Does User Access Shortcodes have any unpatched vulnerabilities?

No. All known vulnerabilities in User Access Shortcodes have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is User Access Shortcodes compatible with WordPress 6.9.4?

According to WordPress.org data, User Access Shortcodes 2.3 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is User Access Shortcodes updated?

User Access Shortcodes was last updated on Jan 29, 2026. Frequent updates are generally a positive security signal.

What is User Access Shortcodes's security score?

User Access Shortcodes has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

User Access Shortcodes Security & Risk Analysis

wordpress.org/plugins/user-access-shortcodes

The simplest way of controlling who sees what in your posts/pages. Restrict content to logged in users only (or guests, or by roles) with simple short …

1K active installs v2.3 PHP + WP 3.6+ Updated Jan 29, 2026

access-shortcodesloggedlogged-inuserusers

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is User Access Shortcodes Safe to Use in 2026?

Generally Safe

Score 100/100

User Access Shortcodes has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The 'user-access-shortcodes' plugin version 2.3 exhibits a generally good security posture with several positive attributes. Notably, all identified entry points, which consist solely of shortcodes, are protected by capability checks. The plugin also demonstrates robust data handling by exclusively using prepared statements for its SQL queries, indicating a commitment to preventing SQL injection vulnerabilities. Furthermore, the absence of known CVEs and a clean vulnerability history suggest a well-maintained and secure codebase. However, a significant concern arises from the output escaping analysis, where 100% of identified outputs are not properly escaped. This opens the door to cross-site scripting (XSS) vulnerabilities, as user-supplied data displayed by the shortcodes could be manipulated to execute malicious scripts in the user's browser. The lack of taint analysis data also means that complex data flow vulnerabilities might not have been detected by the static analysis, though this is less of a direct concern given the other findings.

Key Concerns

100% of outputs not properly escaped

Vulnerabilities

None known

User Access Shortcodes Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

User Access Shortcodes Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped1 total outputs

Attack Surface

User Access Shortcodes Attack Surface

Entry Points4

Unprotected0

Shortcodes 4

[UAS_guest] uasc.php:52

[UAS_loggedin] uasc.php:98

[UAS_role] uasc.php:129

[UAS_specific] uasc.php:179

WordPress Hooks 4

actionadmin_headuasc.php:12

filtermce_external_pluginsuasc.php:34

filtermce_buttonsuasc.php:35

actionadmin_headuasc.php:38

Maintenance & Trust

User Access Shortcodes Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 29, 2026

PHP min version

Downloads23K

Community Trust

Rating98/100

Number of ratings13

Active installs1K

Alternatives

User Access Shortcodes Alternatives

User Timer

user-timer

100

Tracks the activity of logged-in users by measuring how long their browser stays active on the site.

20 No CVEs

Kings Different Content for Members

kings-different-content-for-members

This will add allow you to show different texts only for logged in users, while normal texts for normal visitors.

10 No CVEs

User Recent Search History

user-recent-search-history

This plugin is to show user's recent search history.

10 No CVEs

Logged In Users

logged-in-users

100

Adds a dashboard widget showing which users are currently logged in.

0 No CVEs

When Last Login

when-last-login

100

Show a users last login date by creating a sortable column in your WordPress users list.

50K 1 CVE

Developer Profile

User Access Shortcodes Developer Profile

WP Darko

8 plugins · 59K total installs

trust score

Avg Security Score

98/100

Avg Patch Time

175 days

View full developer profile

Detection Fingerprints

How We Detect User Access Shortcodes

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/user-access-shortcodes/img/uasc-icon.png

Script Paths

/wp-content/plugins/user-access-shortcodes/js/uasc-mce-button.js

Version Parameters

user-access-shortcodes/style.css?ver=user-access-shortcodes/js/uasc-mce-button.js?ver=

HTML / DOM Fingerprints

CSS Classes

mce-i-uasc-mce-icon

Shortcode Output

[UAS_guest][/UAS_guest][UAS_loggedin][/UAS_loggedin]

FAQ