Does VK Block Patterns have any unpatched vulnerabilities?

No. All known vulnerabilities in VK Block Patterns have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is VK Block Patterns compatible with WordPress 6.9.4?

According to WordPress.org data, VK Block Patterns 1.34.6.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is VK Block Patterns compatible with PHP 7.4+?

VK Block Patterns requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is VK Block Patterns updated?

VK Block Patterns was last updated on Mar 5, 2026. Frequent updates are generally a positive security signal.

What is VK Block Patterns's security score?

VK Block Patterns has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

VK Block Patterns Security & Risk Analysis

wordpress.org/plugins/vk-block-patterns

You can make and register your original custom block patterns.

100K active installs v1.34.6.1 PHP 7.4+ WP 6.5+ Updated Mar 5, 2026

block-patternguternberg

A · Safe

CVEs total2

Unpatched0

Last CVEApr 22, 2024

Plugin page Download

Safety Verdict

Is VK Block Patterns Safe to Use in 2026?

Generally Safe

Score 99/100

VK Block Patterns has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Apr 22, 2024Updated 29d ago

Risk Assessment

The vk-block-patterns plugin version 1.34.6.1 exhibits a generally good security posture based on the provided static analysis. All identified entry points (AJAX handlers and REST API routes) appear to have appropriate authentication and permission checks, which is a significant strength. The code also demonstrates responsible handling of SQL queries by exclusively using prepared statements and a high percentage of properly escaped output, minimizing risks of injection and XSS vulnerabilities arising from the code itself. The absence of dangerous functions and critical taint analysis findings further contributes to a positive assessment of its current codebase.

Key Concerns

2 known medium severity vulnerabilities
Vulnerabilities historically include Missing Authorization
Vulnerabilities historically include CSRF
Uses nonces, but only 1 check for 2 AJAX handlers
Only 1 nonce check for 2 AJAX handlers
12% of output is not properly escaped
4 file operations with no vulnerability details
1 external HTTP request with no vulnerability details

Vulnerabilities

VK Block Patterns Security Vulnerabilities

CVEs by Year

2 CVEs in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2024-32826medium · 5.3Missing Authorization

VK Block Patterns <= 1.31.0 - Missing Authorization

Apr 22, 2024 Patched in 1.31.1.1 (8d)

CVE-2024-0623medium · 4.3Cross-Site Request Forgery (CSRF)

VK Block Patterns <= 1.31.1.1 - Cross-Site Request Forgery

Jan 19, 2024 Patched in 1.31.2.0 (193d)

Code Analysis

Analyzed Mar 16, 2026

VK Block Patterns Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

15 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared2 total queries

Output Escaping

88% escaped17 total outputs

Attack Surface

VK Block Patterns Attack Surface

Entry Points3

Unprotected0

AJAX Handlers 2

authwp_ajax_vbp_clear_patterns_cacheadmin\admin.php:324

authwp_ajax_clear_patterns_cacheadmin\admin.php:326

REST API Routes 1

POST/wp-json/vbp/v1/clear-patterns-cacheadmin\admin.php:359

WordPress Hooks 24

actionadmin_menuadmin\admin.php:46

actioninitadmin\admin.php:131

actionadmin_enqueue_scriptsadmin\admin.php:174

actionadmin_noticesadmin\admin.php:271

actionadmin_initadmin\admin.php:298

actionrest_api_initadmin\admin.php:379

actionload-post.phpfavorite-patterns\favorite-patterns.php:130

actionload-post-new.phpfavorite-patterns\favorite-patterns.php:131

actionload-site-editor.phpfavorite-patterns\favorite-patterns.php:132

actioninitfavorite-patterns\favorite-patterns.php:253

actionenqueue_block_editor_assetsinc\edit-post\header-toolbar\vkp-header-toolbar-loader.php:32

actionadmin_menuinc\vk-block-patterns\package\class-add-meta-box.php:16

actionsave_postinc\vk-block-patterns\package\class-add-meta-box.php:17

actionenqueue_block_editor_assetsinc\vk-block-patterns\package\class-add-meta-box.php:18

actioninitinc\vk-block-patterns\package\class-vk-block-patterns.php:26

actioninitinc\vk-block-patterns\package\class-vk-block-patterns.php:28

actioninitinc\vk-block-patterns\package\class-vk-block-patterns.php:29

actionadmin_initinc\vk-block-patterns\package\class-vk-block-patterns.php:30

actioninitpatterns-data\class-register-patterns-from-json.php:20

actionwp_enqueue_scriptspatterns-data\class-register-patterns-from-json.php:21

actionenqueue_block_editor_assetspatterns-data\class-register-patterns-from-json.php:22

actionplugins_loadedvk-block-patterns.php:87

actionadmin_headvk-block-patterns.php:121

actionadmin_menuvk-block-patterns.php:124

Maintenance & Trust

VK Block Patterns Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 5, 2026

PHP min version7.4

Downloads2.1M

Community Trust

Rating100/100

Number of ratings2

Active installs100K

Alternatives

VK Block Patterns Alternatives

Custom Block Patterns

custom-block-patterns

You can easily create your own block patterns and register them.

1K No CVEs

Useful Blocks

useful-blocks

100

It is a plugin that collects very convenient blocks.

20K No CVEs

Highlighting Code Block

highlighting-code-block

Add code block with syntax highlighting using prism.js. (Available for Gutenberg and Classic Editor)

10K No CVEs

VK Filter Search

vk-filter-search

This plugin allows you to add a search function as a block to narrow down your search by category, tag, custom post type, keyword, etc.

6K 1 unpatched

Better Block Patterns

better-block-patterns

Build better WordPress websites faster with our custom block patterns for the Block Editor (Gutenberg).

1K No CVEs

Developer Profile

VK Block Patterns Developer Profile

Vektor,Inc.

8 plugins · 241K total installs

trust score

Avg Security Score

95/100

Avg Patch Time

126 days

View full developer profile

Detection Fingerprints

How We Detect VK Block Patterns

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/vk-block-patterns/build/vk-block-patterns.css/wp-content/plugins/vk-block-patterns/build/vk-block-patterns.js/wp-content/plugins/vk-block-patterns/build/vk-block-patterns-admin.css/wp-content/plugins/vk-block-patterns/build/vk-block-patterns-admin.js

Script Paths

/wp-content/plugins/vk-block-patterns/build/vk-block-patterns.js/wp-content/plugins/vk-block-patterns/build/vk-block-patterns-admin.js

Version Parameters

/wp-content/plugins/vk-block-patterns/build/vk-block-patterns.css?ver=/wp-content/plugins/vk-block-patterns/build/vk-block-patterns.js?ver=/wp-content/plugins/vk-block-patterns/build/vk-block-patterns-admin.css?ver=/wp-content/plugins/vk-block-patterns/build/vk-block-patterns-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

vk_block_patterns_admin

Data Attributes

data-vk-block-patterns-options

JS Globals

vkBlockPatternsConfig

FAQ