Does PDF Shortcodes Ultimate have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is PDF Shortcodes Ultimate compatible with WordPress 4.8.28?

According to WordPress.org data, PDF Shortcodes Ultimate 1.0.0 has been tested up to WordPress 4.8.28. Check the plugin's changelog for the latest compatibility information.

How often is PDF Shortcodes Ultimate updated?

PDF Shortcodes Ultimate was last updated on Sep 28, 2017. Frequent updates are generally a positive security signal.

What is PDF Shortcodes Ultimate's security score?

PDF Shortcodes Ultimate has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

PDF Shortcodes Ultimate Security & Risk Analysis

wordpress.org/plugins/pdf-shortcodes-ultimate

Embed PDF documents in your article or page with this "PDF" shortcode for Shortcodes Ultimate.

30 active installs v1.0.0 PHP + WP 3.9+ Updated Sep 28, 2017

embedpdfpdf-viewershortcodes-ultimatesu_pdf

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is PDF Shortcodes Ultimate Safe to Use in 2026?

Generally Safe

Score 85/100

PDF Shortcodes Ultimate has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

The "pdf-shortcodes-ultimate" v1.0.0 plugin exhibits a strong security posture based on the provided static analysis. The absence of any AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the plugin's attack surface, with zero identified entry points. The code signals are also overwhelmingly positive, with no dangerous functions, file operations, or external HTTP requests. SQL queries are all prepared, and output escaping is generally well-handled, with only 10% of outputs requiring closer scrutiny. Taint analysis shows flows with unsanitized paths, but critically, these did not result in any high or critical severity issues. The plugin's vulnerability history is clean, with no recorded CVEs, suggesting a history of secure development. Despite the concerning taint flow findings indicating potential for insecure path handling, the lack of exploitable consequences in this version, coupled with the minimal attack surface and strong adherence to secure coding practices in other areas, leads to a favorable overall assessment. The potential for unsanitized paths remains a minor concern that warrants attention in future development.

Key Concerns

Flows with unsanitized paths found
10% of outputs not properly escaped

Vulnerabilities

None known

PDF Shortcodes Ultimate Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

PDF Shortcodes Ultimate Release Timeline

No version history available.

Code Analysis

Analyzed Mar 16, 2026

PDF Shortcodes Ultimate Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

19 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

90% escaped21 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

settings_page (includes\class-pdf-shortcodes-ultimate-settings.php:332)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

PDF Shortcodes Ultimate Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actioninitincludes\class-pdf-shortcodes-ultimate-settings.php:62

actionadmin_initincludes\class-pdf-shortcodes-ultimate-settings.php:65

actionadmin_menuincludes\class-pdf-shortcodes-ultimate-settings.php:68

filtersu/data/shortcodesincludes\class-pdf-shortcodes-ultimate.php:121

actionadmin_noticesincludes\class-pdf-shortcodes-ultimate.php:141

actioninitincludes\class-pdf-shortcodes-ultimate.php:147

Maintenance & Trust

PDF Shortcodes Ultimate Maintenance & Trust

Maintenance Signals

WordPress version tested4.8.28

Last updatedSep 28, 2017

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs30

Alternatives

PDF Shortcodes Ultimate Alternatives

PDF Embedder

pdf-embedder

100

Seamlessly embed PDFs into your content, with customizations and intelligent responsive resizing, and no third-party services or iframes.

300K 1 CVE

Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files

embed-any-document

Embed PDF, DOC, PPT and XLS documents easily on your WordPress website with the help of Google Docs Viewer or Microsoft Office Online.

50K 4 CVEs

PDF Poster – Display PDF Files with Custom Viewer

pdf-poster

PDF Poster lets you embed PDF files in WordPress using a responsive viewer and block support, including full-screen, download, and print options.

20K 3 CVEs

Real 3D Flipbook – 3D FlipBook, PDF FlipBook, PDF Viewer, PDF Embedder

real3d-flipbook-lite

Embed PDF files easily anywhere on your website. Display your PDFs and images as stunning, interactive 3D flipbooks directly within WordPress.

10K 5 CVEs

Wonder PDF Embed

wonderplugin-pdf-embed

100

Embed PDF to your WordPress website by using Mozilla's PDF.js

9K 1 CVE

Developer Profile

PDF Shortcodes Ultimate Developer Profile

Open-DSI

5 plugins · 150 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect PDF Shortcodes Ultimate

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/pdf-shortcodes-ultimate/assets/js/settings.js

Script Paths