Does Ultimate Cursor – Interactive and Animated Cursor Effects Toolkit have any unpatched vulnerabilities?

No. All known vulnerabilities in Ultimate Cursor – Interactive and Animated Cursor Effects Toolkit have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Ultimate Cursor – Interactive and Animated Cursor Effects Toolkit compatible with WordPress 6.9.4?

According to WordPress.org data, Ultimate Cursor – Interactive and Animated Cursor Effects Toolkit 2.0.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Ultimate Cursor – Interactive and Animated Cursor Effects Toolkit Security & Risk Analysis

wordpress.org/plugins/ultimate-cursor

Enhance your site with Ultimate Cursor Plugin—customize your cursor pointer with icons, text & images for an engaging experience.✅

3K active installs v2.0.0 PHP 7.4+ WP 6.0+ Updated Mar 7, 2026

cursorcursor-plugincustom-cursormousepointer

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Ultimate Cursor – Interactive and Animated Cursor Effects Toolkit Safe to Use in 2026?

Generally Safe

Score 100/100

Ultimate Cursor – Interactive and Animated Cursor Effects Toolkit has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 27d ago

Risk Assessment

The plugin 'ultimate-cursor' v2.0.0 exhibits a generally strong security posture, with a notable absence of known vulnerabilities and a low attack surface. The static analysis reveals no critical or high severity issues in taint flows, indicating a good approach to handling potentially malicious input. The plugin also demonstrates good output escaping practices (95% properly escaped) and includes capability checks on most entry points. The presence of nonce checks on its AJAX handlers further bolsters its security against common replay attacks. However, a significant concern is the single SQL query found that does not utilize prepared statements. This could be a potential vector for SQL injection vulnerabilities if the query directly incorporates user-supplied data without proper sanitization and parameterization. While the vulnerability history is clean, this single instance of a non-prepared SQL query warrants attention and a potential deduction from its otherwise positive security score.

Key Concerns

Raw SQL query without prepared statement

Vulnerabilities

None known

Ultimate Cursor – Interactive and Animated Cursor Effects Toolkit Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Ultimate Cursor – Interactive and Animated Cursor Effects Toolkit Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

39 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius1.0

SQL Query Safety

0% prepared1 total queries

Output Escaping

95% escaped41 total outputs

Attack Surface

Ultimate Cursor – Interactive and Animated Cursor Effects Toolkit Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 2

authwp_ajax_ultimate_cursor_install_pluginclasses\class-admin.php:47

authwp_ajax_uc_dismiss_black_friday_widgetclasses\class-dashboard-widget.php:339

WordPress Hooks 31

actionadmin_initclasses\class-admin.php:38

actionadmin_menuclasses\class-admin.php:39

actionin_admin_headerclasses\class-admin.php:40

filteradmin_body_classclasses\class-admin.php:42

actionadmin_enqueue_scriptsclasses\class-admin.php:44

filterplugin_action_links_ultimate-cursor/ultimate-cursor.phpclasses\class-admin.php:46

actionwp_enqueue_scriptsclasses\class-assets.php:39

actionadmin_enqueue_scriptsclasses\class-assets.php:41

filterrocket_exclude_defer_jsclasses\class-cache-compatibility.php:48

filterrocket_exclude_jsclasses\class-cache-compatibility.php:49

filterrocket_delay_js_exclusionsclasses\class-cache-compatibility.php:50

filterrocket_excluded_inline_js_contentclasses\class-cache-compatibility.php:51

filterlitespeed_optimize_js_excludesclasses\class-cache-compatibility.php:54

filterautoptimize_filter_js_excludeclasses\class-cache-compatibility.php:57

filterw3tc_minify_js_do_tag_minificationclasses\class-cache-compatibility.php:60

filterwpfc_exclude_current_pageclasses\class-cache-compatibility.php:63

actionwp_enqueue_scriptsclasses\class-cache-compatibility.php:66

filterscript_loader_tagclasses\class-cache-compatibility.php:196

actionwp_dashboard_setupclasses\class-dashboard-widget.php:38

actionadmin_enqueue_scriptsclasses\class-dashboard-widget.php:39

actionadmin_noticesclasses\class-dashboard-widget.php:40

actionadmin_headclasses\class-dashboard-widget.php:320

actionadmin_headclasses\class-dashboard-widget.php:331

actionadmin_footerclasses\class-dashboard-widget.php:336

actionelementor/element/common/_section_style/after_section_endclasses\class-elementor.php:34

actionelementor/frontend/widget/before_renderclasses\class-elementor.php:35

actionelementor/preview/enqueue_scriptsclasses\class-elementor.php:36

actionadmin_noticesclasses\class-elementor.php:40

actionrest_api_initclasses\class-rest.php:51

filteruser_has_capultimate-cursor.php:96

actionplugins_loadedultimate-cursor.php:347

Maintenance & Trust

Ultimate Cursor – Interactive and Animated Cursor Effects Toolkit Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 7, 2026

PHP min version7.4

Downloads42K

Community Trust

Rating90/100

Number of ratings4

Active installs3K

Alternatives

Ultimate Cursor – Interactive and Animated Cursor Effects Toolkit Alternatives

WP Custom Cursors | WordPress Cursor Plugin

wp-custom-cursors

WP Custom Cursors: Elevate your website's engagement with unique, personalized cursors! Choose from a collection of pre-designed options or creat …

10K 1 unpatched

Custom Cursor For WP

custom-cursor-for-wp

Custom Cursor For WP - Help you to customize your WordPress website cursor or mouse pointer and It's very easy to use.

1K No CVEs

Ultimate Custom Cursor

ultimate-custom-cursor

Using Ultimate Custom Cursor for customize your website cursor or mouse pointer, you will get a very elegant and unique site.

900 No CVEs

FaeCursor – Interaction Effects Toolkit

faecursor

100

Bring your WordPress site to life with interactive cursor, keyboard, and screen effects — built for smooth performance and full control.

50 No CVEs

Interactive Cursor

interactive-cursor

Interactive Cursor is a WordPress plugin that enables integration of custom cursors. The Plugin is packed with a set of ready-to-use HTML/SVG cursors …

20 No CVEs

Developer Profile

Ultimate Cursor – Interactive and Animated Cursor Effects Toolkit Developer Profile

WPXERO

6 plugins · 4K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Ultimate Cursor – Interactive and Animated Cursor Effects Toolkit

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ultimate-cursor/assets/css/ultimate-cursor.css/wp-content/plugins/ultimate-cursor/assets/js/ultimate-cursor.js

Script Paths

/wp-content/plugins/ultimate-cursor/assets/js/ultimate-cursor.js

Version Parameters

ultimate-cursor/assets/css/ultimate-cursor.css?ver=ultimate-cursor/assets/js/ultimate-cursor.js?ver=

HTML / DOM Fingerprints

JS Globals

ultimateCursorConfig

REST Endpoints

/wp-json/ultimate-cursor/v1/settings

FAQ