Does Useful Admin Menu have any unpatched vulnerabilities?

No. All known vulnerabilities in Useful Admin Menu have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Useful Admin Menu compatible with WordPress 6.2.9?

According to WordPress.org data, Useful Admin Menu 2.0 has been tested up to WordPress 6.2.9. Check the plugin's changelog for the latest compatibility information.

Is Useful Admin Menu compatible with PHP 5.6+?

Useful Admin Menu requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Useful Admin Menu updated?

Useful Admin Menu was last updated on Apr 15, 2023. Frequent updates are generally a positive security signal.

What is Useful Admin Menu's security score?

Useful Admin Menu has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Useful Admin Menu Security & Risk Analysis

wordpress.org/plugins/auto-hide-admin-menu-items

The plugin automatically hides unused Admin Menu items and adds search box for menu items

10 active installs v2.0 PHP 5.6+ WP 5.0+ Updated Apr 15, 2023

adminadmin-menuautohidesearch

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Useful Admin Menu Safe to Use in 2026?

Generally Safe

Score 85/100

Useful Admin Menu has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago

Risk Assessment

The "auto-hide-admin-menu-items" v2.0 plugin exhibits a mixed security posture. On the positive side, the code shows strong adherence to secure practices regarding SQL queries, utilizing prepared statements exclusively. It also has no known vulnerabilities, which is a significant strength. However, there are critical areas of concern that detract from its overall security.

The primary risk identified is the presence of an unprotected AJAX handler, representing a direct entry point into the application that lacks authentication checks. While the static analysis did not uncover any critical taint flows or dangerous functions, the absence of proper authorization for an AJAX endpoint is a fundamental security flaw. This could allow unauthorized users to trigger potentially unintended actions.

The vulnerability history is clean, which is encouraging. However, this, combined with the limited attack surface and the presence of a nonce check for one handler, suggests the plugin may not have been extensively targeted or tested for complex vulnerabilities. The lack of capability checks on the identified AJAX handler is a significant weakness. In conclusion, while the plugin demonstrates good practices in SQL handling and has no CVE history, the unprotected AJAX handler is a substantial risk that needs immediate attention.

Key Concerns

Unprotected AJAX handler
Missing capability checks on AJAX
Unescaped output detected

Vulnerabilities

None known

Useful Admin Menu Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Useful Admin Menu Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

67% escaped6 total outputs

Attack Surface

1 unprotected

Useful Admin Menu Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_aham_click_on_menuauto-hide-admin-menu.php:24

WordPress Hooks 7

actioninitauto-hide-admin-menu.php:19

actionadmin_menuauto-hide-admin-menu.php:20

actionnetwork_admin_menuauto-hide-admin-menu.php:21

actionadmin_enqueue_scriptsauto-hide-admin-menu.php:22

filteradd_menu_classesauto-hide-admin-menu.php:23

filterplugin_action_linksauto-hide-admin-menu.php:25

filternetwork_admin_plugin_action_linksauto-hide-admin-menu.php:26

Maintenance & Trust

Useful Admin Menu Maintenance & Trust

Maintenance Signals

WordPress version tested6.2.9

Last updatedApr 15, 2023

PHP min version5.6

Downloads31K

Community Trust

Rating100/100

Number of ratings2

Active installs10

Alternatives

Useful Admin Menu Alternatives

Hide Admin Menu

hide-admin-menu

100

Using this plugin, we can hide the admin menu easily.

20K No CVEs

Admin Tools

admin-tools

Admin Tools Helps you to get better admin for your customers. Manage your menus, plugins, Top Bar, updates and more

4K No CVEs

Auto Hide Admin Bar

auto-hide-admin-bar

100

This plugin adds an auto-hide feature to the WordPress Admin Bar or Toolbar.

4K 1 CVE

Admin Menu Search

admin-menu-search

Admin Menu Search adds a search box filter to the top of the WordPress Admin Menu so you can easily locate items on sites with lots of menus.

3K No CVEs

My Wp Brand – Hide menu & Hide Plugin

my-wp-brand

This plugin gives the facility for hiding and showing plugins and the admin menu, it also gives the options to customize WordPress branding.

2K 2 CVEs

Developer Profile

Useful Admin Menu Developer Profile

ioannup

3 plugins · 1K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Useful Admin Menu

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/auto-hide-admin-menu-items/assets/js/admin-menu.js/wp-content/plugins/auto-hide-admin-menu-items/assets/css/styles.css/wp-content/plugins/auto-hide-admin-menu-items/assets/js/admin-popups.js

Script Paths

assets/js/admin-menu.jsassets/js/admin-popups.js

Version Parameters

auto-hide-admin-menu-items/assets/js/admin-menu.js?ver=auto-hide-admin-menu-items/assets/css/styles.css?ver=auto-hide-admin-menu-items/assets/js/admin-popups.js?ver=

HTML / DOM Fingerprints

Data Attributes

data-original-title

JS Globals

ahamSettings

FAQ