Does Ultimate Addons for Elementor have any unpatched vulnerabilities?

No. All known vulnerabilities in Ultimate Addons for Elementor have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Ultimate Addons for Elementor compatible with WordPress 6.9.4?

According to WordPress.org data, Ultimate Addons for Elementor 2.8.5 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Ultimate Addons for Elementor compatible with PHP 7.4+?

Ultimate Addons for Elementor requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Ultimate Addons for Elementor updated?

Ultimate Addons for Elementor was last updated on Mar 11, 2026. Frequent updates are generally a positive security signal.

What is Ultimate Addons for Elementor's security score?

Ultimate Addons for Elementor has a WP-Safety security score of 96/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Ultimate Addons for Elementor Security & Risk Analysis

wordpress.org/plugins/header-footer-elementor

Powerful Elementor addon with advanced Elementor widgets, templates, WooCommerce widgets & Header-Footer builder to build professional websites fa …

2.0M active installs v2.8.5 PHP 7.4+ WP 5.0+ Updated Mar 11, 2026

elementorelementor-addonselementor-templateelementor-widgetsheader-footer-builder

A · Safe

CVEs total12

Unpatched0

Last CVESep 15, 2025

Plugin page Download

Safety Verdict

Is Ultimate Addons for Elementor Safe to Use in 2026?

Generally Safe

Score 96/100

Ultimate Addons for Elementor has a strong security track record. Known vulnerabilities have been patched promptly.

12 known CVEsLast CVE: Sep 15, 2025Updated 23d ago

Risk Assessment

The header-footer-elementor plugin v2.8.5 exhibits a mixed security posture. On the positive side, the static analysis reveals strong adherence to secure coding practices, with all AJAX handlers and REST API routes featuring authorization checks. The plugin also demonstrates excellent use of prepared statements for SQL queries and a high percentage of properly escaped output, mitigating common injection and XSS vulnerabilities. The presence of numerous nonce and capability checks further reinforces its defensive mechanisms.

However, concerns arise from the vulnerability history and taint analysis. The plugin has a significant history of 12 medium-severity CVEs, with common types including XSS and missing authorization. Although currently unpatched, this history suggests a recurring pattern of vulnerabilities that require careful attention and timely updates. The taint analysis, while limited in scope, did identify one flow with an unsanitized path and one high-severity flow, indicating potential avenues for exploitation despite the otherwise robust code.

In conclusion, while the current version shows improved security implementations, the past vulnerability record is a strong indicator that users must remain vigilant about updates. The identified taint flow, though critical severity is zero, warrants further investigation to ensure no residual risks exist. The strengths in input sanitization and authorization checks are commendable, but the historical pattern necessitates ongoing monitoring and prompt patching of any future disclosed vulnerabilities.

Key Concerns

Past medium severity CVEs indicate recurring issues
High severity taint flow identified
Flow with unsanitized path identified

Vulnerabilities

Ultimate Addons for Elementor Security Vulnerabilities

CVEs by Year

1 CVE in 2021

2021

9 CVEs in 2024

2024

2 CVEs in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

12 total CVEs

CVE-2025-9703medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Addons for Elementor Lite <= 2.4.9 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload

Sep 15, 2025 Patched in 2.5.0 (32d)

CVE-2025-8488medium · 4.3Missing Authorization

Ultimate Addons for Elementor (Formerly Elementor Header & Footer Builder) <= 2.4.6 - Missing Authorization to Authenticated (Subscriber+) Limited Settings Update

Aug 1, 2025 Patched in 2.4.7 (1d)

CVE-2024-11230medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Elementor Header & Footer Builder <= 1.6.46 - Authenticated (Contributor+) Stored Cross-Site Scripting via Page Title Widget

Dec 22, 2024 Patched in 1.6.47 (1d)

CVE-2024-10325medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Elementor Header & Footer Builder <= 1.6.45 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload

Nov 7, 2024 Patched in 1.6.46 (1d)

CVE-2024-10050medium · 4.3Exposure of Sensitive Information to an Unauthorized Actor

Elementor Header & Footer Builder <= 1.6.43 - Authenticated (Contributor+) Information Disclosure via Shortcode

Oct 23, 2024 Patched in 1.6.44 (16d)

CVE-2024-33933medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Elementor – Header, Footer & Blocks Template <= 1.6.35 - Authenticated (Contributor+) Stored Cross-Site Scripting

Jul 1, 2024 Patched in 1.6.36 (9d)

CVE-2024-5757medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Elementor Header & Footer Builder <= 1.6.35 - Authenticated (Contributor+) Stored Cross-Site Scripting via Site Title Widget

Jun 12, 2024 Patched in 1.6.36 (1d)

CVE-2024-2618medium · 6.4Improper Neutralization of Alternate XSS Syntax

Elementor Header & Footer Builder <= 1.6.26 - Authenticated (Contributor+) Stored Cross-Site Scripting

May 23, 2024 Patched in 1.6.26.1 (1d)

CVE-2024-2619medium · 5Missing Authorization

Elementor Header & Footer Builder <= 1.6.26 - Authenticated (Author+) HTML Injection

May 16, 2024 Patched in 1.6.27 (1d)

CVE-2024-4634medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Elementor Header & Footer Builder <= 1.6.28 - Authenticated (Contributor+) Stored Cross-Site Scripting

May 15, 2024 Patched in 1.6.29 (1d)

CVE-2024-1237medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Elementor Header & Footer Builder <= 1.6.24 - Authenticated (Contributor+) Stored Cross-Site Scripting

Mar 11, 2024 Patched in 1.6.25 (82d)

CVE-2021-24256medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Elementor Header & Footer Builder <= 1.5.7 - Stored Cross-Site Scripting

Apr 13, 2021 Patched in 1.5.8 (1064d)

Code Analysis

Analyzed Mar 16, 2026

Ultimate Addons for Elementor Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

395 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

SQL Query Safety

100% prepared4 total queries

Output Escaping

94% escaped419 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

5 flows1 with unsanitized paths

update_subscription (admin\class-hfe-addons-actions.php:434)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Ultimate Addons for Elementor Attack Surface

Entry Points24

Unprotected0

AJAX Handlers 16

authwp_ajax_uds_plugin_deactivate_feedbackadmin\bsf-analytics\modules\deactivation-survey\classes\class-deactivation-survey-feedback.php:54

authwp_ajax_hfe_recommended_plugin_activateadmin\class-hfe-addons-actions.php:53

authwp_ajax_hfe_recommended_plugin_installadmin\class-hfe-addons-actions.php:54

authwp_ajax_hfe_recommended_theme_installadmin\class-hfe-addons-actions.php:55

authwp_ajax_hfe_admin_modaladmin\class-hfe-addons-actions.php:56

authwp_ajax_hfe-update-subscriptionadmin\class-hfe-addons-actions.php:57

authwp_ajax_hfe_activate_widgetadmin\class-hfe-addons-actions.php:59

authwp_ajax_hfe_deactivate_widgetadmin\class-hfe-addons-actions.php:60

authwp_ajax_hfe_bulk_activate_widgetsadmin\class-hfe-addons-actions.php:62

authwp_ajax_hfe_bulk_deactivate_widgetsadmin\class-hfe-addons-actions.php:63

authwp_ajax_hfe_bulk_deactivate_unused_widgetsadmin\class-hfe-addons-actions.php:64

authwp_ajax_save_theme_compatibility_optionadmin\class-hfe-addons-actions.php:66

authwp_ajax_save_analytics_optionadmin\class-hfe-addons-actions.php:67

authwp_ajax_update_permalink_notice_optionadmin\class-hfe-addons-actions.php:69

authwp_ajax_hfe_flush_permalink_noticeadmin\class-hfe-addons-actions.php:70

authwp_ajax_hfe_dismiss_upgrade_noticeadmin\class-hfe-addons-actions.php:72

REST API Routes 5

GET/wp-json/hfe/v1/widgetsinc\settings\hfe-settings-api.php:61

GET/wp-json/hfe/v1/pluginsinc\settings\hfe-settings-api.php:71

GET/wp-json/hfe/v1/templatesinc\settings\hfe-settings-api.php:81

POST/wp-json/hfe/v1/email-webhookinc\settings\hfe-settings-api.php:91

GET/wp-json/hfe/v1/recommended-pluginsinc\settings\hfe-settings-api.php:101

Shortcodes 3

[hfe_template] inc\class-header-footer-elementor.php:150

[hfe_current_year] inc\widgets-manager\widgets\copyright\copyright-shortcode.php:30

[hfe_site_title] inc\widgets-manager\widgets\copyright\copyright-shortcode.php:31

WordPress Hooks 207

actioninitadmin\bsf-analytics\class-bsf-analytics-loader.php:68

actionadmin_initadmin\bsf-analytics\class-bsf-analytics.php:58

actionadmin_initadmin\bsf-analytics\class-bsf-analytics.php:59

actioninitadmin\bsf-analytics\class-bsf-analytics.php:60

actionadmin_initadmin\bsf-analytics\class-bsf-analytics.php:64

filteruds_survey_varsadmin\bsf-analytics\class-bsf-analytics.php:84

actionadmin_footeradmin\bsf-analytics\class-bsf-analytics.php:85

actionadmin_enqueue_scriptsadmin\bsf-analytics\modules\deactivation-survey\classes\class-deactivation-survey-feedback.php:53

actionshutdownadmin\class-hfe-addons-actions.php:156

actionshutdownadmin\class-hfe-addons-actions.php:206

actionelementor/initadmin\class-hfe-admin.php:44

actionelementor/editor/after_enqueue_stylesadmin\class-hfe-admin.php:57

actionadmin_headadmin\class-hfe-admin.php:58

actionelementor/editor/before_enqueue_scriptsadmin\class-hfe-admin.php:59

actioninitadmin\class-hfe-admin.php:120

actionadmin_menuadmin\class-hfe-admin.php:122

actionadd_meta_boxesadmin\class-hfe-admin.php:130

actionsave_postadmin\class-hfe-admin.php:131

actionadmin_noticesadmin\class-hfe-admin.php:132

actiontemplate_redirectadmin\class-hfe-admin.php:133

filtersingle_templateadmin\class-hfe-admin.php:134

filtermanage_elementor-hf_posts_columnsadmin\class-hfe-admin.php:135

actionmanage_elementor-hf_posts_custom_columnadmin\class-hfe-admin.php:136

actionelementor/editor/footeradmin\class-hfe-admin.php:138

actionadmin_noticesadmin\class-hfe-admin.php:141

actionall_admin_noticesadmin\class-hfe-admin.php:142

actionmanage_elementor-hf_posts_custom_columnadmin\class-hfe-admin.php:145

filtermanage_elementor-hf_posts_columnsadmin\class-hfe-admin.php:146

actionelementor/editor/footeradmin\class-hfe-admin.php:149

actionelementor/editor/before_enqueue_scriptsadmin\class-hfe-admin.php:150

actionelementor/editor/before_enqueue_stylesadmin\class-hfe-admin.php:151

actionelementor/editor/before_enqueue_scriptsadmin\class-hfe-admin.php:153

actioninitadmin\class-hfe-admin.php:155

actionhfe_widgets_usage_cronadmin\class-hfe-admin.php:156

actionplugins_loadedheader-footer-elementor.php:66

actionwp_enqueue_scriptsheader-footer-elementor.php:133

actionadmin_initinc\class-header-footer-elementor.php:71

actioninitinc\class-header-footer-elementor.php:73

filterelementor/admin-top-bar/is-activeinc\class-header-footer-elementor.php:75

actioncurrent_screeninc\class-header-footer-elementor.php:88

actionin_admin_headerinc\class-header-footer-elementor.php:93

filterhfe_settings_tabsinc\class-header-footer-elementor.php:128

actioninitinc\class-header-footer-elementor.php:129

actioninitinc\class-header-footer-elementor.php:134

actionadmin_initinc\class-header-footer-elementor.php:137

filterastra_menu_priorityinc\class-header-footer-elementor.php:141

actionwp_enqueue_scriptsinc\class-header-footer-elementor.php:143

actionadmin_enqueue_scriptsinc\class-header-footer-elementor.php:145

filterbody_classinc\class-header-footer-elementor.php:147

actionswitch_themeinc\class-header-footer-elementor.php:148

actionwp_footerinc\class-header-footer-elementor.php:154

actionadmin_noticesinc\class-header-footer-elementor.php:334

actionnetwork_admin_noticesinc\class-header-footer-elementor.php:335

actionadmin_noticesinc\class-header-footer-elementor.php:340

actionnetwork_admin_noticesinc\class-header-footer-elementor.php:341

actionadmin_initinc\class-hfe-analytics.php:34

filterbsf_core_statsinc\class-hfe-analytics.php:66

actionwpinc\class-hfe-elementor-canvas-compat.php:29

actionelementor/page_templates/canvas/before_contentinc\class-hfe-elementor-canvas-compat.php:45

actionwp_headinc\class-hfe-elementor-canvas-compat.php:47

actionelementor/page_templates/canvas/after_contentinc\class-hfe-elementor-canvas-compat.php:55

actionwp_footerinc\class-hfe-elementor-canvas-compat.php:57

actionelementor/page_templates/canvas/after_contentinc\class-hfe-elementor-canvas-compat.php:68

actionrest_api_initinc\class-hfe-learn-api.php:41

actionadmin_post_uae_create_header_elementorinc\class-hfe-learn-api.php:44

actionadmin_post_uae_edit_header_elementorinc\class-hfe-learn-api.php:45

actionadmin_post_uae_create_footer_elementorinc\class-hfe-learn-api.php:48

actionadmin_post_uae_edit_footer_elementorinc\class-hfe-learn-api.php:49

actionadmin_post_uae_create_page_elementorinc\class-hfe-learn-api.php:52

actionadmin_post_uae_open_extensioninc\class-hfe-learn-api.php:54

actionadmin_post_uae_enable_duplicatorinc\class-hfe-learn-api.php:55

actionelementor/editor/after_enqueue_scriptsinc\class-hfe-learn-api.php:56

actionelementor/editor/after_enqueue_scriptsinc\class-hfe-learn-api.php:57

actionadmin_initinc\class-hfe-post-duplicator.php:71

actionadmin_action_hfe_duplicate_postinc\class-hfe-post-duplicator.php:74

actionadmin_noticesinc\class-hfe-post-duplicator.php:77

actionadmin_enqueue_scriptsinc\class-hfe-post-duplicator.php:80

actionelementor/element/section/section_background/after_section_endinc\class-hfe-promotion.php:38

actionelementor/element/column/section_style/after_section_endinc\class-hfe-promotion.php:39

actionelementor/element/container/section_background/after_section_endinc\class-hfe-promotion.php:40

actionelementor/element/section/section_advanced/after_section_endinc\class-hfe-promotion.php:43

actionelementor/element/column/section_advanced/after_section_endinc\class-hfe-promotion.php:44

actionelementor/element/container/section_layout/after_section_endinc\class-hfe-promotion.php:45

actionelementor/element/common/_section_style/after_section_endinc\class-hfe-promotion.php:46

actionelementor/element/section/section_advanced/after_section_endinc\class-hfe-promotion.php:49

actionelementor/element/column/section_advanced/after_section_endinc\class-hfe-promotion.php:50

actionelementor/element/container/section_layout/after_section_endinc\class-hfe-promotion.php:51

actionelementor/element/common/_section_style/after_section_endinc\class-hfe-promotion.php:52

actionelementor/element/section/section_advanced/after_section_endinc\class-hfe-promotion.php:55

actionelementor/element/container/section_layout/after_section_endinc\class-hfe-promotion.php:56

actionadmin_post_uaelite_rollbackinc\class-hfe-settings-page.php:39

actionadmin_headinc\class-hfe-settings-page.php:41

actionadmin_headinc\class-hfe-settings-page.php:43

actionadmin_headinc\class-hfe-settings-page.php:44

actionadmin_headinc\class-hfe-settings-page.php:45

actionadmin_menuinc\class-hfe-settings-page.php:49

actionadmin_menuinc\class-hfe-settings-page.php:51

actionadmin_footerinc\class-hfe-settings-page.php:52

actionadmin_footer_textinc\class-hfe-settings-page.php:55

actionadmin_initinc\class-hfe-settings-page.php:56

filterviews_edit-elementor-hfinc\class-hfe-settings-page.php:57

actionadmin_enqueue_scriptsinc\class-hfe-settings-page.php:60

filterplugin_row_metainc\class-hfe-settings-page.php:63

filterwp_check_filetype_and_extinc\class-hfe-settings-page.php:66

filterwp_check_filetype_and_extinc\class-hfe-settings-page.php:68

actionhfe_render_admin_page_contentinc\class-hfe-settings-page.php:72

actionadmin_footerinc\class-hfe-settings-page.php:76

actionadmin_initinc\class-hfe-update.php:42

actionwpinc\class-hfe-update.php:44

filterhfe_get_settings_type_headerinc\compatibility\class-hfe-wpml-compatibility.php:47

filterhfe_get_settings_type_footerinc\compatibility\class-hfe-wpml-compatibility.php:48

filterhfe_get_settings_type_before_footerinc\compatibility\class-hfe-wpml-compatibility.php:49

filterhfe_render_template_idinc\compatibility\class-hfe-wpml-compatibility.php:50

actionrest_api_initinc\settings\hfe-settings-api.php:50

actionelementor/widgets/registerinc\widgets-manager\base\module-base.php:87

actionelementor/initinc\widgets-manager\class-extensions-loader.php:54

actionelementor/initinc\widgets-manager\class-widgets-loader.php:124

actionelementor/elements/categories_registeredinc\widgets-manager\class-widgets-loader.php:127

actionelementor/frontend/after_register_scriptsinc\widgets-manager\class-widgets-loader.php:130

filterelementor/editor/localize_settingsinc\widgets-manager\class-widgets-loader.php:133

filterwoocommerce_add_to_cart_fragmentsinc\widgets-manager\class-widgets-loader.php:138

actionelementor/kit/register_tabsinc\widgets-manager\extensions\class-reading-progress-bar.php:46

actionelementor/documents/register_controlsinc\widgets-manager\extensions\class-reading-progress-bar.php:47

actionwp_footerinc\widgets-manager\extensions\class-reading-progress-bar.php:49

actionwp_enqueue_scriptsinc\widgets-manager\extensions\class-reading-progress-bar.php:50

actionelementor/kit/register_tabsinc\widgets-manager\extensions\class-scroll-to-top.php:55

actionelementor/documents/register_controlsinc\widgets-manager\extensions\class-scroll-to-top.php:56

actionwp_footerinc\widgets-manager\extensions\class-scroll-to-top.php:58

actionwp_enqueue_scriptsinc\widgets-manager\extensions\class-scroll-to-top.php:61

filterhfe_nav_menu_attrsinc\widgets-manager\widgets\navigation-menu\navigation-menu.php:1956

filternav_menu_li_valuesinc\widgets-manager\widgets\navigation-menu\navigation-menu.php:1957

actionwpthemes\astra\class-hfe-astra-compat.php:29

actiontemplate_redirectthemes\astra\class-hfe-astra-compat.php:42

actionastra_headerthemes\astra\class-hfe-astra-compat.php:43

actiontemplate_redirectthemes\astra\class-hfe-astra-compat.php:47

actionastra_footerthemes\astra\class-hfe-astra-compat.php:48

actionastra_footer_beforethemes\astra\class-hfe-astra-compat.php:52

actionwpthemes\bb-theme\class-hfe-bb-theme-compat.php:32

filterfl_header_enabledthemes\bb-theme\class-hfe-bb-theme-compat.php:46

actionfl_before_headerthemes\bb-theme\class-hfe-bb-theme-compat.php:47

actionfl_after_contentthemes\bb-theme\class-hfe-bb-theme-compat.php:51

filterfl_footer_enabledthemes\bb-theme\class-hfe-bb-theme-compat.php:55

actionfl_after_contentthemes\bb-theme\class-hfe-bb-theme-compat.php:56

actionwpthemes\blocksy\class-hfe-blocksy-compat.php:31

actiontemplate_redirectthemes\blocksy\class-hfe-blocksy-compat.php:45

filterblocksy:builder:header:enabledthemes\blocksy\class-hfe-blocksy-compat.php:46

actiontemplate_redirectthemes\blocksy\class-hfe-blocksy-compat.php:50

filterblocksy:builder:footer:enabledthemes\blocksy\class-hfe-blocksy-compat.php:51

actionblocksy:footer:beforethemes\blocksy\class-hfe-blocksy-compat.php:55

filterblocksy:builder:header:enabledthemes\blocksy\class-hfe-blocksy-compat.php:66

actionblocksy:header:beforethemes\blocksy\class-hfe-blocksy-compat.php:69

filterblocksy:builder:footer:enabledthemes\blocksy\class-hfe-blocksy-compat.php:79

actionblocksy:footer:beforethemes\blocksy\class-hfe-blocksy-compat.php:82

actionwpthemes\default\class-global-theme-compatibility.php:19

actionget_headerthemes\default\class-global-theme-compatibility.php:31

actionwp_body_openthemes\default\class-global-theme-compatibility.php:33

actionhfe_fallback_headerthemes\default\class-global-theme-compatibility.php:34

actionwp_footerthemes\default\class-global-theme-compatibility.php:38

actionwp_footerthemes\default\class-global-theme-compatibility.php:42

actionwp_enqueue_scriptsthemes\default\class-global-theme-compatibility.php:46

actionwpthemes\default\class-hfe-default-compat.php:19

actionget_headerthemes\default\class-hfe-default-compat.php:33

actionhfe_headerthemes\default\class-hfe-default-compat.php:36

actionget_footerthemes\default\class-hfe-default-compat.php:41

actionhfe_footerthemes\default\class-hfe-default-compat.php:46

actionhfe_footer_beforethemes\default\class-hfe-default-compat.php:50

actionwpthemes\generatepress\class-hfe-generatepress-compat.php:32

actiontemplate_redirectthemes\generatepress\class-hfe-generatepress-compat.php:46

actiongenerate_headerthemes\generatepress\class-hfe-generatepress-compat.php:47

actiongenerate_footerthemes\generatepress\class-hfe-generatepress-compat.php:51

actiontemplate_redirectthemes\generatepress\class-hfe-generatepress-compat.php:55

actiongenerate_footerthemes\generatepress\class-hfe-generatepress-compat.php:56

actionwpthemes\genesis\class-hfe-genesis-compat.php:29

actiontemplate_redirectthemes\genesis\class-hfe-genesis-compat.php:42

actiongenesis_headerthemes\genesis\class-hfe-genesis-compat.php:43

actiongenesis_headerthemes\genesis\class-hfe-genesis-compat.php:44

actiongenesis_headerthemes\genesis\class-hfe-genesis-compat.php:45

actiongenesis_footerthemes\genesis\class-hfe-genesis-compat.php:49

actiontemplate_redirectthemes\genesis\class-hfe-genesis-compat.php:53

actiongenesis_footerthemes\genesis\class-hfe-genesis-compat.php:54

actiongenesis_footerthemes\genesis\class-hfe-genesis-compat.php:55

actiongenesis_footerthemes\genesis\class-hfe-genesis-compat.php:56

actionwpthemes\kadence\class-hfe-kadence-compat.php:31

actiontemplate_redirectthemes\kadence\class-hfe-kadence-compat.php:45

actionkadence_headerthemes\kadence\class-hfe-kadence-compat.php:46

actiontemplate_redirectthemes\kadence\class-hfe-kadence-compat.php:50

actionkadence_footerthemes\kadence\class-hfe-kadence-compat.php:51

actionkadence_before_footerthemes\kadence\class-hfe-kadence-compat.php:55

actionwpthemes\neve\class-hfe-neve-compat.php:31

actiontemplate_redirectthemes\neve\class-hfe-neve-compat.php:45

actiontemplate_redirectthemes\neve\class-hfe-neve-compat.php:49

actionneve_before_footer_hookthemes\neve\class-hfe-neve-compat.php:53

actionneve_do_headerthemes\neve\class-hfe-neve-compat.php:68

actionneve_do_footerthemes\neve\class-hfe-neve-compat.php:81

actionwpthemes\oceanwp\class-hfe-oceanwp-compat.php:27

actiontemplate_redirectthemes\oceanwp\class-hfe-oceanwp-compat.php:38

actionocean_headerthemes\oceanwp\class-hfe-oceanwp-compat.php:39

actionocean_footerthemes\oceanwp\class-hfe-oceanwp-compat.php:43

actiontemplate_redirectthemes\oceanwp\class-hfe-oceanwp-compat.php:47

actionocean_footerthemes\oceanwp\class-hfe-oceanwp-compat.php:48

actionwpthemes\storefront\class-hfe-storefront-compat.php:30

actiontemplate_redirectthemes\storefront\class-hfe-storefront-compat.php:44

actionstorefront_before_headerthemes\storefront\class-hfe-storefront-compat.php:45

actiontemplate_redirectthemes\storefront\class-hfe-storefront-compat.php:49

actionstorefront_after_footerthemes\storefront\class-hfe-storefront-compat.php:50

actionstorefront_before_footerthemes\storefront\class-hfe-storefront-compat.php:54

actionwp_enqueue_scriptsthemes\storefront\class-hfe-storefront-compat.php:58

Scheduled Events 1

hfe_widgets_usage_cron

Maintenance & Trust

Ultimate Addons for Elementor Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 11, 2026

PHP min version7.4

Downloads63.1M

Community Trust

Rating98/100

Number of ratings2,510

Active installs2.0M

Alternatives

Ultimate Addons for Elementor Alternatives

Royal Addons for Elementor – Addons and Templates Kit for Elementor

royal-elementor-addons

Elementor templates, Header footer builder, Elementor Post Grid, Woocommerce Grid builder, Slider, Forms, Gallery, Nav menu addons, Elementor widgets.

600K 1 unpatched

Spexo Addons for Elementor – Elementor Widgets, WooCommerce Builder, Mega Menu and Starter Templates for Elementor

sastra-essential-addons-for-elementor

Advanced Elementor addons plugin with widgets, WooCommerce builders, mega menu, template kits and extensions for faster WordPress website design.

4K 3 CVEs

Turbo Addons Elementor

turbo-addons-elementor

Turbo Addons for Elementor offers advanced widgets to enhance Elementor, helping you create professional, interactive websites easily and quickly.

1K 1 CVE

ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor

elementskit-lite

Join millions who empower their websites with ElementsKit Elementor Addons. Get templates, & 100+ widgets like header-footer, mega menu, custom widget

2.0M 21 CVEs

Essential Addons for Elementor – Popular Elementor Templates & Widgets

essential-addons-for-elementor-lite

Elementor addon offering 110+ widgets and templates — Elementor Gallery, Slider, Form, Post Grid, Menu, Accordion, WooCommerce & more.

2.0M 56 CVEs

Developer Profile

Ultimate Addons for Elementor Developer Profile

Brainstorm Force

32 plugins · 8.6M total installs

trust score

Avg Security Score

98/100

Avg Patch Time

196 days

View full developer profile

Detection Fingerprints

How We Detect Ultimate Addons for Elementor

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/header-footer-elementor/assets/css/frontend.min.css/wp-content/plugins/header-footer-elementor/assets/js/frontend.min.js/wp-content/plugins/header-footer-elementor/assets/js/admin-scripts.js/wp-content/plugins/header-footer-elementor/assets/js/elementor-patch.js/wp-content/plugins/header-footer-elementor/assets/css/editor.min.css/wp-content/plugins/header-footer-elementor/assets/js/editor.min.js/wp-content/plugins/header-footer-elementor/assets/css/responsive-tab.css/wp-content/plugins/header-footer-elementor/assets/css/color-scheme.css+2 more

Script Paths

/wp-content/plugins/header-footer-elementor/assets/js/frontend.min.js/wp-content/plugins/header-footer-elementor/assets/js/admin-scripts.js/wp-content/plugins/header-footer-elementor/assets/js/elementor-patch.js/wp-content/plugins/header-footer-elementor/assets/js/editor.min.js/wp-content/plugins/header-footer-elementor/inc/custom-izer/assets/js/customizer-preview.js

Version Parameters

/wp-content/plugins/header-footer-elementor/assets/css/frontend.min.css?ver=/wp-content/plugins/header-footer-elementor/assets/js/frontend.min.js?ver=/wp-content/plugins/header-footer-elementor/assets/js/admin-scripts.js?ver=/wp-content/plugins/header-footer-elementor/assets/js/elementor-patch.js?ver=/wp-content/plugins/header-footer-elementor/assets/css/editor.min.css?ver=/wp-content/plugins/header-footer-elementor/assets/js/editor.min.js?ver=/wp-content/plugins/header-footer-elementor/assets/css/responsive-tab.css?ver=/wp-content/plugins/header-footer-elementor/assets/css/color-scheme.css?ver=/wp-content/plugins/header-footer-elementor/inc/custom-izer/assets/css/customizer-preview.css?ver=/wp-content/plugins/header-footer-elementor/inc/custom-izer/assets/js/customizer-preview.js?ver=

HTML / DOM Fingerprints

CSS Classes

hfe-site-layout-mainhfe-site-layout-wraphfe-site-headerhfe-site-footerhfe-content-wrapperhfe-layout-mainhfe-site-title-wraphfe-header-logo-wrap+50 more

HTML Comments

+4 more

Data Attributes

data-hfe-id

JS Globals

hfe_params

FAQ