WP-Safety

AccessDoor – Smart Admin Login & Security Security & Risk Analysis

wordpress.org/plugins/accessdoor-smart-admin-login-url-control

Change the default wp login URL, set role-based login slugs, update admin usernames/emails without confirmation, enable some security features and cus …

0 active installs v1.0.3 PHP 7.4+ WP 6.0+ Updated Feb 5, 2026
admin-logincustom-loginlogin-pagelogin-urlsecurity
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is AccessDoor – Smart Admin Login & Security Safe to Use in 2026?

Generally Safe

Score 100/100

AccessDoor – Smart Admin Login & Security has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago
Risk Assessment

The "accessdoor-smart-admin-login-url-control" plugin version 1.0.3 exhibits a mixed security posture with several strong points but also a significant concern. The plugin demonstrates good practices by utilizing prepared statements for all SQL queries, avoiding file operations and external HTTP requests, and performing nonce checks. The high percentage of properly escaped output is also a positive indicator. However, the presence of a single AJAX handler without any authentication or capability checks presents a critical security risk.

The lack of a capability check on the AJAX handler means that any authenticated user, regardless of their role or privileges, could potentially interact with this entry point. This opens the door for privilege escalation or other malicious actions if the functionality of this AJAX handler can be exploited. The static analysis and taint analysis did not reveal any concerning code signals such as dangerous functions, unsanitized paths, or raw SQL queries, and there is no known vulnerability history for this plugin, which are all positive indicators. Despite these strengths, the unprotected AJAX handler is a severe weakness that needs immediate attention.

In conclusion, while the plugin employs several robust security practices, the single unprotected AJAX handler represents a substantial vulnerability. The absence of any recorded CVEs is reassuring, but it does not negate the immediate risk posed by the unauthenticated entry point. Addressing this unprotected AJAX handler should be the top priority to improve the plugin's overall security.

Key Concerns

  • AJAX handler without auth checks
Vulnerabilities
None known

AccessDoor – Smart Admin Login & Security Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

AccessDoor – Smart Admin Login & Security Release Timeline

No version history available.
Code Analysis
Analyzed Mar 17, 2026

AccessDoor – Smart Admin Login & Security Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
14
144 escaped
Nonce Checks
1
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

91% escaped158 total outputs
Attack Surface
1 unprotected

AccessDoor – Smart Admin Login & Security Attack Surface

Entry Points1
Unprotected1

AJAX Handlers 1

authwp_ajax_adalc_check_user_existsaccessdoor-smart-admin-login-url-control.php:128
WordPress Hooks 39
actionplugins_loadedaccessdoor-smart-admin-login-url-control.php:104
actionplugins_loadedaccessdoor-smart-admin-login-url-control.php:143
actionadmin_menuincludes\class-admin.php:30
actionadmin_initincludes\class-admin.php:32
actionadmin_enqueue_scriptsincludes\class-admin.php:33
actionadmin_noticesincludes\class-admin.php:34
actionadmin_initincludes\class-admin.php:37
actioninitincludes\class-admin.php:47
actionplugins_loadedincludes\class-admin.php:49
actionrest_api_initincludes\class-admin.php:52
filterrest_authentication_errorsincludes\class-admin.php:60
filterxmlrpc_enabledincludes\class-admin.php:86
filterxmlrpc_methodsincludes\class-admin.php:97
actionxmlrpc_callincludes\class-admin.php:103
filtercomments_openincludes\class-admin.php:206
filterpings_openincludes\class-admin.php:207
filterxmlrpc_methodsincludes\class-admin.php:214
filterwp_headersincludes\class-admin.php:221
filterpre_option_default_ping_statusincludes\class-admin.php:231
filterpre_option_default_comment_statusincludes\class-admin.php:232
filterrewrite_rules_arrayincludes\class-admin.php:235
filterpings_openincludes\class-admin.php:249
actionplugins_loadedincludes\class-login-handler.php:23
actiontemplate_redirectincludes\class-login-handler.php:24
actioninitincludes\class-login-handler.php:25
filterlogin_urlincludes\class-login-handler.php:26
filtersite_urlincludes\class-login-handler.php:27
filternetwork_site_urlincludes\class-login-handler.php:28
filterauthenticateincludes\class-login-handler.php:29
actionwp_logoutincludes\class-login-handler.php:30
filterlogout_redirectincludes\class-login-handler.php:31
actionlogin_enqueue_scriptsincludes\class-login-handler.php:32
actionlogin_initincludes\class-login-handler.php:34
filterretrieve_password_messageincludes\class-login-handler.php:35
filterlogin_redirectincludes\class-login-handler.php:37
actioninitincludes\class-login-handler.php:38
filterwp_redirectincludes\class-login-handler.php:40
actioninitincludes\class-rewrites.php:22
filterquery_varsincludes\class-rewrites.php:23
Maintenance & Trust

AccessDoor – Smart Admin Login & Security Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 5, 2026
PHP min version7.4
Downloads302

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

AccessDoor – Smart Admin Login & Security Alternatives

Admin Custom Login

Admin Custom Login

admin-custom-login

A
98

Customize Your WordPress Login Screen Amazingly - Add Own Logo, Add Social Profiles, Login Form Positions, Background Image Slide Show

20K 2 CVEs
Rename wp-admin login

Rename wp-admin login

rename-wp-admin-login

A
100

Rename wp-admin login* is a plugin that allows us to rename wp-admin login URL to anything you want

7K No CVEs
Login Page Styler – Custom WordPress Login Page Customizer & Security

Login Page Styler – Custom WordPress Login Page Customizer & Security

login-page-styler

A
97

Customize and secure your WordPress login page with logo, backgrounds, templates, custom login URL, reCAPTCHA protection, and login activity logs — no …

3K 3 CVEs
CLP – Custom Login Page by NiteoThemes

CLP – Custom Login Page by NiteoThemes

clp-custom-login-page

C
64

Custom Login Page plugin allows you to customize any essential element on WordPress login page. It utilizes powerful customizer to implement changes i …

800 1 unpatched
Hide WP Admin Login

Hide WP Admin Login

hide-wp-admin-login

A
100

Change WordPress wp-login.php URL to anything you want.

500 No CVEs
Developer Profile

AccessDoor – Smart Admin Login & Security Developer Profile

IT Path Solutions

13 plugins · 11K total installs

80
trust score
Avg Security Score
89/100
Avg Patch Time
77 days
View full developer profile
Detection Fingerprints

How We Detect AccessDoor – Smart Admin Login & Security

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/accessdoor-smart-admin-login-url-control/assets/css/admin-style.css/wp-content/plugins/accessdoor-smart-admin-login-url-control/assets/js/admin-script.js
Script Paths
/wp-content/plugins/accessdoor-smart-admin-login-url-control/assets/js/admin-script.js
Version Parameters
accessdoor-smart-admin-login-url-control/assets/css/admin-style.css?ver=accessdoor-smart-admin-login-url-control/assets/js/admin-script.js?ver=

HTML / DOM Fingerprints

CSS Classes
adalc-notice
HTML Comments
<!-- BEGIN Accessdoor Directory Protection --><!-- END Accessdoor Directory Protection --><!-- BEGIN Accessdoor Upload Protection --><!-- END Accessdoor Upload Protection -->
Data Attributes
data-nonce
JS Globals
accessdoor_ajax_object
REST Endpoints
/wp-json/accessdoor/v1/settings/wp-json/accessdoor/v1/users
FAQ

Frequently Asked Questions about AccessDoor – Smart Admin Login & Security