Does Ultimate Bootstrap Elements for Elementor have any unpatched vulnerabilities?

No. All known vulnerabilities in Ultimate Bootstrap Elements for Elementor have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Ultimate Bootstrap Elements for Elementor compatible with WordPress 6.8.5?

According to WordPress.org data, Ultimate Bootstrap Elements for Elementor 1.5.3 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Ultimate Bootstrap Elements for Elementor compatible with PHP 5.6+?

Ultimate Bootstrap Elements for Elementor requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Ultimate Bootstrap Elements for Elementor updated?

Ultimate Bootstrap Elements for Elementor was last updated on Sep 12, 2025. Frequent updates are generally a positive security signal.

What is Ultimate Bootstrap Elements for Elementor's security score?

Ultimate Bootstrap Elements for Elementor has a WP-Safety security score of 88/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Ultimate Bootstrap Elements for Elementor Security & Risk Analysis

wordpress.org/plugins/ultimate-bootstrap-elements-for-elementor

Completely plugins Ultimate Bootstrap Elements for Elementor. Enhance your Elementor page building experience with Bootstrap Components and many other …

7K active installs v1.5.3 PHP 5.6+ WP 4.7+ Updated Sep 12, 2025

elementelementorelementor-addonselementor-widget

A · Safe

CVEs total6

Unpatched0

Last CVEApr 9, 2025

Plugin page Download

Safety Verdict

Is Ultimate Bootstrap Elements for Elementor Safe to Use in 2026?

Generally Safe

Score 88/100

Ultimate Bootstrap Elements for Elementor has a strong security track record. Known vulnerabilities have been patched promptly.

6 known CVEsLast CVE: Apr 9, 2025Updated 6mo ago

Risk Assessment

The plugin exhibits a mixed security posture. While it demonstrates good practices like using prepared statements for SQL queries and a high percentage of properly escaped output, significant concerns remain. The static analysis reveals a notable attack surface, with 2 out of 9 AJAX handlers lacking authentication checks. This, coupled with 3 flows identified with unsanitized paths in the taint analysis, suggests potential vulnerabilities related to input validation and access control. The plugin's history of 6 known CVEs, including critical and high-severity vulnerabilities such as PHP Remote File Inclusion and Cross-Site Scripting, further amplifies the risk. The variety of vulnerability types points to systemic issues in secure coding practices. Although there are currently no unpatched CVEs and the last vulnerability was in 2025, the recurrence of these critical flaw types indicates a persistent need for more rigorous security auditing and remediation throughout the development lifecycle.

Key Concerns

Unprotected AJAX handlers
Flows with unsanitized paths
Critical severity CVEs in history
High severity CVEs in history
Medium severity CVEs in history
Exposure of Sensitive Information CVE type
PHP Remote File Inclusion CVE type
Cross-site Scripting CVE type

Vulnerabilities

Ultimate Bootstrap Elements for Elementor Security Vulnerabilities

CVEs by Year

5 CVEs in 2024

2024

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Critical

High

Medium

6 total CVEs

CVE-2025-32672critical · 9.8Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

Ultimate Bootstrap Elements for Elementor <= 1.4.9 - Unauthenticated Local File Inclusion

Apr 9, 2025 Patched in 1.5.0 (22d)

CVE-2024-10329medium · 4.3Exposure of Sensitive Information to an Unauthorized Actor

Ultimate Bootstrap Elements for Elementor <= 1.4.6 - Authenticated (Contributor+) Sensitive Information Exposure

Nov 4, 2024 Patched in 1.4.7 (2d)

CVE-2024-43140high · 8.8Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

Ultimate Bootstrap Elements for Elementor <= 1.4.4 - Authenticated (Contributor+) Local File Inclusion

Aug 7, 2024 Patched in 1.4.5 (8d)

CVE-2024-37462high · 8.8Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

Ultimate Bootstrap Elements for Elementor <= 1.4.2 - Authenticated (Contributor+) Local File Inclusion

Jul 1, 2024 Patched in 1.4.3 (9d)

CVE-2024-2132medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Bootstrap Elements for Elementor <= 1.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Widget

Apr 5, 2024 Patched in 1.4.1 (1d)

CVE-2024-1398medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Bootstrap Elements for Elementor <= 1.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting

Mar 1, 2024 Patched in 1.3.7 (8d)

Code Analysis

Analyzed Mar 16, 2026

Ultimate Bootstrap Elements for Elementor Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

370

1398 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

jQuerySelect2

Output Escaping

79% escaped1768 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

7 flows3 with unsanitized paths

control_autocomplete_callback (inc\ajax.class.php:176)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Ultimate Bootstrap Elements for Elementor Attack Surface

Entry Points9

Unprotected2

AJAX Handlers 9

authwp_ajax_ube_result_search_boxinc\ajax.class.php:19

noprivwp_ajax_ube_result_search_boxinc\ajax.class.php:20

authwp_ajax_ube_load_moreinc\ajax.class.php:22

noprivwp_ajax_ube_load_moreinc\ajax.class.php:23

authwp_ajax_ube_control_autocompleteinc\ajax.class.php:25

noprivwp_ajax_ube_control_autocompleteinc\ajax.class.php:26

authwp_ajax_ube_dynamic_contentinc\modules\dynamic-content\module.class.php:8

authwp_ajax_ube_get_prebuilt_templatesinc\modules\templates\module.class.php:9

authwp_ajax_ube_get_prebuilt_template_contentinc\modules\templates\module.class.php:10

WordPress Hooks 25

actioninitinc\admin\message.class.php:25

actionadmin_noticesinc\admin\message.class.php:26

actionadmin_noticesinc\admin\message.class.php:73

actionadmin_menuinc\admin\settings.class.php:19

actioninitinc\assets.class.php:16

actionwp_enqueue_scriptsinc\assets.class.php:17

actionelementor/editor/before_enqueue_scriptsinc\assets.class.php:18

actionadmin_enqueue_scriptsinc\assets.class.php:19

actionelementor/frontend/after_enqueue_stylesinc\assets.class.php:22

filterelementor/core/responsive/get_stylesheet_templatesinc\assets.class.php:23

actionelementor/controls/controls_registeredinc\controls-manager.class.php:19

filterhttps_ssl_verifyinc\elements\twitter-feed.class.php:589

filterhttps_ssl_verifyinc\elements\twitter-feed.class.php:610

actionelementor/widgets/registerinc\elements-manager.class.php:16

actionelementor/widgets/widgets_registeredinc\elements-manager.class.php:18

actionelementor/elements/categories_registeredinc\elements-manager.class.php:20

actioninitinc\form-handler.class.php:14

actioninitinc\form-handler.class.php:15

actioninitinc\modules\dynamic-content\module.class.php:7

actionelementor/editor/footerinc\modules\dynamic-content\module.class.php:9

actioninitinc\modules\site-settings\module.class.php:7

actionwp_headinc\modules\site-settings\module.class.php:8

actionelementor/editor/footerinc\modules\templates\module.class.php:8

actionafter_setup_themeinc\ube.class.php:29

actionadmin_noticesultimate-bootstrap-elements.php:26

Maintenance & Trust

Ultimate Bootstrap Elements for Elementor Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedSep 12, 2025

PHP min version5.6

Downloads133K

Community Trust

Rating100/100

Number of ratings1

Active installs7K

Alternatives

Ultimate Bootstrap Elements for Elementor Alternatives

ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor

elementskit-lite

Join millions who empower their websites with ElementsKit Elementor Addons. Get templates, & 100+ widgets like header-footer, mega menu, custom widget

2.0M 21 CVEs

Essential Addons for Elementor – Popular Elementor Templates & Widgets

essential-addons-for-elementor-lite

Elementor addon offering 110+ widgets and templates — Elementor Gallery, Slider, Form, Post Grid, Menu, Accordion, WooCommerce & more.

2.0M 56 CVEs

Ultimate Addons for Elementor

header-footer-elementor

Powerful Elementor addon with advanced Elementor widgets, templates, WooCommerce widgets & Header-Footer builder to build professional websites fa …

2.0M 12 CVEs

Premium Addons for Elementor – Powerful Elementor Templates & Widgets

premium-addons-for-elementor

Elementor Carousel, Mega Menu, Posts List/Slider, Media Gallery, WooCommerce Widgets, Display Conditions, Premade Templates & more.

700K 35 CVEs

Royal Addons for Elementor – Addons and Templates Kit for Elementor

royal-elementor-addons

Elementor templates, Header footer builder, Elementor Post Grid, Woocommerce Grid builder, Slider, Forms, Gallery, Nav menu addons, Elementor widgets.

600K 1 unpatched

Developer Profile

Ultimate Bootstrap Elements for Elementor Developer Profile

g5theme

8 plugins · 19K total installs

trust score

Avg Security Score

79/100

Avg Patch Time

157 days

View full developer profile

Detection Fingerprints

How We Detect Ultimate Bootstrap Elements for Elementor

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

FAQ