Admin-Colour Security & Risk Analysis
wordpress.org/plugins/admin-colouradmin color code Requires at least: 2.0.2 Tested up to: 4.3 Stable tag: 4.3 A quick and easy way to change the admin navigation colour scheme, allo …
Is Admin-Colour Safe to Use in 2026?
Generally Safe
Score 85/100Admin-Colour has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "admin-colour" v3.0 plugin presents a mixed security picture. On the positive side, the static analysis reveals no identified dangerous functions, no SQL queries that are not using prepared statements, no file operations, and no external HTTP requests. The absence of known CVEs in its vulnerability history further suggests a potentially stable past. However, a significant concern arises from the output escaping. With 254 outputs and 0% properly escaped, this indicates a high likelihood of cross-site scripting (XSS) vulnerabilities. While the attack surface appears minimal and there are no recorded taint flows, the lack of output sanitization is a critical oversight that could expose users to malicious scripts. The plugin also exhibits zero nonce and capability checks, which, combined with the lack of any authentication checks on AJAX or REST API endpoints (though none are explicitly declared), could be a weakness if new endpoints are added or if the plugin's functionality is expanded in the future. The key strength is the absence of SQL injection risks and a minimal attack surface, but the pervasive lack of output escaping is a major weakness that overshadows these strengths.
Key Concerns
- Output escaping: 0% properly escaped
- Capability checks: 0
- Nonce checks: 0
Admin-Colour Security Vulnerabilities
Admin-Colour Code Analysis
Output Escaping
Admin-Colour Attack Surface
WordPress Hooks 2
Maintenance & Trust
Admin-Colour Maintenance & Trust
Maintenance Signals
Community Trust
Admin-Colour Alternatives
Admin Menu Editor
admin-menu-editor
Lets you edit the WordPress admin menu. You can re-order, hide or rename menus, add custom menus and more.
PublishPress Capabilities – User Role Editor, Access Permissions, User Capabilities, Admin Menus
capability-manager-enhanced
PublishPress Capabilities is the access control plugin. You can manage user capabilities, permissions, user roles, admin menus and more.
Conditional Menus
conditional-menus
This plugin enables you to set conditional menus per posts, pages, categories, archive pages, etc.
Ultimate Dashboard – Custom WordPress Dashboard
ultimate-dashboard
The #1 Plugin to Customize the WordPress Dashboard!
WP Custom Admin Interface
wp-custom-admin-interface
With WP Custom Admin Interface you can easily customise the WordPress admin and login interfaces.
Admin-Colour Developer Profile
1 plugin · 10 total installs
How We Detect Admin-Colour
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
HTML / DOM Fingerprints
menu-icon-dashboardmenu-icon-postmenu-icon-mediamenu-icon-pagemenu-icon-commentsmenu-icon-appearancemenu-icon-pluginsmenu-icon-users+5 more