Does Ultimate Noindex Nofollow Tool II have any unpatched vulnerabilities?

No. All known vulnerabilities in Ultimate Noindex Nofollow Tool II have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Ultimate Noindex Nofollow Tool II compatible with WordPress 6.4.8?

According to WordPress.org data, Ultimate Noindex Nofollow Tool II 1.3.6 has been tested up to WordPress 6.4.8. Check the plugin's changelog for the latest compatibility information.

How often is Ultimate Noindex Nofollow Tool II updated?

Ultimate Noindex Nofollow Tool II was last updated on Feb 20, 2024. Frequent updates are generally a positive security signal.

What is Ultimate Noindex Nofollow Tool II's security score?

Ultimate Noindex Nofollow Tool II has a WP-Safety security score of 84/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Ultimate Noindex Nofollow Tool II Security & Risk Analysis

wordpress.org/plugins/ultimate-noindex-nofollow-tool-ii

Improves your blog's search engine optimization by "noindexing" pages you choose. Now also for page-based (as opposed to date-based) archives.

3K active installs v1.3.6 PHP + WP 2.6.5+ Updated Feb 20, 2024

archivearchivesgooglenofollowseo

B · Generally Safe

CVEs total2

Unpatched0

Last CVEMar 25, 2024

Download

Safety Verdict

Is Ultimate Noindex Nofollow Tool II Safe to Use in 2026?

Mostly Safe

Score 84/100

Ultimate Noindex Nofollow Tool II is generally safe to use though it hasn't been updated recently. 2 past CVEs were resolved. Keep it updated.

2 known CVEsLast CVE: Mar 25, 2024Updated 2yr ago

Risk Assessment

The static analysis of ultimate-noindex-nofollow-tool-ii v1.3.6 reveals a strong security posture in its current implementation. There are no identified AJAX handlers, REST API routes, shortcodes, or cron events, resulting in a zero attack surface from these common entry points. The code also demonstrates good practices with the absence of dangerous functions, file operations, and external HTTP requests. All SQL queries are prepared, and a nonce check is present, indicating an awareness of security fundamentals. However, the vulnerability history is a significant concern. The plugin has two documented medium-severity CVEs, one of which was recently patched (as of March 25, 2024). The types of historical vulnerabilities, Cross-Site Scripting and Cross-Site Request Forgery, are common and can be severe if not properly mitigated. While the current version shows no obvious flaws in the static analysis, the past indicates a propensity for security issues that require active patching by users.

Key Concerns

Past medium severity vulnerabilities (XSS, CSRF)
Vulnerability history indicates potential for future issues
Low percentage of properly escaped output (80%)
No capability checks for entry points

Vulnerabilities

Ultimate Noindex Nofollow Tool II Security Vulnerabilities

CVEs by Year

1 CVE in 2023

2023

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2024-1663medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Noindex Nofollow Tool II <= 1.3.5 - Authenticated (Admin+) Stored Cross-Site Scripting

Mar 25, 2024 Patched in 1.3.6 (431d)

CVE-2023-30474medium · 4.3Cross-Site Request Forgery (CSRF)

Ultimate Noindex Nofollow Tool II <= 1.3.3 - Cross-Site Request Forgery

Apr 13, 2023 Patched in 1.3.4 (285d)

Code Analysis

Analyzed Mar 17, 2026

Ultimate Noindex Nofollow Tool II Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

80% escaped5 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

unn_admin (ultimate-noindex.php:154)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Ultimate Noindex Nofollow Tool II Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 9

actionadmin_menuultimate-noindex.php:27

actionwp_headultimate-noindex.php:28

actionlogin_headultimate-noindex.php:29

actionadmin_headultimate-noindex.php:30

filterwp_list_pagesultimate-noindex.php:31

filterget_archives_linkultimate-noindex.php:32

filterwp_list_categoriesultimate-noindex.php:33

filterloginoutultimate-noindex.php:34

filterregisterultimate-noindex.php:35

Maintenance & Trust

Ultimate Noindex Nofollow Tool II Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8

Last updatedFeb 20, 2024

PHP min version

Downloads60K

Community Trust

Rating62/100

Number of ratings8

Active installs3K

Alternatives

Ultimate Noindex Nofollow Tool II Alternatives

Nofollow Archives

archive-links-nofollow

Adds the "nofollow" rel attribute to archive links.

10 No CVEs

noindex SEO

noindex-seo

100

Control search engine indexing with robots directives using HTML meta tags or HTTP headers.

3K No CVEs

Easy Noindex And Nofollow

easy-noindex-and-nofollow

Easily add Noindex and Nofollow to post, page, search and category page.

400 No CVEs

UGC Comments

ugc-comments

100

The plugin allows you to manage the values of the "rel" attribute in comment links ("ugc", "nofollow").

300 No CVEs

WP Nofollow More Links

wp-nofollow-more-links

Adds the nofollow rel attribute to the more (read more) links.

20 No CVEs

Developer Profile

Ultimate Noindex Nofollow Tool II Developer Profile

texttheater

3 plugins · 4K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

358 days

View full developer profile

Detection Fingerprints

How We Detect Ultimate Noindex Nofollow Tool II

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

FAQ