Does LaTeX2HTML have any unpatched vulnerabilities?

No. All known vulnerabilities in LaTeX2HTML have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is LaTeX2HTML compatible with WordPress 6.7.5?

According to WordPress.org data, LaTeX2HTML 2.6.2 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

How often is LaTeX2HTML updated?

LaTeX2HTML was last updated on Feb 1, 2025. Frequent updates are generally a positive security signal.

What is LaTeX2HTML's security score?

LaTeX2HTML has a WP-Safety security score of 91/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

LaTeX2HTML Security & Risk Analysis

wordpress.org/plugins/latex2html

LaTeX2HTML makes you write blog like in LaTeX doc.

300 active installs v2.6.2 PHP + WP 5.0+ Updated Feb 1, 2025

htmllatexmathjax

A · Safe

CVEs total2

Unpatched0

Last CVEDec 20, 2024

Plugin page Download

Safety Verdict

Is LaTeX2HTML Safe to Use in 2026?

Generally Safe

Score 91/100

LaTeX2HTML has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Dec 20, 2024Updated 1yr ago

Risk Assessment

The latex2html plugin v2.6.2 exhibits a generally good security posture based on the provided static analysis. The complete absence of unprotected entry points, dangerous functions, external HTTP requests, and a lack of critical or high-severity taint flows are all positive indicators. The plugin also demonstrates a strong adherence to secure coding practices with 100% of SQL queries using prepared statements and a decent 78% of output escaping, along with the presence of nonce and capability checks. However, there are two known medium-severity vulnerabilities in its history, both related to Cross-site Scripting (XSS), which are a significant concern despite being currently patched. The fact that these XSS vulnerabilities exist suggests that input sanitization for output rendering could be a weakness, even if the current static analysis doesn't highlight any immediate, critical flaws in this area. The plugin's strengths lie in its limited attack surface and use of prepared statements, but the historical XSS vulnerabilities warrant a cautious approach.

Key Concerns

History of XSS vulnerabilities
Moderate output escaping rate (78%)

Vulnerabilities

LaTeX2HTML Security Vulnerabilities

CVEs by Year

2 CVEs in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2024-11688medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

LaTeX2HTML <= 2.5.5 - Reflected Cross-Site Scripting

Dec 20, 2024 Patched in 2.6.0 (25d)

CVE-2024-49673medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

LaTeX2HTML <= 2.5.4 - Reflected Cross-Site Scripting

Oct 21, 2024 Patched in 2.5.5 (10d)

Code Analysis

Analyzed Mar 16, 2026

LaTeX2HTML Code Analysis

Dangerous Functions

Raw SQL Queries

10 prepared

Unescaped Output

105 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared10 total queries

Output Escaping

78% escaped134 total outputs

Data Flows

All sanitized

Data Flow Analysis

3 flows

<manual> (inc\html\manual.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

LaTeX2HTML Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 12

actionwp_headinc\core.php:101

filterthe_contentinc\core.php:102

actionwp_enqueue_scriptsinc\core.php:103

actionadmin_enqueue_scriptsinc\core.php:104

filterthe_contentinc\core.php:108

actionwp_footerinc\core.php:121

actionwp_footerinc\core.php:122

actionadmin_menuinc\settings.php:70

actionadmin_initinc\settings.php:71

actionadmin_post_bibtexinc\settings.php:73

actionplugins_loadedinc\trans.php:10

actionplugins_loadedlatex2html.php:35

Maintenance & Trust

LaTeX2HTML Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedFeb 1, 2025

PHP min version

Downloads14K

Community Trust

Rating100/100

Number of ratings8

Active installs300

Alternatives

LaTeX2HTML Alternatives

$MathJax-LaTeX$

MathJax-LaTeX

mathjax-latex

This plugin enables MathJax (http://www.mathjax.org) functionality for WordPress (http://www.wordpress.org).

10K 1 CVE

Simple Mathjax

simple-mathjax

100

Yet another plugin to add MathJax support to your wordpress blog. Just wrap your equations inside $ signs and MathJax will render them visually.

4K No CVEs

KaTeX

katex

100

Use the fastest math typesetting library on your website.

2K No CVEs

WP-KaTeX

wp-katex

Integrates the super-fast KaTeX LaTeX equation typesetting engine with WordPress. Create beautiful, yet performant math in your posts and pages.

800 No CVEs

$Youngwhan's Simple Latex$

Youngwhan's Simple Latex

youngwhans-simple-latex

The usage is simple.

200 No CVEs

Developer Profile

LaTeX2HTML Developer Profile

Van Abel

1 plugin · 300 total installs

trust score

Avg Security Score

91/100

Avg Patch Time

18 days

View full developer profile

Detection Fingerprints

How We Detect LaTeX2HTML

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

FAQ