Ultimate Cursor – Interactive and Animated Cursor and Background Effects Toolkit Security & Risk Analysis

Enhance your site with Ultimate Cursor Plugin—customize your cursor pointer with icons, text & images, plus stunning background effects.✅

3K active installs v2.1.1 PHP 7.4+ WP 6.0+ Updated Apr 11, 2026

cursorcursor-plugincustom-cursormousepointer

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Ultimate Cursor – Interactive and Animated Cursor and Background Effects Toolkit Safe to Use in 2026?

Generally Safe

Score 100/100

Ultimate Cursor – Interactive and Animated Cursor and Background Effects Toolkit has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The plugin 'ultimate-cursor' v2.0.0 exhibits a generally strong security posture, with a notable absence of known vulnerabilities and a low attack surface. The static analysis reveals no critical or high severity issues in taint flows, indicating a good approach to handling potentially malicious input. The plugin also demonstrates good output escaping practices (95% properly escaped) and includes capability checks on most entry points. The presence of nonce checks on its AJAX handlers further bolsters its security against common replay attacks. However, a significant concern is the single SQL query found that does not utilize prepared statements. This could be a potential vector for SQL injection vulnerabilities if the query directly incorporates user-supplied data without proper sanitization and parameterization. While the vulnerability history is clean, this single instance of a non-prepared SQL query warrants attention and a potential deduction from its otherwise positive security score.

Key Concerns

Raw SQL query without prepared statement

Vulnerabilities

None known

Ultimate Cursor – Interactive and Animated Cursor and Background Effects Toolkit Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Ultimate Cursor – Interactive and Animated Cursor and Background Effects Toolkit Release Timeline

v2.1.1Current

v2.1.0

v2.0.0

v1.9.2

v1.9.1

v1.9.0

v1.8.0

v1.7.12

v1.7.11

v1.7.10

v1.7.9

v1.7.8

v1.7.7

v1.7.6

v1.7.5

v1.7.4

v1.7.3

v1.7.2

v1.7.1

v1.7.0

Code Analysis

Analyzed Mar 16, 2026

Ultimate Cursor – Interactive and Animated Cursor and Background Effects Toolkit Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

39 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius1.0

SQL Query Safety

0% prepared1 total queries

Output Escaping

95% escaped41 total outputs

Attack Surface

Ultimate Cursor – Interactive and Animated Cursor and Background Effects Toolkit Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 2

authwp_ajax_ultimate_cursor_install_pluginclasses\class-admin.php:47

authwp_ajax_uc_dismiss_black_friday_widgetclasses\class-dashboard-widget.php:339

WordPress Hooks 31

actionadmin_initclasses\class-admin.php:38

actionadmin_menuclasses\class-admin.php:39

actionin_admin_headerclasses\class-admin.php:40

filteradmin_body_classclasses\class-admin.php:42

actionadmin_enqueue_scriptsclasses\class-admin.php:44

filterplugin_action_links_ultimate-cursor/ultimate-cursor.phpclasses\class-admin.php:46

actionwp_enqueue_scriptsclasses\class-assets.php:39

actionadmin_enqueue_scriptsclasses\class-assets.php:41

filterrocket_exclude_defer_jsclasses\class-cache-compatibility.php:48

filterrocket_exclude_jsclasses\class-cache-compatibility.php:49

filterrocket_delay_js_exclusionsclasses\class-cache-compatibility.php:50

filterrocket_excluded_inline_js_contentclasses\class-cache-compatibility.php:51

filterlitespeed_optimize_js_excludesclasses\class-cache-compatibility.php:54

filterautoptimize_filter_js_excludeclasses\class-cache-compatibility.php:57

filterw3tc_minify_js_do_tag_minificationclasses\class-cache-compatibility.php:60

filterwpfc_exclude_current_pageclasses\class-cache-compatibility.php:63

actionwp_enqueue_scriptsclasses\class-cache-compatibility.php:66

filterscript_loader_tagclasses\class-cache-compatibility.php:196

actionwp_dashboard_setupclasses\class-dashboard-widget.php:38

actionadmin_enqueue_scriptsclasses\class-dashboard-widget.php:39

actionadmin_noticesclasses\class-dashboard-widget.php:40

actionadmin_headclasses\class-dashboard-widget.php:320

actionadmin_headclasses\class-dashboard-widget.php:331

actionadmin_footerclasses\class-dashboard-widget.php:336

actionelementor/element/common/_section_style/after_section_endclasses\class-elementor.php:34

actionelementor/frontend/widget/before_renderclasses\class-elementor.php:35

actionelementor/preview/enqueue_scriptsclasses\class-elementor.php:36

actionadmin_noticesclasses\class-elementor.php:40

actionrest_api_initclasses\class-rest.php:51

filteruser_has_capultimate-cursor.php:96

actionplugins_loadedultimate-cursor.php:347

Maintenance & Trust

Ultimate Cursor – Interactive and Animated Cursor and Background Effects Toolkit Maintenance & Trust

Maintenance Signals

WordPress version tested7.0

Last updatedApr 11, 2026

PHP min version7.4

Downloads46K

Community Trust

Rating90/100

Number of ratings4

Active installs3K

Alternatives

Ultimate Cursor – Interactive and Animated Cursor and Background Effects Toolkit Alternatives

WP Custom Cursors | WordPress Cursor Plugin

wp-custom-cursors

WP Custom Cursors: Elevate your website's engagement with unique, personalized cursors! Choose from a collection of pre-designed options or creat …

10K 1 unpatched

Custom Cursor For WP

custom-cursor-for-wp

Custom Cursor For WP - Help you to customize your WordPress website cursor or mouse pointer and It's very easy to use.

1K No CVEs

Ultimate Custom Cursor

ultimate-custom-cursor

Using Ultimate Custom Cursor for customize your website cursor or mouse pointer, you will get a very elegant and unique site.

800 No CVEs

FaeCursor – Interaction Effects Toolkit

faecursor

100

Bring your WordPress site to life with interactive cursor, keyboard, and screen effects — built for smooth performance and full control.

400 No CVEs

Interactive Cursor

interactive-cursor

Interactive Cursor is a WordPress plugin that enables integration of custom cursors. The Plugin is packed with a set of ready-to-use HTML/SVG cursors …

20 No CVEs

Developer Profile

Ultimate Cursor – Interactive and Animated Cursor and Background Effects Toolkit Developer Profile

WPXERO

10 plugins · 4K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Ultimate Cursor – Interactive and Animated Cursor and Background Effects Toolkit

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ultimate-cursor/assets/css/ultimate-cursor.css/wp-content/plugins/ultimate-cursor/assets/js/ultimate-cursor.js

Script Paths

/wp-content/plugins/ultimate-cursor/assets/js/ultimate-cursor.js

Version Parameters

ultimate-cursor/assets/css/ultimate-cursor.css?ver=ultimate-cursor/assets/js/ultimate-cursor.js?ver=

HTML / DOM Fingerprints

JS Globals

ultimateCursorConfig

REST Endpoints

/wp-json/ultimate-cursor/v1/settings

FAQ