WP-Safety

Copy Anything to Clipboard for WordPress – Copy Button, Copy Text & Copy Code Security & Risk Analysis

wordpress.org/plugins/copy-the-code

Copy Anything to Clipboard is the #1 WordPress copy-to-clipboard plugin trusted by 10,000+ active websites with 342,151+ downloads 🚀.

10K active installs v5.5.1 PHP 5.6+ WP 4.4+ Updated Mar 12, 2026
clipboardcopy-buttoncopy-codecopy-textcopy-to-clipboard
99
A · Safe
CVEs total2
Unpatched0
Last CVENov 13, 2024
Plugin page Download
Safety Verdict

Is Copy Anything to Clipboard for WordPress – Copy Button, Copy Text & Copy Code Safe to Use in 2026?

Generally Safe

Score 99/100

Copy Anything to Clipboard for WordPress – Copy Button, Copy Text & Copy Code has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Nov 13, 2024Updated 22d ago
Risk Assessment

The 'copy-the-code' plugin v5.5.1 exhibits a generally positive security posture, with strong adherence to secure coding practices in several areas. The absence of any taint analysis findings and the fact that all SQL queries are prepared statements are significant strengths. Furthermore, the plugin demonstrates a good level of output escaping (81%) and incorporates nonce and capability checks for its entry points, indicating a thoughtful approach to preventing common web vulnerabilities. The plugin has a history of two medium-severity CVEs, both of which are now patched, which is reassuring. However, the presence of two medium-severity vulnerabilities in its history, even if patched, suggests that past issues have existed and requires ongoing vigilance. While the current static analysis shows no immediate critical threats and a well-protected attack surface, the past vulnerability record should not be entirely dismissed. The plugin's overall security is good, but a historical context of medium vulnerabilities warrants a slightly cautious approach.

Key Concerns

  • Past medium severity CVEs, though patched
  • Bundled outdated library (Freemius v1.0)
Vulnerabilities
2

Copy Anything to Clipboard for WordPress – Copy Button, Copy Text & Copy Code Security Vulnerabilities

CVEs by Year

1 CVE in 2023
2023
1 CVE in 2024
2024
Patched Has unpatched

Severity Breakdown

Medium
2

2 total CVEs

CVE-2024-52419medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Copy Anything to Clipboard <= 4.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

Nov 13, 2024 Patched in 4.0.4 (28d)
CVE-2023-5086medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Copy Anything to Clipboard <= 2.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Sep 22, 2023 Patched in 2.6.5 (123d)
Code Analysis
Analyzed Mar 16, 2026

Copy Anything to Clipboard for WordPress – Copy Button, Copy Text & Copy Code Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
16 prepared
Unescaped Output
76
331 escaped
Nonce Checks
2
Capability Checks
8
File Operations
4
External Requests
1
Bundled Libraries
2

Bundled Libraries

Freemius1.0DataTables

SQL Query Safety

100% prepared16 total queries

Output Escaping

81% escaped407 total outputs
Attack Surface

Copy Anything to Clipboard for WordPress – Copy Button, Copy Text & Copy Code Attack Surface

Entry Points5
Unprotected0

AJAX Handlers 2

authwp_ajax_ctc_dismiss_welcome_noticeincludes\class-welcome.php:65
authwp_ajax_ctc_update_telemetry_opt_inincludes\telemetry\class-telemetry.php:106

Shortcodes 3

[copy] includes\class-shortcode.php:65
[copy_inline] includes\class-shortcode.php:66
[ctc] includes\class-shortcode.php:67
WordPress Hooks 45
filteradmin_footer_textincludes\analytics\class-analytics.php:55
filterupdate_footerincludes\analytics\class-analytics.php:56
actionctc_analytics_cleanupincludes\analytics\class-database.php:53
actionrest_api_initincludes\analytics\class-rest.php:60
actionadmin_menuincludes\class-base.php:53
actionload-settings_page_ctcincludes\class-base.php:54
actionadmin_enqueue_scriptsincludes\class-base.php:55
actioninitincludes\class-core.php:57
actionplugins_loadedincludes\class-core.php:58
actioninitincludes\class-post-types.php:43
filteradmin_urlincludes\class-post-types.php:49
actioncurrent_screenincludes\class-post-types.php:50
filterget_edit_post_linkincludes\class-post-types.php:83
actionwp_footerincludes\class-shortcode.php:70
actionadmin_initincludes\class-updater.php:52
actionadmin_noticesincludes\class-welcome.php:63
actionadmin_enqueue_scriptsincludes\class-welcome.php:64
actionctc/updater/afterincludes\class-welcome.php:68
actionelementor/widgets/registerincludes\elementor\class-blocks.php:48
actionelementor/elements/categories_registeredincludes\elementor\class-blocks.php:49
filterconnect_urlincludes\freemius.php:70
filterafter_skip_urlincludes\freemius.php:72
filterafter_connect_urlincludes\freemius.php:74
filterafter_pending_connect_urlincludes\freemius.php:76
filterafter_pending_connect_urlincludes\freemius.php:78
actionafter_uninstallincludes\freemius.php:81
actionplugins_loadedincludes\freemius.php:117
actionwp_enqueue_scriptsincludes\global-injector\class-frontend.php:57
actionadmin_bar_menuincludes\global-injector\class-frontend.php:58
actionadmin_enqueue_scriptsincludes\global-injector\class-global-injector.php:55
filteradmin_footer_textincludes\global-injector\class-global-injector.php:83
filterupdate_footerincludes\global-injector\class-global-injector.php:84
actionrest_api_initincludes\global-injector\class-rest.php:57
actioninitincludes\global-injector\class-style-presets.php:62
actioninitincludes\gutenberg\blocks\copy-button\class-block.php:41
actionenqueue_block_assetsincludes\gutenberg\blocks\copy-button\class-block.php:42
actioninitincludes\gutenberg\blocks\copy-icon\class-block.php:43
actionenqueue_block_assetsincludes\gutenberg\blocks\copy-icon\class-block.php:44
actioninitincludes\gutenberg\blocks\icon\class-block.php:43
actionenqueue_block_editor_assetsincludes\gutenberg\blocks\icon\class-block.php:44
actionenqueue_block_assetsincludes\gutenberg\blocks\icon\class-block.php:45
actioninitincludes\gutenberg\blocks\social-share\class-block.php:41
actioninitincludes\gutenberg\blocks\term-title\class-block.php:41
filterblock_categories_allincludes\gutenberg\class-blocks.php:41
actioninitincludes\telemetry\class-telemetry.php:108

Scheduled Events 2

ctc_analytics_cleanup
ctc_analytics_cleanup
Maintenance & Trust

Copy Anything to Clipboard for WordPress – Copy Button, Copy Text & Copy Code Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 12, 2026
PHP min version5.6
Downloads343K

Community Trust

Rating92/100
Number of ratings35
Active installs10K
Alternatives

Copy Anything to Clipboard for WordPress – Copy Button, Copy Text & Copy Code Alternatives

Copy to Clipboard

Copy to Clipboard

copy-to-clipboard

A
85

Copy to Clipboard WordPress plugin helps you to copy anything to clipboard from your landing page.

100 No CVEs
Click To Copy – Copy Text or Code to Clipboard Instantly

Click To Copy – Copy Text or Code to Clipboard Instantly

click-to-copy

A
100

The Click To Copy Block plugin offers a seamless Gutenberg block for one-click content copying.

700 No CVEs
ElemCopy – Text Copy Button for Elementor

ElemCopy – Text Copy Button for Elementor

elemcopy-text-copy-button-for-elementor

A
100

A simple Elementor widget that lets users copy text to the clipboard with one click, improving UX with fast and effortless copy functionality.

200 No CVEs
kontur Copy Code Button

kontur Copy Code Button

kontur-copy-code-button

A
85

Add your own 'kontur Copy Code Button' with your own icon, text, class, color and 'pre' background. Works as well with the Gutenbe &hellip;

80 No CVEs
Code Block Copy Button

Code Block Copy Button

code-block-copy-button

A
100

Add a customizable copy button to code blocks for fast, one-click copying.

60 No CVEs
Developer Profile

Copy Anything to Clipboard for WordPress – Copy Button, Copy Text & Copy Code Developer Profile

Clipboard Agency

1 plugin · 10K total installs

87
trust score
Avg Security Score
99/100
Avg Patch Time
76 days
View full developer profile
Detection Fingerprints

How We Detect Copy Anything to Clipboard for WordPress – Copy Button, Copy Text & Copy Code

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/copy-the-code/assets/admin/css/analytics.css/wp-content/plugins/copy-the-code/assets/admin/js/analytics.js/wp-content/plugins/copy-the-code/assets/admin/css/dashboard.css/wp-content/plugins/copy-the-code/assets/admin/js/dashboard.js
Script Paths
/wp-content/plugins/copy-the-code/includes/freemius.php/wp-content/plugins/copy-the-code/includes/class-core.php
Version Parameters
copy-the-code/assets/admin/css/analytics.css?ver=copy-the-code/assets/admin/js/analytics.js?ver=copy-the-code/assets/admin/css/dashboard.css?ver=copy-the-code/assets/admin/js/dashboard.js?ver=

HTML / DOM Fingerprints

CSS Classes
ctc-admin-rootctc-analytics-pagectc-dashboard-root
Data Attributes
data-ctc-version
JS Globals
ctcAnalyticsCTCDashboard
REST Endpoints
/ctc/v1/analytics/
FAQ

Frequently Asked Questions about Copy Anything to Clipboard for WordPress – Copy Button, Copy Text & Copy Code