Is react-draft-wysiwyg safe to use?

react-draft-wysiwyg has 1 known vulnerabilities on the latest version (1.15.0). DepScope rates its health at 48/100 (high risk).

What is the latest version of react-draft-wysiwyg?

The latest version of react-draft-wysiwyg is 1.15.0, released 2022-07-17.

Does react-draft-wysiwyg have known vulnerabilities?

Yes. react-draft-wysiwyg has 1 known vulnerabilities. See depscope.dev/pkg/npm/react-draft-wysiwyg for details.

Is react-draft-wysiwyg deprecated?

No, react-draft-wysiwyg is actively maintained. Latest release: 1.15.0 (2022-07-17).

What are alternatives to react-draft-wysiwyg?

Popular alternatives to react-draft-wysiwyg in npm include: semver, debug, ansi-styles, ms, supports-color.

What license does react-draft-wysiwyg use?

react-draft-wysiwyg is licensed under MIT.

react-draft-wysiwyg

npmv1.15.0

A wysiwyg on top of DraftJS.

License MITpermissive131 versions1 maintainers5 deps

jpuri/react-draft-wysiwyg

/ 100

Health

safe to use

[email protected] is safe to use (health: 48/100)

Health breakdown0 – 100

0/25

maintenance

0/20

popularity

25/25

security

15/15

maturity

8/15

community

Vulnerabilities

1 low

Advisories (1)

Severity	ID	Summary	Fixed in
low	CVE-2025-3191	React Draft Wysiwyg Cross-Site Scripting (XSS) via the Embedded Button	—

Bundle & TypeScript

📦

Bundle Size

230.9 KBminified

47.2 KB gzipped

5 direct dependencies

side effects

🌟

TypeScript

7/10typed

Types from @types/react-draft-wysiwyg (DefinitelyTyped)

Health History

Dependency Tree

License Audit

Dependencies (5)

classnames draftjs-utils html-to-draftjs linkify-it prop-types

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/react-draft-wysiwyg