Does Enlighter – Customizable Syntax Highlighter have any unpatched vulnerabilities?

No. All known vulnerabilities in Enlighter – Customizable Syntax Highlighter have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Enlighter – Customizable Syntax Highlighter compatible with WordPress 6.1.10?

According to WordPress.org data, Enlighter – Customizable Syntax Highlighter 4.6.1 has been tested up to WordPress 6.1.10. Check the plugin's changelog for the latest compatibility information.

Is Enlighter – Customizable Syntax Highlighter compatible with PHP 5.6+?

Enlighter – Customizable Syntax Highlighter requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Enlighter – Customizable Syntax Highlighter updated?

Enlighter – Customizable Syntax Highlighter was last updated on Jan 20, 2023. Frequent updates are generally a positive security signal.

What is Enlighter – Customizable Syntax Highlighter's security score?

Enlighter – Customizable Syntax Highlighter has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Enlighter – Customizable Syntax Highlighter Security & Risk Analysis

wordpress.org/plugins/enlighter

All-in-one Syntax Highlighting solution. Full Gutenberg and Classic Editor integration. Graphical theme customizer. Based on EnlighterJS.

10K active installs v4.6.1 PHP 5.6+ WP 6.0+ Updated Jan 20, 2023

classic-editorhighlighterhighlightingsyntax-highlightersyntax-highlighting

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Enlighter – Customizable Syntax Highlighter Safe to Use in 2026?

Generally Safe

Score 85/100

Enlighter – Customizable Syntax Highlighter has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

The 'enlighter' plugin version 4.6.1 exhibits a generally good security posture based on the provided static analysis and vulnerability history. The absence of known CVEs and a clean taint analysis indicate a lack of critical vulnerabilities. The plugin demonstrates good practices by utilizing prepared statements for all SQL queries and performing capability checks, contributing to a strong defense against common database and privilege escalation attacks. The limited attack surface, with only two shortcodes and no unprotected entry points identified, further reduces the potential for external exploitation.

Key Concerns

Output escaping is not fully robust
No nonce checks on entry points
Bundled library (TinyMCE) may have unpatched vulnerabilities

Vulnerabilities

None known

Enlighter – Customizable Syntax Highlighter Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Enlighter – Customizable Syntax Highlighter Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

29 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

TinyMCE

Output Escaping

63% escaped46 total outputs

Attack Surface

Enlighter – Customizable Syntax Highlighter Attack Surface

Entry Points2

Unprotected0

Shortcodes 2

[enlighter] modules\filter\LegacyShortcodeHandler.php:27

[codegroup] modules\filter\LegacyShortcodeHandler.php:33

WordPress Hooks 36

actionadmin_noticesEnlighter.php:92

actionnetwork_admin_noticesEnlighter.php:93

filterwp_kses_allowed_htmlmodules\core\Enlighter.php:93

actionadmin_initmodules\core\Enlighter.php:107

actionwp_enqueue_scriptsmodules\core\ResourceLoader.php:85

actionadmin_enqueue_scriptsmodules\core\ResourceLoader.php:108

actionenqueue_block_editor_assetsmodules\core\ResourceLoader.php:114

actionadmin_enqueue_scriptsmodules\core\ResourceLoader.php:126

actionadmin_enqueue_scriptsmodules\core\ResourceLoader.php:141

actionwp_enqueue_scriptsmodules\core\ResourceLoader.php:157

actionwp_enqueue_scriptsmodules\core\ResourceLoader.php:165

actionwp_enqueue_scriptsmodules\core\ResourceLoader.php:170

actionwp_enqueue_scriptsmodules\core\ResourceLoader.php:173

filtermce_buttonsmodules\editor\TinyMCE.php:47

filtermce_cssmodules\editor\TinyMCE.php:50

filtermce_external_pluginsmodules\editor\TinyMCE.php:53

filtermce_buttons_2modules\editor\TinyMCE.php:58

filtertiny_mce_before_initmodules\editor\TinyMCE.php:61

filterenlighter_gfm_filtersmodules\extensions\BBPress.php:13

filterenlighter_shortcode_filtersmodules\extensions\BBPress.php:26

filterbbp_get_reply_contentmodules\extensions\BBPress.php:38

filterbbp_get_topic_contentmodules\extensions\BBPress.php:39

filterjetpack_markdown_preserve_patternmodules\extensions\Jetpack.php:14

filterno_texturize_shortcodesmodules\filter\LegacyShortcodeHandler.php:23

actionadmin_menumodules\skltn\Plugin.php:64

actionin_plugin_update_message-enlighter/Enlighter.phpmodules\skltn\Plugin.php:67

actionadmin_noticesmodules\skltn\Plugin.php:72

actionnetwork_admin_noticesmodules\skltn\Plugin.php:73

actionadmin_initmodules\skltn\Plugin.php:89

filterplugin_action_linksmodules\skltn\Plugin.php:92

filterplugin_row_metamodules\skltn\Plugin.php:93

actioninitmodules\skltn\Plugin.php:294

actioninitmodules\skltn\Plugin.php:295

filterrewrite_rules_arraymodules\skltn\RewriteRuleHelper.php:78

actiontemplate_redirectmodules\skltn\VirtualPageManager.php:32

actionenlighter_rewriterules_initmodules\skltn\VirtualPageManager.php:35

Maintenance & Trust

Enlighter – Customizable Syntax Highlighter Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10

Last updatedJan 20, 2023

PHP min version5.6

Downloads344K

Community Trust

Rating96/100

Number of ratings65

Active installs10K

Alternatives

Enlighter – Customizable Syntax Highlighter Alternatives

Code Syntax Highlighter

code-syntax-highlighter

100

A simple dynamic loading syntax highlighter.Supports 172 languages, 172 shortcodes and 55 themes.

0 No CVEs

Urvanov Syntax Highlighter

urvanov-syntax-highlighter

100

Reincarnation of Crayon Syntax Highlighter. Syntax Highlighter supporting multiple languages, themes, fonts, highlighting from a URL, or post text.

3K 1 CVE

AH Code Highlighter

ah-prism-syntax-highlighter

The easiest to use code highlighting ever. Choose between 8 different color themes to highlight your code snippets. Many programming languages are sup …

70 No CVEs

Simple Syntax Highlighting

simple-syntax-highlighting

Simple, clean and lightweight syntax highlighting WordPress plugin.

60 No CVEs

Easy Syntax Highlighter

easy-syntax-highlighter

100

Modern, lightweight syntax highlighter for WordPress using Highlight.js

10 No CVEs

Developer Profile

Enlighter – Customizable Syntax Highlighter Developer Profile

Andi Dittrich

3 plugins · 11K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Enlighter – Customizable Syntax Highlighter

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/enlighter/resources/frontend/css/enlighter_frontend.css/wp-content/plugins/enlighter/resources/frontend/js/enlighter_frontend.js/wp-content/plugins/enlighter/resources/admin/css/enlighter_admin.css/wp-content/plugins/enlighter/resources/admin/js/enlighter_admin.js/wp-content/plugins/enlighter/resources/editor/css/enlighter_editor.css/wp-content/plugins/enlighter/resources/editor/js/enlighter_editor.js

Script Paths

/wp-content/plugins/enlighter/resources/frontend/js/enlighter_frontend.js/wp-content/plugins/enlighter/resources/admin/js/enlighter_admin.js/wp-content/plugins/enlighter/resources/editor/js/enlighter_editor.js

Version Parameters

enlighter/style.css?ver=enlighter/script.js?ver=

HTML / DOM Fingerprints

CSS Classes

enlighterenlighter-toolbarenlighter-editor

HTML Comments

Data Attributes

data-enlighterjs

JS Globals

Enlighter

Shortcode Output

[enlighter][/enlighter]

FAQ