Disable WPautop Security & Risk Analysis

wordpress.org/plugins/disable-wpautop

Disables the wpautop function for the_content and the_excerpt

2K active installs v1.1 PHP + WP + Updated Nov 28, 2017
disablewpautop
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Safety Verdict

Is Disable WPautop Safe to Use in 2026?

Generally Safe

Score 85/100

Disable WPautop has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago
Risk Assessment

The 'disable-wpautop' v1.1 plugin exhibits a strong security posture based on the provided static analysis. The absence of any identified dangerous functions, raw SQL queries, unescaped output, file operations, external HTTP requests, or taint flows suggests a well-written and secure codebase. Furthermore, the plugin demonstrates a commendable lack of critical entry points, with zero AJAX handlers, REST API routes, shortcodes, or cron events, all of which are also reported as unprotected. This significantly reduces the potential attack surface.

Vulnerabilities
None known

Disable WPautop Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Disable WPautop Release Timeline

v1.1Current
v1.0
Code Analysis
Analyzed Mar 16, 2026

Disable WPautop Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0
Attack Surface

Disable WPautop Attack Surface

Entry Points0
Unprotected0
Maintenance & Trust

Disable WPautop Maintenance & Trust

Maintenance Signals

WordPress version tested4.4.34
Last updatedNov 28, 2017
PHP min version
Downloads40K

Community Trust

Rating84/100
Number of ratings5
Active installs2K
Developer Profile

Disable WPautop Developer Profile

Nick Momrik

12 plugins · 3K total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Disable WPautop

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about Disable WPautop