Does Bg Highlight Names have any unpatched vulnerabilities?

No. All known vulnerabilities in Bg Highlight Names have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Bg Highlight Names compatible with WordPress 5.8.13?

According to WordPress.org data, Bg Highlight Names 1.2.5 has been tested up to WordPress 5.8.13. Check the plugin's changelog for the latest compatibility information.

Is Bg Highlight Names compatible with PHP 5.3+?

Bg Highlight Names requires PHP 5.3 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Bg Highlight Names updated?

Bg Highlight Names was last updated on Dec 24, 2021. Frequent updates are generally a positive security signal.

What is Bg Highlight Names's security score?

Bg Highlight Names has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Bg Highlight Names Security & Risk Analysis

wordpress.org/plugins/bg-highlight-names

Highlight the names in the text

20 active installs v1.2.5 PHP 5.3+ WP 3.0.1+ Updated Dec 24, 2021

%d0%b8%d0%bc%d1%8f%d0%bc%d0%be%d0%bd%d0%b0%d1%85%d0%be%d1%82%d1%87%d0%b5%d1%81%d1%82%d0%b2%d0%be%d1%81%d1%81%d1%8b%d0%bb%d0%ba%d0%b0%d1%84%d0%b0%d0%bc%d0%b8%d0%bb%d0%b8%d1%8f

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Bg Highlight Names Safe to Use in 2026?

Generally Safe

Score 85/100

Bg Highlight Names has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The "bg-highlight-names" plugin v1.2.5 exhibits a mixed security posture. On the positive side, it demonstrates good practices by using prepared statements for all SQL queries and has no recorded vulnerability history, suggesting a generally stable codebase. However, significant concerns arise from the static analysis. The plugin has a small but unprotected attack surface, specifically one AJAX handler that lacks authentication checks. This creates a potential entry point for unauthorized actions if an attacker can trigger this handler. Additionally, the low percentage of properly escaped output (13%) is a major red flag, indicating a high likelihood of cross-site scripting (XSS) vulnerabilities where user-supplied data might be rendered directly in the browser without proper sanitization. While no critical taint flows or dangerous functions were found, the combination of an unprotected AJAX endpoint and widespread output escaping issues presents a considerable risk.

Key Concerns

Unprotected AJAX handler
Low output escaping percentage (13%)
Flow with unsanitized paths (from taint analysis)
Missing nonce checks on AJAX handler

Vulnerabilities

None known

Bg Highlight Names Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Bg Highlight Names Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

13% escaped31 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths

bg_hlnames_callback (bg-hlnames.php:209)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

Bg Highlight Names Attack Surface

Entry Points2

Unprotected1

AJAX Handlers 1

authwp_ajax_bg_hlnamesbg-hlnames.php:206

Shortcodes 1

[nonames] bg-hlnames.php:96

WordPress Hooks 12

actionplugins_loadedbg-hlnames.php:44

actionplugins_loadedbg-hlnames.php:71

filterthe_contentbg-hlnames.php:77

filterthe_excerptbg-hlnames.php:78

filterthe_excerptbg-hlnames.php:79

actionwp_insert_post_databg-hlnames.php:82

filterthe_contentbg-hlnames.php:86

filterthe_excerptbg-hlnames.php:87

filterthe_excerptbg-hlnames.php:88

actionwp_insert_post_databg-hlnames.php:89

actionwp_insert_post_databg-hlnames.php:92

actionadmin_menubg-hlnames.php:195

Maintenance & Trust

Bg Highlight Names Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13

Last updatedDec 24, 2021

PHP min version5.3

Downloads2K

Community Trust

Rating100/100

Number of ratings1

Active installs20

Alternatives

Bg Highlight Names Alternatives

Prisna YT – Яндекс Переводчик

wp-yandex-translate

100

Добавьте себе виджет Яндекс переводчик.

80 No CVEs

Russian Date by Axelnsk

russian-date-by-axelnsk

Русские даты. Русские названия месяцев и дней недели для WordPress.

600 No CVEs

Affiliate program for your website ( integration with Sdelka.biz )

affiliate-marketing

Плагин интегрирует ваш сайт с платформой партнёрского маркетинга Sdelka.biz.

10 No CVEs

GDEZAKAZI.RU

gdezakazi-ru

ГДЕЗАКАЗЫ.РФ - отслеживание посылок Почта России v.1.0 Разработано ГДЕЗАКАЗЫ.РФ Модуль использует функционал сервиса ГДЕЗАКАЗЫ.

10 No CVEs

Онлайн-магазин Мерчиум

merchiumru

Полноценный интернет-магазин для вашего блога.

10 No CVEs

Developer Profile

Bg Highlight Names Developer Profile

Vadim Bogaiskov

6 plugins · 1K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Bg Highlight Names

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/bg-highlight-names/css/bg_hlnames.css/wp-content/plugins/bg-highlight-names/js/bg_hlnames.js

Script Paths

/wp-content/plugins/bg-highlight-names/js/bg_hlnames.js

Version Parameters

bg-highlight-names/css/bg_hlnames.css?ver=bg-highlight-names/js/bg_hlnames.js?ver=

HTML / DOM Fingerprints

CSS Classes

bg_hlnames_debug

JS Globals

BgHighlightNames

Shortcode Output

[nonames]

FAQ

Bg Highlight Names Security & Risk Analysis

Is Bg Highlight Names Safe to Use in 2026?

Generally Safe

Key Concerns

Bg Highlight Names Security Vulnerabilities

Bg Highlight Names Code Analysis

Output Escaping

Data Flow Analysis

Bg Highlight Names Attack Surface

AJAX Handlers 1

Shortcodes 1

Bg Highlight Names Maintenance & Trust

Maintenance Signals

Community Trust

Bg Highlight Names Alternatives

Prisna YT – Яндекс Переводчик

Russian Date by Axelnsk

Affiliate program for your website ( integration with Sdelka.biz )

GDEZAKAZI.RU

Онлайн-магазин Мерчиум

Bg Highlight Names Developer Profile

How We Detect Bg Highlight Names

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Bg Highlight Names