Does HTML entities button have any unpatched vulnerabilities?

No. All known vulnerabilities in HTML entities button have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is HTML entities button compatible with WordPress 5.7.15?

According to WordPress.org data, HTML entities button 2.2.0 has been tested up to WordPress 5.7.15. Check the plugin's changelog for the latest compatibility information.

How often is HTML entities button updated?

HTML entities button was last updated on Apr 28, 2021. Frequent updates are generally a positive security signal.

What is HTML entities button's security score?

HTML entities button has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

HTML entities button Security & Risk Analysis

wordpress.org/plugins/html-entities-button

HTML entities button is a few inserting HTML entities button add to the admin post/page editor(HTML mode).

40 active installs v2.2.0 PHP + WP 3.2.0+ Updated Apr 28, 2021

adminpagepost

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is HTML entities button Safe to Use in 2026?

Generally Safe

Score 85/100

HTML entities button has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The 'html-entities-button' plugin version 2.2.0 demonstrates a generally good security posture based on the provided static analysis and vulnerability history. The plugin has no recorded CVEs, indicating a history of stability and potentially proactive security measures. Furthermore, the code analysis reveals no critical or high severity taint flows, and all SQL queries are properly prepared, which are significant strengths. The absence of raw SQL queries and the presence of nonce and capability checks on the identified entry points are also positive indicators.

Key Concerns

Output escaping is only 47% proper
Plugin performs file operations

Vulnerabilities

None known

HTML entities button Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

HTML entities button Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

16 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

47% escaped34 total outputs

Attack Surface

HTML entities button Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_html_entities_button_save_font_stylehtml-entities-button.php:88

WordPress Hooks 6

actionadmin_menuhtml-entities-button.php:87

actionadmin_headhtml-entities-button.php:104

actionadmin_footerhtml-entities-button.php:105

actionadmin_headhtml-entities-button.php:107

filtertemplate_includehtml-entities-button.php:110

actionwp_enqueue_scriptshtml-entities-button.php:111

Maintenance & Trust

HTML entities button Maintenance & Trust

Maintenance Signals

WordPress version tested5.7.15

Last updatedApr 28, 2021

PHP min version

Downloads5K

Community Trust

Rating0/100

Number of ratings0

Active installs40

Alternatives

HTML entities button Alternatives

Reveal IDs

reveal-ids-for-wp-admin-25

100

What this plugin does is to reveal most removed IDs on admin pages, as it was in versions prior to 2.5.

40K No CVEs

WP Admin UI Customize

wp-admin-ui-customize

Customize the management screen UI.

30K 2 CVEs

Admin Collapse Subpages

admin-collapse-subpages

Using this plugin one can easily collapse/expand pages with children and grand children.

4K No CVEs

LH Archived Post Status

lh-archived-post-status

Allows posts and pages to be archived so you can remove content from the main loop and feed without having to trash it.

4K No CVEs

HiFi (Head Injection, Foot Injection)

hifi

HiFi is a head and foot injection plugin. It allows you to inject code into the head and foot areas of your posts and pages on a per-page basis.

2K No CVEs

Developer Profile

HTML entities button Developer Profile

tmatsuur

8 plugins · 21K total installs

trust score

Avg Security Score

86/100

Avg Patch Time

1904 days

View full developer profile

Detection Fingerprints

How We Detect HTML entities button

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/html-entities-button/admin/css/html-entities-button.css/wp-content/plugins/html-entities-button/admin/js/html-entities-button.js

Script Paths

/wp-content/plugins/html-entities-button/admin/js/html-entities-button.js

Version Parameters

html-entities-button/admin/css/html-entities-button.css?ver=html-entities-button/admin/js/html-entities-button.js?ver=

HTML / DOM Fingerprints

CSS Classes

html-entities-button-dialog

Data Attributes

data-html-entities-button-dialog-id

JS Globals

htmlEntitiesButtonhtmlEntitiesButtonObject

FAQ