WP-Safety

Webstudio GDPR Security & Risk Analysis

wordpress.org/plugins/webstudio-gdpr

Easy-to-configure cookie consent banner compliant with GDPR and ePrivacy. Granular consent, script blocking, privacy policy generator and audit log.

20 active installs v1.0.0 PHP 8.0+ WP 6.0+ Updated Mar 17, 2026
consentcookie-bannercookiesgdprprivacy
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Webstudio GDPR Safe to Use in 2026?

Generally Safe

Score 100/100

Webstudio GDPR has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The webstudio-gdpr v1.0.0 plugin exhibits a generally strong security posture based on the provided static analysis. The plugin correctly implements prepared statements for all SQL queries and demonstrates a high percentage of properly escaped output, significantly reducing the risk of common web vulnerabilities like SQL injection and cross-site scripting. The presence of nonce and capability checks on all AJAX handlers and the absence of REST API routes with missing permission callbacks further bolster its security. Furthermore, the plugin has no known CVEs, indicating a positive history of security.

However, the use of `preg_replace(/e)` is a potential concern, as this regular expression modifier can lead to code execution if user-supplied data is used within the replacement string and is not properly sanitized. While the taint analysis found no flows, this specific function warrants careful manual review to ensure no exploitable scenarios exist. The limited file operations and lack of external HTTP requests are positive indicators. Overall, the plugin is well-secured but requires a focused review of the `preg_replace(/e)` usage.

Key Concerns

  • Use of preg_replace with /e modifier
Vulnerabilities
None known

Webstudio GDPR Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Webstudio GDPR Release Timeline

No version history available.
Code Analysis
Analyzed Apr 16, 2026

Webstudio GDPR Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
6 prepared
Unescaped Output
14
899 escaped
Nonce Checks
6
Capability Checks
7
File Operations
2
External Requests
0
Bundled Libraries
0

Dangerous Functions Found

preg_replace(/e)preg_replace( '/eincludes/class-settings.php:83

SQL Query Safety

100% prepared6 total queries

Output Escaping

98% escaped913 total outputs
Attack Surface

Webstudio GDPR Attack Surface

Entry Points8
Unprotected0

AJAX Handlers 7

authwp_ajax_wsgdpr_saveincludes/class-admin.php:24
authwp_ajax_wsgdpr_generate_pageincludes/class-admin.php:25
authwp_ajax_wsgdpr_save_wizardincludes/class-admin.php:26
authwp_ajax_wsgdpr_dismiss_wizardincludes/class-admin.php:27
authwp_ajax_wsgdpr_log_consentincludes/class-rest-api.php:22
noprivwp_ajax_wsgdpr_log_consentincludes/class-rest-api.php:23
authwp_ajax_wsgdpr_export_logincludes/class-rest-api.php:26

Shortcodes 1

[wsgdpr_policy] includes/class-page-generator.php:23
WordPress Hooks 14
actionadmin_menuincludes/class-admin.php:21
actionadmin_enqueue_scriptsincludes/class-admin.php:22
actionadmin_enqueue_scriptsincludes/class-admin.php:23
filteradmin_footer_textincludes/class-admin.php:64
filterupdate_footerincludes/class-admin.php:65
actionadmin_headincludes/class-admin.php:66
actionwp_enqueue_scriptsincludes/class-frontend.php:24
actionwp_footerincludes/class-frontend.php:25
actionwp_headincludes/class-frontend.php:26
actionwp_headincludes/class-frontend.php:27
actionwp_enqueue_scriptsincludes/class-script-manager.php:27
filterwp_consent_categoriesincludes/class-wp-consent-api.php:26
actioninitwebstudio-gdpr.php:70
actionadmin_initwebstudio-gdpr.php:87
Maintenance & Trust

Webstudio GDPR Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 17, 2026
PHP min version8.0
Downloads174

Community Trust

Rating0/100
Number of ratings0
Active installs20
Alternatives

Webstudio GDPR Alternatives

Cookied Cookie Consent

Cookied Cookie Consent

cookied-cookie-consent

A
100

The cheapest global cookie consent solution. GDPR, CCPA, LGPD compliant cookie banner starting at just €9.99/year.

0 No CVEs
Compliance by Hu-manity.co

Compliance by Hu-manity.co

cookie-notice

A
95

Intentional Consent for WordPress — GDPR, CCPA, CPRA & ePrivacy compliance with consent records, autoblocking & Google Consent Mode v2.

900K 6 CVEs
Cookiebot by Usercentrics – Automatic Cookie Banner for GDPR/CCPA & Google Consent Mode

Cookiebot by Usercentrics – Automatic Cookie Banner for GDPR/CCPA & Google Consent Mode

cookiebot

A
95

Install your cookie banner in minutes. Automatically scan and block cookies to comply with the GDPR, CCPA, Google Consent Mode v2. Free plan option.

100K 4 CVEs
Real Cookie Banner: GDPR & ePrivacy Cookie Consent

Real Cookie Banner: GDPR & ePrivacy Cookie Consent

real-cookie-banner

A
96

Obtain GDPR (DSGVO/RGPD) and ePrivacy Directive (TDDDG/TTDSG, LOPD-GDD, DTA) compliant consents in your cookie banner. More than just a cookie notice!

100K 4 CVEs
Termly – GDPR/CCPA Cookie Consent Banner

Termly – GDPR/CCPA Cookie Consent Banner

uk-cookie-consent

A
99

Our easy to use cookie consent plugin can assist in your GDPR, CCPA, and ePrivacy Directive compliance efforts.

90K 2 CVEs
Developer Profile

Webstudio GDPR Developer Profile

Webstudio.ltd

1 plugin · 20 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Webstudio GDPR

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/webstudio-gdpr/admin/vendor/coloris/coloris.min.css/wp-content/plugins/webstudio-gdpr/admin/vendor/coloris/coloris.min.js/wp-content/plugins/webstudio-gdpr/admin/css/admin.css/wp-content/plugins/webstudio-gdpr/public/css/banner.css/wp-content/plugins/webstudio-gdpr/public/js/banner.js/wp-content/plugins/webstudio-gdpr/public/js/cookie.js/wp-content/plugins/webstudio-gdpr/admin/js/admin.js
Script Paths
/wp-content/plugins/webstudio-gdpr/admin/vendor/coloris/coloris.min.js/wp-content/plugins/webstudio-gdpr/public/js/banner.js/wp-content/plugins/webstudio-gdpr/public/js/cookie.js/wp-content/plugins/webstudio-gdpr/admin/js/admin.js
Version Parameters
webstudio-gdpr/admin/vendor/coloris/coloris.min.css?ver=webstudio-gdpr/admin/vendor/coloris/coloris.min.js?ver=webstudio-gdpr/admin/css/admin.css?ver=webstudio-gdpr/public/css/banner.css?ver=webstudio-gdpr/public/js/banner.js?ver=webstudio-gdpr/public/js/cookie.js?ver=webstudio-gdpr/admin/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
wsgdpr-admin-wrapwsgdpr-admin-contentwsgdpr-wizard-contentwsgdpr-banner-previewwsgdpr-color-picker-wrapperwsgdpr-coloris__fieldwsgdpr-coloris__inputwsgdpr-consent-log-table+9 more
HTML Comments
<!-- Webstudio GDPR Admin Wrap --><!-- Webstudio GDPR Content --><!-- Webstudio GDPR Wizard --><!-- Webstudio GDPR Banner Preview -->+5 more
Data Attributes
data-wsgdpr-colorisdata-wsgdpr-settingdata-wsgdpr-save-settingdata-wsgdpr-generate-pagedata-wsgdpr-dismiss-wizarddata-wsgdpr-wizard-step+1 more
JS Globals
window.wsgdprAdminwindow.wsgdprBannerwindow.wsgdprCookie
REST Endpoints
/wp-json/webstudio-gdpr/v1/settings/wp-json/webstudio-gdpr/v1/scripts/wp-json/webstudio-gdpr/v1/logs/wp-json/webstudio-gdpr/v1/wizard
Shortcode Output
[wsgdpr_privacy_policy_link][wsgdpr_cookie_policy_link]
FAQ

Frequently Asked Questions about Webstudio GDPR