Does WP Dark Mode – Improve Accessibility with AI Powered Dark Theme have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Dark Mode – Improve Accessibility with AI Powered Dark Theme compatible with WordPress 6.9.4?

According to WordPress.org data, WP Dark Mode – Improve Accessibility with AI Powered Dark Theme 5.3.5 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

WP Dark Mode – Improve Accessibility with AI Powered Dark Theme Security & Risk Analysis

wordpress.org/plugins/wp-dark-mode

Enable dark mode on WordPress without any coding. Improve site accessibility with a stunning dark theme that improves conversion.

20K active installs v5.3.5 PHP 5.6+ WP 5.0+ Updated Apr 9, 2026

accessibilitydarkdark-modedark-themenight-mode

A · Safe

CVEs total4

Unpatched0

Last CVEJun 5, 2024

Plugin page Download

Safety Verdict

Is WP Dark Mode – Improve Accessibility with AI Powered Dark Theme Safe to Use in 2026?

Generally Safe

Score 96/100

WP Dark Mode – Improve Accessibility with AI Powered Dark Theme has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

4 known CVEsLast CVE: Jun 5, 2024Updated 1mo ago

Risk Assessment

The "wp-dark-mode" plugin, version 5.3.3, demonstrates several positive security practices, including a significant percentage of prepared SQL statements and properly escaped output. The absence of unprotected entry points (AJAX, REST API) and the presence of numerous capability checks are strong indicators of a security-conscious development approach. However, concerns arise from the taint analysis, which identified one flow with unsanitized paths, labeled as high severity. This suggests a potential for path traversal or similar vulnerabilities if not handled with extreme care in the affected code. The plugin's vulnerability history is a notable area of concern. With four previously disclosed CVEs, including one high and three medium severity vulnerabilities, it indicates a pattern of past security weaknesses. While there are currently no unpatched vulnerabilities, the recurrence of common types like path traversal, XSS, and authorization issues suggests a need for ongoing vigilance and thorough code auditing. The most recent vulnerability was reported very recently, highlighting the continuous need for updates and patches.

Key Concerns

High severity taint flow with unsanitized paths
History of High severity vulnerabilities
History of Medium severity vulnerabilities
Vulnerability types: Path Traversal, XSS, Missing Auth
Recent vulnerability reported

Vulnerabilities

4 published

WP Dark Mode – Improve Accessibility with AI Powered Dark Theme Security Vulnerabilities

CVEs by Year

1 CVE in 2022

2022

2 CVEs in 2023

2023

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

High

Medium

4 total CVEs

CVE-2024-5449medium · 4.3Missing Authorization

WP Dark Mode – WordPress Dark Mode Plugin for Improved Accessibility, Dark Theme, Night Mode, and Social Sharing <= 5.0.4 - Missing Authorization

Jun 5, 2024 Patched in 5.0.5 (1d)

CVE-2023-0467high · 8.8Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

WP Dark Mode <= 4.0.7 - Authenticated (Subscriber+) Local File Inclusion via 'style'

Mar 6, 2023 Patched in 4.0.8 (323d)

CVE-2022-4714medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

WP Dark Mode <= 3.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Jan 30, 2023 Patched in 4.0.0 (358d)

WF-84003388-c47c-41db-8d2d-4643aa375a89-wp-dark-modemedium · 4.3Missing Authorization

Appsero <= 1.2.1 - Missing Authorization

Dec 16, 2022 Patched in 3.0.5 (699d)

Version History

WP Dark Mode – Improve Accessibility with AI Powered Dark Theme Release Timeline

v5.3.5Current

v5.3.4

v5.3.3

v5.3.2

v5.3.1

v5.3.0

v5.2.20

v5.2.19

v5.2.18

v5.2.17

v5.2.16

v5.2.15

v5.2.14

v5.2.13

v5.2.12

v5.2.11

v5.2.10

v5.2.9

v5.2.8

v5.2.7

Code Analysis

Analyzed Mar 16, 2026

WP Dark Mode – Improve Accessibility with AI Powered Dark Theme Code Analysis

Dangerous Functions

Raw SQL Queries

22 prepared

Unescaped Output

343 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

96% prepared23 total queries

Output Escaping

94% escaped366 total outputs

Data Flows · Security

1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths

<class-ajax> (includes\classes\class-ajax.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

WP Dark Mode – Improve Accessibility with AI Powered Dark Theme Attack Surface

Entry Points19

Unprotected0

AJAX Handlers 5

authwp_ajax_wp_dark_mode_update_visitorincludes\classes\class-ajax.php:37

noprivwp_ajax_wp_dark_mode_update_visitorincludes\classes\class-ajax.php:38

authwp_ajax_wpdm_social_share_save_optionsincludes\modules\social-share\class-social-share.php:44

authwp_ajax_wpdm_social_share_counterincludes\modules\social-share\class-social-share.php:45

authwp_ajax_no_priv_wpdm_social_share_counterincludes\modules\social-share\class-social-share.php:46

REST API Routes 6

GET/wp-json/wp-dark-mode/settingsincludes\admin\class-admin-rest.php:49

PUT/wp-json/wp-dark-mode/settingsincludes\admin\class-admin-rest.php:60

DELETE/wp-json/wp-dark-mode/settingsincludes\admin\class-admin-rest.php:77

POST/wp-json/wp-dark-mode/noticeincludes\admin\class-admin-rest.php:88

GET/wp-json/wp-dark-mode/visitorsincludes\admin\class-admin-rest.php:99

GET/wp-json/wp-dark-mode/contentsincludes\admin\class-admin-rest.php:110

Shortcodes 8

[WP_Dark_Mode] includes\modules\class-recommended-plugins.php:29

[wp-dark-mode] includes\modules\class-recommended-plugins.php:32

[wp-dark-mode] includes\modules\class-shortcode.php:34

[wp_dark_mode] includes\modules\class-shortcode.php:36

[wp-dark-mode-switch] includes\modules\class-shortcode.php:39

[wp_dark_mode_switch] includes\modules\class-shortcode.php:41

[WP_Dark_Mode] includes\modules\class-tools.php:31

[wp-dark-mode] includes\modules\class-tools.php:34

WordPress Hooks 63

actionadmin_enqueue_scriptsincludes\admin\class-admin-assets.php:36

actionelementor/editor/before_enqueue_scriptsincludes\admin\class-admin-assets.php:40

actioninitincludes\admin\class-admin-assets.php:43

actionadmin_initincludes\admin\class-admin-assets.php:45

filterscript_loader_tagincludes\admin\class-admin-assets.php:56

filterwp_dark_mode_admin_activatedincludes\admin\class-admin-assets.php:57

filtermce_external_pluginsincludes\admin\class-admin-assets.php:327

filtermce_buttonsincludes\admin\class-admin-assets.php:332

actionadmin_initincludes\admin\class-admin-install.php:51

actionadmin_menuincludes\admin\class-admin-menus.php:33

actionadmin_headincludes\admin\class-admin-menus.php:35

actionadmin_initincludes\admin\class-admin-notices.php:38

actionadmin_footerincludes\admin\class-admin-notices.php:39

actionwp_dashboard_setupincludes\admin\class-admin-notices.php:40

actionadmin_noticesincludes\admin\class-admin-notices.php:42

actionadmin_bar_menuincludes\admin\class-admin-switches.php:33

actionadmin_initincludes\admin\class-admin-upgrade.php:39

actionadmin_initincludes\admin\class-admin-upgrade.php:44

actionadmin_initincludes\admin\class-admin-upgrade.php:45

actionwp_dark_mode_recommended_plugins_pageincludes\admin\class-recommended-plugins.php:123

actionadmin_initincludes\admin\class-recommended-plugins.php:125

actionswitch_themeincludes\appsero\Insights.php:135

actionswitch_themeincludes\appsero\Insights.php:136

actionadmin_footerincludes\appsero\Insights.php:147

actionadmin_noticesincludes\appsero\Insights.php:163

actionadmin_initincludes\appsero\Insights.php:166

filtercron_schedulesincludes\appsero\Insights.php:172

actionadmin_menuincludes\appsero\License.php:219

actionafter_switch_themeincludes\appsero\License.php:781

actionswitch_themeincludes\appsero\License.php:782

actionrest_api_initincludes\class-boot.php:107

actionwp_enqueue_scriptsincludes\classes\class-assets.php:36

actionlogin_enqueue_scriptsincludes\classes\class-assets.php:37

filterscript_loader_tagincludes\classes\class-assets.php:40

actionwp_footerincludes\classes\class-assets.php:311

filterwp_dark_mode_excluded_elementsincludes\classes\class-extended.php:34

actionwp_footerincludes\classes\class-switches.php:37

actionlogin_footerincludes\classes\class-switches.php:38

filterlanguage_attributesincludes\classes\class-triggers.php:37

actionwp_enqueue_scriptsincludes\compatibility\class-compatibility.php:224

actionwp_enqueue_scriptsincludes\compatibility\class-compatibility.php:252

filterlanguage_attributesincludes\compatibility\class-themes.php:31

actioninitincludes\models\class-visitor.php:36

actionelementor/widgets/registerincludes\modules\elementor\class-element.php:39

actionelementor/controls/registerincludes\modules\elementor\class-element.php:40

actionelementor/editor/after_enqueue_scriptsincludes\modules\elementor\class-element.php:41

actioninitincludes\modules\gutenberg\class-block.php:29

actionwp_dark_mode_loadedincludes\modules\social-share\class-social-share.php:38

actionadmin_menuincludes\modules\social-share\class-social-share.php:40

actionadmin_enqueue_scriptsincludes\modules\social-share\class-social-share.php:42

actionadmin_headincludes\modules\social-share\class-social-share.php:49

filterwpdarkmode_settings_option_namesincludes\modules\social-share\class-social-share.php:63

actionwp_enqueue_scriptsincludes\modules\social-share\class-social-share.php:81

actionwp_headincludes\modules\social-share\class-social-share.php:82

filterthe_contentincludes\modules\social-share\class-social-share.php:85

actionadmin_enqueue_scriptsincludes\wppool\class-plugin.php:295

actionadmin_footerincludes\wppool\class-plugin.php:296

actionelementor/editor/after_enqueue_scriptsincludes\wppool\class-plugin.php:299

actionelementor/editor/headerincludes\wppool\class-plugin.php:300

filterwppool_pluginsincludes\wppool\class-plugin.php:1281

filterwppool_pluginsincludes\wppool\class-plugin.php:1321

filterappsero_is_localincludes\wppool\class-plugin.php:1334

actionplugins_loadedincludes\wppool\class-plugin.php:1337

Maintenance & Trust

WP Dark Mode – Improve Accessibility with AI Powered Dark Theme Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedApr 9, 2026

PHP min version5.6

Downloads1.3M

Community Trust

Rating90/100

Number of ratings388

Active installs20K

Alternatives

WP Dark Mode – Improve Accessibility with AI Powered Dark Theme Alternatives

Dusky Dark Mode – Dark Mode for Gutenberg and Elementor

dusky-dark-mode

100

Enable Dark Mode on your website & get an awesome user experience with advanced features.

200 No CVEs

DarkMeta Dark Mode

darkmeta-dark-mode

100

Transform WordPress site with the best dark mode plugin complete with options, dashboard dark mode, accessibility features, and no coding required.

0 No CVEs

Dark Mode Toggle

dark-mode-toggle

100

Bring dark mode toggle switch to your WordPress website. A simple switch to turn on and off the dark mode. Fast and easy to use.

2K No CVEs

DarkMySite – Advanced Dark Mode Plugin for WordPress

darkmysite

Best WordPress dark mode plugin to ready your site for the night. Multiple floating switch to choose between night mode and normal mode.

1K 1 CVE

DarkLooks – Dark Mode Switcher For WordPress

darklooks-dark-mode-switcher

100

Short Description: Enable dark mode on your WordPress site for better eye comfort in low-light environments.

900 No CVEs

Developer Profile

WP Dark Mode – Improve Accessibility with AI Powered Dark Theme Developer Profile

WPPOOL

16 plugins · 32K total installs

trust score

Avg Security Score

98/100

Avg Patch Time

322 days

View full developer profile

Detection Fingerprints

How We Detect WP Dark Mode – Improve Accessibility with AI Powered Dark Theme

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-dark-mode/assets/css/admin-common.css/wp-content/plugins/wp-dark-mode/assets/css/admin-settings.css/wp-content/plugins/wp-dark-mode/assets/js/admin-dark-mode.min.js/wp-content/plugins/wp-dark-mode/assets/js/admin-common.min.js/wp-content/plugins/wp-dark-mode/assets/js/admin-settings.min.js

Script Paths

/wp-content/plugins/wp-dark-mode/assets/js/admin-dark-mode.min.js/wp-content/plugins/wp-dark-mode/assets/js/admin-common.min.js/wp-content/plugins/wp-dark-mode/assets/js/admin-settings.min.js

Version Parameters

/wp-content/plugins/wp-dark-mode/assets/css/admin-common.css?ver=/wp-content/plugins/wp-dark-mode/assets/css/admin-settings.css?ver=/wp-content/plugins/wp-dark-mode/assets/js/admin-dark-mode.min.js?ver=/wp-content/plugins/wp-dark-mode/assets/js/admin-common.min.js?ver=/wp-content/plugins/wp-dark-mode/assets/js/admin-settings.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

wp-dark-mode-ignore

Data Attributes

data-wp-dark-mode-loading

JS Globals

wp_dark_mode_admin_jsonwp_dark_mode_icons

REST Endpoints

/wp-json/wp-dark-mode

FAQ