Does Apermo AdminBar have any unpatched vulnerabilities?

No. All known vulnerabilities in Apermo AdminBar have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Apermo AdminBar compatible with WordPress 4.7.0?

According to WordPress.org data, Apermo AdminBar 1.1.2 has been tested up to WordPress 4.7.0. Check the plugin's changelog for the latest compatibility information.

How often is Apermo AdminBar updated?

Apermo AdminBar was last updated on Dec 14, 2016. Frequent updates are generally a positive security signal.

What is Apermo AdminBar's security score?

Apermo AdminBar has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Apermo AdminBar Security & Risk Analysis

wordpress.org/plugins/apermo-adminbar

This plugin allows you to add links between a development, staging and live version of your website, and adds them to the AdminBar.

60 active installs v1.1.2 PHP + WP 4.0+ Updated Dec 14, 2016

adminadmin-baradminbardeveloperdevelopment

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Apermo AdminBar Safe to Use in 2026?

Generally Safe

Score 85/100

Apermo AdminBar has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago

Risk Assessment

The "apermo-adminbar" v1.1.2 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and has no recorded vulnerabilities or CVEs. The attack surface appears to be minimal with no exposed AJAX handlers, REST API routes, shortcodes, or cron events that lack authentication.

However, the static analysis reveals a significant concern: the presence of the `unserialize()` function. Without proper input validation or context, `unserialize()` is a notorious vector for unserialize vulnerabilities, which can lead to remote code execution. Although no taint flows were detected, this function represents a latent risk that is not mitigated by other security checks mentioned, such as nonce checks.

Given the absence of past vulnerabilities and the otherwise clean code signals regarding SQL, output escaping, and file operations, the primary risk lies in the potential misuse of `unserialize()`. This single dangerous function, without additional context on its usage and input sanitization, warrants careful consideration.

Key Concerns

Dangerous function 'unserialize' detected

Vulnerabilities

None known

Apermo AdminBar Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Apermo AdminBar Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

26 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$all = unserialize( trim( $input['all'] ) );apermo-adminbar.php:740

Output Escaping

74% escaped35 total outputs

Attack Surface

Apermo AdminBar Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 20

actionwp_enqueue_scriptsapermo-adminbar.php:110

actionadmin_menuapermo-adminbar.php:113

actionadmin_initapermo-adminbar.php:114

actioninitapermo-adminbar.php:117

actioninitapermo-adminbar.php:118

actionadmin_enqueue_scriptsapermo-adminbar.php:120

actionadmin_bar_initapermo-adminbar.php:123

filterget_user_option_admin_colorapermo-adminbar.php:125

actionadmin_enqueue_scriptsapermo-adminbar.php:127

filterpre_option_blog_publicapermo-adminbar.php:129

actionadmin_bar_menuapermo-adminbar.php:196

actionplugins_loadedapermo-adminbar.php:804

actioninitclasses\class.statusbox.php:14

actionadmin_bar_menuclasses\class.statusbox.php:16

actionadmin_bar_menuclasses\class.statusbox.php:18

actionwp_enqueue_scriptsclasses\class.statusbox.php:20

actionadmin_enqueue_scriptsclasses\class.statusbox.php:21

actioninitclasses\class.watermark.php:12

actionwp_enqueue_scriptsclasses\class.watermark.php:13

actionwp_footerclasses\class.watermark.php:14

Maintenance & Trust

Apermo AdminBar Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.0

Last updatedDec 14, 2016

PHP min version

Downloads3K

Community Trust

Rating100/100

Number of ratings2

Active installs60

Alternatives

Apermo AdminBar Alternatives

Apermo AdminBar Toggle

apermo-adminbar-toggle

This plugin simple allows you to toggle the AdminBar on and off just with the keyboard.

10 No CVEs

Toolbar Plugins Link

toolbar-plugins-link

Toolbar Plugins Link customizes the Admin Toolbar and adds a shortcut to the plugins page.

10 No CVEs

Development Mode

development-mode

Uses Sunrise theme on Dashboard and Frontend to visually represent development mode

0 No CVEs

Hide Admin Bar from Non-Admins

hide-admin-bar-from-non-admins

Hides the WordPress toolbar (admin bar) for all non-admin users. Simple plugin with no settings to configure.

10K No CVEs

Better Admin Bar

better-admin-bar

100

The WordPress Admin Bar reimagined. Replace the default WordPress admin bar and provide logged-in users the user experience they deserve.

4K No CVEs

Developer Profile

Apermo AdminBar Developer Profile

Christoph Daum

4 plugins · 80 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Apermo AdminBar

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/apermo-adminbar/classes/class.watermark.php/wp-content/plugins/apermo-adminbar/classes/class.statusbox.php

Script Paths

/wp-content/plugins/apermo-adminbar/js/apermo-adminbar-keycodes.js

Version Parameters

apermo-adminbar/apermo-adminbar.php?ver=

HTML / DOM Fingerprints

CSS Classes

apermo-adminbar-toolbar

Data Attributes

data-apermo-keycodes

JS Globals

apermo_adminbar

FAQ