Does cubicFUSION Admin Enhancer have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is cubicFUSION Admin Enhancer compatible with WordPress 6.9.4?

According to WordPress.org data, cubicFUSION Admin Enhancer 0.6.0.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is cubicFUSION Admin Enhancer compatible with PHP 7.4+?

cubicFUSION Admin Enhancer requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is cubicFUSION Admin Enhancer updated?

cubicFUSION Admin Enhancer was last updated on Feb 2, 2026. Frequent updates are generally a positive security signal.

What is cubicFUSION Admin Enhancer's security score?

cubicFUSION Admin Enhancer has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

cubicFUSION Admin Enhancer Security & Risk Analysis

wordpress.org/plugins/cubicfusion-admin-enhancer

This plugin adds useful admin features and resources to help you tweak the wordpress administration.

0 active installs v0.6.0.0 PHP 7.4+ WP 6.0+ Updated Feb 2, 2026

administrationbrandingdashboardtemplateswhite-label

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is cubicFUSION Admin Enhancer Safe to Use in 2026?

Generally Safe

Score 100/100

cubicFUSION Admin Enhancer has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

The 'cubicfusion-admin-enhancer' plugin version 0.6.0.0 exhibits a mixed security posture. While it has a clean vulnerability history with no known CVEs, the static analysis reveals several areas of concern. The presence of 67 dangerous function calls, including `unserialize` and `assert`, warrants careful consideration. Additionally, the plugin's attack surface includes four AJAX handlers, with one lacking authentication checks, presenting a potential entry point for unauthorized actions. The static analysis also found a single SQL query that is not using prepared statements, which could be susceptible to SQL injection if not handled carefully by the application context. Taint analysis did not reveal critical or high-severity vulnerabilities, but it did identify one flow with an unsanitized path, indicating a potential weakness in data handling. The plugin demonstrates a good number of capability checks and output escaping, suggesting some attention to secure coding practices.

Key Concerns

Unprotected AJAX handler
Dangerous functions like unserialize and assert
SQL query without prepared statements
Taint flow with unsanitized path

Vulnerabilities

None known

cubicFUSION Admin Enhancer Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

cubicFUSION Admin Enhancer Release Timeline

v0.6.0.0Current

v0.5.0.0

v0.4.0.0

v0.3.0.0

Code Analysis

Analyzed Mar 17, 2026

cubicFUSION Admin Enhancer Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

250 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$data = unserialize($serialized, $this->options);inc\closure\src\DeserializationHandler.php:38

unserialize$this->data = unserialize($data);inc\closure\src\SerializableClosure.php:83

unserialize$datetime = @unserialize( trim( $date_value ), array( 'allowed_classes' => array( 'DateTime' ) ) );inc\cmb2\includes\CMB2_Utils.php:571

assertassert($this->indexInParent !== null);inc\scssphp\src\Ast\Css\ModifiableCssNode.php:72

assertassert($this->indexInParent !== null);inc\scssphp\src\Ast\Css\ModifiableCssNode.php:125

assertassert($child->indexInParent !== null);inc\scssphp\src\Ast\Css\ModifiableCssNode.php:132

assertassert($lastDollar !== false);inc\scssphp\src\Ast\Sass\ArgumentDeclaration.php:177

assertassert($dot !== false);inc\scssphp\src\Ast\Sass\ArgumentDeclaration.php:180

assertassert($keywordRest === null || $rest !== null);inc\scssphp\src\Ast\Sass\ArgumentInvocation.php:48

unserialize$c = unserialize($c);inc\scssphp\src\Cache.php:108

assertassert(\is_string($name));inc\scssphp\src\Compiler.php:603

assertassert(\is_array($value));inc\scssphp\src\Compiler.php:706

assertassert(\is_array($value));inc\scssphp\src\Compiler.php:791

assertassert($this->lastVariableIndex !== null);inc\scssphp\src\Evaluation\Environment.php:202

assertassert($this->lastVariableIndex !== null);inc\scssphp\src\Evaluation\Environment.php:232

assertassert($this->lastVariableIndex !== null);inc\scssphp\src\Evaluation\Environment.php:314

assertassert($removedVariables !== null);inc\scssphp\src\Evaluation\Environment.php:532

assertassert($removedFunctions !== null);inc\scssphp\src\Evaluation\Environment.php:539

assertassert($removedMixins !== null);inc\scssphp\src\Evaluation\Environment.php:545

assertassert($css instanceof CssStylesheet);inc\scssphp\src\Evaluation\EvaluateVisitor.php:695

assertassert($import instanceof StaticImport);inc\scssphp\src\Evaluation\EvaluateVisitor.php:1300

assertassert($this->importSpan === null);inc\scssphp\src\Evaluation\EvaluateVisitor.php:1353

assertassert($declaration instanceof MixinRule);inc\scssphp\src\Evaluation\EvaluateVisitor.php:1437

assertassert($this->mediaQuerySources !== null);inc\scssphp\src\Evaluation\EvaluateVisitor.php:1532

assertassert($this->mediaQueries !== null);inc\scssphp\src\Evaluation\EvaluateVisitor.php:1533

assertassert($result instanceof SassNumber);inc\scssphp\src\Evaluation\EvaluateVisitor.php:1955

assertassert(!$node->hasQuotes());inc\scssphp\src\Evaluation\EvaluateVisitor.php:2386

assertassert($argument->getDefaultValue() !== null);inc\scssphp\src\Evaluation\EvaluateVisitor.php:2588

assertassert($argument->getDefaultValue() !== null);inc\scssphp\src\Evaluation\EvaluateVisitor.php:2737

assertassert($key instanceof SassString);inc\scssphp\src\Evaluation\EvaluateVisitor.php:2822

assertassert($key instanceof SassString);inc\scssphp\src\Evaluation\EvaluateVisitor.php:2854

assertassert($grandParent !== null);inc\scssphp\src\Evaluation\EvaluateVisitor.php:3297

assertassert($component1 instanceof ComplexSelectorComponent);inc\scssphp\src\Extend\ExtendUtil.php:526

assertassert($component2 instanceof ComplexSelectorComponent);inc\scssphp\src\Extend\ExtendUtil.php:528

assertassert($combinator2 !== null);inc\scssphp\src\Extend\ExtendUtil.php:604

assertassert($plain !== null); // CSS doesn't allow non-plain identifiersinc\scssphp\src\Parser\CssParser.php:134

assertassert(\is_int($value));inc\scssphp\src\Parser\Parser.php:578

assertassert($name->getAsPlain() !== 'not');inc\scssphp\src\Parser\StylesheetParser.php:1423

assertassert($operands !== null);inc\scssphp\src\Parser\StylesheetParser.php:1937

assertassert($operators !== null);inc\scssphp\src\Parser\StylesheetParser.php:1938

assertassert($operator !== null, 'The list of operators must not be empty');inc\scssphp\src\Parser\StylesheetParser.php:1940

assertassert($left !== null, 'The list of operands must not be empty');inc\scssphp\src\Parser\StylesheetParser.php:1943

assertassert($singleExpression !== null);inc\scssphp\src\Parser\StylesheetParser.php:2345

assertassert($singleExpression !== null);inc\scssphp\src\Parser\StylesheetParser.php:2352

assertassert($beforeBracket !== null);inc\scssphp\src\Parser\StylesheetParser.php:2355

assertassert($this->scanner->peekChar() === '#');inc\scssphp\src\Parser\StylesheetParser.php:2605

assertassert($this->scanner->peekChar() === '+');inc\scssphp\src\Parser\StylesheetParser.php:2718

assertassert($this->scanner->peekChar() === '-');inc\scssphp\src\Parser\StylesheetParser.php:2733

assertassert($this->scanner->peekChar() === '!');inc\scssphp\src\Parser\StylesheetParser.php:2752

assertassert($minimumIndentation !== -1);inc\scssphp\src\Serializer\SerializeVisitor.php:171

assertassert($value instanceof SassString);inc\scssphp\src\Serializer\SerializeVisitor.php:427

assertassert($nodeValue instanceof SassString);inc\scssphp\src\Serializer\SerializeVisitor.php:450

assertassert(Character::isWhitespace($scanner->peekChar(-1)));inc\scssphp\src\Serializer\SerializeVisitor.php:529

assertassert($attribute->getOp() !== null);inc\scssphp\src\Serializer\SerializeVisitor.php:1484

assertassert(\is_int($value));inc\scssphp\src\Util\ParserUtil.php:52

assertassert($end !== null);inc\scssphp\src\Util\StringUtil.php:62

assertassert($this->left instanceof Equatable);inc\scssphp\src\Value\CalculationOperation.php:65

assertassert($this->right instanceof Equatable);inc\scssphp\src\Value\CalculationOperation.php:66

assertassert(\count($numeratorUnits) > 1 || \count($denominatorUnits) > 0);inc\scssphp\src\Value\ComplexSassNumber.php:39

assertassert($argument instanceof Equatable);inc\scssphp\src\Value\SassCalculation.php:861

assertassert(!\is_null($this->red));inc\scssphp\src\Value\SassColor.php:169

assertassert(!\is_null($this->green));inc\scssphp\src\Value\SassColor.php:179

assertassert(!\is_null($this->blue));inc\scssphp\src\Value\SassColor.php:189

assertassert(!\is_null($this->hue));inc\scssphp\src\Value\SassColor.php:199

assertassert(!\is_null($this->saturation));inc\scssphp\src\Value\SassColor.php:209

assertassert(!\is_null($this->lightness));inc\scssphp\src\Value\SassColor.php:219

assertassert($other === null || ($other->getNumeratorUnits() === $newNumeratorUnits && $other->getDenominainc\scssphp\src\Value\SassNumber.php:841

SQL Query Safety

0% prepared1 total queries

Output Escaping

79% escaped315 total outputs

Data Flows · Security

1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths

handle_cache_refresh_redirect (plugins\class-shortcodes.php:76)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

cubicFUSION Admin Enhancer Attack Surface

Entry Points4

Unprotected1

AJAX Handlers 4

authwp_ajax_cmb2_oembed_handlerinc\cmb2\includes\CMB2_Ajax.php:51

noprivwp_ajax_cmb2_oembed_handlerinc\cmb2\includes\CMB2_Ajax.php:52

authwp_ajax_cf_refresh_widget_cacheplugins\class-shortcodes.php:30

authwp_ajax_cf_dismiss_widget_cache_noticeplugins\class-shortcodes.php:33

WordPress Hooks 112

actioninitcore\class-basics.php:33

actioncmb2_admin_initcore\class-gui.php:27

actioncmb2_before_options-page_form_cf_plugins_shortcodescore\class-gui.php:28

actioncmb2_after_options-page_form_cf_plugins_shortcodescore\class-gui.php:29

actionadmin_enqueue_scriptscore\class-gui.php:30

actionadmin_headcore\class-gui.php:31

filteradmin_body_classcore\class-gui.php:32

actioninitcubicfusion.php:38

actioncmb2_admin_initinc\cmb2\example-functions.php:105

actioncmb2_admin_initinc\cmb2\example-functions.php:470

actioncmb2_admin_initinc\cmb2\example-functions.php:500

actioncmb2_admin_initinc\cmb2\example-functions.php:564

actioncmb2_admin_initinc\cmb2\example-functions.php:633

actioncmb2_admin_initinc\cmb2\example-functions.php:674

actioncmb2_initinc\cmb2\example-functions.php:777

actioncmb2_save_options-page_fieldsinc\cmb2\includes\CMB2_Ajax.php:54

filterget_post_metadatainc\cmb2\includes\CMB2_Ajax.php:147

filterupdate_post_metadatainc\cmb2\includes\CMB2_Ajax.php:150

filtercmb2_show_oninc\cmb2\includes\CMB2_Hookup.php:79

actionedit_form_topinc\cmb2\includes\CMB2_Hookup.php:118

actionedit_form_before_permalinkinc\cmb2\includes\CMB2_Hookup.php:122

actionedit_form_after_titleinc\cmb2\includes\CMB2_Hookup.php:126

actionedit_form_after_editorinc\cmb2\includes\CMB2_Hookup.php:130

actionadd_meta_boxesinc\cmb2\includes\CMB2_Hookup.php:134

actionadd_meta_boxesinc\cmb2\includes\CMB2_Hookup.php:137

actionadd_attachmentinc\cmb2\includes\CMB2_Hookup.php:138

actionedit_attachmentinc\cmb2\includes\CMB2_Hookup.php:139

actionsave_postinc\cmb2\includes\CMB2_Hookup.php:140

actionpre_get_postsinc\cmb2\includes\CMB2_Hookup.php:147

actionadd_meta_boxes_commentinc\cmb2\includes\CMB2_Hookup.php:155

actionedit_commentinc\cmb2\includes\CMB2_Hookup.php:156

filtermanage_edit-comments_columnsinc\cmb2\includes\CMB2_Hookup.php:159

actionmanage_comments_custom_columninc\cmb2\includes\CMB2_Hookup.php:160

filtermanage_edit-comments_sortable_columnsinc\cmb2\includes\CMB2_Hookup.php:161

actionpre_get_postsinc\cmb2\includes\CMB2_Hookup.php:162

actionshow_user_profileinc\cmb2\includes\CMB2_Hookup.php:171

actionedit_user_profileinc\cmb2\includes\CMB2_Hookup.php:172

actionuser_new_forminc\cmb2\includes\CMB2_Hookup.php:173

actionpersonal_options_updateinc\cmb2\includes\CMB2_Hookup.php:175

actionedit_user_profile_updateinc\cmb2\includes\CMB2_Hookup.php:176

actionuser_registerinc\cmb2\includes\CMB2_Hookup.php:177

filtermanage_users_columnsinc\cmb2\includes\CMB2_Hookup.php:180

filtermanage_users_custom_columninc\cmb2\includes\CMB2_Hookup.php:181

filtermanage_users_sortable_columnsinc\cmb2\includes\CMB2_Hookup.php:182

actionpre_get_postsinc\cmb2\includes\CMB2_Hookup.php:183

actionpre_get_postsinc\cmb2\includes\CMB2_Hookup.php:229

actioncreated_terminc\cmb2\includes\CMB2_Hookup.php:233

actionedited_termsinc\cmb2\includes\CMB2_Hookup.php:234

actiondelete_terminc\cmb2\includes\CMB2_Hookup.php:235

filterwp_prepare_attachment_for_jsinc\cmb2\includes\CMB2_Hookup_Field.php:54

actionadmin_enqueue_scriptsinc\cmb2\includes\CMB2_Hookup_Field.php:71

actioncmb2_do_oembedinc\cmb2\includes\helper-functions.php:131

filteris_protected_metainc\cmb2\includes\rest-api\CMB2_REST.php:144

actioninitinc\cmb2\init.php:131

actioninitinc\cmb2\init.php:154

actioncmb2_admin_initplugins\class-admin-toolbar.php:24

actionadmin_enqueue_scriptsplugins\class-admin-toolbar.php:25

actioncmb2_before_options-page_form_cf_plugins_admin_toolbarplugins\class-admin-toolbar.php:26

actioncmb2_after_options-page_form_cf_plugins_admin_toolbarplugins\class-admin-toolbar.php:27

actionwp_before_admin_bar_renderplugins\class-admin-toolbar.php:54

actionafter_setup_themeplugins\class-admin-toolbar.php:128

actionwp_before_admin_bar_renderplugins\class-admin-toolbar.php:133

filtercontextual_help_listplugins\class-admin-toolbar.php:148

filterscreen_options_show_screenplugins\class-admin-toolbar.php:155

actioncmb2_admin_initplugins\class-dashboard-gutenberg.php:24

actionadmin_enqueue_scriptsplugins\class-dashboard-gutenberg.php:25

actioncmb2_before_options-page_form_cf_plugins_dashboard_gutenbergplugins\class-dashboard-gutenberg.php:26

actioncmb2_after_options-page_form_cf_plugins_dashboard_gutenbergplugins\class-dashboard-gutenberg.php:27

actionload-index.phpplugins\class-dashboard-gutenberg.php:32

actionwelcome_panelplugins\class-dashboard-gutenberg.php:37

actionadmin_noticesplugins\class-dashboard-gutenberg.php:40

actionadmin_head-index.phpplugins\class-dashboard-gutenberg.php:44

actionadmin_head-index.phpplugins\class-dashboard-gutenberg.php:47

filtershould_load_separate_core_block_assetsplugins\class-dashboard-gutenberg.php:49

filterblock_categories_allplugins\class-dashboard-gutenberg.php:55

actionadmin_initplugins\class-dashboard-gutenberg.php:58

actionadmin_headplugins\class-dashboard-gutenberg.php:62

actionall_admin_noticesplugins\class-dashboard-gutenberg.php:64

filteradmin_body_classplugins\class-dashboard-gutenberg.php:78

actionadmin_footerplugins\class-dashboard-gutenberg.php:90

actionwp_dashboard_setupplugins\class-shortcodes.php:23

actioncmb2_admin_initplugins\class-shortcodes.php:24

actionadmin_enqueue_scriptsplugins\class-shortcodes.php:25

actioncmb2_before_options-page_form_cf_plugins_shortcodes_widgetsplugins\class-shortcodes.php:26

actioncmb2_after_options-page_form_cf_plugins_shortcodes_widgetsplugins\class-shortcodes.php:27

actioninitplugins\class-shortcodes.php:36

actioncf_dashboard_widgets_daily_refreshplugins\class-shortcodes.php:37

actionadmin_noticesplugins\class-shortcodes.php:40

actionadmin_footerplugins\class-shortcodes.php:43

actionadmin_initplugins\class-shortcodes.php:46

actionadmin_noticesplugins\class-shortcodes.php:96

actionwp_dashboard_setupplugins\class-shortcodes.php:658

actioncmb2_admin_initplugins\class-white-label.php:21

actioncmb2_before_options-page_form_cf_plugins_white_labelplugins\class-white-label.php:22

actioncmb2_after_options-page_form_cf_plugins_white_labelplugins\class-white-label.php:23

actionadmin_enqueue_scriptsplugins\class-white-label.php:26

actionlogin_enqueue_scriptsplugins\class-white-label.php:27

actionlogin_headplugins\class-white-label.php:36

filterlogin_headerurlplugins\class-white-label.php:37

filterlogin_headertextplugins\class-white-label.php:38

actionadmin_headplugins\class-white-label.php:43

actionadmin_bar_menuplugins\class-white-label.php:44

actionadmin_headplugins\class-white-label.php:45

actionadmin_menuplugins\class-white-label.php:49

actionadmin_headplugins\class-white-label.php:50

filteradmin_footer_textplugins\class-white-label.php:56

filterupdate_footerplugins\class-white-label.php:57

actionadmin_headplugins\class-white-label.php:64

actionadmin_initplugins\class-white-label.php:70

actionadmin_footerplugins\class-white-label.php:74

filterget_user_option_admin_colorplugins\class-white-label.php:781

actionadmin_headplugins\class-white-label.php:786

Scheduled Events 1

cf_dashboard_widgets_daily_refresh

Maintenance & Trust

cubicFUSION Admin Enhancer Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 2, 2026

PHP min version7.4

Downloads5K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

cubicFUSION Admin Enhancer Alternatives

Branda – White Label & Branding, Free Login Page Customizer

branda-white-labeling

White label & rebrand your login page & WordPress dashboard. Customize system emails & get everything to rebrand WordPress with Branda.

20K 7 CVEs

Ultimate Client Dash

ulimate-client-dash

Create a custom client dashboard, manage user capabilities, white label and rebrand WordPress, provide instructions, create custom widgets and more.

2K 1 CVE

BrandNestor

brandnestor

Customize the WordPress dashboard, admin pages, login and register pages, and more.

200 No CVEs

WP White Label

wp-white-label

The WP White Label plugin is for developers who want to give their clients a more personalised and less confusing content management system.

20 No CVEs

Admin Tailor – Professional Brand Customizer

admin-tailor

100

Transform WordPress into your branded platform. Complete white-label solution for agencies, freelancers, and businesses building professional sites.

0 No CVEs

Developer Profile

cubicFUSION Admin Enhancer Developer Profile

Alex@portalZINE

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect cubicFUSION Admin Enhancer

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/cubicfusion-admin-enhancer/plugins/class-white-label.php/wp-content/plugins/cubicfusion-admin-enhancer/plugins/class-admin-toolbar.php/wp-content/plugins/cubicfusion-admin-enhancer/plugins/class-dashboard-widget.php/wp-content/plugins/cubicfusion-admin-enhancer/plugins/class-login-logo.php/wp-content/plugins/cubicfusion-admin-enhancer/plugins/class-menu-editor.php/wp-content/plugins/cubicfusion-admin-enhancer/plugins/class-post-type-icons.php/wp-content/plugins/cubicfusion-admin-enhancer/plugins/class-quick-links.php/wp-content/plugins/cubicfusion-admin-enhancer/plugins/class-welcome-screen.php+2 more

HTML / DOM Fingerprints

CSS Classes

cubicfusion-admin-enhancer-wrappercubicfusion-admin-enhancer-noticecubicfusion-admin-enhancer-menu-itemcubicfusion-admin-enhancer-dashboard-widget

Data Attributes

data-cubicfusion-admin-enhancer-id

JS Globals

cubicfusionAdminEnhancer

FAQ