WP-Safety

Modify Visual Editor Security & Risk Analysis

wordpress.org/plugins/modify-visual-editor

This plugin disables the visual editor for all users. You may allow the use of the Visual Editor for Admins if you would like.

10 active installs v0.2.2 PHP + WP 4.0+ Updated Feb 9, 2017
disable-tinymcedisable-visual-editortinymcevisual-editor
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Modify Visual Editor Safe to Use in 2026?

Generally Safe

Score 85/100

Modify Visual Editor has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago
Risk Assessment

The "modify-visual-editor" plugin v0.2.2 exhibits a mixed security posture. While the plugin demonstrates positive security practices by having a clean vulnerability history with no known CVEs and a minimal attack surface with no exposed entry points like AJAX handlers, REST API routes, or shortcodes, there are notable concerns arising from the static code analysis. The significant percentage of SQL queries not using prepared statements (83%) and a low rate of proper output escaping (25%) are substantial weaknesses that could lead to various vulnerabilities, including SQL injection and Cross-Site Scripting (XSS), if exploited. The taint analysis also identified two flows with unsanitized paths, which, despite being classified as low severity, indicate potential areas where user-supplied data might not be handled securely.

Key Concerns

  • SQL queries not using prepared statements
  • Low percentage of properly escaped output
  • Taint flows with unsanitized paths
  • No nonce checks implemented
  • No capability checks implemented
Vulnerabilities
None known

Modify Visual Editor Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Modify Visual Editor Code Analysis

Dangerous Functions
0
Raw SQL Queries
5
1 prepared
Unescaped Output
12
4 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

17% prepared6 total queries

Output Escaping

25% escaped16 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
mved_selection_field_render (mved-admin.php:78)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Modify Visual Editor Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 6
actionadmin_enqueue_scriptsmodify-visual-editor.php:96
actioninitmodify-visual-editor.php:107
actionadmin_menumved-admin.php:18
actionadmin_initmved-admin.php:61
actionprofile_updatemved-admin.php:368
actionpersonal_options_updatemved-admin.php:370
Maintenance & Trust

Modify Visual Editor Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.32
Last updatedFeb 9, 2017
PHP min version
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Modify Visual Editor Alternatives

TinyMCE Templates

TinyMCE Templates

tinymce-templates

A
85

TinyMCE Template plugin will enable to use HTML template on WordPress Visual Editor.

20K No CVEs
f(x) Editor

f(x) Editor

fx-editor

A
85

Power-up Your WordPress Visual Editor with Boxes, Buttons, Columns, and more...

1K No CVEs
TinyMCE VisualBlocks

TinyMCE VisualBlocks

tinymce-visualblocks

A
85

View VisualBlocks in WordPress Visual Editor.

1K No CVEs
tinyWYM Editor

tinyWYM Editor

tinywym-editor

A
85

Convert WordPress's WYSIWYG editor into a WYSIWYM editor. Add and edit any HTML tag and attribute from the visual editor.

1K No CVEs
Visual Editor Font Size

Visual Editor Font Size

visual-editor-font-size

A
85

Allows you to change the font size of the visual editor

300 No CVEs
Developer Profile

Modify Visual Editor Developer Profile

tradesouthwest

17 plugins · 2K total installs

88
trust score
Avg Security Score
92/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Modify Visual Editor

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/modify-visual-editor/assets/mved-admin-style.css
Version Parameters
modify-visual-editor/assets/mved-admin-style.css?ver=

HTML / DOM Fingerprints

HTML Comments
<!--Modify Visual Editor 2017-->
Data Attributes
data-mved-setting-id
JS Globals
window.mvedASelectwindow.mvedCSelect
FAQ

Frequently Asked Questions about Modify Visual Editor