Does Debug Editor have any unpatched vulnerabilities?

No. All known vulnerabilities in Debug Editor have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Debug Editor compatible with WordPress 5.3.21?

According to WordPress.org data, Debug Editor 1.2 has been tested up to WordPress 5.3.21. Check the plugin's changelog for the latest compatibility information.

How often is Debug Editor updated?

Debug Editor was last updated on Nov 16, 2019. Frequent updates are generally a positive security signal.

What is Debug Editor's security score?

Debug Editor has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Debug Editor Security & Risk Analysis

wordpress.org/plugins/debug-editor

一个开发者必备的简易调试器。安全，简洁，高效，谁用谁知道！

10 active installs v1.2 PHP + WP + Updated Nov 16, 2019

codedebuglinkmaintenancetweak

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Debug Editor Safe to Use in 2026?

Generally Safe

Score 85/100

Debug Editor has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago

Risk Assessment

The debug-editor plugin v1.2 exhibits a strong security posture based on the provided static analysis. The absence of any identified attack surface entry points, dangerous functions, direct SQL queries, file operations, or external HTTP requests is a significant strength. The fact that all SQL queries (though zero were found) would utilize prepared statements and that there were no unsanitized taint flows further bolsters this positive assessment.

However, the analysis does highlight a few areas for improvement. The output escaping is not fully implemented, with 33% of outputs potentially unescaped. While the current lack of identified vulnerabilities in its history is excellent, the complete absence of nonce and capability checks across all entry points is a notable concern. This could leave the plugin vulnerable to certain types of attacks if new entry points were to be introduced in the future without proper authentication and authorization mechanisms.

In conclusion, debug-editor v1.2 appears to be a well-developed plugin from a security perspective, with a minimal attack surface and no critical code-level vulnerabilities detected. The primary weakness lies in the lack of explicit security checks for potential future vulnerabilities, despite the current analysis showing no such issues. This suggests a focus on the current codebase rather than a robust, forward-looking security architecture.

Key Concerns

Incomplete output escaping
No nonce checks implemented
No capability checks implemented

Vulnerabilities

None known

Debug Editor Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Debug Editor Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

2 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

67% escaped3 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

debug_editor_options_page (debug-editor.php:56)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Debug Editor Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actionadmin_initdebug-editor.php:13

actionall_admin_noticesdebug-editor.php:16

actionadmin_bar_menudebug-editor.php:17

actionadmin_action_debug-editordebug-editor.php:18

filterwp_die_handlerdebug-editor.php:20

filterwp_fatal_error_handler_enableddebug-editor.php:21

Maintenance & Trust

Debug Editor Maintenance & Trust

Maintenance Signals

WordPress version tested5.3.21

Last updatedNov 16, 2019

PHP min version

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Debug Editor Alternatives

Shortcode in Menus

shortcode-in-menus

100

Allows you to add shortcodes in WordPress Navigation Menus.

50K No CVEs

Link Checker Professional

link-checker

An easy to use link checker for WordPress to detect broken links and images on your website.

4K 1 CVE

Log Out Shortcode

log-out-shortcode

Easily add a log out link or button to a post or page using a simple shortcode.

3K No CVEs

Monkeyman Rewrite Analyzer

monkeyman-rewrite-analyzer

Making sense of the rewrite mess. Display and play with your rewrite rules.

2K No CVEs

Yada Wiki

yada-wiki

Yada Wiki is a simple wiki for your WordPress site.

2K 2 CVEs

Developer Profile

Debug Editor Developer Profile

Link

4 plugins · 90 total installs

trust score

Avg Security Score

89/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Debug Editor

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Script Paths

/wp-content/plugins/debug-editor/debug-editor.php

HTML / DOM Fingerprints

CSS Classes

debug_editor_aboutdebug_editor_submit

Data Attributes

id="debug_editor_wrap"id="debug_editor_code"id="debug_editor_out"id="debug_editor_submit"name="debug_editor_code"

JS Globals

localStoragedebug_editor_codedebug_editor_show

FAQ