Does UltimateAdminSms have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is UltimateAdminSms compatible with WordPress 3.1.4?

According to WordPress.org data, UltimateAdminSms 0.1 has been tested up to WordPress 3.1.4. Check the plugin's changelog for the latest compatibility information.

How often is UltimateAdminSms updated?

UltimateAdminSms was last updated on Dec 6, 2012. Frequent updates are generally a positive security signal.

What is UltimateAdminSms's security score?

UltimateAdminSms has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

UltimateAdminSms Security & Risk Analysis

wordpress.org/plugins/ultimateadminsms

The UltimateAdminSms Plugin allows WordPress Administrators to send SMS to their users through the ultimatesmsapi.tk SMS Gateway.

10 active installs v0.1 PHP + WP 2.0.2+ Updated Dec 6, 2012

alertsmobilesmssubscription

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is UltimateAdminSms Safe to Use in 2026?

Generally Safe

Score 85/100

UltimateAdminSms has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 13yr ago

Risk Assessment

The "ultimateadminsms" v0.1 plugin presents a mixed security posture. While it demonstrates strengths in avoiding direct SQL injection by using prepared statements and has no recorded vulnerability history, significant concerns arise from its output handling and taint analysis. The fact that 100% of its outputs are unescaped is a major red flag, indicating a high potential for cross-site scripting (XSS) vulnerabilities. Furthermore, all analyzed taint flows resulted in unsanitized paths, suggesting potential for data manipulation or unauthorized access if these flows are exposed through the limited attack surface. The absence of any recorded CVEs is positive, but the current code analysis reveals inherent risks that need addressing. The plugin's low attack surface is a mitigating factor, but the unescaped outputs and unsanitized taint flows are critical weaknesses that could be exploited.

Key Concerns

Outputs are not properly escaped
Taint flows with unsanitized paths found

Vulnerabilities

None known

UltimateAdminSms Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

UltimateAdminSms Release Timeline

No version history available.

Code Analysis

Analyzed Mar 17, 2026

UltimateAdminSms Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped8 total outputs

Data Flows · Security

5 unsanitized

Data Flow Analysis

5 flows5 with unsanitized paths

sms_meta_box (UltimateAdminSms.php:66)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

UltimateAdminSms Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 7

filtermanage_posts_columnsUltimateAdminSms.php:32

actionmanage_posts_custom_columnUltimateAdminSms.php:33

actioninitUltimateAdminSms.php:36

actionadmin_menuUltimateAdminSms.php:40

filteruser_contactmethodsUltimateAdminSms.php:130

actionmanage_users_custom_columnUltimateAdminSms.php:131

filtermanage_users_columnsUltimateAdminSms.php:132

Maintenance & Trust

UltimateAdminSms Maintenance & Trust

Maintenance Signals

WordPress version tested3.1.4

Last updatedDec 6, 2012

PHP min version

Downloads3K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

UltimateAdminSms Alternatives

Pay with Vipps and MobilePay for WooCommerce

woo-vipps

100

Official Vipps MobilePay payment plugin for WooCommerce.

5K 1 CVE

افزونه پیامک حرفه ای فراز اس ام اس

farazsms

شما می توانید با استفاده از افزونه فراز اس ام اس، سایت خود را با ابزاری خودکار برای ارسال پیامک و ذخیره شماره در دفترچه تلفن، تقویت کنید.

2K 1 unpatched

Scanpay for WooCommerce

scanpay-for-woocommerce

100

Accept payments in WooCommerce with a reliable and secure Scandinavian payment gateway.

200 No CVEs

Vipps/MobilePay recurring payments for WooCommerce

vipps-recurring-payments-gateway-for-woocommerce

100

Vipps/MobilePay recurring payments is perfect if you run a shop with subscription based services or products that would benefit from subscriptions.

90 No CVEs

Contact Group Button

contact-group-button

Add group contact phone, sms, facebook messages, zalo... to website. Display in desktop, laptop, table, phone and more.

20 No CVEs

Developer Profile

UltimateAdminSms Developer Profile

rahul77758

2 plugins · 20 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect UltimateAdminSms

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ultimateadminsms/ultimateSms.png

Script Paths

/UltimateAdminSms/checkLength.js

HTML / DOM Fingerprints

Data Attributes

id="send_sms_form"id="user_type"id="ph_numbers"id="InfoCharCounter"id="username_s"id="password_s"+1 more

FAQ