Does Toggle wpautop have any unpatched vulnerabilities?

No. All known vulnerabilities in Toggle wpautop have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Toggle wpautop compatible with WordPress 5.7.15?

According to WordPress.org data, Toggle wpautop 1.3.0 has been tested up to WordPress 5.7.15. Check the plugin's changelog for the latest compatibility information.

Is Toggle wpautop compatible with PHP 5.6+?

Toggle wpautop requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Toggle wpautop updated?

Toggle wpautop was last updated on Apr 7, 2021. Frequent updates are generally a positive security signal.

What is Toggle wpautop's security score?

Toggle wpautop has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Toggle wpautop Security & Risk Analysis

wordpress.org/plugins/toggle-wpautop

Easily disable the default wpautop filter on a post by post basis.

10K active installs v1.3.0 PHP 5.6+ WP 3.0+ Updated Apr 7, 2021

editorexcerptformattingpost-contentwpautop

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Toggle wpautop Safe to Use in 2026?

Generally Safe

Score 85/100

Toggle wpautop has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The "toggle-wpautop" v1.3.0 plugin demonstrates a strong security posture based on the provided static analysis. The complete absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the potential attack surface. Furthermore, the code analysis reveals no dangerous functions, all SQL queries utilize prepared statements, and all output is properly escaped, indicating good development practices. The presence of nonce and capability checks, although minimal in their application due to the limited attack surface, are positive indicators. The lack of any recorded vulnerabilities or CVEs in its history is also a very favorable sign. The taint analysis showing zero flows with unsanitized paths further solidifies its secure design. Overall, this plugin appears to be very secure, with no immediate or inherent security risks identified in the provided data. Its strengths lie in its minimal attack surface and adherence to secure coding principles for the limited functionality it appears to offer.

Vulnerabilities

None known

Toggle wpautop Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Toggle wpautop Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

6 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped6 total outputs

Attack Surface

Toggle wpautop Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 13

actionplugins_loadedtoggle-wpautop.php:46

actionadmin_inittoggle-wpautop.php:47

actionadmin_inittoggle-wpautop.php:49

actionadd_meta_boxestoggle-wpautop.php:50

actionsave_posttoggle-wpautop.php:51

actionthe_posttoggle-wpautop.php:52

actionloop_endtoggle-wpautop.php:53

filterpost_classtoggle-wpautop.php:55

actionpost_submitbox_misc_actionstoggle-wpautop.php:221

filterthe_contenttoggle-wpautop.php:292

filterthe_excerpttoggle-wpautop.php:296

filterthe_contenttoggle-wpautop.php:309

filterthe_excerpttoggle-wpautop.php:313

Maintenance & Trust

Toggle wpautop Maintenance & Trust

Maintenance Signals

WordPress version tested5.7.15

Last updatedApr 7, 2021

PHP min version5.6

Downloads108K

Community Trust

Rating98/100

Number of ratings32

Active installs10K

Alternatives

Toggle wpautop Alternatives

Empty P Tag

empty-p-tag

This plugin hides empty paragraphs and make your butyfull design without breaking design.

800 No CVEs

Remove Blank P Tag

remove-blank-p-tag

100

This plugin remove extra p and br tags from the_content and the_excerpt.

400 No CVEs

Remove Wpautop

remove-wpautop

This plugin remove extra p and br tags from the_content and the_excerpt.

300 No CVEs

Remove empty p tag

remove-empty-p-tag

This plugin remove extra p and br tags from the_content and the_excerpt.

10 No CVEs

Wpautop Mask

wpautop-mask

Toggle wpautop with shortcodes.

10 No CVEs

Developer Profile

Toggle wpautop Developer Profile

Jonathan Desrosiers

9 plugins · 21K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Toggle wpautop

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

lp-wpautop

Data Attributes

name="_lp_disable_wpautop"id="_lp_disable_wpautop"name="_lp_wpautop_nonce"id="lp_toggle_wpautop_auto"name="lp_toggle_wpautop_auto"id="lp_toggle_wpautop_post_types_+1 more

FAQ

Toggle wpautop Security & Risk Analysis

Is Toggle wpautop Safe to Use in 2026?

Generally Safe

Toggle wpautop Security Vulnerabilities

Toggle wpautop Code Analysis

Output Escaping

Toggle wpautop Attack Surface

Toggle wpautop Maintenance & Trust

Maintenance Signals

Community Trust

Toggle wpautop Alternatives

Empty P Tag

Remove Blank P Tag

Remove Wpautop

Remove empty p tag

Wpautop Mask

Toggle wpautop Developer Profile

How We Detect Toggle wpautop

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Toggle wpautop