Does Ultimate AMP – WordPress AMP Plugin have any unpatched vulnerabilities?

No. All known vulnerabilities in Ultimate AMP – WordPress AMP Plugin have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Ultimate AMP – WordPress AMP Plugin compatible with WordPress 5.6.17?

According to WordPress.org data, Ultimate AMP – WordPress AMP Plugin 1.2.4 has been tested up to WordPress 5.6.17. Check the plugin's changelog for the latest compatibility information.

Is Ultimate AMP – WordPress AMP Plugin compatible with PHP 5.3+?

Ultimate AMP – WordPress AMP Plugin requires PHP 5.3 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Ultimate AMP – WordPress AMP Plugin updated?

Ultimate AMP – WordPress AMP Plugin was last updated on Nov 26, 2020. Frequent updates are generally a positive security signal.

What is Ultimate AMP – WordPress AMP Plugin's security score?

Ultimate AMP – WordPress AMP Plugin has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Ultimate AMP – WordPress AMP Plugin Security & Risk Analysis

wordpress.org/plugins/ultimate-amp

Ultimate AMP is a WordPress AMP Plugin to Enable AMP on Website. Feature rich and easy Customizable Plugin.

10 active installs v1.2.4 PHP 5.3+ WP 4.0+ Updated Nov 26, 2020

accelerated-mobile-pagesampamp-plugingoogle-ampultimate-amp

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Ultimate AMP – WordPress AMP Plugin Safe to Use in 2026?

Generally Safe

Score 85/100

Ultimate AMP – WordPress AMP Plugin has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The "ultimate-amp" v1.2.4 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and implementing nonce checks and capability checks extensively. The absence of known CVEs and a clean vulnerability history is also a strong indicator of a well-maintained and secure plugin. However, there are significant concerns regarding its attack surface and potential for unsanitized input.

Key Concerns

AJAX handlers without authentication checks
Flows with unsanitized paths
Low percentage of properly escaped output

Vulnerabilities

None known

Ultimate AMP – WordPress AMP Plugin Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Ultimate AMP – WordPress AMP Plugin Code Analysis

Dangerous Functions

Raw SQL Queries

9 prepared

Unescaped Output

474

583 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared9 total queries

Output Escaping

55% escaped1057 total outputs

Data Flows

6 unsanitized

Data Flow Analysis

9 flows6 with unsanitized paths

save_network_page (inc\admin\redux-core\framework.php:593)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Ultimate AMP – WordPress AMP Plugin Attack Surface

Entry Points15

Unprotected2

AJAX Handlers 7

noprivwp_ajax_redux_pinc\admin\redux-core\inc\class.p.php:7

authwp_ajax_redux_pinc\admin\redux-core\inc\class.p.php:8

authwp_ajax_redux_hide_admin_noticeinc\admin\redux-core\inc\class.redux_admin_notices.php:32

authwp_ajax_redux_allow_trackinginc\admin\redux-core\inc\tracking.php:510

authwp_ajax_redux_support_hashinc\admin\redux-core\inc\welcome\welcome.php:25

authwp_ajax_uamp_comment_submitultimate-amp.php:222

noprivwp_ajax_uamp_comment_submitultimate-amp.php:223

Shortcodes 8

[wp-amp-ad] inc\class-uamp-shortcodes.php:21

[wp-amp-related] inc\class-uamp-shortcodes.php:22

[wp-amp-recent] inc\class-uamp-shortcodes.php:23

[wp-amp-share] inc\class-uamp-shortcodes.php:24

[wp-amp-switcher] inc\class-uamp-shortcodes.php:25

[wp-amp-accordion] inc\class-uamp-shortcodes.php:26

[wp-amp-accordion-section] inc\class-uamp-shortcodes.php:27

[gallery] inc\class-uamp-template.php:90

WordPress Hooks 127

filteramp_post_template_dirfunctions\helper.php:11

actionplugins_loadedfunctions\helper.php:23

filterplugin_action_linksfunctions\helper.php:24

actionplugins_loadedfunctions\helper.php:29

filterplugin_action_linksfunctions\helper.php:30

actionplugins_loadedfunctions\helper.php:35

filterplugin_action_linksfunctions\helper.php:36

actionplugins_loadedfunctions\helper.php:41

filterplugin_action_linksfunctions\helper.php:42

actionadmin_initfunctions\helper.php:55

actionadmin_initfunctions\helper.php:87

actionadmin_initfunctions\helper.php:118

actionadmin_initfunctions\helper.php:149

actionadmin_menuinc\admin\admin-menu.php:20

actionredux/loadedinc\admin\admin-options.php:616

actionwp_dashboard_setupinc\admin\redux-core\core\dashboard.php:13

actionredux/initinc\admin\redux-core\framework.php:30

actionadmin_menuinc\admin\redux-core\framework.php:353

actionnetwork_admin_menuinc\admin\redux-core\framework.php:357

actionadmin_bar_menuinc\admin\redux-core\framework.php:361

actionadmin_initinc\admin\redux-core\framework.php:367

actionadmin_initinc\admin\redux-core\framework.php:372

actionadmin_noticesinc\admin\redux-core\framework.php:377

actionadmin_initinc\admin\redux-core\framework.php:380

actionadmin_enqueue_scriptsinc\admin\redux-core\framework.php:384

actionwp_headinc\admin\redux-core\framework.php:390

actionwp_enqueue_scriptsinc\admin\redux-core\framework.php:391

actionlogin_headinc\admin\redux-core\framework.php:396

actionlogin_enqueue_scriptsinc\admin\redux-core\framework.php:397

actionadmin_headinc\admin\redux-core\framework.php:402

actionadmin_enqueue_scriptsinc\admin\redux-core\framework.php:403

actionwp_print_scriptsinc\admin\redux-core\framework.php:407

actionadmin_enqueue_scriptsinc\admin\redux-core\framework.php:408

actionadmin_bar_menuinc\admin\redux-core\framework.php:416

actionadmin_headinc\admin\redux-core\framework.php:1734

filteradmin_footer_textinc\admin\redux-core\framework.php:1737

actionafter_setup_themeinc\admin\redux-core\inc\class.redux_api.php:47

actioninitinc\admin\redux-core\inc\class.redux_api.php:48

actionswitch_themeinc\admin\redux-core\inc\class.redux_api.php:49

actionredux/constructinc\admin\redux-core\inc\class.redux_instances.php:60

actioncustomize_registerinc\admin\redux-core\inc\extensions\customizer\extension_customizer.php:113

actionwp_headinc\admin\redux-core\inc\extensions\customizer\extension_customizer.php:118

actioncustomize_save_afterinc\admin\redux-core\inc\extensions\customizer\extension_customizer.php:122

actioncustomize_controls_print_scriptsinc\admin\redux-core\inc\extensions\customizer\extension_customizer.php:125

actioncustomize_controls_initinc\admin\redux-core\inc\extensions\customizer\extension_customizer.php:127

filterupload_mimesinc\admin\redux-core\inc\extensions\import_export\extension_import_export.php:97

filterredux/font-iconsinc\admin\redux-core\inc\fields\select\elusive-icons.php:312

actionadmin_enqueue_scriptsinc\admin\redux-core\inc\themecheck\class.redux_themecheck.php:74

actionadmin_enqueue_scriptsinc\admin\redux-core\inc\themecheck\class.redux_themecheck.php:75

actionthemecheck_checks_loadedinc\admin\redux-core\inc\themecheck\class.redux_themecheck.php:77

actionthemecheck_checks_loadedinc\admin\redux-core\inc\themecheck\class.redux_themecheck.php:78

actionadmin_enqueue_scriptsinc\admin\redux-core\inc\tracking.php:81

actionadmin_enqueue_scriptsinc\admin\redux-core\inc\tracking.php:83

actionredux_trackinginc\admin\redux-core\inc\tracking.php:100

actionadmin_print_footer_scriptsinc\admin\redux-core\inc\tracking.php:110

actionadmin_print_footer_scriptsinc\admin\redux-core\inc\tracking.php:119

filterredux/tracking/optionsinc\admin\redux-core\inc\tracking.php:486

actioninitinc\admin\redux-core\inc\validation\unique_slug\validation_unique_slug.php:60

actionredux/loadedinc\admin\redux-core\inc\welcome\welcome.php:23

actionadmin_menuinc\admin\redux-core\inc\welcome\welcome.php:35

filteradmin_footer_textinc\admin\redux-core\inc\welcome\welcome.php:41

actionadmin_headinc\admin\redux-core\inc\welcome\welcome.php:42

actioninitinc\admin\redux-core\inc\welcome\welcome.php:91

actioninitinc\class-tgm-plugin-activation.php:265

actionadmin_menuinc\class-tgm-plugin-activation.php:414

actionadmin_headinc\class-tgm-plugin-activation.php:415

filterinstall_plugin_complete_actionsinc\class-tgm-plugin-activation.php:418

filterupdate_plugin_complete_actionsinc\class-tgm-plugin-activation.php:419

actionadmin_noticesinc\class-tgm-plugin-activation.php:422

actionadmin_initinc\class-tgm-plugin-activation.php:423

actionadmin_enqueue_scriptsinc\class-tgm-plugin-activation.php:424

actionload-plugins.phpinc\class-tgm-plugin-activation.php:429

actionswitch_themeinc\class-tgm-plugin-activation.php:432

actionswitch_themeinc\class-tgm-plugin-activation.php:435

actionadmin_initinc\class-tgm-plugin-activation.php:440

actionswitch_themeinc\class-tgm-plugin-activation.php:445

filterupgrader_source_selectioninc\class-tgm-plugin-activation.php:796

actionplugins_loadedinc\class-tgm-plugin-activation.php:2019

filtertgmpa_table_data_itemsinc\class-tgm-plugin-activation.php:2143

filterupgrader_source_selectioninc\class-tgm-plugin-activation.php:2884

actionadmin_initinc\class-tgm-plugin-activation.php:3054

actionupgrader_process_completeinc\class-tgm-plugin-activation.php:3149

filterupgrader_post_installinc\class-tgm-plugin-activation.php:3208

filterupgrader_post_installinc\class-tgm-plugin-activation.php:3353

filterterm_descriptioninc\class-uamp-sanitize.php:45

filterscript_loader_taginc\class-uamp-scripts.php:33

filterscript_loader_srcinc\class-uamp-scripts.php:56

filterthe_contentinc\class-uamp-shortcodes.php:28

filtercomments_templateinc\class-uamp-template.php:21

filterterm_linkinc\class-uamp-template.php:22

filterwp_setup_nav_menu_iteminc\class-uamp-template.php:23

filterget_pagenum_linkinc\class-uamp-template.php:24

actionuamp_before_headerinc\class-uamp-template.php:33

actionuamp_template_contentinc\class-uamp-template.php:194

actiontgmpa_registerinc\easy-blocks.php:17

actionuamp/template/headtemplates\template-one\functions.php:12

actionuamp/template/headtemplates\template-one\functions.php:13

actionamp_post_template_headtemplates\template-one\functions.php:14

actionuamp/template/headtemplates\template-one\functions.php:15

actionuamp/template/headtemplates\template-one\functions.php:16

actionuamp/template/search/querytemplates\template-one\functions.php:20

filterwp_nav_menu_argstemplates\template-one\functions.php:24

actionuamp/template/sidebartemplates\template-one\functions.php:27

actionuamp/template/featured-imagetemplates\template-one\functions.php:43

actionuamp/template/pagetemplates\template-one\functions.php:51

filterultimate-amp/template/template-one/active-templatetemplates\template-one\functions.php:221

actionplugins_loadedultimate-amp.php:102

actionplugins_loadedultimate-amp.php:103

actionadmin_menuultimate-amp.php:106

actionactivated_pluginultimate-amp.php:107

actionwp_headultimate-amp.php:117

actioninitultimate-amp.php:121

actioninitultimate-amp.php:122

actionuamp_initultimate-amp.php:123

filternav_menu_link_attributesultimate-amp.php:127

filternav_menu_css_classultimate-amp.php:128

actiontemplate_redirectultimate-amp.php:161

actionpre_get_postsultimate-amp.php:166

filteruamp_is_mobile_get_redirect_urlultimate-amp.php:174

filterold_slug_redirect_urlultimate-amp.php:179

actioninitultimate-amp.php:631

actionwpultimate-amp.php:1090

filternav_menu_link_attributesultimate-amp.php:1095

actionupdate_option_active_pluginsultimate-amp.php:1143

actionupdate_option_active_pluginsultimate-amp.php:1156

actionupdate_option_active_pluginsultimate-amp.php:1169

actionupdate_option_active_pluginsultimate-amp.php:1182

Scheduled Events 1

redux_tracking

Maintenance & Trust

Ultimate AMP – WordPress AMP Plugin Maintenance & Trust

Maintenance Signals

WordPress version tested5.6.17

Last updatedNov 26, 2020

PHP min version5.3

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Ultimate AMP – WordPress AMP Plugin Alternatives

AMP for WP – Accelerated Mobile Pages

accelerated-mobile-pages

AMP for WP is the most recommended AMP plugin by the community. Automatically add Accelerated Mobile Pages (Google AMP Project) functionality on your …

90K 14 CVEs

easy AMP

wp-amp-it-up

Enable AMP (Accelerated Mobile Pages) on your site. Just install, activate and it´s done! The official AMP Plugin for WordPress by amp-cloud.

700 No CVEs

Templatic-Google-AMP

templatic-google-amp

To work with Templatic AMP plugin just type 'amp' keyword after any archive, category, details or any page URL it will display AMP version o …

10 No CVEs

AMP WP – Google AMP For WP

amp-wp

100

Automagically add Google AMP functionality to your site. Tons of Premium Features for FREE. Show/Hide Post Types, Categories, and Tags.

800 1 CVE

AMP on WordPress – weeblrAMP CE

weeblramp

weeblrAMP provides advanced support for Accelerated Mobile Pages for WordPress: posts, pages, categories, tags and archives.

70 No CVEs

Developer Profile

Ultimate AMP – WordPress AMP Plugin Developer Profile

Liton Arefin

45 plugins · 43K total installs

trust score

Avg Security Score

93/100

Avg Patch Time

65 days

View full developer profile

Detection Fingerprints

How We Detect Ultimate AMP – WordPress AMP Plugin

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ultimate-amp/assets/css/amp-styles.css/wp-content/plugins/ultimate-amp/assets/js/amp.js

Script Paths

/wp-content/plugins/ultimate-amp/assets/js/amp.js

Version Parameters

ultimate-amp/assets/css/amp-styles.css?ver=ultimate-amp/assets/js/amp.js?ver=

HTML / DOM Fingerprints

CSS Classes

uamp-amp-wrapperuamp-comments-wrap

Data Attributes

data-amp-custom-class

JS Globals

uamp_comment_nonce

REST Endpoints

/wp-json/uamp/v1/get-comments/wp-json/uamp/v1/submit-comment

FAQ