WP-Safety

Easy Syntax Highlighter Security & Risk Analysis

wordpress.org/plugins/easy-syntax-highlighter

Modern, lightweight syntax highlighter for WordPress using Highlight.js

10 active installs v2.0.0 PHP 7.0+ WP 5.0+ Updated Feb 12, 2026
code-blockcode-highlightinghighlight-jssyntax-highlighter
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Easy Syntax Highlighter Safe to Use in 2026?

Generally Safe

Score 100/100

Easy Syntax Highlighter has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "easy-syntax-highlighter" v2.0.0 plugin exhibits a generally good security posture based on the provided static analysis and vulnerability history. The absence of any recorded CVEs and the positive findings in the code analysis, such as 100% SQL queries using prepared statements and a high percentage of properly escaped outputs, suggest that the developers have prioritized secure coding practices. The plugin also has a very limited attack surface with no exposed AJAX handlers, REST API routes, shortcodes, or cron events that are unprotected, which is a significant strength.

Key Concerns

  • No nonce checks
  • Only 1 capability check
  • Bundled library (TinyMCE) may have vulnerabilities
  • 85% output escaping is good, but 15% is still a risk
Vulnerabilities
None known

Easy Syntax Highlighter Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Easy Syntax Highlighter Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
2
11 escaped
Nonce Checks
0
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

TinyMCE

Output Escaping

85% escaped13 total outputs
Attack Surface

Easy Syntax Highlighter Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 12
actionadmin_menusrc\admin\SettingsPage.php:100
actionadmin_initsrc\admin\SettingsPage.php:101
actionwp_enqueue_scriptssrc\core\AssetManager.php:19
actionadmin_enqueue_scriptssrc\core\AssetManager.php:20
actionplugins_loadedsrc\core\Plugin.php:108
filterall_pluginssrc\core\Plugin.php:109
actionplugins_loadedsrc\core\Plugin.php:144
actionplugins_loadedsrc\core\Plugin.php:145
actionplugins_loadedsrc\core\Plugin.php:146
actionplugins_loadedsrc\core\Plugin.php:161
filtermce_external_pluginssrc\editor\ClassicEditor.php:20
filtermce_buttonssrc\editor\ClassicEditor.php:21
Maintenance & Trust

Easy Syntax Highlighter Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 12, 2026
PHP min version7.0
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Easy Syntax Highlighter Alternatives

Vaaky Highlighter – Syntax Highlighter for Gutenberg

Vaaky Highlighter – Syntax Highlighter for Gutenberg

vaaky-highlighter

A
100

Lightweight syntax highlighter plugin for WordPress Gutenberg powered by Highlight.js. Add beautiful, fast, and responsive code blocks with ease.

20 No CVEs
AH Code Highlighter

AH Code Highlighter

ah-prism-syntax-highlighter

A
85

The easiest to use code highlighting ever. Choose between 8 different color themes to highlight your code snippets. Many programming languages are sup …

70 No CVEs
Smart Syntax

Smart Syntax

smart-syntax

A
85

Automatic google prettify syntax highlighting for jetpack markdown fenced code blocks

10 No CVEs
Syntax Highlight Nano

Syntax Highlight Nano

syntax-highlight-nano

A
100

Adds modern syntax highlighting to WordPress's standard code block using the robust highlight.js library.

0 No CVEs
HTML Editor Syntax Highlighter

HTML Editor Syntax Highlighter

html-editor-syntax-highlighter

A
85

Add syntax highlighting to WordPress code editors using CodeMirror.js

50K No CVEs
Developer Profile

Easy Syntax Highlighter Developer Profile

tiptinker

3 plugins · 70 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Easy Syntax Highlighter

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/easy-syntax-highlighter/assets/js/highlight.min.js/wp-content/plugins/easy-syntax-highlighter/assets/css/hljs-themes//wp-content/plugins/easy-syntax-highlighter/assets/css/frontend.css/wp-content/plugins/easy-syntax-highlighter/assets/js/frontend.js/wp-content/plugins/easy-syntax-highlighter/assets/css/admin.css/wp-content/plugins/easy-syntax-highlighter/assets/css/modal.css/wp-content/plugins/easy-syntax-highlighter/assets/js/modal.js/wp-content/plugins/easy-syntax-highlighter/assets/js/admin.js
Script Paths
assets/js/highlight.min.jsassets/js/frontend.jsassets/js/modal.jsassets/js/admin.js
Version Parameters
easy-syntax-highlighter/assets/css/hljs-themes/easy-syntax-highlighter/assets/css/frontend.csseasy-syntax-highlighter/assets/js/frontend.jseasy-syntax-highlighter/assets/css/admin.csseasy-syntax-highlighter/assets/css/modal.csseasy-syntax-highlighter/assets/js/modal.jseasy-syntax-highlighter/assets/js/admin.js

HTML / DOM Fingerprints

JS Globals
esh_i18neshAdminVars
FAQ

Frequently Asked Questions about Easy Syntax Highlighter