Does Markdown Editor have any unpatched vulnerabilities?

No. All known vulnerabilities in Markdown Editor have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Markdown Editor compatible with WordPress 4.9.29?

According to WordPress.org data, Markdown Editor 0.1.7 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

How often is Markdown Editor updated?

Markdown Editor was last updated on Apr 6, 2018. Frequent updates are generally a positive security signal.

What is Markdown Editor's security score?

Markdown Editor has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Markdown Editor Security & Risk Analysis

wordpress.org/plugins/markdown-editor

Replaces the default WordPress editor with a Markdown editor for your posts and pages.

200 active installs v0.1.7 PHP + WP 4.8+ Updated Apr 6, 2018

editormarkdown

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Markdown Editor Safe to Use in 2026?

Generally Safe

Score 85/100

Markdown Editor has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

The 'markdown-editor' plugin v0.1.7 exhibits a mixed security posture. On the positive side, the plugin demonstrates strong adherence to secure coding practices regarding SQL queries and output escaping, with all SQL queries utilizing prepared statements and all identified outputs being properly escaped. Furthermore, the absence of known CVEs and its limited attack surface with no AJAX handlers, REST API routes, shortcodes, or cron events that lack authentication are encouraging. However, significant concerns arise from the static analysis. The presence of the dangerous `create_function` function is a notable risk, as it can lead to remote code execution if its input is not strictly controlled. More critically, the taint analysis reveals a flow with unsanitized paths, flagged as high severity, indicating a potential for vulnerabilities where user-supplied data might be processed in an unsafe manner, even if the direct path to execution isn't immediately obvious or if it requires specific chaining of events. The lack of nonce and capability checks on any potential entry points, however few they may be, further exacerbates this risk.

Key Concerns

High severity unsanitized taint flow found
Use of dangerous create_function
Lack of nonce checks
Lack of capability checks

Vulnerabilities

None known

Markdown Editor Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Markdown Editor Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

create_function$this->utf8_strlen = create_function('$text', 'return preg_match_all(includes\class-markdown-parser.php:1530

SQL Query Safety

100% prepared2 total queries

Output Escaping

100% escaped4 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths

<class-easy-markdown> (includes\class-easy-markdown.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Markdown Editor Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 28

actionswitch_blogincludes\class-easy-markdown.php:64

actionadmin_initincludes\class-easy-markdown.php:66

actionadmin_initincludes\class-easy-markdown.php:67

actionwp_insert_postincludes\class-easy-markdown.php:114

filterwp_insert_post_dataincludes\class-easy-markdown.php:115

filteredit_post_contentincludes\class-easy-markdown.php:116

filteredit_post_content_filteredincludes\class-easy-markdown.php:117

actionwp_restore_post_revisionincludes\class-easy-markdown.php:118

filter_wp_post_revision_fieldsincludes\class-easy-markdown.php:119

actionxmlrpc_callincludes\class-easy-markdown.php:120

filtercontent_save_preincludes\class-easy-markdown.php:121

filterpre_comment_contentincludes\class-easy-markdown.php:149

filtercontent_save_preincludes\class-easy-markdown.php:166

filtero2_preview_postincludes\class-easy-markdown.php:169

filtero2_preview_commentincludes\class-easy-markdown.php:170

filterwpcom_markdown_transform_preincludes\class-easy-markdown.php:172

filterwpcom_untransformed_contentincludes\class-easy-markdown.php:173

filterwp_revisions_to_keepincludes\class-easy-markdown.php:615

actionparse_queryincludes\class-easy-markdown.php:647

actionshutdownincludes\class-easy-markdown.php:697

actionthe_postsincludes\class-easy-markdown.php:738

actioninitincludes\class-easy-markdown.php:765

actionadmin_enqueue_scriptsincludes\class-markdown-editor.php:37

actionadmin_footerincludes\class-markdown-editor.php:38

filterquicktags_settingsincludes\class-markdown-editor.php:41

actionwp_enqueue_scriptsincludes\class-markdown-editor.php:44

actionadmin_initincludes\class-markdown-editor.php:177

actionplugins_loadedincludes\class-markdown-editor.php:178

Maintenance & Trust

Markdown Editor Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedApr 6, 2018

PHP min version

Downloads21K

Community Trust

Rating86/100

Number of ratings6

Active installs200

Alternatives

Markdown Editor Alternatives

Markup Markdown

markup-markdown

Disable Wordpress's native Gutenberg or TinyMCE editor in favor of a Markdown editor.

2K 3 CVEs

Markdown Editor (Formerly Dark Mode)

dark-mode

Quickly edit content in your WordPress site by getting an immersive, peaceful and natural writing experience with the coolest editor.

1K 3 CVEs

Ultimate Markdown – Markdown Editor, Importer, & Exporter

ultimate-markdown

100

Generate block-based articles from a Markdown file, bulk import and export Markdown documents, create Markdown documents from an editor, and more.

1K No CVEs

Git it Write – Write posts from GitHub

git-it-write

Publish markdown files present in a GitHub repository as posts to WordPress automatically

100 No CVEs

Simple Export to Markdown

simple-export-md

100

Adds a Gutenberg editor panel to export any post or page content to Markdown format (.md file or clipboard).

100 No CVEs

Developer Profile

Markdown Editor Developer Profile

seothemes

8 plugins · 7K total installs

trust score

Avg Security Score

83/100

Avg Patch Time

170 days

View full developer profile

Detection Fingerprints

How We Detect Markdown Editor

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/markdown-editor/assets/scripts/simplemde.min.js/wp-content/plugins/markdown-editor/assets/styles/simplemde.min.css/wp-content/plugins/markdown-editor/assets/styles/style.css/wp-content/plugins/markdown-editor/assets/styles/highlight.min.css/wp-content/plugins/markdown-editor/assets/scripts/highlight.pack.js/wp-content/plugins/markdown-editor/assets/styles/frontend.min.css/wp-content/plugins/markdown-editor/assets/scripts/line-numbers.min.js/wp-content/plugins/markdown-editor/assets/scripts/clipboard.min.js+1 more

Script Paths

assets/scripts/simplemde.min.jsassets/scripts/highlight.pack.jsassets/scripts/line-numbers.min.jsassets/scripts/clipboard.min.jsassets/scripts/frontend.min.js

Version Parameters

markdown-editor/assets/styles/frontend.min.css?ver=markdown-editor/assets/scripts/highlight.pack.js?ver=markdown-editor/assets/scripts/line-numbers.min.js?ver=markdown-editor/assets/scripts/clipboard.min.js?ver=markdown-editor/assets/scripts/frontend.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

CodeMirrorCodeMirror-scrollCodeMirror-linesCodeMirror-gutterCodeMirror-codeCodeMirror-activelineCodeMirror-gutter-wrapperCodeMirror-linenumber+79 more

Data Attributes

data-cm-persistent-gutter

JS Globals

simplemdeSimpleMDEhljs

FAQ