BNS Login Security & Risk Analysis
wordpress.org/plugins/bns-loginThis plugin provides a link, in the theme footer area, to the dashboard when logged in as well as a log out link. A shortcode is also available.
Is BNS Login Safe to Use in 2026?
Generally Safe
Score 85/100BNS Login has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The bns-login v2.5.2 plugin exhibits a generally good security posture based on the provided static analysis. The absence of SQL injection vulnerabilities due to the consistent use of prepared statements is a significant strength. Furthermore, the lack of critical or high-severity taint flows suggests that sensitive data is not being mishandled in a way that could lead to immediate exploitation.
However, several areas warrant attention. The plugin lacks nonce and capability checks, which are fundamental security measures for preventing cross-site request forgery (CSRF) and unauthorized actions. While the attack surface is currently small and appears to be protected at the entry points, the absence of these checks leaves potential gaps. Additionally, the output escaping is not fully comprehensive, with 22% of outputs not being properly escaped, potentially opening the door for cross-site scripting (XSS) vulnerabilities.
The complete absence of recorded vulnerabilities in its history is a positive indicator, suggesting a responsible development approach. Nevertheless, this should not lead to complacency. The identified weaknesses in nonce/capability checks and output escaping represent tangible risks that should be addressed to further harden the plugin's security.
Key Concerns
- Missing nonce checks
- Missing capability checks
- Incomplete output escaping
BNS Login Security Vulnerabilities
BNS Login Code Analysis
Output Escaping
BNS Login Attack Surface
Shortcodes 1
WordPress Hooks 6
Maintenance & Trust
BNS Login Maintenance & Trust
Maintenance Signals
Community Trust
BNS Login Alternatives
Ultimate Dashboard – Custom WordPress Dashboard
ultimate-dashboard
The #1 Plugin to Customize the WordPress Dashboard!
Remove Dashboard Access
remove-dashboard-access-for-non-admins
Disable Dashboard access for users of a specific role or capability. Disallowed users are redirected to a chosen URL. Get set up in seconds.
AGCA – Custom Dashboard & Login Page
ag-custom-admin
CHANGE: admin menu, login page, admin bar, dashboard widgets, custom colors, custom CSS & JS, logo & images
White Label – WordPress Custom Admin, Custom Login Page, and Custom Dashboard
white-label
Our White Label WordPress plugin lets you make a custom admin experience. Create a custom login page, a custom dashboard, and much more.
Erident Custom Login and Dashboard
erident-custom-login-and-dashboard
Fully customize the WordPress Login Screen.
BNS Login Developer Profile
18 plugins · 2K total installs
How We Detect BNS Login
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/bns-login/bns-login-style.css/wp-content/plugins/bns-login/bns-login-form-style.css/wp-content/plugins/bns-login/bns-login-custom-style.cssbns-login/bns-login-style.css?ver=bns-login/bns-login-form-style.css?ver=bns-login/bns-login-custom-style.css?ver=HTML / DOM Fingerprints
bns-login-containerbns-login-dashboardbns-login-logoutbns-login-loginbns-login-user-menubns-login-login-menubns-login-menubns-login-dashiconsNB: This location will be over-written when the plugin is updated due
du to core WordPress functionality. Please place your custom stylesheet
in the /wp-content/bns-customs/ folder (you may need to created this
via this FTP) to better future proof your customizations.Read the custom stylesheet from ../wp-content/bns-customs/data-bns-login-titledata-bns-login-dashboard-titledata-bns-login-login-titledata-bns-login-logout-titledata-bns-login-register-titledata-bns-login-user-titleBNS_CUSTOM_PATHBNS_CUSTOM_URL[bns_login][bns_login][bns_login][bns_login]