Kadence Blocks is a powerful extension for the native WordPress block editor, designed to provide advanced Gutenberg blocks, responsive layout controls, dynamic design tools, and professional website-building functionality without requiring custom code.
The plugin extends WordPress with a wide collection of custom blocks including Accordions, Advanced Buttons, Forms, Galleries, Tabs, Testimonials, Post Grids, Row Layouts, Progress Bars, Lottie Animations, and many more. It is optimized for performance, accessibility, and scalability while maintaining clean frontend output and modern design standards.
Kadence Blocks is built to replace traditional page builders with a lightweight and native WordPress editing experience. Features such as intelligent asset loading, responsive controls, typography management, visibility permissions, and advanced layout systems allow developers and website owners to create highly customized websites securely and efficiently.
From a security perspective, Kadence Blocks follows structured WordPress development practices with emphasis on secure rendering, role-based configuration visibility, controlled dynamic content handling, and optimized frontend asset management.
After completing a security-focused review and verification process, the plugin was awarded the Plugin Security Certification (PSC-2026-64664) by CleanTalk.
| Name of | Kadence Blocks — Page Builder Toolkit for Gutenberg Editor |
| Version | 3.7.2 |
| Active installations | 600,000+ |
| Description | Advanced Gutenberg blocks plugin for WordPress featuring responsive layouts, dynamic content tools, advanced forms, galleries, and performance-focused frontend controls. Certified with PSC-2026-64664 by CleanTalk. |
| Security | Successfully tested for: SQL Injection (SQLi) Cross-Site Scripting (XSS) – Stored & Reflected Cross-Site Request Forgery (CSRF) Authentication Vulnerabilities Authentication Bypass Exploits Privilege Escalation Buffer Overflow Denial-of-Service (DoS) vectors Data Leakage Vulnerabilities Insecure Dependency Usage Remote Code Execution (RCE) Risks Unauthorized File Access Insufficient Injection Protection Information Disclosure via Misconfigured Endpoints |
| CleanTalk Certification | Proudly earned the “Plugin Security Certification” (PSC) from CleanTalk, indicating adherence to stringent security standards. |
| Additional Information | Use Enable Media Replace with confidence backed by the “Plugin Security Certification” (PSC). Always verify the latest plugin details and keep WordPress core and dependent components up to date. |
| Plugin Security Certification by CleanTalk |  |
| Logo of the plugin |
PSC by CleantalkJoin the community of developers who prioritize security. Highlight your plugin in the WordPress catalog.
Key Features
Advanced Gutenberg blocks for WordPress
Accordion, Tabs, Testimonials, Countdown, Progress Bar, and Info Box blocks
Advanced Gallery with sliders and carousels
Advanced Form Builder for contact and marketing forms
Responsive Row Layout and Section blocks
Table of Contents block with automatic anchor generation
Lottie Animation support
Post Grid and dynamic content display blocks
Responsive design controls for desktop, tablet, and mobile
Typography management with 900+ Google Fonts
Intelligent CSS and JavaScript loading optimization
Conditional visibility and user role-based setting controls
Extensive spacing, background, overlay, and styling options
Dynamic content and advanced design library support
WooCommerce and Kadence ecosystem integration
GitHub source availability and Patchstack vulnerability disclosure support
Security Assurance
The CleanTalk Plugin Security Certification evaluation focuses on defensive file-handling behavior for plugins that modify existing media assets. For media replacement plugins, common abuse patterns include replacing an image with an executable file, overwriting arbitrary server files, manipulating destination paths, changing media owned by another user without permission, triggering unwanted link updates, or using CSRF to replace trusted assets through an administrator session. The review validates that replacement workflows are restricted to authorized users, that upload validation follows WordPress file-handling expectations, and that old and new file paths remain constrained to legitimate media locations. Particular attention is paid to file type checks, attachment ownership or capability boundaries, reference updates, background-removal API behavior, and error handling because file operations can affect both security and site integrity.
The plugin has been successfully tested for:
✅ Information Leakage Vulnerabilities
✅ SQL Injection Vulnerabilities
✅ Cross-Site Scripting (XSS) Attacks
✅ Cross-Site Request Forgery (CSRF) Attacks
✅ Authentication & Authentication Bypass Vulnerabilities
✅ Privilege Escalation Vulnerabilities
✅ Buffer Overflow Vulnerabilities
✅ Denial-of-Service (DoS) Vulnerabilities
✅ Data Leakage Vulnerabilities
✅ Insecure Dependencies
✅ Code Execution Vulnerabilities
✅ File Unauthorized Access Vulnerabilities
✅ Insufficient Injection Protection
Conclusion
Kadence Blocks provides a modern and highly optimized Gutenberg-based website building experience for WordPress users, agencies, developers, and businesses. Its combination of advanced design flexibility, responsive controls, intelligent asset management, and dynamic content tools allows users to build professional websites entirely within the native WordPress editor.
From a security perspective, the plugin demonstrates strong adherence to secure development practices through controlled rendering, role-based controls, optimized frontend behavior, and compatibility with WordPress security standards.
Having successfully completed the CleanTalk security audit and obtained PSC-2026-64664, Kadence Blocks can be confidently deployed in production WordPress environments requiring both advanced functionality and reliable security practices.
Note: The date and certification information may change over time. It is advisable to verify the latest details on the plugin developer’s website.