WP-code-button Security & Risk Analysis

wordpress.org/plugins/wp-code-button

This plugin code prettify plugin using google code prettify. the code higlighting effect will be seen directly in the tinymce editor.

10 active installs v0.4 PHP + WP 2.7+ Updated Dec 6, 2015
codehighlightingprettify%e4%bb%a3%e7%a0%81%e9%ab%98%e4%ba%ae
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Safety Verdict

Is WP-code-button Safe to Use in 2026?

Generally Safe

Score 85/100

WP-code-button has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago
Risk Assessment

The "wp-code-button" v0.4 plugin exhibits a strong security posture based on the provided static analysis. There are no identified entry points like AJAX handlers, REST API routes, or shortcodes that are exposed without authentication. The code also demonstrates good practices with 100% of SQL queries using prepared statements and all outputs being properly escaped. Furthermore, the absence of dangerous functions, file operations, external HTTP requests, nonce checks, and capability checks further enhances its security.

The vulnerability history for this plugin is entirely clean, with no known CVEs, either currently unpatched or historical. This, combined with the zero-issue findings in taint analysis, suggests a well-developed and secure plugin. The only notable component is the bundling of TinyMCE, which is a common and generally well-maintained library.

In conclusion, "wp-code-button" v0.4 appears to be a very secure plugin. Its minimal attack surface, adherence to secure coding practices in the analyzed areas, and lack of any recorded vulnerabilities present a low-risk profile. The bundled TinyMCE is a standard component and unlikely to introduce significant risk unless it's an exceptionally outdated version, which is not indicated.

Vulnerabilities
None known

WP-code-button Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

WP-code-button Release Timeline

No version history available.
Code Analysis
Analyzed Mar 17, 2026

WP-code-button Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

TinyMCE
Attack Surface

WP-code-button Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 4
actioninitwp-code-button.php:12
filtermce_external_pluginswp-code-button.php:20
filtermce_buttonswp-code-button.php:21
actionwp_enqueue_scriptswp-code-button.php:46
Maintenance & Trust

WP-code-button Maintenance & Trust

Maintenance Signals

WordPress version tested4.3.34
Last updatedDec 6, 2015
PHP min version
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Developer Profile

WP-code-button Developer Profile

a454213722

1 plugin · 10 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect WP-code-button

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-code-button/prettify.css/wp-content/plugins/wp-code-button/editor_plugin.js/wp-content/plugins/wp-code-button/prettify.js
Script Paths
/wp-content/plugins/wp-code-button/editor_plugin.js/wp-content/plugins/wp-code-button/prettify.js

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about WP-code-button