WP-Safety

Admin Bar & Dashboard Access Control Security & Risk Analysis

wordpress.org/plugins/admin-bar-dashboard-control

Disable admin bar and control users access to WordPress dashboard.

3K active installs v1.2.9 PHP 5.4+ WP 6.0+ Updated Dec 4, 2025
admin-baradmin-dashboarddisable-admin-bardisable-toolbartoolbar
100
A · Safe
CVEs total1
Unpatched0
Last CVEOct 31, 2023
Plugin page Download
Safety Verdict

Is Admin Bar & Dashboard Access Control Safe to Use in 2026?

Generally Safe

Score 100/100

Admin Bar & Dashboard Access Control has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Oct 31, 2023Updated 4mo ago
Risk Assessment

The 'admin-bar-dashboard-control' plugin v1.2.9 exhibits a generally strong security posture, with several positive indicators. The complete absence of unprotected entry points (AJAX, REST API, shortcodes, cron events) is a significant strength, as is the fact that all SQL queries are using prepared statements. Furthermore, the presence of nonces and capability checks on all identified entry points further mitigates common attack vectors. The taint analysis showing no unsanitized paths with critical or high severity is also reassuring.

However, there are areas for improvement. The output escaping rate of 68% means that a notable portion of output is not properly sanitized, potentially leading to Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is involved in these unescaped outputs. While there are no current unpatched CVEs, the plugin does have a history of one previously disclosed vulnerability, which was an XSS issue. This suggests a need for ongoing vigilance in output sanitization and input validation.

In conclusion, the plugin has implemented robust access control and data handling practices, particularly concerning SQL. The primary concern lies with the unescaped output, which warrants attention to ensure all dynamic content is adequately sanitized to prevent potential XSS flaws. The past XSS vulnerability reinforces this, although its current unpatched status is positive.

Key Concerns

  • Output escaping not properly done (32%)
  • Known past vulnerability (XSS)
Vulnerabilities
1

Admin Bar & Dashboard Access Control Security Vulnerabilities

CVEs by Year

1 CVE in 2023
2023
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2023-47184medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Admin Bar & Dashboard Control <= 1.2.8 - Authenticated (Administrator+) Stored Cross-Site Scripting

Oct 31, 2023 Patched in 1.2.9 (84d)
Code Analysis
Analyzed Mar 16, 2026

Admin Bar & Dashboard Access Control Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
10
21 escaped
Nonce Checks
4
Capability Checks
6
File Operations
2
External Requests
0
Bundled Libraries
0

Output Escaping

68% escaped31 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
save_options (settings.php:43)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Admin Bar & Dashboard Access Control Attack Surface

Entry Points3
Unprotected0

AJAX Handlers 3

authwp_ajax_pabc_activate_pluginfuse\FuseWP.php:33
authwp_ajax_pabc_install_pluginfuse\FuseWP.php:34
authwp_ajax_pabc_fusewp_page_check_plugin_statusfuse\FuseWP.php:37
WordPress Hooks 11
actioninitadmin-bar-dashboard-control.php:28
filtershow_admin_baradmin-bar-dashboard-control.php:52
actionadmin_initadmin-bar-dashboard-control.php:53
actionadmin_menufuse\FuseWP.php:30
actionadmin_initfuse\FuseWP.php:45
actionadmin_enqueue_scriptsfuse\FuseWP.php:46
actionadmin_noticesmo-admin-notice-featured.php:9
actionnetwork_admin_noticesmo-admin-notice-featured.php:10
actionadmin_initmo-admin-notice-featured.php:12
actionnetwork_admin_menusettings.php:13
actionadmin_menusettings.php:15
Maintenance & Trust

Admin Bar & Dashboard Access Control Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 4, 2025
PHP min version5.4
Downloads70K

Community Trust

Rating94/100
Number of ratings18
Active installs3K
Alternatives

Admin Bar & Dashboard Access Control Alternatives

TCBD WP Admin Bar Hide

TCBD WP Admin Bar Hide

tcbd-wp-admin-bar-hide

A
92

Hide your admin bar when you are login.

10 No CVEs
Hide Admin Toolbar

Hide Admin Toolbar

hide-admin-toolbar

A
85

This plugin is used to hide admin toolbar from website. It will hide that bar when you are logged in and viewing the site.

8K No CVEs
MM Admin Bar

MM Admin Bar

hide-admin-navbar

A
100

Hide the admin bar from the frontend.

100 No CVEs
Hide Admin Bar or Toolbar

Hide Admin Bar or Toolbar

hide-admin-bar-or-toolbar

A
85

A simple Admin Bar Hide and this plugin is used to hide admin toolbar from website. It will hide that bar when you are logged in and viewing the site.

0 No CVEs
Hide Admin Bar Based on User Roles

Hide Admin Bar Based on User Roles

hide-admin-bar-based-on-user-roles

A
100

Hide the WordPress Admin Bar for specific user roles, capabilities, devices, pages, or time windows. The ultimate toolbar control plugin for membershi &hellip;

20K 1 CVE
Developer Profile

Admin Bar & Dashboard Access Control Developer Profile

Collins Agbonghama

2 plugins · 8K total installs

83
trust score
Avg Security Score
93/100
Avg Patch Time
84 days
View full developer profile
Detection Fingerprints

How We Detect Admin Bar & Dashboard Access Control

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/admin-bar-dashboard-control/css/admin-bar-dashboard-control.css/wp-content/plugins/admin-bar-dashboard-control/js/admin-bar-dashboard-control.js
Script Paths
/wp-content/plugins/admin-bar-dashboard-control/js/admin-bar-dashboard-control.js
Version Parameters
admin-bar-dashboard-control/css/admin-bar-dashboard-control.css?ver=admin-bar-dashboard-control/js/admin-bar-dashboard-control.js?ver=

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about Admin Bar & Dashboard Access Control