Does Admin Bar User Switching have any unpatched vulnerabilities?

No. All known vulnerabilities in Admin Bar User Switching have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Admin Bar User Switching compatible with WordPress 6.0.11?

According to WordPress.org data, Admin Bar User Switching 1.4 has been tested up to WordPress 6.0.11. Check the plugin's changelog for the latest compatibility information.

Is Admin Bar User Switching compatible with PHP 5.6+?

Admin Bar User Switching requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Admin Bar User Switching updated?

Admin Bar User Switching was last updated on May 24, 2022. Frequent updates are generally a positive security signal.

What is Admin Bar User Switching's security score?

Admin Bar User Switching has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Admin Bar User Switching Security & Risk Analysis

wordpress.org/plugins/admin-bar-user-switching

Extends the excellent User Switching plugin by John Blackbourn by adding a User Switching to the admin bar for quick and easy user switching.

2K active installs v1.4 PHP 5.6+ WP 3.1+ Updated May 24, 2022

user-switchingusers

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Admin Bar User Switching Safe to Use in 2026?

Generally Safe

Score 85/100

Admin Bar User Switching has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

The 'admin-bar-user-switching' plugin, version 1.4, demonstrates a generally strong security posture based on the provided static analysis. A key strength is its complete reliance on prepared statements for all SQL queries and the presence of both nonce and capability checks for its single AJAX entry point, indicating good practice in preventing common web vulnerabilities. The absence of file operations, external HTTP requests, and dangerous functions further bolsters its security. The lack of any recorded CVEs and taint analysis issues further suggests a well-maintained and secure codebase.

While the plugin exhibits many positive security characteristics, a minor concern exists with output escaping. With 8 total outputs and 75% properly escaped, there's a possibility of one output being unescaped. Although the static analysis doesn't explicitly flag this as a vulnerability, it represents a potential area for improvement and a small risk of cross-site scripting (XSS) if the unescaped output contains user-controlled data. The small attack surface and lack of critical vulnerabilities in its history are very positive indicators, but this minor oversight in output escaping is the only area that prevents a perfect security score.

Key Concerns

One unescaped output identified

Vulnerabilities

None known

Admin Bar User Switching Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Admin Bar User Switching Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

6 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

75% escaped8 total outputs

Attack Surface

Admin Bar User Switching Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_abus_user_searchincludes\Controllers\AdminBar.php:19

WordPress Hooks 9

actionadmin_noticesincludes\Admin\Notice.php:15

actionwp_before_admin_bar_renderincludes\Integrations\WordPress\AdminBar.php:18

actioninitincludes\Plugin.php:22

actioninitincludes\Plugin.php:23

actionadmin_enqueue_scriptsincludes\Plugin.php:24

actionwp_enqueue_scriptsincludes\Plugin.php:25

actionwp_headincludes\Plugin.php:26

actionadmin_headincludes\Plugin.php:27

filterplugin_row_metaincludes\Plugin.php:28

Maintenance & Trust

Admin Bar User Switching Maintenance & Trust

Maintenance Signals

WordPress version tested6.0.11

Last updatedMay 24, 2022

PHP min version5.6

Downloads49K

Community Trust

Rating96/100

Number of ratings12

Active installs2K

Alternatives

Admin Bar User Switching Alternatives

User Switching

user-switching

100

Instant switching between user accounts in WordPress and WooCommerce.

200K No CVEs

UM User Switching

um-user-switching

Addon that integrates User Switching to Ultimate Member

10 No CVEs

UserMorph – Instant User Switching & Account Impersonation for WordPress

usermorph

100

Instant user-switching for WordPress. Morph into any account via a searchable admin bar menu securely and fast.

10 No CVEs

One User Avatar | User Profile Picture

one-user-avatar

Use any image from your WordPress Media Library as a custom user avatar or user profile picture. Add your own Default Avatar.

100K 2 CVEs

Simple Local Avatars

simple-local-avatars

Adds an avatar upload field to user profiles. Generates requested sizes on demand just like Gravatar!

100K 6 CVEs

Developer Profile

Admin Bar User Switching Developer Profile

Saad Iqbal

84 plugins · 1.4M total installs

trust score

Avg Security Score

96/100

Avg Patch Time

287 days

View full developer profile

Detection Fingerprints

How We Detect Admin Bar User Switching

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/admin-bar-user-switching/assets/js/abus_script.js

Script Paths

/wp-content/plugins/admin-bar-user-switching/assets/js/abus_script.js

Version Parameters

admin-bar-user-switching/assets/js/abus_script.js?ver=

HTML / DOM Fingerprints

CSS Classes

abus_search_textabus_search_submit

Data Attributes

data-url

JS Globals

abus_ajax

FAQ