WP-Safety

Contextual Adminbar Color Security & Risk Analysis

wordpress.org/plugins/contextual-adminbar-color

Use custom admin bar colors and favicons to differentiate your environments (staging/prod)

500 active installs v0.3.1 PHP 5.6+ WP 5.4+ Updated Nov 27, 2025
adminbarcolorenvironmentpreprodscheme
100
A · Safe
CVEs total1
Unpatched0
Last CVEJan 17, 2020
Plugin page Download
Safety Verdict

Is Contextual Adminbar Color Safe to Use in 2026?

Generally Safe

Score 100/100

Contextual Adminbar Color has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jan 17, 2020Updated 4mo ago
Risk Assessment

The contextual-adminbar-color plugin v0.3.1 exhibits a generally positive security posture based on the provided static analysis. The absence of any detected dangerous functions, external HTTP requests, file operations, or SQL queries without prepared statements are significant strengths. Furthermore, the complete lack of untainted flows and the presence of nonce checks are encouraging indicators of secure coding practices. However, the plugin's history of a medium-severity Cross-Site Scripting (XSS) vulnerability, though patched, suggests that input sanitization and output escaping, even when seemingly sufficient, warrant careful attention. While the current static analysis indicates good output escaping (75% properly escaped), the past vulnerability implies a potential for subtle oversight in specific output contexts. The lack of capability checks on entry points, though currently minimal due to a small attack surface, could become a concern if the plugin's functionality expands without corresponding security enhancements.

Key Concerns

  • Past medium severity XSS vulnerability
  • Only 75% of outputs properly escaped
  • No capability checks on entry points
Vulnerabilities
1

Contextual Adminbar Color Security Vulnerabilities

CVEs by Year

1 CVE in 2020
2020
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

WF-db3a9106-2d90-44fe-a86b-9ea882f56eb4-contextual-adminbar-colormedium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Contextual Adminbar Color <= 0.2 - Stored Cross-Site Scripting

Jan 17, 2020 Patched in 0.3 (1467d)
Code Analysis
Analyzed Mar 16, 2026

Contextual Adminbar Color Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
12
36 escaped
Nonce Checks
1
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

75% escaped48 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
contextual_adminbar_color_submenu_page_callback (contextual-adminbar-color.php:160)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Contextual Adminbar Color Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 7
actionadmin_enqueue_scriptscontextual-adminbar-color.php:27
actionwp_enqueue_scriptscontextual-adminbar-color.php:42
filteradmin_body_classcontextual-adminbar-color.php:55
filterbody_classcontextual-adminbar-color.php:66
actionadmin_bar_menucontextual-adminbar-color.php:81
actionget_site_icon_urlcontextual-adminbar-color.php:93
actionadmin_menucontextual-adminbar-color.php:158
Maintenance & Trust

Contextual Adminbar Color Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedNov 27, 2025
PHP min version5.6
Downloads9K

Community Trust

Rating100/100
Number of ratings8
Active installs500
Alternatives

Contextual Adminbar Color Alternatives

Default Admin Color Scheme

Default Admin Color Scheme

default-admin-color-scheme

A
100

Select a default admin color scheme for new and existing users. Optionally disable the color scheme picker to force a color scheme for all users.

800 No CVEs
Force Admin Color Scheme

Force Admin Color Scheme

force-admin-color-scheme

A
100

Force a single admin color scheme for all users of the site.

600 No CVEs
Grey Admin Color Schemes

Grey Admin Color Schemes

grey-admin-color-schemes

A
85

Grey color schemes for WordPress 3.8's admin area.

300 No CVEs
Colorize Admin

Colorize Admin

colorize-admin

A
85

This is a simple plugin that will make your wp admin panel theme much more pleasant for work.

200 No CVEs
Easy Backend-Style

Easy Backend-Style

easybackendstyle

A
100

This plugin allows you to easily customize the colors in the backend. The changes are easily made via predefined fields.

200 No CVEs
Developer Profile

Contextual Adminbar Color Developer Profile

Jb Audras

24 plugins · 64K total installs

78
trust score
Avg Security Score
98/100
Avg Patch Time
661 days
View full developer profile
Detection Fingerprints

How We Detect Contextual Adminbar Color

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/contextual-adminbar-color/css//wp-content/plugins/contextual-adminbar-color/images/favicons/

HTML / DOM Fingerprints

CSS Classes
contextual-adminbar-color
JS Globals
CONTEXTUAL_ADMINBAR_COLORCONTEXTUAL_ADMINBAR_FAVICONCONTEXTUAL_ADMINBAR_MESSAGECONTEXTUAL_ADMINBAR_SETTINGS
FAQ

Frequently Asked Questions about Contextual Adminbar Color