Theme or plugin editor are posing a risk to security, at least according to people a lot smarter than me!
Many auto-installers, hostings, security plugins are amending wp-config file by adding a couple of constants.
If you cannot see theme/plugin editor, check your wp-config.php file for the following lines:
define( 'DISALLOW_FILE_EDIT', true ); define( 'DISALLOW_FILE_MODS', true );
One or the other (or both together) may be blocking you from seeing those editors in the dashboard.
If any of these is present in your wp-config file, you may want to comment them out like this:
// define( 'DISALLOW_FILE_EDIT', true ); // define( 'DISALLOW_FILE_MODS', true );