Admin Tour Security & Risk Analysis
wordpress.org/plugins/admin-tourAdmin Tour helps you to create a tour for admin. Admin user can go through the tour and they will get the knowledge about how to use the admin panel.
Is Admin Tour Safe to Use in 2026?
Generally Safe
Score 100/100Admin Tour has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The admin-tour v1.4 plugin exhibits a strong security posture based on the provided static analysis. It demonstrates excellent adherence to secure coding practices by implementing prepared statements for all SQL queries, properly escaping all output, and performing a nonce check on its entry points. The absence of dangerous functions, file operations, and external HTTP requests further contributes to its robustness. Furthermore, the taint analysis reveals no critical or high-severity issues, indicating a low risk of code injection or other taint-related vulnerabilities.
The vulnerability history is also a significant strength, with zero recorded CVEs, indicating a history of stable and secure development. This lack of past vulnerabilities suggests that the developers are proactive about security or that the plugin's architecture inherently avoids common attack vectors.
Overall, admin-tour v1.4 appears to be a very secure plugin. The limited attack surface, combined with strong security implementation and a clean vulnerability history, makes it a low-risk option. The only area that could be considered a minor point of attention is the absence of capability checks on its AJAX handlers, although the presence of nonce checks mitigates this risk significantly.
Key Concerns
- AJAX handlers without capability checks
Admin Tour Security Vulnerabilities
Admin Tour Code Analysis
Output Escaping
Data Flow Analysis
Admin Tour Attack Surface
AJAX Handlers 2
WordPress Hooks 5
Maintenance & Trust
Admin Tour Maintenance & Trust
Maintenance Signals
Community Trust
Admin Tour Alternatives
Simple Tour Guide
simple-tour-guide
Easily add an interactive step-by-step user guide (intro tour) for your visitors. Based on Shepherd.js (https://shepherdjs.dev/).
Custom Welcome Guide
custom-welcome-guide
Easily add step-by-step tours/tutorials/walkthrough guides that get displayed in the WordPress admin. Replace the default welcome guide modal dialog i …
Intro Tour Tutorial DeepPresentation
dp-intro-tours
Step-by-step tutorial guide, web or new feature intro tour created intuitively with the visual builder and detail configuration on the admin board
Usetiful – Digital Adoption Platform
usetiful-digital-adoption-platform
Fight user churn with great user onboarding! Interactive product tours, smart tips and user onboarding checklists for digital products
User Tour Guide
user-tour-guide
A simple lightweight onboarding tour guide plugin. Create an unlimited number of onboarding tours for unlimited pages, work with any page builder.
Admin Tour Developer Profile
13 plugins · 17K total installs
How We Detect Admin Tour
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/admin-tour/assets/js/wat-pointers.js/wp-content/plugins/admin-tour/assets/css/wat-pointers.css../assets/js/wat-pointers.js../assets/css/wat-pointers.cssHTML / DOM Fingerprints
wat_copy_screen_idid="wat_copy_screen_id"WAT