Sep 23, 2025 Patched in 1.3.0 (8d)

Code Analysis

Analyzed Mar 16, 2026

Super Blank Code Analysis

Dangerous Functions

Raw SQL Queries

17 prepared

Unescaped Output

641 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

65% prepared26 total queries

Output Escaping

98% escaped655 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

handle_step (inc\Endpoints\HandleStepFiveOne.php:21)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

10 unprotected

Super Blank Attack Surface

Entry Points11

Unprotected10

AJAX Handlers 11

authwp_ajax_get_elementor_templateinc\Elementor_Sections.php:15

authwp_ajax_super_blank_step5inc\Endpoints\HandleStepFive.php:20

authwp_ajax_super_blank_step5_1inc\Endpoints\HandleStepFiveOne.php:18

authwp_ajax_super_blank_step4inc\Endpoints\HandleStepFour.php:20

authwp_ajax_super_blank_step1inc\Endpoints\HandleStepOne.php:20

authwp_ajax_super_blank_step1_3inc\Endpoints\HandleStepOneThree.php:18

authwp_ajax_super_blank_step1_2inc\Endpoints\HandleStepOneTwo.php:18

authwp_ajax_super_blank_step7inc\Endpoints\HandleStepSeven.php:19

authwp_ajax_super_blank_step6inc\Endpoints\HandleStepSix.php:65

authwp_ajax_super_blank_step3inc\Endpoints\HandleStepThree.php:20

authwp_ajax_super_blank_step2inc\Endpoints\HandleStepTwo.php:18

WordPress Hooks 17

actionadmin_menuinc\admin-pages.php:29

filterplugin_action_links_super-blank/super-blank.phpinc\admin-pages.php:108

actionelementor/editor/before_enqueue_scriptsinc\Elementor_Sections.php:14

actionelementor/editor/footerinc\Elementor_Sections.php:16

actionelementor/editor/footerinc\Elementor_Sections.php:17

filtersuper_blank_pre_process_template_contentinc\Endpoints\HandleStepSix.php:119

actionwp_enqueue_scriptsinc\enqueue-scripts.php:19

actionadmin_enqueue_scriptsinc\enqueue-scripts.php:90

actioninitinc\functions.php:67

filterwp_theme_json_data_themeinc\functions.php:137

actionadmin_noticesinc\functions.php:671

actionnetwork_admin_noticesinc\functions.php:672

actionadmin_noticesinc\functions.php:703

actionnetwork_admin_noticesinc\functions.php:704

actionadmin_noticesinc\functions.php:735

actionnetwork_admin_noticesinc\functions.php:736

actionplugins_loadedinc\hooks.php:10

Maintenance & Trust

Super Blank Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 16, 2026

PHP min version7.4

Downloads49K

Community Trust

Rating100/100

Number of ratings7

Active installs10K

Alternatives

Super Blank Alternatives

Blanked Template

blanked

Add blank page template for any themes. No header, no sidebar, no footer. Apply blank template to pages, built-in and custom posts types, blog, archiv …

70 No CVEs

Admin Menu Blank Template Plugin

admin-menu-tamplate-plugin

Admin Menu Template Plugin make plugin development easy like drag and drop.

10 No CVEs

Developer Profile

Super Blank Developer Profile

Tyler Moore

2 plugins · 20K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

8 days

View full developer profile

Detection Fingerprints

How We Detect Super Blank

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/super-blank/assets/css/sb-library.css/wp-content/plugins/super-blank/assets/images/loader.json/wp-content/plugins/super-blank/assets/js/sb-library.js

Script Paths

/wp-content/plugins/super-blank/assets/js/sb-library.js

Version Parameters

super-blank/assets/css/sb-library.css?ver=super-blank/assets/js/sb-library.js?ver=

HTML / DOM Fingerprints

CSS Classes

sb-library-modalsb-library-modal-overlaysb-library-modal-containersb-library-modal-headersb-library-modal-brandsb-logosb-white-mode

HTML Comments

Data Attributes

data-elementor-editor-element-iddata-template-typedata-template-filedata-template-categorydata-template-category-order

JS Globals

elementorSectionsData

REST Endpoints

/wp-json/super-blank/v1/templates

FAQ