Does Browser Theme Color have any unpatched vulnerabilities?

No. All known vulnerabilities in Browser Theme Color have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Browser Theme Color compatible with WordPress 6.9.4?

According to WordPress.org data, Browser Theme Color 1.5 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is Browser Theme Color updated?

Browser Theme Color was last updated on May 26, 2025. Frequent updates are generally a positive security signal.

What is Browser Theme Color's security score?

Browser Theme Color has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Browser Theme Color Security & Risk Analysis

wordpress.org/plugins/browser-theme-color

Add the 'theme-color' meta tag to your website for a seamless user experience on Android & iOS with our easy-to-use plugin.

3K active installs v1.5 PHP + WP 3.8+ Updated May 26, 2025

androidbrowsercolormobiletheme

A · Safe

CVEs total1

Unpatched0

Last CVEJan 17, 2024

Plugin page Download

Safety Verdict

Is Browser Theme Color Safe to Use in 2026?

Generally Safe

Score 100/100

Browser Theme Color has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jan 17, 2024Updated 10mo ago

Risk Assessment

The 'browser-theme-color' plugin version 1.5 exhibits a mixed security posture. On the positive side, the static analysis reveals no identified dangerous functions, raw SQL queries, file operations, or external HTTP requests, which are common sources of vulnerabilities. The presence of nonce and capability checks, along with 100% prepared statements for SQL, indicates a good effort in implementing basic security measures. However, a significant concern arises from the output escaping, where only 64% of outputs are properly escaped. This leaves a portion of the plugin's output potentially vulnerable to XSS attacks. Furthermore, the plugin has a history of known vulnerabilities, including a past medium-severity Cross-Site Request Forgery (CSRF) issue. While there are currently no unpatched CVEs, this history suggests a recurring pattern of security weaknesses that require careful monitoring.

Key Concerns

Outputs not properly escaped
History of known vulnerabilities

Vulnerabilities

Browser Theme Color Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-22291medium · 6.5Cross-Site Request Forgery (CSRF)

Browser Theme Color <= 1.3 - Cross-Site Request Forgery via btc_settings_page

Jan 17, 2024 Patched in 1.4 (134d)

Code Analysis

Analyzed Mar 16, 2026

Browser Theme Color Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

7 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

64% escaped11 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

settings_page (browser-theme-color.php:59)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Browser Theme Color Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 3

actionwp_headbrowser-theme-color.php:25

actionadmin_menubrowser-theme-color.php:26

actionadmin_enqueue_scriptsbrowser-theme-color.php:27

Maintenance & Trust

Browser Theme Color Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMay 26, 2025

PHP min version

Downloads32K

Community Trust

Rating100/100

Number of ratings1

Active installs3K

Alternatives

Browser Theme Color Alternatives

Browser Address Bar Color Changer

browser-address-bar-color-changer

100

A simple and secure plugin to change the browser address bar color on mobile devices using the theme-color meta tag.

30 No CVEs

Any Mobile Theme Switcher

any-mobile-theme-switcher

This Plugin detects mobile browser and display the theme as the setting done from admin. Usefull for switch to Mobile Theme.

20K No CVEs

Color Mobile Browser Address Bar

color-mobile-browser-address-bar

A WordPress plugin that lets you add a custom color to the address bar of mobile browsers.

2K No CVEs

Colorize Mobile Browser Address bar

colorize-mobile-browser-bar

Simple and lightweight plugin that allows you to quickly set the Browser - Address bar background color on mobile devices.

1K No CVEs

Color Your Bar

color-your-bar

A ultimate plugin to colorise the Mobile Chrome address bar and enable full mode and give style to iOS status bar.

500 1 unpatched

Developer Profile

Browser Theme Color Developer Profile

Marco Milesi

13 plugins · 13K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

280 days

View full developer profile

Detection Fingerprints

How We Detect Browser Theme Color

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/browser-theme-color/css/admin.css/wp-content/plugins/browser-theme-color/js/admin.js

HTML / DOM Fingerprints

CSS Classes

btc-input-class

HTML Comments

Data Attributes

data-default-color

FAQ