Does pure writing have any unpatched vulnerabilities?

No. All known vulnerabilities in pure writing have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is pure writing compatible with WordPress 3.9.40?

According to WordPress.org data, pure writing 0.1 has been tested up to WordPress 3.9.40. Check the plugin's changelog for the latest compatibility information.

How often is pure writing updated?

pure writing was last updated on Jul 15, 2014. Frequent updates are generally a positive security signal.

What is pure writing's security score?

pure writing has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

pure writing Security & Risk Analysis

wordpress.org/plugins/pure-writing

增强Wordpress的编辑器功能，让你享受纯粹的写作。

50 active installs v0.1 PHP + WP 3.9+ Updated Jul 15, 2014

advance-tinymcebetter-tinymcebetter-writing%e7%bc%96%e8%be%91%e5%99%a8editorformatting

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is pure writing Safe to Use in 2026?

Generally Safe

Score 85/100

pure writing has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The static analysis of the 'pure-writing' plugin v0.1 reveals a remarkably clean codebase with no identified dangerous functions, raw SQL queries, unescaped output, file operations, or external HTTP requests. The absence of taint flow analysis results with unsanitized paths further indicates a strong adherence to secure coding practices in these areas. Furthermore, the plugin has no known vulnerabilities in its history, which is a very positive indicator. This suggests a proactive approach to security by the developers.

However, the plugin's attack surface is reported as zero, with no AJAX handlers, REST API routes, shortcodes, or cron events. While this generally points to security, it also means there are no explicit mechanisms for user interaction or data processing that would typically require robust nonce and capability checks. The presence of two capability checks without any identified entry points is unusual and could suggest unexercised code paths or a limited feature set. Despite the lack of identified vulnerabilities, the extremely small attack surface and the context of these capability checks warrant a cautious approach. The plugin's security posture appears good based on the provided data, but its limited functionality might be the primary reason for this. It's essential to monitor for any future updates or additions that might introduce new attack vectors.

Key Concerns

Capability checks present without identified entry points

Vulnerabilities

None known

pure writing Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

pure writing Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

pure writing Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 4

actioninitinc\main.php:11

filtermce_external_pluginsinc\main.php:19

filtermce_buttons_3inc\main.php:20

filtertiny_mce_before_initinc\main.php:21

Maintenance & Trust

pure writing Maintenance & Trust

Maintenance Signals

WordPress version tested3.9.40

Last updatedJul 15, 2014

PHP min version

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs50

Alternatives

pure writing Alternatives

Elementor Website Builder – More Than Just a Page Builder

elementor

The Elementor Website Builder has it all: drag and drop page builder, pixel perfect design, mobile responsive editing, and more. Get started now!

10.0M 45 CVEs

Classic Editor

classic-editor

100

Enables the previous "classic" editor and the old-style Edit Post screen with TinyMCE, Meta Boxes, etc. Supports all plugins that extend this screen.

9.0M No CVEs

Starter Templates – AI-Powered Templates for Elementor & Gutenberg

astra-sites

The growing library of 300+ ready-to-use templates that work with all WordPress themes including Astra, Hello, OceanWP, GeneratePress and more

2.0M 7 CVEs

Classic Widgets

classic-widgets

100

Enables the previous "classic" widgets settings screens in Appearance - Widgets and the Customizer. Disables the block editor from managing widgets.

2.0M No CVEs

Advanced Editor Tools

tinymce-advanced

100

Extends and enhances the block editor (Gutenberg) and the classic editor (TinyMCE).

2.0M 1 CVE

Developer Profile

pure writing Developer Profile

young

2 plugins · 60 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect pure writing

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/pure-writing/css/pure-writing.css/wp-content/plugins/pure-writing/js/pure-writing.js

Script Paths

/wp-content/plugins/pure-writing/js/pure-writing.js

Version Parameters

pure-writing/css/pure-writing.css?ver=pure-writing/js/pure-writing.js?ver=

HTML / DOM Fingerprints

FAQ