Does Yuma Companion have any unpatched vulnerabilities?

No. All known vulnerabilities in Yuma Companion have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Yuma Companion compatible with WordPress 6.5.8?

According to WordPress.org data, Yuma Companion 1.0.4 has been tested up to WordPress 6.5.8. Check the plugin's changelog for the latest compatibility information.

Is Yuma Companion compatible with PHP 5.6+?

Yuma Companion requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Yuma Companion updated?

Yuma Companion was last updated on Apr 28, 2024. Frequent updates are generally a positive security signal.

What is Yuma Companion's security score?

Yuma Companion has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Yuma Companion Security & Risk Analysis

wordpress.org/plugins/yuma-companion

Add a supportive features, demos and options for Yuma Free and Pro Themes.

400 active installs v1.0.4 PHP 5.6+ WP 5.0+ Updated Apr 28, 2024

companionyuma

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Yuma Companion Safe to Use in 2026?

Generally Safe

Score 92/100

Yuma Companion has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The 'yuma-companion' v1.0.4 plugin exhibits a generally good security posture based on the provided static analysis. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the potential attack surface. Furthermore, the analysis indicates no dangerous functions, file operations, or taint flows, which are all positive signs. The use of prepared statements for all SQL queries is a strong indicator of secure database interaction.

However, there are areas that warrant attention. A notable concern is the lack of nonce checks and capability checks, particularly concerning given the presence of external HTTP requests. While no vulnerabilities are recorded in its history, this can sometimes indicate a lack of past scrutiny rather than guaranteed inherent security. The output escaping is also not fully robust, with 40% of outputs not properly escaped, which could lead to cross-site scripting vulnerabilities in certain scenarios. The plugin's overall security could be improved by implementing proper authentication and authorization mechanisms for its functionalities and ensuring all output is adequately sanitized.

In conclusion, 'yuma-companion' v1.0.4 has a clean vulnerability history and employs some secure coding practices, especially regarding SQL. However, the lack of critical security checks like nonces and capability checks, combined with imperfect output escaping, presents potential risks. Addressing these gaps will be crucial for a more robust security profile.

Key Concerns

Lack of nonce checks
Lack of capability checks
Improper output escaping (40%)

Vulnerabilities

None known

Yuma Companion Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Yuma Companion Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

3 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

60% escaped5 total outputs

Attack Surface

Yuma Companion Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 40

actionadmin_noticesinclude\demo-import.php:11

actionadmin_noticesinclude\demo-import.php:13

filteradvanced_import_demo_listsinclude\demo-import.php:14

actionswitch_themeinclude\demo-import.php:15

filteryuma_topbar_elements_optionsinclude\options.php:31

filteryuma_header_elements_optionsinclude\options.php:63

filteryuma_navbar_elements_optionsinclude\options.php:86

filteryuma_footer_elements_optionsinclude\options.php:103

filteryuma_slider_layout_optionsinclude\options.php:128

filteryuma_slider_content_type_optionsinclude\options.php:145

filteryuma_introduction_excerpt_optionsinclude\options.php:162

filteryuma_introduction_content_type_optionsinclude\options.php:178

filteryuma_featured_categories_alignment_optionsinclude\options.php:194

filteryuma_featured_categories_layout_optionsinclude\options.php:209

filteryuma_featured_categories_column_optionsinclude\options.php:225

filteryuma_featured_column_optionsinclude\options.php:242

filteryuma_featured_content_type_optionsinclude\options.php:258

filteryuma_hero_content_alignment_optionsinclude\options.php:275

filteryuma_hero_content_content_type_optionsinclude\options.php:291

filteryuma_popular_alignment_optionsinclude\options.php:307

filteryuma_popular_layout_optionsinclude\options.php:322

filteryuma_popular_column_optionsinclude\options.php:338

filteryuma_popular_content_type_optionsinclude\options.php:354

filteryuma_cta_content_type_optionsinclude\options.php:371

filteryuma_blog_layout_optionsinclude\options.php:391

filteryuma_blog_column_type_optionsinclude\options.php:411

filteryuma_blog_pagination_type_optionsinclude\options.php:428

filteryuma_pagination_type_optionsinclude\options.php:429

filteryuma_archive_layout_optionsinclude\options.php:448

filteryuma_column_type_optionsinclude\options.php:466

filteryuma_blog_filter_optionsinclude\options.php:482

filteryuma_cursor_optionsinclude\options.php:498

actionadmin_menuinclude\welcome.php:10

actioninityuma-companion.php:32

actioninityuma-companion.php:33

actioninityuma-companion.php:34

actioninityuma-companion.php:35

actioninityuma-companion.php:36

actioncustomize_controls_enqueue_scriptsyuma-companion.php:78

actionadmin_enqueue_scriptsyuma-companion.php:84

Maintenance & Trust

Yuma Companion Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8

Last updatedApr 28, 2024

PHP min version5.6

Downloads8K

Community Trust

Rating0/100

Number of ratings0

Active installs400

Alternatives

Yuma Companion Alternatives

Mesmerize Companion

mesmerize-companion

The Mesmerize Companion plugin adds drag and drop page builder functionality to the Mesmerize theme.

60K 3 CVEs

Clever Fox

clever-fox

Clever Fox plugin to enhance the functionality of free themes made by Nayra Themes.

30K 2 CVEs

Desert Companion

desert-companion

100

Desert Companion Enhances Desert Themes with additional functionality.

20K No CVEs

Arile Extra

arile-extra

100

Arile Extra is a companion plugin for ArileWP WordPress theme by ThemeArile.

10K No CVEs

One Page Express Companion

one-page-express-companion

The One Page Express Companion plugin adds drag and drop page builder functionality to the One Page Express theme.

10K 2 CVEs

Developer Profile

Yuma Companion Developer Profile

sharkthemes

27 plugins · 5K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Yuma Companion

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/yuma-companion/assets/css/welcome-style.css/wp-content/plugins/yuma-companion/assets/js/welcome-script.js/wp-content/plugins/yuma-companion/assets/css/customizer-style.css/wp-content/plugins/yuma-companion/assets/js/customizer-script.js

Script Paths

/wp-content/plugins/yuma-companion/assets/js/welcome-script.js/wp-content/plugins/yuma-companion/assets/js/customizer-script.js

HTML / DOM Fingerprints

CSS Classes

st-yuma-companion-welcome-stylest-yuma-companion-customizer-style

JS Globals

yuma_companion_l10n

FAQ