WP-Safety

TCI Ultimate Element Themes Security & Risk Analysis

wordpress.org/plugins/tci-ultimate-element-themes

TCI Ultimate Element Themes is a flexible, open-source themes solution built on WordPress. Create any theme, anywhere and make your way.

10 active installs v1.0 PHP 7.0+ WP 5.5+ Updated Oct 9, 2020
addonscustom-cssdynamic-tagselementorwoocommerce
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is TCI Ultimate Element Themes Safe to Use in 2026?

Generally Safe

Score 85/100

TCI Ultimate Element Themes has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago
Risk Assessment

The tci-ultimate-element-themes plugin v1.0 exhibits a mixed security posture. While it demonstrates good practices in preventing raw SQL queries and a complete absence of known CVEs and bundled libraries, significant concerns arise from its attack surface and output sanitization. The presence of two unprotected AJAX handlers presents a direct pathway for potential exploits if they can be triggered by unauthenticated users. Furthermore, the low percentage of properly escaped output suggests a risk of Cross-Site Scripting (XSS) vulnerabilities, especially if the unsanitized paths identified in taint analysis interact with these output points.

The lack of any historical vulnerabilities is a positive indicator, suggesting the developers may have a history of producing secure code or that the plugin hasn't been extensively targeted or audited in the past. However, this doesn't negate the immediate risks identified in the static analysis. The combination of an exposed attack surface and insufficient output escaping creates a tangible risk. The plugin's strengths lie in its SQL sanitization and clean vulnerability history, but these are overshadowed by immediate concerns regarding unauthenticated entry points and potential XSS.

Key Concerns

  • Unprotected AJAX handlers found
  • Low percentage of properly escaped output
  • Flows with unsanitized paths found
Vulnerabilities
None known

TCI Ultimate Element Themes Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

TCI Ultimate Element Themes Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
20 prepared
Unescaped Output
233
131 escaped
Nonce Checks
2
Capability Checks
2
File Operations
0
External Requests
3
Bundled Libraries
0

Dangerous Functions Found

unserialize$data[ $result->form_id ] = unserialize( $result->config )['name'];inc\tci-uet-functions.php:588

SQL Query Safety

100% prepared20 total queries

Output Escaping

36% escaped364 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

6 flows2 with unsanitized paths
tci_uet_facebook_sdk_validate_sdk (classes\tci-uet-modules\tci-uet-social\tci-uet-facebook-sdk\class-tci-uet-facebook-sdk.php:128)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

TCI Ultimate Element Themes Attack Surface

Entry Points3
Unprotected2

AJAX Handlers 3

authwp_ajax_tci_uet_ajaxclasses\class-tci-uet-ajax.php:40
noprivwp_ajax_tci_uet_ajaxclasses\class-tci-uet-ajax.php:41
authwp_ajax_elementor_pro_admin_fetch_fontsclasses\tci-uet-modules\tci-uet-custom-fonts\custom-fonts\class-tci-typekit-fonts.php:244
WordPress Hooks 90
actionelementor/widgets/widgets_registeredclasses\class-tci-uet-elementor-init.php:25
actioninitclasses\class-tci-uet-init.php:20
actionwp_enqueue_scriptsclasses\tci-uet-enqueue\class-tci-uet-enqueue-base.php:21
actionwp_enqueue_scriptsclasses\tci-uet-enqueue\class-tci-uet-enqueue-base.php:22
actionadmin_enqueue_scriptsclasses\tci-uet-enqueue\class-tci-uet-enqueue-base.php:23
actionelementor/editor/before_enqueue_scriptsclasses\tci-uet-enqueue\class-tci-uet-enqueue-base.php:24
actionelementor/editor/before_enqueue_scriptsclasses\tci-uet-enqueue\class-tci-uet-enqueue-base.php:25
actionelementor/editor/before_enqueue_scriptsclasses\tci-uet-enqueue\class-tci-uet-enqueue-base.php:26
actionelementor/preview/enqueue_stylesclasses\tci-uet-enqueue\class-tci-uet-enqueue-base.php:27
actionwp_headclasses\tci-uet-enqueue\class-tci-uet-enqueue-base.php:28
actionwp_enqueue_scriptsclasses\tci-uet-enqueue\class-tci-uet-enqueue-base.php:29
actionelementor/editor/before_enqueue_scriptsclasses\tci-uet-enqueue\class-tci-uet-enqueue-base.php:30
actionwp_enqueue_scriptsclasses\tci-uet-enqueue\class-tci-uet-enqueue-base.php:34
actionwidgets_initclasses\tci-uet-modules\class-tci-uet-modules.php:54
actionadmin_initclasses\tci-uet-modules\class-tci-uet-modules.php:55
actionadmin_initclasses\tci-uet-modules\class-tci-uet-modules.php:80
actionelementor/elements/categories_registeredclasses\tci-uet-modules\tci-uet-categories\class-tci-uet-categories.php:23
actionelementor/element/after_section_endclasses\tci-uet-modules\tci-uet-custom-attributes\class-tci-uet-custom-attributes.php:166
actionelementor/element/after_add_attributesclasses\tci-uet-modules\tci-uet-custom-attributes\class-tci-uet-custom-attributes.php:167
actionelementor/element/after_section_endclasses\tci-uet-modules\tci-uet-custom-css\class-tci-uet-custom-css.php:31
actionelementor/element/parse_cssclasses\tci-uet-modules\tci-uet-custom-css\class-tci-uet-custom-css.php:32
actionelementor/post-css-file/parseclasses\tci-uet-modules\tci-uet-custom-css\class-tci-uet-custom-css.php:33
actionelementor/editor/after_enqueue_scriptsclasses\tci-uet-modules\tci-uet-custom-css\class-tci-uet-custom-css.php:34
filterposts_fieldsclasses\tci-uet-modules\tci-uet-custom-fonts\custom-fonts\class-tci-custom-fonts.php:273
filterwp_check_filetype_and_extclasses\tci-uet-modules\tci-uet-custom-fonts\custom-fonts\class-tci-custom-fonts.php:408
filterupload_mimesclasses\tci-uet-modules\tci-uet-custom-fonts\custom-fonts\class-tci-custom-fonts.php:409
filtermonths_dropdown_resultsclasses\tci-uet-modules\tci-uet-custom-fonts\custom-fonts\class-tci-fonts-manager.php:249
filterdisplay_post_statesclasses\tci-uet-modules\tci-uet-custom-fonts\custom-fonts\class-tci-fonts-manager.php:251
filterscreen_options_show_screenclasses\tci-uet-modules\tci-uet-custom-fonts\custom-fonts\class-tci-fonts-manager.php:252
actioninitclasses\tci-uet-modules\tci-uet-custom-fonts\custom-fonts\class-tci-fonts-manager.php:507
actioninitclasses\tci-uet-modules\tci-uet-custom-fonts\custom-fonts\class-tci-fonts-manager.php:510
actionadmin_menuclasses\tci-uet-modules\tci-uet-custom-fonts\custom-fonts\class-tci-fonts-manager.php:511
actionadmin_headclasses\tci-uet-modules\tci-uet-custom-fonts\custom-fonts\class-tci-fonts-manager.php:512
filterpost_row_actionsclasses\tci-uet-modules\tci-uet-custom-fonts\custom-fonts\class-tci-fonts-manager.php:515
filterelementor/fonts/groupsclasses\tci-uet-modules\tci-uet-custom-fonts\custom-fonts\class-tci-fonts-manager.php:520
filterelementor/fonts/additional_fontsclasses\tci-uet-modules\tci-uet-custom-fonts\custom-fonts\class-tci-fonts-manager.php:521
filterelementor/finder/categoriesclasses\tci-uet-modules\tci-uet-custom-fonts\custom-fonts\class-tci-fonts-manager.php:522
actionelementor/css-file/post/parseclasses\tci-uet-modules\tci-uet-custom-fonts\custom-fonts\class-tci-fonts-manager.php:523
actionelementor/css-file/global/parseclasses\tci-uet-modules\tci-uet-custom-fonts\custom-fonts\class-tci-fonts-manager.php:524
filterpost_updated_messagesclasses\tci-uet-modules\tci-uet-custom-fonts\custom-fonts\class-tci-fonts-manager.php:525
filterenter_title_hereclasses\tci-uet-modules\tci-uet-custom-fonts\custom-fonts\class-tci-fonts-manager.php:526
actionelementor/ajax/register_actionsclasses\tci-uet-modules\tci-uet-custom-fonts\custom-fonts\class-tci-fonts-manager.php:529
filterelementor/fonts/additional_fontsclasses\tci-uet-modules\tci-uet-custom-fonts\custom-fonts\class-tci-typekit-fonts.php:242
actionelementor/dynamic_tags/register_tagsclasses\tci-uet-modules\tci-uet-dynamic\class-tci-uet-dynamic.php:80
actionelementor/documents/registerclasses\tci-uet-modules\tci-uet-global\class-tci-uet-global.php:243
actionelementor/template-library/after_save_templateclasses\tci-uet-modules\tci-uet-global\class-tci-uet-global.php:244
actionelementor/template-library/after_update_templateclasses\tci-uet-modules\tci-uet-global\class-tci-uet-global.php:248
actionelementor/editor/initclasses\tci-uet-modules\tci-uet-global\class-tci-uet-global.php:249
actionelementor/editor/after_saveclasses\tci-uet-modules\tci-uet-global\class-tci-uet-global.php:250
filtertci_uet/backend/localizeclasses\tci-uet-modules\tci-uet-global\class-tci-uet-global.php:252
filterelementor/template-library/get_templateclasses\tci-uet-modules\tci-uet-global\class-tci-uet-global.php:253
filterelementor/element/get_child_typeclasses\tci-uet-modules\tci-uet-global\class-tci-uet-global.php:254
filterelementor/utils/is_post_type_supportclasses\tci-uet-modules\tci-uet-global\class-tci-uet-global.php:255
filteruser_has_capclasses\tci-uet-modules\tci-uet-global\class-tci-uet-global.php:256
filterelementor/template_library/is_template_supports_exportclasses\tci-uet-modules\tci-uet-global\class-tci-uet-global.php:258
actiontemplate_redirectclasses\tci-uet-modules\tci-uet-page-extend\class-tci-uet-page-extend.php:31
actionelementor/element/wp-post/section_page_style/after_section_endclasses\tci-uet-modules\tci-uet-page-extend\class-tci-uet-page-extend.php:32
filterbody_classclasses\tci-uet-modules\tci-uet-page-extend\class-tci-uet-page-extend.php:439
actionelementor/ajax/register_actionsclasses\tci-uet-modules\tci-uet-query-control\class-tci-uet-query-control.php:453
actionelementor/controls/controls_registeredclasses\tci-uet-modules\tci-uet-query-control\class-tci-uet-query-control.php:454
actionpre_get_postsclasses\tci-uet-modules\tci-uet-query-control\class-tci-uet-query-control.php:459
filterfound_postsclasses\tci-uet-modules\tci-uet-query-control\class-tci-uet-query-control.php:460
actionpre_get_postsclasses\tci-uet-modules\tci-uet-query-control\classes\elementor-post-query.php:55
actionpre_get_postsclasses\tci-uet-modules\tci-uet-query-control\classes\elementor-post-query.php:59
filterfound_postsclasses\tci-uet-modules\tci-uet-query-control\classes\elementor-post-query.php:60
actionelementor/role/restrictions/controlsclasses\tci-uet-modules\tci-uet-role-manager\class-tci-uet-role-manager.php:44
filterelementor/editor/user/restrictionsclasses\tci-uet-modules\tci-uet-role-manager\class-tci-uet-role-manager.php:49
actionwp_headclasses\tci-uet-modules\tci-uet-social\tci-uet-facebook-sdk\class-tci-uet-facebook-sdk.php:23
filtertci_uet/frontend/localizeclasses\tci-uet-modules\tci-uet-social\tci-uet-facebook-sdk\class-tci-uet-facebook-sdk.php:24
actionelementor/element/section/section_effects/after_section_startclasses\tci-uet-modules\tci-uet-sticky\class-tci-sticky.php:122
actionelementor/element/common/section_effects/after_section_startclasses\tci-uet-modules\tci-uet-sticky\class-tci-sticky.php:123
actionelementor/editor/initclasses\tci-uet-modules\tci-uet-template\class-tci-uet-template.php:25
filtertci_uet/backend/localizeclasses\tci-uet-modules\tci-uet-template\class-tci-uet-template.php:26
actionelementor/documents/registerclasses\tci-uet-modules\tci-uet-theme-builder\class-tci-uet-theme-builder.php:14
actionelementor/page_templates/canvas/before_contentclasses\tci-uet-modules\tci-uet-theme-builder\class-tci-uet-theme-builder.php:15
actionelementor/page_templates/canvas/after_contentclasses\tci-uet-modules\tci-uet-theme-builder\class-tci-uet-theme-builder.php:16
filterelementor/frontend/builder_content_dataclasses\tci-uet-modules\tci-uet-wp-widget\class-tci-uet-wp-widget.php:61
actionwoocommerce_cart_is_emptyclasses\tci-uet-widgets\not-ready\class-tci-uet-cart.php:913
filterwoocommerce_cart_item_remove_linkclasses\tci-uet-widgets\not-ready\class-tci-uet-cart.php:916
filterwoocommerce_cart_item_thumbnailclasses\tci-uet-widgets\not-ready\class-tci-uet-cart.php:920
filterwoocommerce_cart_item_nameclasses\tci-uet-widgets\not-ready\class-tci-uet-cart.php:924
filterwoocommerce_cart_item_permalinkclasses\tci-uet-widgets\not-ready\class-tci-uet-cart.php:928
filterwoocommerce_cart_item_priceclasses\tci-uet-widgets\not-ready\class-tci-uet-cart.php:932
filterwoocommerce_cart_item_quantityclasses\tci-uet-widgets\not-ready\class-tci-uet-cart.php:936
filterwoocommerce_cart_item_subtotalclasses\tci-uet-widgets\not-ready\class-tci-uet-cart.php:940
filternav_menu_link_attributesclasses\tci-uet-widgets\not-ready\class-tci-uet-nav-menu.php:1131
filternav_menu_submenu_css_classclasses\tci-uet-widgets\not-ready\class-tci-uet-nav-menu.php:1132
filternav_menu_item_idclasses\tci-uet-widgets\not-ready\class-tci-uet-nav-menu.php:1133
actionadmin_noticestci-uet.php:40
actionplugins_loadedtci-uet.php:105
Maintenance & Trust

TCI Ultimate Element Themes Maintenance & Trust

Maintenance Signals

WordPress version tested5.5.18
Last updatedOct 9, 2020
PHP min version7.0
Downloads2K

Community Trust

Rating100/100
Number of ratings2
Active installs10
Alternatives

TCI Ultimate Element Themes Alternatives

Essential Addons for Elementor – Popular Elementor Templates & Widgets

Essential Addons for Elementor – Popular Elementor Templates & Widgets

essential-addons-for-elementor-lite

B
76

Elementor addon offering 110+ widgets and templates — Elementor Gallery, Slider, Form, Post Grid, Menu, Accordion, WooCommerce & more.

2.0M 56 CVEs
Exclusive Addons for Elementor

Exclusive Addons for Elementor

exclusive-addons-for-elementor

A
96

Exclusive Addons is one of the Best Elementor Addons With 90+ Elementor Free & Pro Widgets with all the customizations options you ever imagined.

60K 24 CVEs
RTMKit

RTMKit

rometheme-for-elementor

A
89

All-in-one toolkit for Elementor: advanced addons, theme builder, forms, icons & templates to build stunning sites fast and easy.

50K 12 CVEs
Bosa Elementor Addons and Templates for WooCommerce

Bosa Elementor Addons and Templates for WooCommerce

bosa-elementor-for-woocommerce

A
99

Elementor Addon with widgets and templates for WooCommerce.

30K 1 CVE
Xpro Addons — 140+ Widgets for Elementor

Xpro Addons — 140+ Widgets for Elementor

xpro-elementor-addons

A
89

Get Premium level 50+ Free Elementor Widgets, 10+ Free Elementor Extensions, 500+ Free Themes & Templates for Elementor.

30K 18 CVEs
Developer Profile

TCI Ultimate Element Themes Developer Profile

WPEssential

4 plugins · 30 total installs

87
trust score
Avg Security Score
90/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect TCI Ultimate Element Themes

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/tci-ultimate-element-themes/assets/css/tci-uet-grid.min.css/wp-content/plugins/tci-ultimate-element-themes/assets/css/tci-uet-frontend.css/wp-content/plugins/tci-ultimate-element-themes/assets/js/tci-uet-nav-menu.min.js/wp-content/plugins/tci-ultimate-element-themes/assets/js/tci-uet-typeit.min.js/wp-content/plugins/tci-ultimate-element-themes/assets/js/tci-uet-vticker.min.js/wp-content/plugins/tci-ultimate-element-themes/assets/js/tci-uet-frontend.js/wp-content/plugins/tci-ultimate-element-themes/assets/css/tci-uet-icons.css/wp-content/plugins/tci-ultimate-element-themes/assets/css/tci-uet-editor.css+2 more

HTML / DOM Fingerprints

CSS Classes
tci-uet-gridtci-uet-frontendtci-uet-nav-menutci-uet-typeittci-uet-vtickertci-uet-iconstci-uet-editortci-uet-elementor-admin
FAQ

Frequently Asked Questions about TCI Ultimate Element Themes