Does Customizer Everywhere have any unpatched vulnerabilities?

No. All known vulnerabilities in Customizer Everywhere have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Customizer Everywhere compatible with WordPress 3.7.41?

According to WordPress.org data, Customizer Everywhere 0.1.2 has been tested up to WordPress 3.7.41. Check the plugin's changelog for the latest compatibility information.

How often is Customizer Everywhere updated?

Customizer Everywhere was last updated on Feb 25, 2015. Frequent updates are generally a positive security signal.

What is Customizer Everywhere's security score?

Customizer Everywhere has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Customizer Everywhere Security & Risk Analysis

wordpress.org/plugins/customizer-everywhere

Promote and enhance the use of customizer in more places; open post previews in the customizer and promote customize link to top of admin bar.

10 active installs v0.1.2 PHP + WP 3.6+ Updated Feb 25, 2015

admin-barcustomizerpreviewwidget-customizer

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Customizer Everywhere Safe to Use in 2026?

Generally Safe

Score 85/100

Customizer Everywhere has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The plugin 'customizer-everywhere' v0.1.2 exhibits a strong security posture based on the provided static analysis. The absence of any identified dangerous functions, raw SQL queries, unsanitized output, or external HTTP requests is commendable. Furthermore, the plugin demonstrates good security practices by utilizing prepared statements for its SQL queries and implementing output escaping, meaning data processed and displayed by the plugin is handled safely. The presence of a capability check is also a positive sign, indicating an attempt to restrict access to certain functionalities.

However, the static analysis does reveal a potential area of concern: a single file operation is present without specific details on its context or how it's secured. While no taint flows with unsanitized paths were found, the presence of file operations warrants careful consideration to ensure they are not susceptible to directory traversal or other file manipulation vulnerabilities. The plugin's vulnerability history is entirely clean, with no recorded CVEs, which suggests a history of stable and secure development. This, combined with the positive static analysis findings, points to a generally secure plugin.

In conclusion, 'customizer-everywhere' v0.1.2 appears to be a well-secured plugin with a clean history and good coding practices in place, particularly regarding SQL and output handling. The primary, albeit minor, point of attention is the single file operation, which, without further context, represents a hypothetical risk. Overall, the plugin's strengths far outweigh its weaknesses.

Key Concerns

File operations without detailed context

Vulnerabilities

None known

Customizer Everywhere Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Customizer Everywhere Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

Customizer Everywhere Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actionadmin_enqueue_scriptscustomizer-everywhere.php:48

filterpreview_post_linkcustomizer-everywhere.php:49

actioncustomize_preview_initcustomizer-everywhere.php:50

actioncustomize_controls_enqueue_scriptscustomizer-everywhere.php:51

actionadmin_bar_menucustomizer-everywhere.php:54

actionplugins_loadedcustomizer-everywhere.php:222

Maintenance & Trust

Customizer Everywhere Maintenance & Trust

Maintenance Signals

WordPress version tested3.7.41

Last updatedFeb 25, 2015

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Customizer Everywhere Alternatives

Backstage – Customizer Demo Access

backstage

Showcase your product's flexibility the same way users will harness it, in the Customizer. All elegant and secure.

100 No CVEs

Category Excluder from Theme Customizer

category-excluder-from-theme-customizer

Administrator can easily exclude the posts from specific category/categories via WordPress live preview ( Theme Customizer )

60 No CVEs

Customizer Refresh

customizer-refresh

Add a button that refreshes the live preview in the WordPress Customizer.

20 No CVEs

Adminbar No Customizer

adminbar-no-customizer

Moves the Customizer link from the Adminbar top level to be a subitem under the site-menu.

10 No CVEs

Live Theme Preview

live-theme-preview

Live Theme Preview allows users to preview themes on their own website before customizing or activating them.

10 No CVEs

Developer Profile

Customizer Everywhere Developer Profile

Weston Ruter

22 plugins · 437K total installs

trust score

Avg Security Score

91/100

Avg Patch Time

4499 days

View full developer profile

Detection Fingerprints

How We Detect Customizer Everywhere

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/customizer-everywhere/preview.js/wp-content/plugins/customizer-everywhere/edit-post.js/wp-content/plugins/customizer-everywhere/controls.js

Version Parameters

customizer-everywhere/preview.js?ver=customizer-everywhere/edit-post.js?ver=customizer-everywhere/controls.js?ver=

HTML / DOM Fingerprints

JS Globals

CustomizerEverywherePreview_exportsCustomizerEverywhereEditPost_exportsCustomizerEverywhereControls_exports

FAQ