Does Markdown Highlighter have any unpatched vulnerabilities?

No. All known vulnerabilities in Markdown Highlighter have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Markdown Highlighter compatible with WordPress 4.5.33?

According to WordPress.org data, Markdown Highlighter 0.1 has been tested up to WordPress 4.5.33. Check the plugin's changelog for the latest compatibility information.

How often is Markdown Highlighter updated?

Markdown Highlighter was last updated on May 28, 2016. Frequent updates are generally a positive security signal.

What is Markdown Highlighter's security score?

Markdown Highlighter has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Markdown Highlighter Security & Risk Analysis

wordpress.org/plugins/markdown-highlighter

A plugin to parse the markdown content from post then highlight it as syntax highlight.

10 active installs v0.1 PHP + WP 3.8+ Updated May 28, 2016

markdownmarkdown-highlightersyntax-highlighter

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Markdown Highlighter Safe to Use in 2026?

Generally Safe

Score 85/100

Markdown Highlighter has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago

Risk Assessment

Based on the static analysis and vulnerability history provided, the 'markdown-highlighter' plugin version 0.1 exhibits a strong security posture. The code analysis reveals no dangerous functions, all SQL queries use prepared statements, and output is properly escaped. Crucially, there are no file operations, external HTTP requests, or identified taint flows, indicating a low risk of common web vulnerabilities. The absence of any recorded vulnerabilities, including critical or high severity ones, further reinforces this positive assessment.

However, a notable concern arises from the complete lack of capability checks and nonce checks across all identified entry points. While currently there are no AJAX handlers, REST API routes, or shortcodes that are exposed without these security measures, this absence represents a potential weakness. If the plugin were to introduce such features in future versions without implementing proper authentication and authorization, it could become vulnerable.

In conclusion, the current version of 'markdown-highlighter' is exceptionally secure with no immediate threats identified. Its adherence to secure coding practices for SQL and output handling is commendable. The primary area for improvement lies in proactively incorporating capability and nonce checks as a defensive measure for any future expansion of its attack surface.

Key Concerns

No capability checks found
No nonce checks found

Vulnerabilities

None known

Markdown Highlighter Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Markdown Highlighter Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

Markdown Highlighter Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 3

filterthe_contentmarkdown-highlighter.php:34

actionwp_enqueue_scriptsmarkdown-highlighter.php:36

actionwp_footermarkdown-highlighter.php:37

Maintenance & Trust

Markdown Highlighter Maintenance & Trust

Maintenance Signals

WordPress version tested4.5.33

Last updatedMay 28, 2016

PHP min version

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Markdown Highlighter Alternatives

WP-Markdown

wp-markdown

Allows Markdown to be enabled in posts, comments and bbPress forums.

400 No CVEs

Smart Syntax

smart-syntax

Automatic google prettify syntax highlighting for jetpack markdown fenced code blocks

10 No CVEs

HTML Editor Syntax Highlighter

html-editor-syntax-highlighter

Add syntax highlighting to WordPress code editors using CodeMirror.js

50K No CVEs

Enlighter – Customizable Syntax Highlighter

enlighter

All-in-one Syntax Highlighting solution. Full Gutenberg and Classic Editor integration. Graphical theme customizer. Based on EnlighterJS.

10K No CVEs

Urvanov Syntax Highlighter

urvanov-syntax-highlighter

100

Reincarnation of Crayon Syntax Highlighter. Syntax Highlighter supporting multiple languages, themes, fonts, highlighting from a URL, or post text.

3K 1 CVE

Developer Profile

Markdown Highlighter Developer Profile

sohelamin

3 plugins · 30 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Markdown Highlighter

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/markdown-highlighter/assets/style.css/wp-content/plugins/markdown-highlighter/assets/highlight.min.js

Script Paths

/wp-content/plugins/markdown-highlighter/assets/highlight.min.js

HTML / DOM Fingerprints

CSS Classes

hljs

JS Globals