Does Ultimo WP have any unpatched vulnerabilities?

No. All known vulnerabilities in Ultimo WP have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Ultimo WP compatible with WordPress 4.4.34?

According to WordPress.org data, Ultimo WP 0.1.0 has been tested up to WordPress 4.4.34. Check the plugin's changelog for the latest compatibility information.

How often is Ultimo WP updated?

Ultimo WP was last updated on Jul 15, 2016. Frequent updates are generally a positive security signal.

What is Ultimo WP's security score?

Ultimo WP has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Ultimo WP Security & Risk Analysis

wordpress.org/plugins/ultimo-wp

Get a clean, beautiful and customizable new look on your WordPress Admin Dasboard.

100 active installs v0.1.0 PHP + WP 3.8+ Updated Jul 15, 2016

adminadmin-interfaceadmin-themeadmin-uitheme

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Ultimo WP Safe to Use in 2026?

Generally Safe

Score 85/100

Ultimo WP has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago

Risk Assessment

The static analysis of ultimo-wp v0.1.0 reveals a generally strong security posture for this version, with no identified vulnerabilities in its historical record. The absence of critical or high severity taint flows, dangerous functions, raw SQL queries, and external HTTP requests are all positive indicators. Furthermore, the presence of nonce checks and capability checks suggests an awareness of WordPress security best practices. However, a notable concern is the output escaping, where only 62% of outputs are properly escaped. This leaves a potential for cross-site scripting (XSS) vulnerabilities if user-supplied data is not handled with sufficient sanitization in the remaining 38% of outputs.

Key Concerns

Incomplete output escaping

Vulnerabilities

None known

Ultimo WP Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Ultimo WP Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

81 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

62% escaped130 total outputs

Attack Surface

Ultimo WP Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 45

actioninitadmin\admin.php:192

actiontgmpa_registerinc\tgm\require.php:25

actioninitinc\tgm\tgm.php:275

actionadmin_menuinc\tgm\tgm.php:422

actionadmin_headinc\tgm\tgm.php:423

filterinstall_plugin_complete_actionsinc\tgm\tgm.php:426

filterupdate_plugin_complete_actionsinc\tgm\tgm.php:427

actionadmin_noticesinc\tgm\tgm.php:430

actionadmin_initinc\tgm\tgm.php:431

actionadmin_enqueue_scriptsinc\tgm\tgm.php:432

actionload-plugins.phpinc\tgm\tgm.php:435

actionswitch_themeinc\tgm\tgm.php:439

actionswitch_themeinc\tgm\tgm.php:442

actionadmin_initinc\tgm\tgm.php:447

actionswitch_themeinc\tgm\tgm.php:452

filterupgrader_source_selectioninc\tgm\tgm.php:797

actionplugins_loadedinc\tgm\tgm.php:1913

filtertgmpa_table_data_itemsinc\tgm\tgm.php:2037

filterupgrader_source_selectioninc\tgm\tgm.php:2764

actionadmin_initinc\tgm\tgm.php:2924

actionupgrader_process_completeinc\tgm\tgm.php:3019

filterupgrader_post_installinc\tgm\tgm.php:3076

filterupgrader_post_installinc\tgm\tgm.php:3218

actionadmin_enqueue_scriptsparadox\paradox-plugin.php:75

actionadmin_enqueue_scriptsparadox\paradox-plugin.php:76

actionwp_enqueue_scriptsparadox\paradox-plugin.php:79

actionwp_enqueue_scriptsparadox\paradox-plugin.php:80

actionlogin_enqueue_scriptsparadox\paradox-plugin.php:83

actionlogin_enqueue_scriptsparadox\paradox-plugin.php:84

actioninitparadox\paradox-plugin.php:87

actioninitparadox\paradox-plugin.php:90

filteracf/settings/pathparadox\paradox-plugin.php:150

filteracf/settings/dirparadox\paradox-plugin.php:153

filteracf/settings/show_adminparadox\paradox-plugin.php:156

actionadmin_noticesultimo-wp.php:223

filteradmin_body_classultimo-wp.php:226

actionadmin_headultimo-wp.php:229

actionadmin_headultimo-wp.php:232

actionscreen_options_show_screenultimo-wp.php:233

filteradmin_footer_textultimo-wp.php:236

filterupdate_footerultimo-wp.php:238

actionwp_before_admin_bar_renderultimo-wp.php:241

actionadmin_bar_menuultimo-wp.php:244

filteradmin_bar_menuultimo-wp.php:247

actionadmin_initultimo-wp.php:250

Maintenance & Trust

Ultimo WP Maintenance & Trust

Maintenance Signals

WordPress version tested4.4.34

Last updatedJul 15, 2016

PHP min version

Downloads8K

Community Trust

Rating84/100

Number of ratings5

Active installs100

Alternatives

Ultimo WP Alternatives

Custom Admin UI – WordPress Custom Admin UI or Custom Admin Theme

admin-ui

WordPress custom admin UI or admin theme. Turn your WordPress dashboard or admin area to be smoother and more beautiful.

300 No CVEs

AboveWP Admin Dark Mode

abovewp-admin-dark-mode

100

Toggle between light and dark modes in your WordPress admin area with multiple themes, scheduling, and advanced customization options.

50 No CVEs

Glassmorphic Admin UI

glassmorphic-admin-ui

This plugin gives a beautiful glassmorphic style to the admin interface and to the login page of your WordPress site, allowing to freely customize col …

0 No CVEs

Add Admin CSS

add-admin-css

Easily define additional CSS (inline and/or by URL) to be added to all administration pages.

10K 1 CVE

Slate Admin Theme

slate-admin-theme

A clean, simplified WordPress Admin theme.

6K No CVEs

Developer Profile

Ultimo WP Developer Profile

Arindo Duque

2 plugins · 110 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Ultimo WP

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

HTML Comments

FAQ