WP-Safety

Comfortable Admin Page Security & Risk Analysis

wordpress.org/plugins/comfortable-admin-page

A utility plugin to make the WordPress admin screen more comfortable and easier to use. You can hide unnecessary items and add useful features.

30 active installs v3.8.2 PHP 7.4+ WP 5.8+ Updated Mar 8, 2026
adminadmin-barcustomizeeditormenu
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Comfortable Admin Page Safe to Use in 2026?

Generally Safe

Score 100/100

Comfortable Admin Page has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 27d ago
Risk Assessment

The "comfortable-admin-page" v3.8.2 plugin exhibits a generally strong security posture based on the provided static analysis. The complete absence of known CVEs and a history of no reported vulnerabilities suggests a well-maintained and security-conscious development process. The code demonstrates good practices, with 100% of SQL queries utilizing prepared statements and a high percentage (91%) of output properly escaped, significantly mitigating risks of SQL injection and Cross-Site Scripting (XSS) vulnerabilities. Additionally, robust use of nonce and capability checks (17 each) for its entry points, along with no unprotected entry points found, indicates a solid defense against unauthorized access and manipulation.

However, there are a couple of areas warranting attention. The presence of two taint flows with unsanitized paths, while not reaching critical or high severity in the analysis, represents a potential entry point for path traversal or other file-related vulnerabilities if not handled carefully. While the attack surface is relatively small (4 shortcodes), any unsanitized path handling within these shortcodes could still pose a risk. The plugin also performs file operations, which, combined with unsanitized paths, could be a vector for attack if not strictly controlled.

Overall, the plugin is in a good security state, with its history and implementation of prepared statements and escaping being major strengths. The primary concern lies with the identified unsanitized path flows. Addressing these proactively, even at a low severity, will further solidify its security. The absence of critical or high-severity issues in the taint analysis and the strong adherence to WordPress security best practices are commendable.

Key Concerns

  • Unsanitized paths found in taint analysis
Vulnerabilities
None known

Comfortable Admin Page Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Comfortable Admin Page Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
38
377 escaped
Nonce Checks
17
Capability Checks
17
File Operations
3
External Requests
0
Bundled Libraries
0

Output Escaping

91% escaped415 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

14 flows2 with unsanitized paths
comage_list_custom_bulk_action_admin_notice (includes\list-actions.php:159)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Comfortable Admin Page Attack Surface

Entry Points4
Unprotected0

Shortcodes 4

[today_year] includes\editor-admin-shortcodes.php:73
[today_month] includes\editor-admin-shortcodes.php:76
[today_day] includes\editor-admin-shortcodes.php:79
[ago] includes\editor-admin-shortcodes.php:82
WordPress Hooks 175
actionplugins_loadedcomfortable-admin-page.php:28
filterscreen_options_show_screenincludes\backend-ui.php:59
actionadmin_headincludes\backend-ui.php:62
filteradmin_footer_textincludes\backend-ui.php:65
filterupdate_footerincludes\backend-ui.php:68
filteradmin_titleincludes\backend-ui.php:71
actionadmin_headincludes\backend-ui.php:75
filterpre_site_transient_update_coreincludes\backend-update-core.php:71
filterpre_site_transient_update_pluginsincludes\backend-update-plugins.php:73
filtersite_transient_update_pluginsincludes\backend-update-plugins.php:77
filterpre_site_transient_update_themesincludes\backend-update-themes.php:73
filtersite_transient_update_themesincludes\backend-update-themes.php:77
filtersite_transient_update_coreincludes\backend-update-translations.php:45
filtersite_transient_update_pluginsincludes\backend-update-translations.php:46
filtersite_transient_update_themesincludes\backend-update-translations.php:47
actioncomage_register_settingsincludes\backend.php:27
actionadmin_initincludes\backend.php:53
actioncomage_register_settingsincludes\bar-add.php:18
actionadmin_bar_menuincludes\bar-add.php:65
actionadmin_bar_menuincludes\bar-adjacent-links.php:45
actionwp_enqueue_scriptsincludes\bar-colors.php:56
actionadmin_enqueue_scriptsincludes\bar-colors.php:57
actioncomage_register_settingsincludes\bar-hide.php:18
actioninitincludes\bar-hide.php:150
actionwp_before_admin_bar_renderincludes\bar-hide.php:162
actionwp_before_admin_bar_renderincludes\bar-login.php:53
actionwp_enqueue_scriptsincludes\bar-login.php:54
actionadmin_enqueue_scriptsincludes\bar-login.php:55
actioninitincludes\bar-site-name.php:51
actionwp_enqueue_scriptsincludes\bar-site-name.php:56
actionadmin_enqueue_scriptsincludes\bar-site-name.php:57
actioncomage_register_settingsincludes\bar.php:27
actionwp_before_admin_bar_renderincludes\bar.php:88
actionwp_before_admin_bar_renderincludes\bar.php:89
actionwp_before_admin_bar_renderincludes\bar.php:90
actionadmin_bar_menuincludes\bar.php:93
actionadmin_bar_menuincludes\bar.php:94
actionwp_enqueue_scriptsincludes\bar.php:101
actionadmin_enqueue_scriptsincludes\bar.php:102
actioncomage_register_settingsincludes\dashboard.php:18
actionwp_dashboard_setupincludes\dashboard.php:90
filterautosave_intervalincludes\editor-admin-revisions.php:51
filterwp_revisions_to_keepincludes\editor-admin-revisions.php:52
actionenqueue_block_editor_assetsincludes\editor-admin-shortcodes.php:61
filterwp_unique_post_slugincludes\editor-admin-slug.php:40
actioncomage_register_settingsincludes\editor-blocks.php:18
filterallowed_block_types_allincludes\editor-blocks.php:164
actionadmin_enqueue_scriptsincludes\editor-blocks.php:201
actionenqueue_block_editor_assetsincludes\editor-custom-css.php:52
actionenqueue_block_editor_assetsincludes\editor-feature-info-panel.php:43
actionadmin_enqueue_scriptsincludes\editor-feature-taxonomy.php:60
actionenqueue_block_editor_assetsincludes\editor-feature-taxonomy.php:61
actioninitincludes\editor-feature-taxonomy.php:63
actionenqueue_block_editor_assetsincludes\editor-feature-ui.php:73
actioncomage_register_settingsincludes\editor.php:32
actioninitincludes\editor.php:67
actiontemplate_redirectincludes\frontend-404-redirect.php:69
actionpre_pingincludes\frontend-core-features.php:75
filterwp_sitemaps_enabledincludes\frontend-core-features.php:76
filtermedia_library_infinite_scrollingincludes\frontend-core-features.php:77
filterwp_calculate_image_srcsetincludes\frontend-core-features.php:80
filterrun_wptexturizeincludes\frontend-core-features.php:81
actiondo_feedincludes\frontend-core-features.php:83
actiondo_feed_rdfincludes\frontend-core-features.php:84
actiondo_feed_rssincludes\frontend-core-features.php:85
actiondo_feed_rss2includes\frontend-core-features.php:86
actiondo_feed_atomincludes\frontend-core-features.php:87
filterredirect_canonicalincludes\frontend-core-features.php:93
actionwp_headincludes\frontend-exclusions.php:67
actionpre_get_postsincludes\frontend-exclusions.php:68
filterthe_titleincludes\frontend-title-shortcodes.php:22
filterdocument_title_partsincludes\frontend-title-shortcodes.php:23
filterssp_output_titleincludes\frontend-title-shortcodes.php:26
filterseopress_titles_titleincludes\frontend-title-shortcodes.php:29
filteraioseo_titleincludes\frontend-title-shortcodes.php:32
filterwpseo_titleincludes\frontend-title-shortcodes.php:35
actioncomage_register_settingsincludes\frontend.php:26
actioninitincludes\frontend.php:47
actioncomage_register_settingsincludes\image-actions.php:18
actionadmin_initincludes\image-actions.php:116
filtermedia_row_actionsincludes\image-actions.php:122
actionrestrict_manage_postsincludes\image-actions.php:128
actionrestrict_manage_postsincludes\image-actions.php:133
actionpre_get_postsincludes\image-actions.php:134
filterbulk_actions-uploadincludes\image-actions.php:139
filterthe_authorincludes\image-actions.php:145
actioncomage_register_settingsincludes\image-columns.php:18
actionadmin_initincludes\image-columns.php:92
filtermanage_media_columnsincludes\image-columns.php:94
actionmanage_media_custom_columnincludes\image-columns.php:95
filtermanage_upload_sortable_columnsincludes\image-columns.php:96
actionpre_get_postsincludes\image-columns.php:97
actionadmin_enqueue_scriptsincludes\image-columns.php:98
actioncomage_register_settingsincludes\image-other.php:18
actionadmin_initincludes\image-other.php:118
actionadmin_head-upload.phpincludes\image-other.php:123
actionadmin_head-upload.phpincludes\image-other.php:127
filterupload_mimesincludes\image-other.php:131
actionadmin_head-upload.phpincludes\image-other.php:137
actioncomage_register_settingsincludes\image.php:24
actioncomage_register_settingsincludes\list-actions.php:18
actionadmin_initincludes\list-actions.php:77
filterbulk_actions-edit-postincludes\list-actions.php:80
filterbulk_actions-edit-pageincludes\list-actions.php:81
filterhandle_bulk_actions-edit-postincludes\list-actions.php:82
filterhandle_bulk_actions-edit-pageincludes\list-actions.php:83
actionadmin_noticesincludes\list-actions.php:84
filterpost_row_actionsincludes\list-actions.php:89
filterpage_row_actionsincludes\list-actions.php:90
actioncomage_register_settingsincludes\list-columns.php:18
actionadmin_initincludes\list-columns.php:96
actionadmin_enqueue_scriptsincludes\list-columns.php:104
filterpost_date_column_timeincludes\list-display.php:70
filterpage_date_column_timeincludes\list-display.php:71
filterthe_authorincludes\list-display.php:77
actioncomage_register_settingsincludes\list-filters.php:18
actionadmin_initincludes\list-filters.php:60
actionrestrict_manage_postsincludes\list-filters.php:65
actionpre_get_postsincludes\list-filters.php:68
actionadmin_head-edit.phpincludes\list-status-color.php:59
actionadmin_enqueue_scriptsincludes\list-ui.php:64
actionadmin_head-edit.phpincludes\list-ui.php:67
actionadmin_head-edit.phpincludes\list-ui.php:70
actioncomage_register_settingsincludes\list.php:27
actionadmin_initincludes\list.php:57
filteradmin_email_check_intervalincludes\login-behavior.php:42
filterlogout_redirectincludes\login-redirect.php:43
filterlogin_redirectincludes\login-redirect.php:46
actionlogin_enqueue_scriptsincludes\login-ui.php:76
filterlogin_headerurlincludes\login-ui.php:80
filterthe_privacy_policy_linkincludes\login-ui.php:83
filterlogin_display_language_dropdownincludes\login-ui.php:86
actioncomage_register_settingsincludes\login.php:25
actioninitincludes\login.php:48
actioncomage_register_settingsincludes\menu-add.php:18
actionadmin_menuincludes\menu-add.php:81
actioncomage_register_settingsincludes\menu-hide.php:18
actionadmin_initincludes\menu-hide.php:234
actionadmin_headincludes\menu-hide.php:326
actionadmin_noticesincludes\menu-hide.php:340
actioninitincludes\menu-rename.php:111
actionadmin_menuincludes\menu-rename.php:112
actionadmin_enqueue_scriptsincludes\menu-separator.php:32
actionadmin_menuincludes\menu-submenu.php:59
actioncomage_register_settingsincludes\menu.php:27
actionadmin_initincludes\menu.php:46
actionadmin_menuincludes\menu.php:59
actionadmin_menuincludes\menu.php:60
actionadmin_menuincludes\menu.php:61
actionadmin_menuincludes\menu.php:62
actioncomage_register_settingsincludes\quick.php:18
actionadmin_initincludes\quick.php:132
actionadmin_noticesincludes\quick.php:222
actioncomage_register_settingsincludes\reset.php:8
actionadmin_initincludes\reset.php:109
actionadmin_noticesincludes\reset.php:288
actionadmin_enqueue_scriptsincludes\settings-assets.php:19
actionadmin_menuincludes\settings.php:43
actionadmin_initincludes\settings.php:44
actioncomage_register_settingsincludes\user-actions.php:18
actionadmin_initincludes\user-actions.php:90
filterbulk_actions-usersincludes\user-actions.php:99
filteruser_row_actionsincludes\user-actions.php:102
actionadmin_enqueue_scriptsincludes\user-actions.php:105
actionadmin_head-users.phpincludes\user-actions.php:108
actionadmin_head-users.phpincludes\user-actions.php:111
actioncomage_register_settingsincludes\user-columns.php:18
actionadmin_initincludes\user-columns.php:69
filtermanage_users_columnsincludes\user-columns.php:71
filtermanage_users_custom_columnincludes\user-columns.php:72
actionadmin_enqueue_scriptsincludes\user-columns.php:73
actioncomage_register_settingsincludes\user.php:24
filteruse_widgets_block_editorincludes\widget-block.php:49
actionwidgets_initincludes\widget-classic.php:81
actioncomage_register_settingsincludes\widget.php:23
Maintenance & Trust

Comfortable Admin Page Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 8, 2026
PHP min version7.4
Downloads1K

Community Trust

Rating100/100
Number of ratings1
Active installs30
Alternatives

Comfortable Admin Page Alternatives

WP Custom Admin Interface

WP Custom Admin Interface

wp-custom-admin-interface

A
92

With WP Custom Admin Interface you can easily customise the WordPress admin and login interfaces.

30K 7 CVEs
WP Adminify – White Label WordPress, Admin Menu Editor, Login Customizer

WP Adminify – White Label WordPress, Admin Menu Editor, Login Customizer

adminify

A
95

Transform your WordPress admin into a fully white-labeled, organized client dashboard. Customize, Dark mode, Secure, Boost productivity, and more.

7K 7 CVEs
Admin Setting

Admin Setting

admin-setting

A
85

With Admin Setting you can easily customize the WordPress admin menu and toolbar and customize the admin and login interfaces Admin Setting provides a …

10 No CVEs
WP Admin Bar Effect

WP Admin Bar Effect

wp-admin-bar-effect

A
85

Add slide effect to admin bar for show & hide with mouse hover

10 No CVEs
Sleeker Editor Admin Menu

Sleeker Editor Admin Menu

sleeker-editor-admin-menu

A
92

Customize the left admin menu and the toolbar (top admin bar) for the Editor role.

0 No CVEs
Developer Profile

Comfortable Admin Page Developer Profile

Ryouji Mineya

2 plugins · 30 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Comfortable Admin Page

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/comfortable-admin-page/css/style.css/wp-content/plugins/comfortable-admin-page/js/script.js/wp-content/plugins/comfortable-admin-page/css/admin-bar.css/wp-content/plugins/comfortable-admin-page/js/admin-bar.js/wp-content/plugins/comfortable-admin-page/css/dashboard.css/wp-content/plugins/comfortable-admin-page/js/dashboard.js/wp-content/plugins/comfortable-admin-page/css/list-table-helper.css/wp-content/plugins/comfortable-admin-page/js/list-table-helper.js+18 more
Script Paths
/wp-content/plugins/comfortable-admin-page/js/script.js/wp-content/plugins/comfortable-admin-page/js/admin-bar.js/wp-content/plugins/comfortable-admin-page/js/dashboard.js/wp-content/plugins/comfortable-admin-page/js/list-table-helper.js/wp-content/plugins/comfortable-admin-page/js/editor.js/wp-content/plugins/comfortable-admin-page/js/image.js+7 more
Version Parameters
comfortable-admin-page/style.css?ver=comfortable-admin-page/script.js?ver=

HTML / DOM Fingerprints

CSS Classes
comage-color-picker
HTML Comments
<!-- Comfortable Admin Page Settings -->
Data Attributes
data-default-color
JS Globals
COMAGE_comfortable_admin_page_settings
FAQ

Frequently Asked Questions about Comfortable Admin Page