WP-Safety

Yandex Speller Application Security & Risk Analysis

wordpress.org/plugins/yandex-speller-application

Проверка правописания в TinyMCE, используя Яндекс.Спеллер.

100 active installs v1.0.2 PHP + WP 2.8.4+ Updated Sep 17, 2014
spellertinymcewysiwygyandex
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Yandex Speller Application Safe to Use in 2026?

Generally Safe

Score 85/100

Yandex Speller Application has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago
Risk Assessment

The yandex-speller-application plugin v1.0.2 demonstrates a generally good security posture based on the static analysis. The plugin has zero recorded CVEs, indicating a history of stability and security. Crucially, there are no apparent entry points like AJAX handlers, REST API routes, or shortcodes, which significantly reduces the attack surface. Furthermore, all detected SQL queries utilize prepared statements, and there are no critical or high severity taint flows. This suggests the developers have prioritized secure coding practices regarding data handling and input validation.

Key Concerns

  • Missing capability checks
  • Missing nonce checks
  • Half of output not properly escaped
Vulnerabilities
None known

Yandex Speller Application Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Yandex Speller Application Release Timeline

No version history available.
Code Analysis
Analyzed Mar 16, 2026

Yandex Speller Application Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
1
1 escaped
Nonce Checks
0
Capability Checks
0
File Operations
1
External Requests
0
Bundled Libraries
0

Output Escaping

50% escaped2 total outputs
Attack Surface

Yandex Speller Application Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 2
filtermce_spellchecker_languagesyandex-speller-application.php:39
filtertiny_mce_before_inityandex-speller-application.php:40
Maintenance & Trust

Yandex Speller Application Maintenance & Trust

Maintenance Signals

WordPress version tested3.3.2
Last updatedSep 17, 2014
PHP min version
Downloads9K

Community Trust

Rating0/100
Number of ratings0
Active installs100
Alternatives

Yandex Speller Application Alternatives

Black Studio TinyMCE Widget

Black Studio TinyMCE Widget

black-studio-tinymce-widget

A
100

The visual editor widget for WordPress.

200K No CVEs
Visual Term Description Editor

Visual Term Description Editor

visual-term-description-editor

A
92

Replaces the plain-text category and tag description editor with a visual editor.

20K No CVEs
Advanced TinyMCE Configuration

Advanced TinyMCE Configuration

advanced-tinymce-configuration

A
85

Set advanced TinyMCE options for the classic block and classic editor.

10K No CVEs
Advanced Post Excerpt

Advanced Post Excerpt

advanced-post-excerpt

A
85

Replace the default Post Excerpt meta box with a superior editing experience.

2K No CVEs
Clear Floats Button

Clear Floats Button

clear-floats-button

A
85

Adds clear float button to TinyMCE Editor.

2K No CVEs
Developer Profile

Yandex Speller Application Developer Profile

Dmitry Ponomarev

1 plugin · 100 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Yandex Speller Application

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about Yandex Speller Application