Does Theme per user have any unpatched vulnerabilities?

No. All known vulnerabilities in Theme per user have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Theme per user compatible with WordPress 6.9.4?

According to WordPress.org data, Theme per user 1.0.4 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is Theme per user updated?

Theme per user was last updated on Dec 4, 2025. Frequent updates are generally a positive security signal.

What is Theme per user's security score?

Theme per user has a WP-Safety security score of 98/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Theme per user Security & Risk Analysis

wordpress.org/plugins/theme-per-user

Load one Theme for a specific user. You must set the theme from User Profile then logout and login again in order to take effect.

90 active installs v1.0.4 PHP + WP 3.8.1+ Updated Dec 4, 2025

presslabsredirecttheme-per-userthemesuser

A · Safe

CVEs total1

Unpatched0

Last CVEDec 29, 2023

Download

Safety Verdict

Is Theme per user Safe to Use in 2026?

Generally Safe

Score 98/100

Theme per user has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Dec 29, 2023Updated 4mo ago

Risk Assessment

The security posture of the 'theme-per-user' plugin v1.0.4 presents a mixed picture. On one hand, the plugin demonstrates strong adherence to secure coding practices by utilizing prepared statements for all SQL queries and having no identified dangerous functions, file operations, or external HTTP requests. The absence of a significant attack surface through AJAX, REST API, shortcodes, and cron events is also a positive indicator. However, a critical concern arises from the vulnerability history. The plugin has a known critical CVE related to Deserialization of Untrusted Data, and crucially, this vulnerability is listed as 'currently unpatched'. This single unpatched critical vulnerability significantly elevates the risk associated with using this plugin.

Key Concerns

Unpatched critical CVE (Deserialization of Untrusted Data)
Output not properly escaped
No nonce checks found

Vulnerabilities

Theme per user Security Vulnerabilities

CVEs by Year

1 CVE in 2023

2023

Patched Has unpatched

Severity Breakdown

Critical

1 total CVE

CVE-2023-52181critical · 9.8Deserialization of Untrusted Data

Theme per user <= 1.0.1 - Unauthenticated PHP Object Injection

Dec 29, 2023 Patched in 1.0.2 (25d)

Code Analysis

Analyzed Mar 16, 2026

Theme per user Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped3 total outputs

Attack Surface

Theme per user Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 11

filtertemplatetheme-per-user.php:34

filterstylesheettheme-per-user.php:35

filteroption_current_themetheme-per-user.php:36

filteroption_templatetheme-per-user.php:37

filteroption_stylesheettheme-per-user.php:38

actionplugins_loadedtheme-per-user.php:41

actionset_auth_cookietheme-per-user.php:56

actionprofile_personal_optionstheme-per-user.php:97

actionpersonal_options_updatetheme-per-user.php:118

actionedit_user_profile_updatetheme-per-user.php:119

actionafter_switch_themetheme-per-user.php:137

Maintenance & Trust

Theme per user Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 4, 2025

PHP min version

Downloads8K

Community Trust

Rating74/100

Number of ratings3

Active installs90

Alternatives

Theme per user Alternatives

Inactive Logout

inactive-logout

Automatically logout idle user sessions, with logout redirections and concurrent limit logins all in one place.

20K 3 CVEs

Role Based Redirect

role-based-redirect

100

Redirect users after login/logout by role. Optionally hide admin bar and block dashboard access for selected roles.

2K No CVEs

Basic Front-End Login

basic-front-end-login

100

Adds a basic front-end login form to any page, post or widget and redirects to the page you choose.

300 No CVEs

Redirect WordPress Sign-up for iThemes Security

redirect-wp-sign-up-for-ithemes-security

This plugin redirects WordPress Sign-up to homepage if is activated "Hide Backend" module in iThemes Security settings.

100 No CVEs

WP – Redirect to homepage after login

wp-redirect-to-homepage-after-login

100

This lightweight plugin allow you to redirect all users to your site's homepage after the login step.

80 No CVEs

Developer Profile

Theme per user Developer Profile

Presslabs

5 plugins · 1K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

25 days

View full developer profile

Detection Fingerprints

How We Detect Theme per user

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Data Attributes

theme_per_user

FAQ