Does Winden — Tailwind CSS Compiler with Full WordPress Integration have any unpatched vulnerabilities?

No. All known vulnerabilities in Winden — Tailwind CSS Compiler with Full WordPress Integration have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Winden — Tailwind CSS Compiler with Full WordPress Integration compatible with WordPress 6.9.4?

According to WordPress.org data, Winden — Tailwind CSS Compiler with Full WordPress Integration 1.1.3 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Winden — Tailwind CSS Compiler with Full WordPress Integration Security & Risk Analysis

wordpress.org/plugins/winden-dplugins-tailwind-css-compiler

Tailwind CSS compiler for WordPress. Use utility classes directly in your editor.

0 active installs v1.1.3 PHP 7.4+ WP 6.2+ Updated Mar 2, 2026

compilercssgutenbergpage-buildertailwind

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Winden — Tailwind CSS Compiler with Full WordPress Integration Safe to Use in 2026?

Generally Safe

Score 100/100

Winden — Tailwind CSS Compiler with Full WordPress Integration has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "winden-dplugins-tailwind-css-compiler" plugin v1.1.3 exhibits a mixed security posture. On the positive side, it demonstrates strong adherence to output escaping best practices, with all outputs being properly escaped. The plugin also heavily favors prepared statements for SQL queries, with 91% utilizing them, and has a clean vulnerability history with no known CVEs. This suggests a generally well-maintained codebase and a commitment to secure coding in certain areas.

However, significant concerns arise from the substantial attack surface, particularly the presence of 11 unprotected AJAX handlers. This creates a readily exploitable entry point for attackers, potentially leading to unauthorized actions or data manipulation. The use of the `unserialize` function, though only present once, is a known risky function that can lead to remote code execution if not handled with extreme care and validated input. The taint analysis showing no flows with unsanitized paths is encouraging, but the potential for `unserialize` to be triggered by attacker-controlled input remains a latent risk.

In conclusion, while the plugin has a good foundation in terms of output escaping and SQL practices, the high number of unprotected AJAX endpoints and the presence of `unserialize` introduce notable risks. The absence of historical vulnerabilities is a positive indicator, but it does not negate the current code-level concerns. Further investigation into the context of `unserialize` usage and the implementation of authentication for all AJAX handlers is highly recommended.

Key Concerns

Unprotected AJAX handlers
Presence of 'unserialize' function

Vulnerabilities

None known

Winden — Tailwind CSS Compiler with Full WordPress Integration Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Winden — Tailwind CSS Compiler with Full WordPress Integration Code Analysis

Dangerous Functions

Raw SQL Queries

10 prepared

Unescaped Output

54 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$unserialized = @unserialize($data, ['allowed_classes' => false]);App\Helpers\DataConverter.php:50

SQL Query Safety

91% prepared11 total queries

Output Escaping

100% escaped54 total outputs

Attack Surface

11 unprotected

Winden — Tailwind CSS Compiler with Full WordPress Integration Attack Surface

Entry Points22

Unprotected11

AJAX Handlers 22

authwp_ajax_winden_get_contentApp\Admin\GetContent.php:19

authwp_ajax_winden_get_cacheApp\Admin\GetContent.php:20

authwp_ajax_winden_get_wizzard_stateApp\Admin\GetContent.php:21

authwp_ajax_winden_get_crawled_classesApp\Admin\GetContent.php:22

noprivwp_ajax_winden_get_cacheApp\Admin\GetContent.php:27

noprivwp_ajax_winden_get_wizzard_stateApp\Admin\GetContent.php:28

authwp_ajax_winden_dismiss_v4_noticeApp\Admin\MigrationNotice.php:15

authwp_ajax_winden_save_contentApp\Admin\SaveContent.php:17

noprivwp_ajax_winden_save_contentApp\Admin\SaveContent.php:18

authwp_ajax_winden_save_cacheApp\Admin\SaveContent.php:19

authwp_ajax_winden_update_wizzard_stateApp\Admin\SaveContent.php:20

authwp_ajax_winden_clear_cacheApp\Admin\SaveContent.php:21

authwp_ajax_winden_get_classesApp\Admin\Settings\SettingsPage.php:17

authwp_ajax_winden_get_classes_groupedApp\Admin\Settings\SettingsPage.php:18

authwp_ajax_winden_save_settingsApp\Admin\Settings\SettingsSaveGet.php:51

noprivwp_ajax_winden_save_settingsApp\Admin\Settings\SettingsSaveGet.php:52

authwp_ajax_winden_get_settingsApp\Admin\Settings\SettingsSaveGet.php:53

noprivwp_ajax_winden_get_settingsApp\Admin\Settings\SettingsSaveGet.php:54

authwp_ajax_winden_trigger_recompileApp\Caching\AutoCompile.php:44

authwp_ajax_winden_compile_from_crawledApp\Caching\AutoCompile.php:45

authwp_ajax_winden_get_compile_statusApp\Caching\AutoCompile.php:46

authwp_ajax_winden_clear_recompile_flagApp\Caching\AutoCompile.php:47

WordPress Hooks 50

actionadmin_enqueue_scriptsApp\Admin\Admin.php:41

actionadmin_noticesApp\Admin\MigrationNotice.php:13

actionadmin_enqueue_scriptsApp\Admin\MigrationNotice.php:14

filterscript_loader_tagApp\Admin\Settings\SettingsPage.php:13

actionadmin_menuApp\Admin\Settings\SettingsPage.php:14

actionadmin_initApp\Admin\Settings\SettingsPage.php:15

actionadmin_post_winden_generate_classesApp\Admin\Settings\SettingsPage.php:16

filteradmin_body_classApp\Admin\Settings\SettingsPageBodyClass.php:8

actionadmin_bar_menuApp\Admin\TopBar.php:8

actionadmin_initApp\Admin\TopBar.php:9

actionadmin_enqueue_scriptsApp\Admin\TopBar.php:10

actionwp_enqueue_scriptsApp\Admin\TopBar.php:11

actionwp_enqueue_scriptsApp\Assets\DequeueStyles.php:10

actionwp_print_stylesApp\Assets\DequeueStyles.php:11

filterstyle_loader_tagApp\Assets\DequeueStyles.php:55

actionadmin_enqueue_scriptsApp\Assets\MonacoEditorProvider.php:199

filterwinden_monaco_autocomplete_classesApp\Assets\MonacoEditorProvider.php:212

filterwinden_monaco_autocomplete_suggestionsApp\Assets\MonacoEditorProvider.php:216

filterwinden_plain_classes_autocompleteApp\Assets\MonacoEditorProvider.php:221

filterwinden_plain_classes_screensApp\Assets\MonacoEditorProvider.php:225

filterscript_loader_tagApp\Assets\Providers\Frontend.php:13

actionwp_footerApp\Assets\Providers\Frontend.php:14

actionwp_enqueue_scriptsApp\Assets\Providers\Frontend.php:34

actionwp_enqueue_scriptsApp\Assets\Providers\Frontend.php:37

actionwp_headApp\Assets\Providers\Frontend.php:43

actionwp_enqueue_scriptsApp\Assets\Providers\Frontend.php:45

filterwp_theme_json_data_themeApp\Assets\Providers\FSE\FSEColorPaletteProvider.php:195

filterwp_theme_json_data_defaultApp\Assets\Providers\FSE\FSEFontSizeProvider.php:31

filterwp_theme_json_data_themeApp\Assets\Providers\FSE\FSEFontSizeProvider.php:244

filterwp_theme_json_data_themeApp\Assets\Providers\FSE\FSESpacingProvider.php:258

filterscript_loader_tagApp\Assets\Providers\FSE.php:11

actioncurrent_screenApp\Assets\Providers\FSE.php:12

actionwp_footerApp\Assets\Providers\FSE.php:13

actionenqueue_block_editor_assetsApp\Assets\Providers\FSE.php:22

filterblock_editor_settings_allApp\Assets\Providers\FSE.php:25

actionenqueue_block_editor_assetsApp\Assets\Providers\FSE.php:33

actionenqueue_block_editor_assetsApp\Assets\Providers\FSE.php:38

actionafter_setup_themeApp\Assets\Providers\Providers.php:18

actionadmin_noticesApp\Assets\Providers\Providers.php:88

actionsave_postApp\Caching\AutoCompile.php:35

actionfancoolo_post_savedApp\Caching\AutoCompile.php:38

actionwinden_async_crawlApp\Caching\AutoCompile.php:41

actionenqueue_block_editor_assetsApp\Caching\AutoCompile.php:51

actionadmin_enqueue_scriptsApp\Caching\AutoCompile.php:52

actionwp_enqueue_scriptsApp\Caching\AutoCompile.php:53

actioninitApp\Frontend\BreakpointIndicator.php:14

actionwp_enqueue_scriptsApp\Frontend\BreakpointIndicator.php:24

actionadmin_initApp\Helpers\Migration.php:27

actionenqueue_block_editor_assetsApp\PageBuilder\GutenbergWindenClasses.php:19

actionenqueue_block_editor_assetsApp\PageBuilder\GutenbergWindenClasses.php:22

Scheduled Events 2

winden_async_crawl

Maintenance & Trust

Winden — Tailwind CSS Compiler with Full WordPress Integration Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 2, 2026

PHP min version7.4

Downloads561

Community Trust

Rating100/100

Number of ratings2

Active installs0

Alternatives

Winden — Tailwind CSS Compiler with Full WordPress Integration Alternatives

TailPress – Tailwind for WordPress

tailpress

Seamless integration of Tailwind for WordPress.

600 1 unpatched

Pilo'Press

pilopress

The most advanced WordPress Page Builder using Advanced Custom Fields & TailwindCSS.

100 No CVEs

Kadence Blocks — Page Builder Toolkit for Gutenberg Editor

kadence-blocks

20+ AI-powered Gutenberg Blocks with endless options, enabling top-notch efficiency for high-performance dynamic website creation.

600K 32 CVEs

Page Builder: Pagelayer – Drag and Drop website builder

pagelayer

The most advanced frontend drag & drop page builder. Pagelayer is a light weight but extremely powerful Website Builder.

400K 26 CVEs

Page Builder Gutenberg Blocks – CoBlocks

coblocks

CoBlocks is a suite of page builder WordPress blocks for Gutenberg, with 10+ new blocks and a true page builder experience with rows and columns.

300K 7 CVEs

Developer Profile

Winden — Tailwind CSS Compiler with Full WordPress Integration Developer Profile

wpvividplugins

40 plugins · 966K total installs

trust score

Avg Security Score

95/100

Avg Patch Time

327 days

View full developer profile

Detection Fingerprints

How We Detect Winden — Tailwind CSS Compiler with Full WordPress Integration

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/winden-dplugins-tailwind-css-compiler/assets/css/frontend.css/wp-content/plugins/winden-dplugins-tailwind-css-compiler/assets/css/editor.css

Script Paths

/wp-content/plugins/winden-dplugins-tailwind-css-compiler/assets/js/frontend.js/wp-content/plugins/winden-dplugins-tailwind-css-compiler/assets/js/editor.js

Version Parameters

winden-dplugins-tailwind-css-compiler/assets/css/frontend.css?ver=winden-dplugins-tailwind-css-compiler/assets/css/editor.css?ver=winden-dplugins-tailwind-css-compiler/assets/js/frontend.js?ver=winden-dplugins-tailwind-css-compiler/assets/js/editor.js?ver=

HTML / DOM Fingerprints

JS Globals

window.bricksThemeDatawindow.oxygenThemeDatawindow.fseThemeDatawindow.fontHeroDatawindow.pluginUrlwindow.uploadUrl+6 more

FAQ