Does YOUELBLOCKS have any unpatched vulnerabilities?

No. All known vulnerabilities in YOUELBLOCKS have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is YOUELBLOCKS compatible with WordPress 6.9.4?

According to WordPress.org data, YOUELBLOCKS 1.0.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is YOUELBLOCKS compatible with PHP 7.4+?

YOUELBLOCKS requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is YOUELBLOCKS updated?

YOUELBLOCKS was last updated on Feb 16, 2026. Frequent updates are generally a positive security signal.

What is YOUELBLOCKS's security score?

YOUELBLOCKS has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

YOUELBLOCKS Security & Risk Analysis

wordpress.org/plugins/youelblocks

Create and manage custom forms intuitively using WordPress block editor.

0 active installs v1.0.2 PHP 7.4+ WP 5.0+ Updated Feb 16, 2026

blockscontact-formformform-buildergutenberg

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is YOUELBLOCKS Safe to Use in 2026?

Generally Safe

Score 100/100

YOUELBLOCKS has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "youelblocks" v1.0.2 plugin exhibits a mixed security posture. While it demonstrates good practices in output escaping (98%) and a clean vulnerability history with no recorded CVEs, there are significant concerns stemming from its attack surface and taint analysis. A substantial number of AJAX handlers (68 out of 88) lack authentication checks, presenting a wide entry point for potential unauthorized actions. Furthermore, the taint analysis reveals a concerning number of flows with unsanitized paths, including one critical and four high-severity issues, indicating potential vulnerabilities to injection attacks despite the use of prepared statements in SQL queries. The presence of the `shell_exec` function, a dangerous function, also warrants attention, as its misuse can lead to severe security breaches.

Despite the lack of historical vulnerabilities, the identified code signals and taint analysis findings cannot be ignored. The high number of unprotected AJAX endpoints is a critical weakness that could be exploited if an attacker can trigger these handlers. The presence of unsanitized paths in taint flows, particularly those with critical and high severity, suggests that data entering the plugin may not be properly validated or sanitized before being used, potentially leading to arbitrary code execution or data leakage. The plugin needs to address these areas of weakness to improve its overall security.

Key Concerns

Unprotected AJAX handlers
Critical severity taint flow
High severity taint flows
Dangerous function (shell_exec)

Vulnerabilities

None known

YOUELBLOCKS Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

YOUELBLOCKS Code Analysis

Dangerous Functions

Raw SQL Queries

17 prepared

Unescaped Output

1022 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

shell_execshell_exec($command);includes\class-youelblocks-public.php:2189

SQL Query Safety

50% prepared34 total queries

Output Escaping

98% escaped1044 total outputs

Data Flows

24 unsanitized

Data Flow Analysis

25 flows24 with unsanitized paths

ajax_parse_excel_to_sheet (includes\class-youelblocks-admin-ajax.php:2492)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

68 unprotected

YOUELBLOCKS Attack Surface

Entry Points92

Unprotected68

AJAX Handlers 88

authwp_ajax_youelblocks_test_data_saveincludes\class-youelblocks-admin-ajax.php:70

authwp_ajax_youelblocks_create_tableincludes\class-youelblocks-admin-ajax.php:71

noprivwp_ajax_youelblocks_create_tableincludes\class-youelblocks-admin-ajax.php:72

authwp_ajax_youelblocks_delete_tableincludes\class-youelblocks-admin-ajax.php:73

authwp_ajax_youelblocks_complete_syncincludes\class-youelblocks-admin-ajax.php:74

authwp_ajax_youelblocks_get_table_structureincludes\class-youelblocks-admin-ajax.php:75

authwp_ajax_youelblocks_get_block_table_structureincludes\class-youelblocks-admin-ajax.php:76

authwp_ajax_youelblocks_force_update_tableincludes\class-youelblocks-admin-ajax.php:77

authwp_ajax_youelblocks_cleanup_orphaned_tableincludes\class-youelblocks-admin-ajax.php:78

authwp_ajax_youelblocks_get_data_rowincludes\class-youelblocks-admin-ajax.php:81

authwp_ajax_youelblocks_update_data_rowincludes\class-youelblocks-admin-ajax.php:82

authwp_ajax_youelblocks_delete_data_rowincludes\class-youelblocks-admin-ajax.php:83

authwp_ajax_youelblocks_export_dataincludes\class-youelblocks-admin-ajax.php:84

noprivwp_ajax_youelblocks_export_dataincludes\class-youelblocks-admin-ajax.php:85

authwp_ajax_youelblocks_save_form_dataincludes\class-youelblocks-admin-ajax.php:86

noprivwp_ajax_youelblocks_save_form_dataincludes\class-youelblocks-admin-ajax.php:87

authwp_ajax_youelblocks_delete_form_dataincludes\class-youelblocks-admin-ajax.php:90

authwp_ajax_youelblocks_delete_form_data_rowincludes\class-youelblocks-admin-ajax.php:91

authwp_ajax_youelblocks_export_form_dataincludes\class-youelblocks-admin-ajax.php:92

authwp_ajax_youelblocks_update_form_data_rowincludes\class-youelblocks-admin-ajax.php:93

authwp_ajax_youelblocks_get_form_data_rowincludes\class-youelblocks-admin-ajax.php:94

authwp_ajax_youelblocks_get_form_structureincludes\class-youelblocks-admin-ajax.php:95

noprivwp_ajax_youelblocks_get_form_data_rowincludes\class-youelblocks-admin-ajax.php:98

noprivwp_ajax_youelblocks_update_form_data_rowincludes\class-youelblocks-admin-ajax.php:99

authwp_ajax_youelblocks_get_conditionsincludes\class-youelblocks-admin-ajax.php:102

noprivwp_ajax_youelblocks_get_conditionsincludes\class-youelblocks-admin-ajax.php:103

authwp_ajax_youelblocks_diagnose_formincludes\class-youelblocks-admin-ajax.php:106

authwp_ajax_youelblocks_recover_formincludes\class-youelblocks-admin-ajax.php:107

authwp_ajax_youelblocks_parse_excel_to_sheetincludes\class-youelblocks-admin-ajax.php:110

authwp_ajax_youelblocks_export_sheet_to_excelincludes\class-youelblocks-admin-ajax.php:111

authwp_ajax_youelblocks_save_sheet_jsonincludes\class-youelblocks-admin-ajax.php:112

noprivwp_ajax_youelblocks_save_sheet_jsonincludes\class-youelblocks-admin-ajax.php:113

authwp_ajax_youelblocks_load_sheet_jsonincludes\class-youelblocks-admin-ajax.php:114

noprivwp_ajax_youelblocks_load_sheet_jsonincludes\class-youelblocks-admin-ajax.php:115

authwp_ajax_youelblocks_save_board_jsonincludes\class-youelblocks-admin-ajax.php:118

noprivwp_ajax_youelblocks_save_board_jsonincludes\class-youelblocks-admin-ajax.php:119

authwp_ajax_youelblocks_load_board_jsonincludes\class-youelblocks-admin-ajax.php:120

noprivwp_ajax_youelblocks_load_board_jsonincludes\class-youelblocks-admin-ajax.php:121

authwp_ajax_youelblocks_delete_boardincludes\class-youelblocks-admin-ajax.php:122

authwp_ajax_youelblocks_upload_board_attachmentincludes\class-youelblocks-admin-ajax.php:123

authwp_ajax_youelblocks_save_formulaincludes\class-youelblocks-admin-ajax.php:126

authwp_ajax_youelblocks_load_formulasincludes\class-youelblocks-admin-ajax.php:127

noprivwp_ajax_youelblocks_load_formulasincludes\class-youelblocks-admin-ajax.php:128

authwp_ajax_youelblocks_delete_formulaincludes\class-youelblocks-admin-ajax.php:129

authwp_ajax_youelblocks_fetch_external_dataincludes\class-youelblocks-admin-ajax.php:132

noprivwp_ajax_youelblocks_fetch_external_dataincludes\class-youelblocks-admin-ajax.php:133

authwp_ajax_youelblocks_get_stepsincludes\class-youelblocks-admin-ajax.php:136

noprivwp_ajax_youelblocks_get_stepsincludes\class-youelblocks-admin-ajax.php:137

authwp_ajax_youelblocks_get_timezone_debugincludes\class-youelblocks-admin-ajax.php:140

authwp_ajax_youelblocks_load_migration_fieldsincludes\class-youelblocks-admin.php:25

authwp_ajax_youelblocks_run_field_migrationincludes\class-youelblocks-admin.php:26

authwp_ajax_youelblocks_check_sync_statusincludes\class-youelblocks-admin.php:27

authwp_ajax_youelblocks_run_syncincludes\class-youelblocks-admin.php:28

authwp_ajax_youelblocks_view_dataincludes\class-youelblocks-public.php:34

noprivwp_ajax_youelblocks_view_dataincludes\class-youelblocks-public.php:35

authwp_ajax_youelblocks_get_dataincludes\class-youelblocks-public.php:36

noprivwp_ajax_youelblocks_get_dataincludes\class-youelblocks-public.php:37

authwp_ajax_youelblocks_update_dataincludes\class-youelblocks-public.php:38

noprivwp_ajax_youelblocks_update_dataincludes\class-youelblocks-public.php:39

authwp_ajax_youelblocks_delete_dataincludes\class-youelblocks-public.php:40

noprivwp_ajax_youelblocks_delete_dataincludes\class-youelblocks-public.php:41

authwp_ajax_youelblocks_export_dataincludes\class-youelblocks-public.php:42

noprivwp_ajax_youelblocks_export_dataincludes\class-youelblocks-public.php:43

authwp_ajax_youelblocks_export_csv_simpleincludes\class-youelblocks-public.php:44

noprivwp_ajax_youelblocks_export_csv_simpleincludes\class-youelblocks-public.php:45

authwp_ajax_youelblocks_get_statisticsincludes\class-youelblocks-public.php:46

noprivwp_ajax_youelblocks_get_statisticsincludes\class-youelblocks-public.php:47

authwp_ajax_youelblocks_get_user_dataincludes\class-youelblocks-public.php:50

noprivwp_ajax_youelblocks_get_user_dataincludes\class-youelblocks-public.php:51

authwp_ajax_youelblocks_update_user_dataincludes\class-youelblocks-public.php:52

noprivwp_ajax_youelblocks_update_user_dataincludes\class-youelblocks-public.php:53

authwp_ajax_youelblocks_check_password_duplicateincludes\class-youelblocks-public.php:54

noprivwp_ajax_youelblocks_check_password_duplicateincludes\class-youelblocks-public.php:55

authwp_ajax_youelblocks_send_form_dataincludes\class-youelblocks-public.php:56

noprivwp_ajax_youelblocks_send_form_dataincludes\class-youelblocks-public.php:57

authwp_ajax_youelblocks_send_form_data_with_pdfincludes\class-youelblocks-public.php:58

noprivwp_ajax_youelblocks_send_form_data_with_pdfincludes\class-youelblocks-public.php:59

authwp_ajax_youelblocks_generate_pdfincludes\class-youelblocks-public.php:60

noprivwp_ajax_youelblocks_generate_pdfincludes\class-youelblocks-public.php:61

authwp_ajax_youelblocks_get_saved_pdfincludes\class-youelblocks-public.php:62

noprivwp_ajax_youelblocks_get_saved_pdfincludes\class-youelblocks-public.php:63

authwp_ajax_youelblocks_verify_emailincludes\class-youelblocks-public.php:66

noprivwp_ajax_youelblocks_verify_emailincludes\class-youelblocks-public.php:67

authwp_ajax_youelblocks_get_form_dataincludes\class-youelblocks-public.php:80

authwp_ajax_youelblocks_get_page_contentincludes\class-youelblocks-public.php:83

noprivwp_ajax_youelblocks_get_page_contentincludes\class-youelblocks-public.php:84

authwp_ajax_youelblocks_form_submityouel-block-manager.php:604

noprivwp_ajax_youelblocks_form_submityouel-block-manager.php:605

Shortcodes 4

[youelblocks_view_data] includes\class-youelblocks-public.php:19

[youelblocks_data] includes\class-youelblocks-public.php:20

[youelblocks_manage_data] includes\class-youelblocks-public.php:21

[youelblocks_statistics] includes\class-youelblocks-public.php:22

WordPress Hooks 31

actioninitincludes\block-external-data.php:70

actionadmin_menuincludes\class-youelblocks-admin-menu.php:37

actionadmin_enqueue_scriptsincludes\class-youelblocks-admin-pages.php:42

actionadmin_menuincludes\class-youelblocks-admin.php:19

actionadmin_initincludes\class-youelblocks-admin.php:20

actionadmin_enqueue_scriptsincludes\class-youelblocks-admin.php:21

actionadmin_enqueue_scriptsincludes\class-youelblocks-admin.php:44

filterrest_authentication_errorsincludes\class-youelblocks-editor.php:31

actionsave_postincludes\class-youelblocks-editor.php:44

actionbefore_delete_postincludes\class-youelblocks-editor.php:47

actioninitincludes\class-youelblocks-editor.php:54

actionwp_enqueue_scriptsincludes\class-youelblocks-editor.php:56

actioninitincludes\class-youelblocks-editor.php:63

actionwp_enqueue_scriptsincludes\class-youelblocks-editor.php:65

actionsave_postincludes\class-youelblocks-editor.php:1552

actionsave_postincludes\class-youelblocks-editor.php:1643

actionwp_enqueue_scriptsincludes\class-youelblocks-public.php:18

filterthe_contentincludes\class-youelblocks-public.php:26

filterthe_contentincludes\class-youelblocks-public.php:28

actionadmin_noticesyouel-block-manager.php:50

filterupload_mimesyouel-block-manager.php:558

filterblock_categories_allyouel-block-manager.php:570

actionbefore_delete_postyouel-block-manager.php:594

actionsave_postyouel-block-manager.php:597

actionenqueue_block_editor_assetsyouel-block-manager.php:600

filterrest_authentication_errorsyouel-block-manager.php:617

actionupgrader_process_completeyouel-block-manager.php:620

actionwp_loadedyouel-block-manager.php:623

actionadmin_noticesyouel-block-manager.php:1003

actionplugins_loadedyouel-block-manager.php:1066

actioninityouel-block-manager.php:1083

Maintenance & Trust

YOUELBLOCKS Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 16, 2026

PHP min version7.4

Downloads144

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

YOUELBLOCKS Alternatives

JetFormBuilder — Dynamic Blocks Form Builder

jetformbuilder

Advanced form builder plugin for Gutenberg. Create forms from the ground up, customize the existing ones, and style them up – all in one editor.

90K 7 CVEs

Fluent Forms Block

fluentform-block

Fluent forms block is the extension of Fluent forms plugin. You can build advanced Contact form by Fluent form block.

2K No CVEs

Nelio Forms

nelio-forms

100

An intuitive form builder based on open WordPress technologies

60 No CVEs

DesignSetGo

designsetgo

100

Professional WordPress blocks without page builder bloat. 53 blocks + 16 universal extensions that enhance ANY block.

30 No CVEs

Giraforms – Contact Form, Booking Form, Survey & Custom Form Builder for Block Editor

giraforms

100

Build fast, GDPR-friendly forms in Gutenberg. Create contact, booking and survey forms with native blocks, local submissions, CSV export and strong an …

0 No CVEs

Developer Profile

YOUELBLOCKS Developer Profile

YOUELBLOCKS Team

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect YOUELBLOCKS

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/youelblocks/assets/css/youelblocks-admin.css/wp-content/plugins/youelblocks/assets/js/youelblocks-admin.js

Script Paths

/wp-content/plugins/youelblocks/assets/js/youelblocks-admin.js

Version Parameters

youelblocks/assets/css/youelblocks-admin.css?ver=youelblocks/assets/js/youelblocks-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

youelblocks-admin-dashboardyouelblocks-admin-sectionyouelblocks-featuresyouelblocks-quick-links

Data Attributes

data-youelblocks-form-id

JS Globals

youelblocks_admin_ajax_object

Shortcode Output

[youelblocks_form_list]

FAQ