WP-Safety

Night Mode for WordPress Security & Risk Analysis

wordpress.org/plugins/night-mode-and-font-size-kit

This plugin help to activate night mode and increase or decrease brightness of your website.You can easily add night mode filter to whole website and …

100 active installs v2.4 PHP + WP + Updated Feb 3, 2021
brightnessdark-modenight-modewpdarkwpnightmode
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Night Mode for WordPress Safe to Use in 2026?

Generally Safe

Score 85/100

Night Mode for WordPress has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago
Risk Assessment

The "night-mode-and-font-size-kit" v2.4 plugin exhibits a generally positive security posture, with several strong indicators. Notably, all identified AJAX entry points include nonce checks, and SQL queries are exclusively handled through prepared statements, mitigating common SQL injection risks. The plugin also avoids the use of dangerous functions and has no known historical vulnerabilities, which is a significant strength.

However, there are areas for concern. A substantial portion of output escaping is not properly implemented, potentially exposing the site to cross-site scripting (XSS) vulnerabilities if user-supplied data is directly outputted without sanitization. The presence of four taint flows with unsanitized paths, while not classified as critical or high, still represents a potential risk for privilege escalation or unauthorized data access. Furthermore, the absence of capability checks on AJAX handlers is a weakness, as it means that any authenticated user, regardless of their role, could potentially trigger these actions, leading to unintended consequences or abuse.

Key Concerns

  • Half of output escaping is not proper
  • Taint flows with unsanitized paths found
  • No capability checks on AJAX handlers
Vulnerabilities
None known

Night Mode for WordPress Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Night Mode for WordPress Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
7 prepared
Unescaped Output
406
403 escaped
Nonce Checks
5
Capability Checks
0
File Operations
10
External Requests
15
Bundled Libraries
0

SQL Query Safety

100% prepared7 total queries

Output Escaping

50% escaped809 total outputs
Data Flows
4 unsanitized

Data Flow Analysis

7 flows4 with unsanitized paths
save_network_page (inc\redux-framework\ReduxCore\framework.php:595)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Night Mode for WordPress Attack Surface

Entry Points5
Unprotected0

AJAX Handlers 5

noprivwp_ajax_redux_pinc\redux-framework\ReduxCore\inc\class.p.php:7
authwp_ajax_redux_pinc\redux-framework\ReduxCore\inc\class.p.php:8
authwp_ajax_redux_hide_admin_noticeinc\redux-framework\ReduxCore\inc\class.redux_admin_notices.php:32
authwp_ajax_redux_allow_trackinginc\redux-framework\ReduxCore\inc\tracking.php:510
authwp_ajax_redux_support_hashinc\redux-framework\ReduxCore\inc\welcome\welcome.php:25
WordPress Hooks 59
filterbody_classinc\functions.php:28
actionwp_enqueue_scriptsinc\functions.php:136
filterwp_nav_menu_itemsinc\layout.php:6
actionwp_loadedinc\redux-framework\class.redux-plugin.php:170
actionwpmu_new_bloginc\redux-framework\class.redux-plugin.php:173
actionadmin_noticesinc\redux-framework\class.redux-plugin.php:176
filterplugin_row_metainc\redux-framework\class.redux-plugin.php:179
actionactivated_plugininc\redux-framework\class.redux-plugin.php:181
actionwp_dashboard_setupinc\redux-framework\ReduxCore\core\dashboard.php:13
actionredux/initinc\redux-framework\ReduxCore\framework.php:30
actionadmin_menuinc\redux-framework\ReduxCore\framework.php:355
actionnetwork_admin_menuinc\redux-framework\ReduxCore\framework.php:359
actionadmin_bar_menuinc\redux-framework\ReduxCore\framework.php:363
actionadmin_initinc\redux-framework\ReduxCore\framework.php:369
actionadmin_initinc\redux-framework\ReduxCore\framework.php:374
actionadmin_noticesinc\redux-framework\ReduxCore\framework.php:379
actionadmin_initinc\redux-framework\ReduxCore\framework.php:382
actionadmin_enqueue_scriptsinc\redux-framework\ReduxCore\framework.php:386
actionwp_headinc\redux-framework\ReduxCore\framework.php:392
actionwp_enqueue_scriptsinc\redux-framework\ReduxCore\framework.php:393
actionlogin_headinc\redux-framework\ReduxCore\framework.php:398
actionlogin_enqueue_scriptsinc\redux-framework\ReduxCore\framework.php:399
actionadmin_headinc\redux-framework\ReduxCore\framework.php:404
actionadmin_enqueue_scriptsinc\redux-framework\ReduxCore\framework.php:405
actionwp_print_scriptsinc\redux-framework\ReduxCore\framework.php:409
actionadmin_enqueue_scriptsinc\redux-framework\ReduxCore\framework.php:410
actionadmin_bar_menuinc\redux-framework\ReduxCore\framework.php:418
actionadmin_headinc\redux-framework\ReduxCore\framework.php:1723
filteradmin_footer_textinc\redux-framework\ReduxCore\framework.php:1726
actionafter_setup_themeinc\redux-framework\ReduxCore\inc\class.redux_api.php:47
actioninitinc\redux-framework\ReduxCore\inc\class.redux_api.php:48
actionswitch_themeinc\redux-framework\ReduxCore\inc\class.redux_api.php:49
actionredux/constructinc\redux-framework\ReduxCore\inc\class.redux_instances.php:66
actioncustomize_registerinc\redux-framework\ReduxCore\inc\extensions\customizer\extension_customizer.php:113
actionwp_headinc\redux-framework\ReduxCore\inc\extensions\customizer\extension_customizer.php:118
actioncustomize_save_afterinc\redux-framework\ReduxCore\inc\extensions\customizer\extension_customizer.php:122
actioncustomize_controls_print_scriptsinc\redux-framework\ReduxCore\inc\extensions\customizer\extension_customizer.php:125
actioncustomize_controls_initinc\redux-framework\ReduxCore\inc\extensions\customizer\extension_customizer.php:127
filterupload_mimesinc\redux-framework\ReduxCore\inc\extensions\import_export\extension_import_export.php:97
filterredux/font-iconsinc\redux-framework\ReduxCore\inc\fields\select\elusive-icons.php:312
actionadmin_enqueue_scriptsinc\redux-framework\ReduxCore\inc\themecheck\class.redux_themecheck.php:74
actionadmin_enqueue_scriptsinc\redux-framework\ReduxCore\inc\themecheck\class.redux_themecheck.php:75
actionthemecheck_checks_loadedinc\redux-framework\ReduxCore\inc\themecheck\class.redux_themecheck.php:77
actionthemecheck_checks_loadedinc\redux-framework\ReduxCore\inc\themecheck\class.redux_themecheck.php:78
actionadmin_enqueue_scriptsinc\redux-framework\ReduxCore\inc\tracking.php:81
actionadmin_enqueue_scriptsinc\redux-framework\ReduxCore\inc\tracking.php:83
actionredux_trackinginc\redux-framework\ReduxCore\inc\tracking.php:100
actionadmin_print_footer_scriptsinc\redux-framework\ReduxCore\inc\tracking.php:110
actionadmin_print_footer_scriptsinc\redux-framework\ReduxCore\inc\tracking.php:119
filterredux/tracking/optionsinc\redux-framework\ReduxCore\inc\tracking.php:486
actioninitinc\redux-framework\ReduxCore\inc\validation\unique_slug\validation_unique_slug.php:60
actionredux/loadedinc\redux-framework\ReduxCore\inc\welcome\welcome.php:23
actionadmin_menuinc\redux-framework\ReduxCore\inc\welcome\welcome.php:35
filteradmin_footer_textinc\redux-framework\ReduxCore\inc\welcome\welcome.php:41
actionadmin_headinc\redux-framework\ReduxCore\inc\welcome\welcome.php:42
actioninitinc\redux-framework\ReduxCore\inc\welcome\welcome.php:91
actionplugins_loadednightmode-and-fontsize.php:36
actionwp_enqueue_scriptsnightmode-and-fontsize.php:75
actionactivated_pluginnightmode-and-fontsize.php:101

Scheduled Events 1

redux_tracking
Maintenance & Trust

Night Mode for WordPress Maintenance & Trust

Maintenance Signals

WordPress version tested5.6.17
Last updatedFeb 3, 2021
PHP min version
Downloads8K

Community Trust

Rating100/100
Number of ratings2
Active installs100
Alternatives

Night Mode for WordPress Alternatives

WP Dark Mode – Improve Accessibility with AI Powered Dark Theme

WP Dark Mode – Improve Accessibility with AI Powered Dark Theme

wp-dark-mode

A
96

Enable dark mode on WordPress without any coding. Improve site accessibility with a stunning dark theme that improves conversion.

20K 4 CVEs
Dark Mode for WP Dashboard

Dark Mode for WP Dashboard

dark-mode-for-wp-dashboard

A
91

Makes your WordPress admin dashboard in dark mode.

2K 1 CVE
Dark Mode Toggle

Dark Mode Toggle

dark-mode-toggle

A
100

Bring dark mode toggle switch to your WordPress website. A simple switch to turn on and off the dark mode. Fast and easy to use.

2K No CVEs
DarkLooks – Dark Mode Switcher For WordPress

DarkLooks – Dark Mode Switcher For WordPress

darklooks-dark-mode-switcher

A
100

Short Description: Enable dark mode on your WordPress site for better eye comfort in low-light environments.

1K No CVEs
DarkMySite – Advanced Dark Mode Plugin for WordPress

DarkMySite – Advanced Dark Mode Plugin for WordPress

darkmysite

A
99

Best WordPress dark mode plugin to ready your site for the night. Multiple floating switch to choose between night mode and normal mode.

1K 1 CVE
Developer Profile

Night Mode for WordPress Developer Profile

Akhtarujjaman Shuvo

10 plugins · 7K total installs

71
trust score
Avg Security Score
89/100
Avg Patch Time
117 days
View full developer profile
Detection Fingerprints

How We Detect Night Mode for WordPress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/night-mode-and-font-size-kit/assets/css/nmfs-styles.css/wp-content/plugins/night-mode-and-font-size-kit/assets/js/nmfs-scripts.js
Script Paths
/wp-content/plugins/night-mode-and-font-size-kit/assets/js/nmfs-scripts.js
Version Parameters
night-mode-and-font-size-kit/assets/css/nmfs-styles.css?ver=night-mode-and-font-size-kit/assets/js/nmfs-scripts.js?ver=

HTML / DOM Fingerprints

CSS Classes
nm_activesize-Lsize-XLsize-Msize-Ssize-XS
JS Globals
nmfs_opt
FAQ

Frequently Asked Questions about Night Mode for WordPress