Does WP User Level Timezone have any unpatched vulnerabilities?

No. All known vulnerabilities in WP User Level Timezone have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP User Level Timezone compatible with WordPress 5.4.19?

According to WordPress.org data, WP User Level Timezone 1.0.0 has been tested up to WordPress 5.4.19. Check the plugin's changelog for the latest compatibility information.

How often is WP User Level Timezone updated?

WP User Level Timezone was last updated on Aug 4, 2020. Frequent updates are generally a positive security signal.

What is WP User Level Timezone's security score?

WP User Level Timezone has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP User Level Timezone Security & Risk Analysis

wordpress.org/plugins/wp-utz

Allows the site-level timezone to be changed at the user profile level

30 active installs v1.0.0 PHP + WP 5.4.0+ Updated Aug 4, 2020

timetime-zonestimezoneuser-timezone

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WP User Level Timezone Safe to Use in 2026?

Generally Safe

Score 85/100

WP User Level Timezone has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The wp-utz plugin v1.0.0 exhibits a mixed security posture. On the positive side, it shows no known CVEs, a lack of dangerous functions, and all SQL queries are properly prepared. This indicates some foundational security awareness. However, significant concerns arise from the static analysis. The plugin has a single AJAX handler that lacks any authentication or capability checks, creating a direct entry point for potential unauthorized actions. Furthermore, a substantial portion of its output (64%) is not properly escaped, which could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is rendered directly in the browser.

Key Concerns

AJAX handler without authentication
Insufficient output escaping

Vulnerabilities

None known

WP User Level Timezone Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WP User Level Timezone Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

36% escaped11 total outputs

Attack Surface

1 unprotected

WP User Level Timezone Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_wp_utz_admin_baradmin\admin.php:32

WordPress Hooks 21

actionadmin_enqueue_scriptsadmin\admin.php:19

filterwp_dateadmin\admin.php:22

filteroption_date_formatadmin\admin.php:25

filteroption_time_formatadmin\admin.php:26

actionadmin_bar_menuadmin\admin.php:29

actionadmin_enqueue_scriptsadmin\comment.php:17

filterwp_update_comment_dataadmin\comment.php:20

actionadmin_enqueue_scriptsadmin\post.php:17

actionadd_inline_dataadmin\post.php:20

filterpre_post_dateadmin\post.php:23

filterpre_post_date_gmtadmin\post.php:24

filterrest_post_dispatchadmin\post.php:26

actionadmin_menuadmin\setting.php:51

actionuser_new_formadmin\user.php:19

actionshow_user_profileadmin\user.php:20

actionedit_user_profileadmin\user.php:21

actionuser_registeradmin\user.php:24

actionpersonal_options_updateadmin\user.php:25

actionedit_user_profile_updateadmin\user.php:26

actioninitincludes\class-wp-utz.php:40

actionplugins_loadedincludes\class-wp-utz.php:64

Maintenance & Trust

WP User Level Timezone Maintenance & Trust

Maintenance Signals

WordPress version tested5.4.19

Last updatedAug 4, 2020

PHP min version

Downloads2K

Community Trust

Rating100/100

Number of ratings2

Active installs30

Alternatives

WP User Level Timezone Alternatives

Analog Clock display Widget

analog-clock-display-widget

This is a analog clock plugin. It's use for preview analog clock in widget area.

40 No CVEs

Simple Location

simple-location

100

Adds geographic location and weather support to WordPress.

300 No CVEs

Current Date & Time Widget

current-date-time-widget

Provides a widget that shows the current date and time given a specified timezone and format.

200 No CVEs

World Clock

flash-world-clock

World clock showing the local time at six major cities round the world. The plugin provides a choice of analog and digital clocks, colors and sizes.

200 No CVEs

WP TimeZone

wp-timezone

Takes care of publishing posts that missed their schedule, for CET/CEST time zones only.

200 No CVEs

Developer Profile

WP User Level Timezone Developer Profile

khill07

1 plugin · 30 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WP User Level Timezone

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-utz/css/admin.css/wp-content/plugins/wp-utz/js/admin.js

Script Paths

/wp-content/plugins/wp-utz/js/admin.js

Version Parameters

wp-utz/css/admin.css?ver=wp-utz/js/admin.js?ver=

HTML / DOM Fingerprints

Data Attributes

data-ajax-urldata-utzdata-stzdata-affect-input

JS Globals

wp_utz_obj

FAQ

WP User Level Timezone Security & Risk Analysis

Is WP User Level Timezone Safe to Use in 2026?

Generally Safe

Key Concerns

WP User Level Timezone Security Vulnerabilities

WP User Level Timezone Code Analysis

Output Escaping

WP User Level Timezone Attack Surface

AJAX Handlers 1

WP User Level Timezone Maintenance & Trust

Maintenance Signals

Community Trust

WP User Level Timezone Alternatives

Analog Clock display Widget

Simple Location

Current Date & Time Widget

World Clock

WP TimeZone

WP User Level Timezone Developer Profile

How We Detect WP User Level Timezone

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about WP User Level Timezone