Does No Format Shortcode have any unpatched vulnerabilities?

No. All known vulnerabilities in No Format Shortcode have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is No Format Shortcode compatible with WordPress 4.7.32?

According to WordPress.org data, No Format Shortcode 1.0 has been tested up to WordPress 4.7.32. Check the plugin's changelog for the latest compatibility information.

How often is No Format Shortcode updated?

No Format Shortcode was last updated on May 14, 2017. Frequent updates are generally a positive security signal.

What is No Format Shortcode's security score?

No Format Shortcode has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

No Format Shortcode Security & Risk Analysis

wordpress.org/plugins/no-format-shortcode

This plugin provides a shortcode to selectively disable WordPress' automatic formatting. Very useful for anyone looking to write some custom HTML …

20 active installs v1.0 PHP + WP 3.7+ Updated May 14, 2017

disableformattinghtmlshortcodewpautop

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is No Format Shortcode Safe to Use in 2026?

Generally Safe

Score 85/100

No Format Shortcode has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

The "no-format-shortcode" v1.0 plugin exhibits an exceptionally strong security posture based on the provided static analysis and vulnerability history. The absence of any identified attack surface, dangerous functions, raw SQL queries, unescaped output, file operations, external requests, or taint flows is a significant strength. This indicates robust development practices, where all potential entry points and sensitive operations are either absent or correctly secured and sanitized.

The plugin's vulnerability history further reinforces this positive assessment, with zero recorded CVEs of any severity. This lack of historical vulnerabilities, especially critical or high, suggests a mature and well-maintained codebase that has likely undergone thorough security scrutiny. The fact that there are no common vulnerability types recorded also points towards a consistent adherence to secure coding principles.

While the data overwhelmingly points to a secure plugin, the absolute zero in many categories, particularly attack surface and taint analysis, is noteworthy. It's possible that the plugin's functionality is extremely limited or that the analysis tooling has limitations. However, based solely on the provided data, this plugin appears to be highly secure and presents a negligible risk to WordPress sites.

Vulnerabilities

None known

No Format Shortcode Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

No Format Shortcode Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

No Format Shortcode Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 2

filterthe_contentno-format-shortcode.php:26

filterthe_excerptno-format-shortcode.php:27

Maintenance & Trust

No Format Shortcode Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.32

Last updatedMay 14, 2017

PHP min version

Downloads1K

Community Trust

Rating100/100

Number of ratings1

Active installs20

Alternatives

No Format Shortcode Alternatives

LCT Temporary wpautop Disable Shortcode

lct-temporary-wpautop-disable-shortcode

Use a simple shortcode to bypass the sometimes damaging effect of the wpautop function.

10 No CVEs

Wpautop Mask

wpautop-mask

Toggle wpautop with shortcodes.

10 No CVEs

Shortcoder — Create Shortcodes for Anything

shortcoder

Create custom "Shortcodes" easily for HTML, JavaScript, CSS code snippets and use the shortcodes within posts, pages & widgets

100K 2 CVEs

HTML Page Sitemap

html-sitemap

100

Adds an HTML (Not XML) sitemap of your pages (not posts) by entering the shortcode [html_sitemap], perfect for those who use WordPress as a CMS.

10K No CVEs

Raw HTML

raw-html

Lets you use raw HTML or any other code in your posts. You can also disable smart quotes and other automatic formatting on a per-post basis.

10K No CVEs

Developer Profile

No Format Shortcode Developer Profile

Greg

3 plugins · 630 total installs

trust score

Avg Security Score

78/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect No Format Shortcode

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

HTML Comments

Shortcode Output

<p></p>

FAQ