Does Dashboard Plus have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Dashboard Plus compatible with WordPress 6.9.4?

According to WordPress.org data, Dashboard Plus 1.3.3 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Dashboard Plus compatible with PHP 8.1+?

Dashboard Plus requires PHP 8.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Dashboard Plus updated?

Dashboard Plus was last updated on Dec 4, 2025. Frequent updates are generally a positive security signal.

What is Dashboard Plus's security score?

Dashboard Plus has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Dashboard Plus Security & Risk Analysis

wordpress.org/plugins/dashboardplus

Everything you need to customize your WordPress Dashboard , Login Page.

0 active installs v1.3.3 PHP 8.1+ WP 6.7+ Updated Dec 4, 2025

brandingcustomizerdashboardlive-previewwp-login

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Dashboard Plus Safe to Use in 2026?

Generally Safe

Score 100/100

Dashboard Plus has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago

Risk Assessment

The plugin "dashboardplus" v1.3.3 exhibits a generally good security posture with no known historical vulnerabilities. The static analysis reveals a very limited attack surface, with no exposed AJAX handlers, REST API routes, shortcodes, or cron events. Furthermore, all identified SQL queries utilize prepared statements, and the vast majority of output operations are properly escaped. The presence of nonce and capability checks, although not universally applied across all potential entry points (which are none in this case), demonstrates an awareness of security best practices. The plugin also avoids external HTTP requests and file operations, further reducing its risk profile. The primary concern identified in the static analysis is the presence of the `unserialize` function, which can be a significant security risk if it processes untrusted input. While no specific taint flows were identified as critical or high severity, the existence of two flows with "unsanitized paths" warrants caution, as these could potentially lead to vulnerabilities if the input sources are not rigorously controlled.

Key Concerns

Use of unserialize function
Flows with unsanitized paths found

Vulnerabilities

None known

Dashboard Plus Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Dashboard Plus Release Timeline

v1.3.3Current

v1.3.2

v1.3.1

v1.1.1

v1.1.0

v1.0.9

v1.0.8

v1.0.7

v1.0.6

Code Analysis

Analyzed Apr 6, 2026

Dashboard Plus Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

275 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$data = unserialize( $data );classes/cls-array.php:50

Output Escaping

91% escaped303 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

login_footer (modules/customizer/templates/dashplu-login-page.php:271)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Dashboard Plus Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 38

actionadmin_menumodules/branding/dashpls-branding.php:58

actionadmin_enqueue_scriptsmodules/branding/dashpls-branding.php:60

actionadmin_initmodules/branding/dashpls-branding.php:61

actionadmin_headmodules/branding/dashpls-branding.php:62

filteradmin_footer_textmodules/branding/dashpls-branding.php:64

filterupdate_footermodules/branding/dashpls-branding.php:65

actioncustomize_controls_print_stylesmodules/customizer/controls/bggalry.php:76

actionadmin_menumodules/customizer/dashpls-customizer.php:70

actionwpmodules/customizer/dashpls-customizer.php:77

actioncustomize_registermodules/customizer/dashpls-customizer.php:86

actioncustomize_controls_print_stylesmodules/customizer/dashpls-customizer.php:91

actioncustomize_controls_enqueue_scriptsmodules/customizer/dashpls-customizer.php:92

actioncustomize_preview_initmodules/customizer/dashpls-customizer.php:94

actionlogin_enqueue_scriptsmodules/customizer/dashpls-customizer.php:95

filterlogin_headerurlmodules/customizer/dashpls-customizer.php:96

filterlogin_headertextmodules/customizer/dashpls-customizer.php:97

filtergettextmodules/customizer/dashpls-customizer.php:98

actionlogin_headmodules/customizer/templates/dashplu-login-page.php:40

actionlogin_headmodules/customizer/templates/dashplu-login-page.php:42

actionlogin_headmodules/customizer/templates/dashplu-login-page.php:60

actionadmin_menumodules/customizer/testing file dashpls-customizer.php.php:60

actioninitmodules/customizer/testing file dashpls-customizer.php.php:63

actioninitmodules/customizer/testing file dashpls-customizer.php.php:64

actionwpmodules/customizer/testing file dashpls-customizer.php.php:65

actioninitmodules/customizer/testing file dashpls-customizer.php.php:68

actionadmin_initmodules/customizer/testing file dashpls-customizer.php.php:69

actioncustomize_registermodules/customizer/testing file dashpls-customizer.php.php:72

actioncustomize_registermodules/customizer/testing file dashpls-customizer.php.php:73

actioncustomize_registermodules/customizer/testing file dashpls-customizer.php.php:74

actioncustomize_controls_print_stylesmodules/customizer/testing file dashpls-customizer.php.php:77

actioncustomize_controls_enqueue_scriptsmodules/customizer/testing file dashpls-customizer.php.php:78

actionlogin_enqueue_scriptsmodules/customizer/testing file dashpls-customizer.php.php:79

actioncustomize_preview_initmodules/customizer/testing file dashpls-customizer.php.php:80

actionlogin_enqueue_scriptsmodules/customizer/testing file dashpls-customizer.php.php:81

actionadmin_menumodules/mainframe/dashpls-mainframe.php:19

actionadmin_headmodules/mainframe/dashpls-mainframe.php:20

actionplugins_loadedsetup.php:38

actionadmin_enqueue_scriptssetup.php:41

Maintenance & Trust

Dashboard Plus Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 4, 2025

PHP min version8.1

Downloads863

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Dashboard Plus Alternatives

Branda – White Label & Branding, Free Login Page Customizer

branda-white-labeling

White label & rebrand your login page & WordPress dashboard. Customize system emails & get everything to rebrand WordPress with Branda.

20K 7 CVEs

Awesome Login Customizer

awesome-login-customizer

100

Easily customize your WordPress login page to match your brand with Awesome Login Customizer.

0 No CVEs

LoginPress | wp-login Custom Login Page Customizer

loginpress

LoginPress is a Custom Login Page Customizer plugin allows you to easily customize the layout of login, admin login, client login, register pages.

200K 6 CVEs

White Label CMS

white-label-cms

Customise dashboard panels and branding, hide menus plus lots more.

200K 7 CVEs

Custom Login Page Customizer

Custom Login Customizer allows you to easily customize your admin login page, straight from your WordPress Customizer!

90K 1 CVE

Developer Profile

Dashboard Plus Developer Profile

Muhammad Ijaz Anjum

2 plugins · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Dashboard Plus

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/dashboardplus/assets/css/dashboard.css/wp-content/plugins/dashboardplus/assets/css/colorpicker.css/wp-content/plugins/dashboardplus/assets/js/colorpicker.js/wp-content/plugins/dashboardplus/assets/js/customizer.js/wp-content/plugins/dashboardplus/assets/js/dashboard.js/wp-content/plugins/dashboardplus/assets/js/login.js/wp-content/plugins/dashboardplus/assets/js/wp-color-picker-alpha.js/wp-content/plugins/dashboardplus/assets/js/vendors/bootstrap.bundle.min.js+7 more

Script Paths

/wp-content/plugins/dashboardplus/assets/js/customizer.js/wp-content/plugins/dashboardplus/assets/js/dashboard.js/wp-content/plugins/dashboardplus/assets/js/login.js/wp-content/plugins/dashboardplus/assets/js/vendors/bootstrap.bundle.min.js/wp-content/plugins/dashboardplus/assets/js/vendors/jquery.slimscroll.min.js/wp-content/plugins/dashboardplus/assets/js/vendors/sweetalert.min.js+3 more

Version Parameters

dashboardplus/assets/css/dashboard.css?ver=dashboardplus/assets/css/colorpicker.css?ver=dashboardplus/assets/js/colorpicker.js?ver=dashboardplus/assets/js/customizer.js?ver=dashboardplus/assets/js/dashboard.js?ver=dashboardplus/assets/js/login.js?ver=dashboardplus/assets/js/wp-color-picker-alpha.js?ver=dashboardplus/assets/js/vendors/bootstrap.bundle.min.js?ver=dashboardplus/assets/js/vendors/jquery.slimscroll.min.js?ver=dashboardplus/assets/js/vendors/sweetalert.min.js?ver=dashboardplus/modules/branding/assets/css/branding.css?ver=dashboardplus/modules/login/assets/css/login.css?ver=dashboardplus/modules/login/assets/js/login.js?ver=dashboardplus/modules/login/assets/js/register.js?ver=dashboardplus/modules/login/assets/js/resetpassword.js?ver=

HTML / DOM Fingerprints

CSS Classes

dashpls-colorpickerdashpls-trigger-name

Data Attributes

data-dashpls-trigger-namedata-dashpls-trigger-namedata-dashpls-trigger-namedata-dashpls-trigger-namedata-dashpls-trigger-namedata-dashpls-trigger-name+2 more

JS Globals

Dashpls

FAQ