WP-Safety

TinyMCE Advanced Language Pack Security & Risk Analysis

wordpress.org/plugins/tinymce-advanced-language-pack

Adds more translations for the TinyMCE components used in the TinyMCE Advanced plugin.

600 active installs v1.0 PHP + WP 3.7+ Updated Oct 24, 2013
editortinymcewritewysiwyg
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is TinyMCE Advanced Language Pack Safe to Use in 2026?

Generally Safe

Score 85/100

TinyMCE Advanced Language Pack has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago
Risk Assessment

The "tinymce-advanced-language-pack" plugin v1.0 exhibits a strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the plugin's attack surface. Furthermore, the code analysis reveals no dangerous functions, file operations, or external HTTP requests. The plugin also adheres to secure coding practices by not utilizing raw SQL queries and ensuring that all identified outputs are properly escaped. The lack of any recorded vulnerabilities, including critical or high-severity ones, in its history further reinforces this positive assessment. This suggests a well-developed and securely coded plugin with a minimal risk profile.

Key Concerns

  • Bundled outdated library (TinyMCE v1.0)
  • No nonce checks implemented
  • No capability checks implemented
Vulnerabilities
None known

TinyMCE Advanced Language Pack Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

TinyMCE Advanced Language Pack Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

TinyMCE1.0
Attack Surface

TinyMCE Advanced Language Pack Attack Surface

Entry Points0
Unprotected0
Maintenance & Trust

TinyMCE Advanced Language Pack Maintenance & Trust

Maintenance Signals

WordPress version tested3.7.41
Last updatedOct 24, 2013
PHP min version
Downloads16K

Community Trust

Rating0/100
Number of ratings0
Active installs600
Alternatives

TinyMCE Advanced Language Pack Alternatives

pure writing

pure writing

pure-writing

A
85

增强Wordpress的编辑器功能,让你享受纯粹的写作。

50 No CVEs
Black Studio TinyMCE Widget

Black Studio TinyMCE Widget

black-studio-tinymce-widget

A
100

The visual editor widget for WordPress.

200K No CVEs
Advanced TinyMCE Configuration

Advanced TinyMCE Configuration

advanced-tinymce-configuration

A
85

Set advanced TinyMCE options for the classic block and classic editor.

10K No CVEs
WP Super Edit

WP Super Edit

wp-super-edit

C
63

Get control of the WordPress wysiwyg visual editor and add some functionality with more buttons and custom TinyMCE plugins.

2K 1 unpatched
tinyWYM Editor

tinyWYM Editor

tinywym-editor

A
85

Convert WordPress's WYSIWYG editor into a WYSIWYM editor. Add and edit any HTML tag and attribute from the visual editor.

1K No CVEs
Developer Profile

TinyMCE Advanced Language Pack Developer Profile

Andrew Ozz

6 plugins · 2.0M total installs

72
trust score
Avg Security Score
90/100
Avg Patch Time
3424 days
View full developer profile
Detection Fingerprints

How We Detect TinyMCE Advanced Language Pack

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/tinymce-advanced-language-pack/js/tinymce-lang.js
Script Paths
/wp-content/plugins/tinymce-advanced-language-pack/js/tinymce-lang.js

HTML / DOM Fingerprints

JS Globals
tinymce_lang
FAQ

Frequently Asked Questions about TinyMCE Advanced Language Pack