Does Landing Page Builder – Free Landing Page Templates have any unpatched vulnerabilities?

No. All known vulnerabilities in Landing Page Builder – Free Landing Page Templates have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Landing Page Builder – Free Landing Page Templates compatible with WordPress 6.3.8?

According to WordPress.org data, Landing Page Builder – Free Landing Page Templates 3.2 has been tested up to WordPress 6.3.8. Check the plugin's changelog for the latest compatibility information.

What is Landing Page Builder – Free Landing Page Templates's security score?

Landing Page Builder – Free Landing Page Templates has a WP-Safety security score of 84/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Landing Page Builder – Free Landing Page Templates Security & Risk Analysis

wordpress.org/plugins/ultimate-landing-page

Landing Page Builder lets you create Custom Pages using pre designed Free Landing Page templates with Ultimate Landing Page Builder.

600 active installs v3.2 PHP + WP 3.0+ Updated Aug 17, 2023

coming-sooncoming-soon-pageemail-listlanding-pagemaintenance-page

B · Generally Safe

CVEs total1

Unpatched0

Last CVEApr 13, 2023

Plugin page Download

Safety Verdict

Is Landing Page Builder – Free Landing Page Templates Safe to Use in 2026?

Mostly Safe

Score 84/100

Landing Page Builder – Free Landing Page Templates is generally safe to use though it hasn't been updated recently. 1 past CVE were resolved. Keep it updated.

1 known CVELast CVE: Apr 13, 2023Updated 2yr ago

Risk Assessment

The "ultimate-landing-page" v3.2 plugin exhibits a generally good security posture, with no identified entry points for attack in the static analysis, indicating a well-designed architecture in this regard. The absence of dangerous functions, raw SQL queries, file operations, and external HTTP requests is commendable. Furthermore, the presence of nonce and capability checks is a positive sign of adherence to WordPress security best practices.

However, a significant concern arises from the static analysis revealing that only 20% of output is properly escaped. This could lead to Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is outputted without sufficient sanitization, allowing attackers to inject malicious scripts. The plugin's vulnerability history, featuring a single high-severity vulnerability related to PHP Remote File Inclusion, is also a point of concern, especially given its relatively recent discovery. While this vulnerability is marked as patched, it highlights a past weakness that required remediation and could indicate potential oversight in code handling sensitive operations.

In conclusion, while "ultimate-landing-page" v3.2 demonstrates strengths in architectural security and the use of WordPress core security features, the low percentage of properly escaped output presents a clear and present risk. The past RFI vulnerability, though patched, warrants continued vigilance. Developers should prioritize addressing the output escaping issue to mitigate XSS risks and maintain a robust security profile.

Key Concerns

Low percentage of properly escaped output (20%)
Past high severity RFI vulnerability

Vulnerabilities

Landing Page Builder – Free Landing Page Templates Security Vulnerabilities

CVEs by Year

1 CVE in 2023

2023

Patched Has unpatched

Severity Breakdown

High

1 total CVE

CVE-2023-24379high · 7.2Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

Landing Page Builder – Free Landing Page Templates <= 3.1.9.8 - Local File Inclusion via 'lpp_template_select'

Apr 13, 2023 Patched in 3.2 (285d)

Code Analysis

Analyzed Mar 16, 2026

Landing Page Builder – Free Landing Page Templates Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

281

69 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

20% escaped350 total outputs

Attack Surface

Landing Page Builder – Free Landing Page Templates Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 17

actionadmin_menuadmin-pages.php:2

actionadmin_noticesask-rev.php:10

actionadmin_initask-rev.php:13

actionadmin_initask-rev.php:77

actioninitlpp_cs_post_type.php:46

filterget_pageslpp_cs_post_type.php:80

filtermanage_landingpage_f_posts_columnslpp_cs_post_type.php:102

actionmanage_landingpage_f_posts_custom_columnlpp_cs_post_type.php:103

actionmanage_landingpage_f_posts_custom_columnlpp_cs_post_type.php:117

filtertemplate_redirectlpp_cs_post_type.php:120

actionadmin_enqueue_scriptslpp_scripts.php:20

actionadd_meta_boxeslpp_settings.php:12

actionsave_postlpp_settings.php:194

filtersingle_templateselect_template.php:20

filtersingle_templateselect_template_1.php:16

actionplugins_loadedultimate-landing-page.php:29

actionadmin_initultimate-landing-page.php:43

Maintenance & Trust

Landing Page Builder – Free Landing Page Templates Maintenance & Trust

Maintenance Signals

WordPress version tested6.3.8

Last updatedAug 17, 2023

PHP min version

Downloads361K

Community Trust

Rating82/100

Number of ratings107

Active installs600

Alternatives

Landing Page Builder – Free Landing Page Templates Alternatives

WEN Maintenance Mode

wen-maintenance-mode

100

The fastest & simplest maintenance page for WordPress site. Super-easy to use!

90 No CVEs

Maintenance

maintenance

100

Great looking maintenance, coming soon & under construction pages. Put your site under maintenance in minutes.

1.0M 1 CVE

Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode

coming-soon

Easy Drag & Drop Page Builder. A complete solution to create a WordPress Website, Custom Themes, Landing Pages, Coming Soon & Maintenance Mode Pages.

700K 1 unpatched

Coming Soon & Maintenance Mode Page & Under Construction

nifty-coming-soon-and-under-construction-page

Nifty Coming Soon & Maintenance Page creates awesome Coming Soon & Maintenance Pages.

20K 2 CVEs

Landing Page Builder – Coming Soon page, Maintenance Mode, Lead Page, WordPress Landing Pages

page-builder-add

Easily create high-converting, responsive landing pages with 120+ templates using the free PluginOps Page Builder for WordPress.

10K 1 unpatched

Developer Profile

Landing Page Builder – Free Landing Page Templates Developer Profile

PluginOps

11 plugins · 15K total installs

trust score

Avg Security Score

82/100

Avg Patch Time

445 days

View full developer profile

Detection Fingerprints

How We Detect Landing Page Builder – Free Landing Page Templates

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ultimate-landing-page/js/image-upload.js/wp-content/plugins/ultimate-landing-page/js/g-font-family.js/wp-content/plugins/ultimate-landing-page/js/lpp_color_picker.js/wp-content/plugins/ultimate-landing-page/js/alpha-picker.js

Script Paths

js/image-upload.jsjs/g-font-family.jsjs/lpp_color_picker.jsjs/alpha-picker.js

HTML / DOM Fingerprints

CSS Classes

formLayout_1font-selectfs-drop

HTML Comments

<!--
*
* Plugin Name: Ultimate Landing Page
* Description: Create Beautiful Landing Pages in minutes with Ultimate Landing Page Builder.
* Author: Web-Settler
* Plugin URI: https://pluginops.com/page-builder/?ref=ulp
* Author URI: https://pluginops.com/page-builder/?ref=ulp
* Text Domain: ultimate-landing-page
* Domain Path: /languages
* Version: 3.2
* Donate link: https://pluginops.com/page-builder/?ref=ulp
* License : GPL v2
-->

+4 more

Data Attributes

name='lpp_content_bg'name='lpp_testimonial_bg'name='lpp_benefit_bg'name='lpp_cta_bg'name='lpp_body_bg'name='lpp_center_bg'+14 more

JS Globals

window.jQuery

FAQ