Does Minify HTML have any unpatched vulnerabilities?

No. All known vulnerabilities in Minify HTML have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Minify HTML compatible with WordPress 6.7.5?

According to WordPress.org data, Minify HTML 2.1.12 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Minify HTML compatible with PHP 5.2.4+?

Minify HTML requires PHP 5.2.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Minify HTML updated?

Minify HTML was last updated on Jan 15, 2025. Frequent updates are generally a positive security signal.

What is Minify HTML's security score?

Minify HTML has a WP-Safety security score of 91/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Minify HTML Security & Risk Analysis

wordpress.org/plugins/minify-html-markup

Minify HTML output for clean looking markup and faster downloading.

10K active installs v2.1.12 PHP 5.2.4+ WP 3.6.0+ Updated Jan 15, 2025

beautifycompresshtmlminifierminify

A · Safe

CVEs total2

Unpatched0

Last CVEDec 12, 2024

Plugin page Download

Safety Verdict

Is Minify HTML Safe to Use in 2026?

Generally Safe

Score 91/100

Minify HTML has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Dec 12, 2024Updated 1yr ago

Risk Assessment

The "minify-HTML-MARKUP" plugin, version 2.1.12, exhibits a strong security posture based on the provided static analysis. The absence of any identified dangerous functions, raw SQL queries, or file operations is commendable. All identified output is properly escaped, and the presence of both nonce and capability checks indicates good practice in protecting against common WordPress vulnerabilities.

However, the plugin's vulnerability history presents a significant concern. With two previously disclosed medium-severity vulnerabilities, specifically Uncontrolled Resource Consumption and Cross-Site Request Forgery (CSRF), it suggests a pattern of introducing security weaknesses. While there are currently no unpatched vulnerabilities, the historical trend warrants caution. The lack of any identified flows in taint analysis is positive, but it does not negate the past issues.

In conclusion, while the current version of "minify-HTML-MARKUP" appears to have a clean bill of health from a code analysis perspective, its past vulnerability history demands ongoing vigilance. Users should be aware of the potential for similar issues to re-emerge in future updates. The plugin demonstrates good internal coding practices but has a track record that lowers its overall security trust level.

Key Concerns

Past medium severity vulnerabilities
Two medium severity vulnerabilities historically

Vulnerabilities

Minify HTML Security Vulnerabilities

CVEs by Year

1 CVE in 2023

2023

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2024-12579medium · 5.3Uncontrolled Resource Consumption

Minify HTML <= 2.1.10 - - Regular Expressions Denial of Service

Dec 12, 2024 Patched in 2.1.11 (1d)

CVE-2023-26014medium · 4.3Cross-Site Request Forgery (CSRF)

Minify HTML <= 2.1.7 - Cross-Site Request Forgery in minify_html_menu_options

Feb 21, 2023 Patched in 2.1.8 (336d)

Code Analysis

Analyzed Mar 16, 2026

Minify HTML Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

7 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped7 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

minify_html_menu_options (minify-html.php:121)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Minify HTML Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 2

actiontemplate_redirectminify-html.php:39

actionadmin_menuminify-html.php:119

Maintenance & Trust

Minify HTML Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedJan 15, 2025

PHP min version5.2.4

Downloads242K

Community Trust

Rating94/100

Number of ratings33

Active installs10K

Alternatives

Minify HTML Alternatives

Fast HTML Minify

fast-html-minify

100

Minify HTML output for clean looking markup and faster downloading.

20 No CVEs

WP Super Minify • Minify, Compress and Cache HTML, CSS & JavaScript

wp-super-minify

100

A lightweight plugin that automatically minifies, compresses, and caches HTML, CSS, and JavaScript on demand to improve your website’s load speed.

9K 1 CVE

Inline HTML, CSS & Javascript Minifier

inline-html-css-javascript-minifier

Minify all front end code (HTML, CSS and Javascript).

20 No CVEs

Lightweight HTML Minify

lightweight-html-minify

Lightweight HTML Minify plugin provide feature to install and minify HTML, Means you don't have to worry about any setting it will automatically …

10 No CVEs

WP Minify Fix

wp-minify-fix

[Fixed] This plugin uses the Minify engine to combine and compress JS and CSS files to improve page load time.

1K No CVEs

Developer Profile

Minify HTML Developer Profile

Tim Eckel

3 plugins · 14K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

251 days

View full developer profile

Detection Fingerprints

How We Detect Minify HTML

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

HTML Comments

FAQ