Does Admin Tag UI have any unpatched vulnerabilities?

No. All known vulnerabilities in Admin Tag UI have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Admin Tag UI compatible with WordPress 5.8.13?

According to WordPress.org data, Admin Tag UI 1.1.4 has been tested up to WordPress 5.8.13. Check the plugin's changelog for the latest compatibility information.

How often is Admin Tag UI updated?

Admin Tag UI was last updated on Oct 26, 2021. Frequent updates are generally a positive security signal.

What is Admin Tag UI's security score?

Admin Tag UI has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Admin Tag UI Security & Risk Analysis

wordpress.org/plugins/admin-tag-ui

Improves the tag sections located in the admin backend (WordPress dashboard) classic editor post screens.

10 active installs v1.1.4 PHP + WP 5.8+ Updated Oct 26, 2021

adminbackenddashboardtagtags

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Admin Tag UI Safe to Use in 2026?

Generally Safe

Score 85/100

Admin Tag UI has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The plugin 'admin-tag-ui' v1.1.4 presents a mixed security picture. On the positive side, there are no identified CVEs in its history, and the static analysis reveals a remarkably small attack surface with zero AJAX handlers, REST API routes, shortcodes, or cron events. This suggests a generally low likelihood of external exploitation through common plugin entry points.

However, the code analysis highlights significant areas of concern. The complete lack of proper output escaping for all identified outputs is a critical flaw, potentially leading to Cross-Site Scripting (XSS) vulnerabilities. Furthermore, the single SQL query is not using prepared statements, increasing the risk of SQL injection. The absence of nonce and capability checks, while perhaps mitigated by the limited attack surface, are fundamental security practices that are missing, leaving potential openings if new entry points were ever introduced or existing ones indirectly exposed.

Given the lack of past vulnerabilities, one might infer cautious development, but the present code analysis reveals fundamental security weaknesses that are not reflected in historical data. The current state suggests that while the plugin has historically been safe, its current implementation contains vulnerabilities that could be exploited if an attacker can trigger the non-escaped output or the un-prepared SQL query. The low attack surface is a mitigating factor, but the unaddressed security flaws are substantial.

Key Concerns

All outputs are unescaped
SQL query does not use prepared statements
No capability checks
No nonce checks

Vulnerabilities

None known

Admin Tag UI Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Admin Tag UI Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared1 total queries

Output Escaping

0% escaped10 total outputs

Attack Surface

Admin Tag UI Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 8

actionadmin_menuadmin-tag-ui-settings.php:18

actionadmin_initadmin-tag-ui-settings.php:19

actionadmin_headadmin-tag-ui-settings.php:20

filterplugin_row_metaadmin-tag-ui.php:28

filterget_terms_argsadmin-tag-ui.php:33

actionadmin_headadmin-tag-ui.php:41

actionadmin_footer-post.phpadmin-tag-ui.php:42

actionadmin_footer-post-new.phpadmin-tag-ui.php:43

Maintenance & Trust

Admin Tag UI Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13

Last updatedOct 26, 2021

PHP min version

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Admin Tag UI Alternatives

Conditional Menus

conditional-menus

100

This plugin enables you to set conditional menus per posts, pages, categories, archive pages, etc.

60K 1 CVE

Admin Customizer

admin-customizer

A plugin for customizing your admin panel.

1K No CVEs

Taxonomy Tags to Checkboxes

runthings-taxonomy-tags-to-checkboxes

100

Convert taxonomy tags to checkboxes in the WordPress admin area.

1K No CVEs

Mass Delete Unused Tags

mass-delete-unused-tags

Deletes all unused tags, handy tool if you want to start over with a quick clean blog.

900 1 CVE

Auto SEO

auto-seo

Auto SEO is a quick, simple way to add title, meta keywords, and meta descriptions to your site all at one from a single page.

600 1 CVE

Developer Profile

Admin Tag UI Developer Profile

divspark

2 plugins · 20 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Admin Tag UI

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/admin-tag-ui/admin-tag-ui-settings.js/wp-content/plugins/admin-tag-ui/admin-tag-ui.js

Script Paths

/wp-content/plugins/admin-tag-ui/admin-tag-ui-settings.js/wp-content/plugins/admin-tag-ui/admin-tag-ui.js

Version Parameters

admin-tag-ui.js?ver=admin-tag-ui-settings.js?ver=

HTML / DOM Fingerprints

CSS Classes

the-tagcloudtagchecklistatui-delete-hoveratui-tag-selectedtagcloud-link

HTML Comments

Multi columnsUnselected tagsCurrent selected tagsList style - suppress tag cloud look+4 more

JS Globals

var admin_tag_ui

FAQ