Does Sunrise have any unpatched vulnerabilities?

No. All known vulnerabilities in Sunrise have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Sunrise compatible with WordPress 4.0.38?

According to WordPress.org data, Sunrise 2.0.0 has been tested up to WordPress 4.0.38. Check the plugin's changelog for the latest compatibility information.

How often is Sunrise updated?

Sunrise was last updated on Aug 8, 2013. Frequent updates are generally a positive security signal.

What is Sunrise's security score?

Sunrise has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Sunrise Security & Risk Analysis

wordpress.org/plugins/sunrise

Plugin framework, that was designed to speed up plugin deployment and development

10 active installs v2.0.0 PHP + WP 3.3+ Updated Aug 8, 2013

admindeveloperdevelopmentframework

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Sunrise Safe to Use in 2026?

Generally Safe

Score 85/100

Sunrise has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The "sunrise" v2.0.0 plugin exhibits a strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events with unprotected entry points indicates a minimal attack surface. Furthermore, the code signals reveal a lack of dangerous functions, no file operations, and no external HTTP requests, all positive indicators. The fact that all SQL queries utilize prepared statements is a significant strength, as is the absence of any recorded vulnerabilities (CVEs). However, a notable concern is the very low percentage (3%) of properly escaped output. This suggests a high risk of Cross-Site Scripting (XSS) vulnerabilities, as user-supplied data is likely being outputted without adequate sanitization, potentially allowing malicious scripts to be injected and executed within the user's browser.

Key Concerns

Low output escaping coverage

Vulnerabilities

None known

Sunrise Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Sunrise Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

110

3 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

3% escaped113 total outputs

Attack Surface

Sunrise Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actionadmin_headclasses\sunrise.class.php:246

actionadmin_footerclasses\sunrise.class.php:247

actionadmin_initclasses\sunrise.class.php:249

actionadmin_menuclasses\sunrise.class.php:251

actionadmin_menuclasses\sunrise.class.php:253

actioninitplugin-example.php:35

Maintenance & Trust

Sunrise Maintenance & Trust

Maintenance Signals

WordPress version tested4.0.38

Last updatedAug 8, 2013

PHP min version

Downloads4K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

Sunrise Alternatives

Apermo AdminBar

apermo-adminbar

This plugin allows you to add links between a development, staging and live version of your website, and adds them to the AdminBar.

60 No CVEs

Apermo AdminBar Toggle

apermo-adminbar-toggle

This plugin simple allows you to toggle the AdminBar on and off just with the keyboard.

10 No CVEs

Apermo Xdebug

apermo-xdebug

This plugin helps developers that use Xdebug.

10 No CVEs

Toolbar Plugins Link

toolbar-plugins-link

Toolbar Plugins Link customizes the Admin Toolbar and adds a shortcut to the plugins page.

10 No CVEs

Development Mode

development-mode

Uses Sunrise theme on Dashboard and Frontend to visually represent development mode

0 No CVEs

Developer Profile

Sunrise Developer Profile

Vova

4 plugins · 400K total installs

trust score

Avg Security Score

86/100

Avg Patch Time

403 days

View full developer profile

Detection Fingerprints

How We Detect Sunrise

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/sunrise/assets/css/sunrise.css/wp-content/plugins/sunrise/assets/js/form.js/wp-content/plugins/sunrise/assets/js/sunrise.js

Script Paths

https://gndev.info/sunrise/sunrise.js

Version Parameters

sunrise-plugin-framework-formsunrise-plugin-framework

HTML / DOM Fingerprints

HTML Comments

JS Globals

window.sunrise_plugin_framework

FAQ

Sunrise Security & Risk Analysis

Is Sunrise Safe to Use in 2026?

Generally Safe

Key Concerns

Sunrise Security Vulnerabilities

Sunrise Code Analysis

Output Escaping

Sunrise Attack Surface

Sunrise Maintenance & Trust

Maintenance Signals

Community Trust

Sunrise Alternatives

Apermo AdminBar

Apermo AdminBar Toggle

Apermo Xdebug

Toolbar Plugins Link

Development Mode

Sunrise Developer Profile

How We Detect Sunrise

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Sunrise