Does Inline Context have any unpatched vulnerabilities?

No. All known vulnerabilities in Inline Context have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Inline Context compatible with WordPress 6.9.4?

According to WordPress.org data, Inline Context 2.7.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Inline Context compatible with PHP 7.4+?

Inline Context requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Inline Context updated?

Inline Context was last updated on Jan 1, 2026. Frequent updates are generally a positive security signal.

What is Inline Context's security score?

Inline Context has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Inline Context Security & Risk Analysis

wordpress.org/plugins/inline-context

Add inline expandable notes or tooltips to provide context, definitions, and references without disrupting the reading flow.

10 active installs v2.7.1 PHP 7.4+ WP 6.0+ Updated Jan 1, 2026

annotationscontextfootnoteinlinetooltip

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Inline Context Safe to Use in 2026?

Generally Safe

Score 100/100

Inline Context has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

The "inline-context" plugin v2.7.1 exhibits a generally good security posture based on the provided static analysis. The attack surface is minimal, with no AJAX handlers, REST API routes, or shortcodes exposed without authentication. The plugin demonstrates a strong commitment to security best practices, evidenced by a significant number of nonce and capability checks, and a high percentage of properly escaped output.

However, there are a couple of areas that warrant attention. The presence of two taint flows with unsanitized paths, while not classified as critical or high severity in this analysis, indicates a potential for attackers to inject malicious data. Furthermore, 17% of SQL queries not using prepared statements is a concern, as it can lead to SQL injection vulnerabilities if user input is not meticulously sanitized. The plugin's vulnerability history is clean, with no known CVEs, which is a positive indicator.

In conclusion, "inline-context" v2.7.1 is a relatively secure plugin with a low attack surface and good adherence to many security principles. The primary risks stem from the unsanitized taint flows and the portion of SQL queries lacking prepared statements. Addressing these specific code-level concerns would further enhance the plugin's security. The absence of past vulnerabilities is a strong positive, suggesting a generally well-maintained codebase.

Key Concerns

Taint flows with unsanitized paths detected
SQL queries not using prepared statements

Vulnerabilities

None known

Inline Context Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Inline Context Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

116 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

17% prepared6 total queries

Output Escaping

86% escaped135 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths

inline_context_handle_export_import (admin-settings.php:125)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Inline Context Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 50

actionadmin_menuadmin-settings.php:120

actionadmin_initadmin-settings.php:173

actionadmin_initadmin-settings.php:602

actionadmin_footeradmin-settings.php:1437

actionwp_abilities_api_categories_initincludes\class-inline-context-abilities.php:35

actionwp_abilities_api_initincludes\class-inline-context-abilities.php:36

actioninitincludes\class-inline-context-cpt.php:30

filtermanage_inline_context_note_posts_columnsincludes\class-inline-context-cpt.php:33

actionmanage_inline_context_note_posts_custom_columnincludes\class-inline-context-cpt.php:34

filtermanage_edit-inline_context_note_sortable_columnsincludes\class-inline-context-cpt.php:35

actionpre_get_postsincludes\class-inline-context-cpt.php:36

actionrestrict_manage_postsincludes\class-inline-context-cpt.php:39

filterparse_queryincludes\class-inline-context-cpt.php:40

actionadd_meta_boxesincludes\class-inline-context-cpt.php:43

actionsave_post_inline_context_noteincludes\class-inline-context-cpt.php:46

actionadmin_enqueue_scriptsincludes\class-inline-context-cpt.php:49

actionadmin_footerincludes\class-inline-context-cpt.php:50

actioninline_context_cleanup_unused_notesincludes\class-inline-context-cpt.php:53

actioninitincludes\class-inline-context-cpt.php:54

filteruse_block_editor_for_post_typeincludes\class-inline-context-cpt.php:113

actionwp_trash_postincludes\class-inline-context-deletion.php:45

actiontrashed_postincludes\class-inline-context-deletion.php:48

actionbefore_delete_postincludes\class-inline-context-deletion.php:51

actionpost_updatedincludes\class-inline-context-deletion.php:164

filterthe_contentincludes\class-inline-context-frontend.php:25

filterwp_kses_allowed_htmlincludes\class-inline-context-frontend.php:26

actionenqueue_block_editor_assetsincludes\class-inline-context-frontend.php:29

actionwp_enqueue_scriptsincludes\class-inline-context-frontend.php:30

actionrest_api_initincludes\class-inline-context-rest-api.php:29

actionpost_updatedincludes\class-inline-context-sync.php:29

actionset_object_termsincludes\class-inline-context-sync.php:32

actionpost_updatedincludes\class-inline-context-sync.php:465

actioninline_context_category_add_form_fieldsincludes\class-inline-context-taxonomy-meta.php:33

actioninline_context_category_edit_form_fieldsincludes\class-inline-context-taxonomy-meta.php:34

actioncreated_inline_context_categoryincludes\class-inline-context-taxonomy-meta.php:37

actionedited_inline_context_categoryincludes\class-inline-context-taxonomy-meta.php:38

actionadmin_enqueue_scriptsincludes\class-inline-context-taxonomy-meta.php:41

filtermanage_edit-inline_context_category_columnsincludes\class-inline-context-taxonomy-meta.php:44

filtermanage_inline_context_category_custom_columnincludes\class-inline-context-taxonomy-meta.php:45

actionwp_headincludes\class-inline-context-utils.php:23

actionadmin_headincludes\class-inline-context-utils.php:24

actioninitinline-context.php:72

actionenqueue_block_editor_assetsinline-context.php:85

actionafter_setup_themeinline-context.php:111

filterwp_theme_json_data_defaultinline-context.php:115

actionadmin_initinline-context.php:135

actioninitinline-context.php:204

filterrest_prepare_inline_context_noteinline-context.php:282

actionadmin_initinline-context.php:302

actionadmin_noticesinline-context.php:406

Scheduled Events 1

inline_context_cleanup_unused_notes

Maintenance & Trust

Inline Context Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 1, 2026

PHP min version7.4

Downloads414

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

Inline Context Alternatives

Easy Footnotes

easy-footnotes

100

Easy Footnotes lets you quickly and easily add footnotes throughout your WordPress posts using a simple shortcode in the text editor.

8K No CVEs

Modern Footnotes

modern-footnotes

Add inline footnotes to your posts. On desktop, the footnotes will appear as tooltips. On mobile, the footnote will expand beneath the text.

6K 3 CVEs

Internal Linking of Related Contents

internal-linking-of-related-contents

Internal Linking of Related Contents allows you to automatically insert inline related posts within your WordPress articles.

4K 1 CVE

Inline Tooltips

inline-tooltips

100

Adds a customizable inline tooltip format to the WordPress editor, enhancing content with interactive tooltips.

30 No CVEs

Developer Profile

Inline Context Developer Profile

Joop Laan

1 plugin · 10 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Inline Context

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/inline-context/build/inline-context-editor.js/wp-content/plugins/inline-context/build/inline-context-frontend.js/wp-content/plugins/inline-context/build/inline-context-styles.css

Script Paths

wp-content/plugins/inline-context/build/inline-context-editor.jswp-content/plugins/inline-context/build/inline-context-frontend.js

Version Parameters

inline-context/build/inline-context-editor.js?ver=inline-context/build/inline-context-frontend.js?ver=inline-context/build/inline-context-styles.css?ver=

HTML / DOM Fingerprints

CSS Classes

inline-context-btn-editorinline-context-containerinline-context-editor-wrapperinline-context-frontend-buttoninline-context-frontend-wrapperinline-context-modalinline-context-note-editor-wrapperinline-context-note-frontend-wrapper+9 more

Data Attributes

data-editor-block-iddata-inline-context-iddata-inline-context-typedata-post-iddata-range-startdata-range-end+4 more

JS Globals

inlineContextDatainlineContext

REST Endpoints

/wp-json/inline-context/v1/notes/wp-json/inline-context/v1/sync

Shortcode Output

[inline_context][/inline_context][inline_context_note][/inline_context_note]

FAQ