WP-Safety

Business Template Blocks for WPBakery (Visual Composer) Page Builder Security & Risk Analysis

wordpress.org/plugins/templates-and-addons-for-wpbakery-page-builder

Checkout our Latest WordPress Themes - 100% Free

80 active installs v1.3.2 PHP + WP 3.0.1+ Updated Unknown
addonpage-buildertemplatevisual-composerwpbakery
78
B · Generally Safe
CVEs total1
Unpatched1
Last CVEFeb 10, 2026
Plugin page Download
Safety Verdict

Is Business Template Blocks for WPBakery (Visual Composer) Page Builder Safe to Use in 2026?

Mostly Safe

Score 78/100

Business Template Blocks for WPBakery (Visual Composer) Page Builder is generally safe to use. 1 past CVE were resolved. Keep it updated.

1 known CVE 1 unpatched Last CVE: Feb 10, 2026
Risk Assessment

The plugin "templates-and-addons-for-wpbakery-page-builder" version 1.3.2 exhibits a mixed security posture. While it demonstrates good practices in areas like the use of prepared statements for SQL queries and a lack of file operations or external HTTP requests, several concerning factors are present. The presence of two AJAX handlers without authentication checks creates a significant attack vector. The plugin also makes use of the `unserialize` function, which is notoriously dangerous if user-supplied data is not properly sanitized, and only a small percentage (8%) of its outputs are properly escaped, increasing the risk of Cross-Site Scripting (XSS) vulnerabilities. The vulnerability history, specifically a medium-severity CVE related to XSS, further highlights these weaknesses. While the plugin has a limited number of entry points and uses prepared statements, the unprotected AJAX endpoints, the use of `unserialize`, and the poor output escaping are substantial risks that require immediate attention. The past XSS vulnerability reinforces the need for stringent input validation and output encoding.

Key Concerns

  • Unprotected AJAX handlers
  • Dangerous function 'unserialize' usage
  • Low output escaping rate (8%)
  • Unpatched medium severity CVE
  • Limited nonce checks on entry points
Vulnerabilities
1

Business Template Blocks for WPBakery (Visual Composer) Page Builder Security Vulnerabilities

CVEs by Year

1 CVE in 2026 · unpatched
2026
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2025-69390medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Business Template Blocks for WPBakery (Visual Composer) Page Builder <= 1.3.2 - Reflected Cross-Site Scripting

Feb 10, 2026Unpatched
Code Analysis
Analyzed Mar 16, 2026

Business Template Blocks for WPBakery (Visual Composer) Page Builder Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
0 prepared
Unescaped Output
155
14 escaped
Nonce Checks
2
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
0

Dangerous Functions Found

unserializereturn unserialize( $string );inc\framework\functions\helpers.php:85

Output Escaping

8% escaped169 total outputs
Attack Surface
2 unprotected

Business Template Blocks for WPBakery (Visual Composer) Page Builder Attack Surface

Entry Points41
Unprotected2

AJAX Handlers 2

authwp_ajax_cs-get-iconsinc\framework\functions\actions.php:44
authwp_ajax_cs-export-optionsinc\framework\functions\actions.php:68

Shortcodes 39

[tavc_accordion_v1] modules\accordion-v1.php:236
[tavc_call_to_action_v1] modules\call-to-action-v1.php:224
[tavc_callback_section_v1] modules\callback-section-v1.php:285
[tavc_clients_carousel_v1] modules\clients-carousel-v1.php:69
[tavc_contact_form_v1] modules\contact-form-v1.php:84
[tavc_contact_section_v1] modules\contact-section-v1.php:161
[tavc_counter_v1] modules\counter-v1.php:177
[tavc_counter_v2] modules\counter-v2.php:181
[tavc_counter_v3] modules\counter-v3.php:54
[tavc_features_section_v1] modules\features-section-v1.php:228
[tavc_features_section_v2] modules\features-section-v2.php:266
[tavc_features_section_v3] modules\features-section-v3.php:229
[tavc_heading] modules\heading.php:191
[tavc_hero_image] modules\hero-image.php:311
[tavc_info_section_v1] modules\info-section-v1.php:263
[tavc_info_section_v2] modules\info-section-v2.php:261
[tavc_latest_post_grid_v2] modules\latest-post-grid-v2.php:75
[tavc_latest_post_carousel] modules\latest-post-v1.php:79
[tavc_latest_post_grid_v3] modules\latest-post-v3.php:128
[tavc_parallax_section_v2] modules\parallax-section-v2.php:139
[tavc_parallax] modules\parallax-section.php:178
[tavc_pricing_table_v1] modules\pricing-table-v1.php:271
[tavc_pricing_table_v2] modules\pricing-table-v2.php:365
[tavc_process_steps_v1] modules\process-steps-v1.php:217
[tavc_progress_bar_v1] modules\progress-bar-v1.php:117
[tavc_service_v1] modules\service-v1.php:242
[tavc_service_v2] modules\service-v2.php:257
[tavc_service_v3] modules\service-v3.php:158
[tavc_service_v4] modules\service-v4.php:229
[tavc_service_v5] modules\service-v5.php:223
[tavc_single_testimonial] modules\single-testimonial.php:217
[btvc_slider] modules\slider.php:141
[btvc_slider_item] modules\slider.php:196
[tavc_team_member_v1] modules\team-member-v1.php:315
[tavc_team_member_v2] modules\team-member-v2.php:320
[tavc_team_member_v3] modules\team-member-v3.php:326
[tavc_testimonial_section_v1] modules\testimonial-section-v1.php:229
[tavc_testimonial_v1] modules\testimonial-v1.php:283
[tavc_video_box_v1] modules\video-box-v1.php:274
WordPress Hooks 26
filterimage_resize_dimensionsinc\aq_resizer.php:74
actioninitinc\framework\cs-framework.php:82
actionadmin_footerinc\framework\functions\actions.php:88
actioncustomize_controls_print_footer_scriptsinc\framework\functions\actions.php:89
actionadmin_enqueue_scriptsinc\framework\functions\enqueue.php:43
filtercs_sanitize_textinc\framework\functions\sanitize.php:14
filtercs_sanitize_textareainc\framework\functions\sanitize.php:32
filtercs_sanitize_checkboxinc\framework\functions\sanitize.php:58
filtercs_sanitize_switcherinc\framework\functions\sanitize.php:59
filtercs_sanitize_image_selectinc\framework\functions\sanitize.php:88
filtercs_sanitize_groupinc\framework\functions\sanitize.php:104
filtercs_sanitize_titleinc\framework\functions\sanitize.php:119
filtercs_sanitize_cleaninc\framework\functions\sanitize.php:134
filtercs_validate_emailinc\framework\functions\validate.php:18
filtercs_validate_numericinc\framework\functions\validate.php:37
filtercs_validate_requiredinc\framework\functions\validate.php:54
actionvc_load_default_templates_actioninc\templates\business.php:8
actionvc_load_default_templates_actioninc\templates\consulting.php:8
actionvc_load_default_templates_actioninc\templates\corporate.php:8
actionvc_load_default_templates_actioninc\templates\finance.php:8
actionvc_load_default_templates_actioninc\templates\marketing.php:8
actionwp_enqueue_scriptstemplates-addon-vc.php:64
actionadmin_enqueue_scriptstemplates-addon-vc.php:71
actionvc_before_inittemplates-addon-vc.php:74
actionadmin_noticestemplates-addon-vc.php:144
actionadmin_inittemplates-addon-vc.php:154
Maintenance & Trust

Business Template Blocks for WPBakery (Visual Composer) Page Builder Maintenance & Trust

Maintenance Signals

WordPress version tested5.7.15
Last updatedUnknown
PHP min version
Downloads15K

Community Trust

Rating46/100
Number of ratings6
Active installs80
Alternatives

Business Template Blocks for WPBakery (Visual Composer) Page Builder Alternatives

Mega Addons For WPBakery Page Builder

Mega Addons For WPBakery Page Builder

mega-addons-for-visual-composer

D
41

34+ Addons WPBakery extension, Beautifully designed unique elements, Includes Premium quality addons For WPBakery Page Builder.

30K 2 unpatched
Image Hotspot With Tooltip For WPBakery Page Builder (formerly Visual Composer)

Image Hotspot With Tooltip For WPBakery Page Builder (formerly Visual Composer)

vc-image-hotspot

A
85

Checkout our Latest WordPress Themes - 100% Free

400 No CVEs
Amazing Hover Effects for WPBakery Page Builder

Amazing Hover Effects for WPBakery Page Builder

amazing-hover-effects-for-wpbakery-page-builder

A
85

Checkout our Latest WordPress Themes - 100% Free

200 No CVEs
Hover Effects For Visual Composer

Hover Effects For Visual Composer

hover-effects-for-visual-composer

A
85

Checkout our Latest WordPress Themes - 100% Free

100 No CVEs
HT Mega Addons for Elementor – Elementor Widgets & Template Builder

HT Mega Addons for Elementor – Elementor Widgets & Template Builder

ht-mega-for-elementor

B
82

Elementor addon offering 135+ widgets — Mega Menu, Ready Templates, Page Builder, Slider, Gallery, Post Grid, AI Writer & more.

80K 32 CVEs
Developer Profile

Business Template Blocks for WPBakery (Visual Composer) Page Builder Developer Profile

themebon

13 plugins · 1K total installs

82
trust score
Avg Security Score
83/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Business Template Blocks for WPBakery (Visual Composer) Page Builder

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/templates-and-addons-for-wpbakery-page-builder/assets/css/grid.css/wp-content/plugins/templates-and-addons-for-wpbakery-page-builder/assets/css/font-awesome.min.css/wp-content/plugins/templates-and-addons-for-wpbakery-page-builder/assets/css/animate.css/wp-content/plugins/templates-and-addons-for-wpbakery-page-builder/assets/css/animated-headlines.css/wp-content/plugins/templates-and-addons-for-wpbakery-page-builder/assets/css/owl.carousel.css/wp-content/plugins/templates-and-addons-for-wpbakery-page-builder/assets/css/izmodal.css/wp-content/plugins/templates-and-addons-for-wpbakery-page-builder/assets/css/styles.css/wp-content/plugins/templates-and-addons-for-wpbakery-page-builder/assets/css/custom.css+6 more
Script Paths
/wp-content/plugins/templates-and-addons-for-wpbakery-page-builder/assets/js/plugins.js/wp-content/plugins/templates-and-addons-for-wpbakery-page-builder/assets/js/animated-headlines.js/wp-content/plugins/templates-and-addons-for-wpbakery-page-builder/assets/js/app.js/wp-content/plugins/templates-and-addons-for-wpbakery-page-builder/assets/js/custom.js
Version Parameters
templates-and-addons-for-wpbakery-page-builder/assets/js/plugins.js?ver=templates-and-addons-for-wpbakery-page-builder/assets/js/animated-headlines.js?ver=templates-and-addons-for-wpbakery-page-builder/assets/js/app.js?ver=templates-and-addons-for-wpbakery-page-builder/assets/js/custom.js?ver=

HTML / DOM Fingerprints

CSS Classes
btvc-gridbtvc-font-awesomebtvc-animatebtvc-animated-headlinesbtvc-owl-carouselbtvc-izmodalbtvc-stylebtvc-custom+6 more
JS Globals
btvc_WordPressCheckup
FAQ

Frequently Asked Questions about Business Template Blocks for WPBakery (Visual Composer) Page Builder