WP-Safety

Essential User Rights Security & Risk Analysis

wordpress.org/plugins/essential-user-rights

Easily manage user permissions in WordPress. Restrict editors to specific pages and media. Simple setup - install, configure, and go!

0 active installs v1.0.2 PHP 7.4+ WP 5.0+ Updated Jan 5, 2026
page-accesspermissionsuser-managementuser-rightsuser-roles
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Essential User Rights Safe to Use in 2026?

Generally Safe

Score 100/100

Essential User Rights has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The plugin 'essential-user-rights' v1.0.2 exhibits a strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events significantly limits its attack surface. Furthermore, the code analysis reveals no dangerous functions, file operations, or external HTTP requests, and all SQL queries are properly prepared, outputs are correctly escaped, and nonce and capability checks are implemented where applicable. The lack of any recorded vulnerabilities or CVEs in its history further bolsters this positive assessment.

Vulnerabilities
None known

Essential User Rights Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Essential User Rights Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
12 escaped
Nonce Checks
2
Capability Checks
4
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

100% escaped12 total outputs
Attack Surface

Essential User Rights Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 17
actionplugins_loadedessential-user-rights.php:31
actionadmin_enqueue_scriptsincludes\assets.php:37
actionshow_user_profileincludes\user-page.php:91
actionedit_user_profileincludes\user-page.php:92
actionpersonal_options_updateincludes\user-page.php:127
actionedit_user_profile_updateincludes\user-page.php:128
actionpre_get_postsincludes\user-page.php:145
actionpre_post_updateincludes\user-page.php:174
actionadmin_enqueue_scriptsincludes\user-page.php:191
actionadmin_menuincludes\user-page.php:198
actionsave_postincludes\user-page.php:218
actionadmin_menuincludes\user-page.php:236
actionshow_user_profileincludes\user-page.php:275
actionedit_user_profileincludes\user-page.php:276
actionpersonal_options_updateincludes\user-page.php:307
actionedit_user_profile_updateincludes\user-page.php:308
actionpre_get_postsincludes\user-page.php:337
Maintenance & Trust

Essential User Rights Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 5, 2026
PHP min version7.4
Downloads444

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Essential User Rights Alternatives

PublishPress Capabilities – User Role Editor, Access Permissions, User Capabilities, Admin Menus

PublishPress Capabilities – User Role Editor, Access Permissions, User Capabilities, Admin Menus

capability-manager-enhanced

A
96

PublishPress Capabilities is the access control plugin. You can manage user capabilities, permissions, user roles, admin menus and more.

100K 4 CVEs
Editorial Access Manager

Editorial Access Manager

editorial-access-manager

A
85

Allow for granular editorial access control for all post types in WordPress

80 No CVEs
User Management

User Management

user-management

C
66

User Import Export plugin allows you to export and import WordPress Users and Roles.

60 1 unpatched
Domain Based Role Assignment

Domain Based Role Assignment

domain-based-role-assignment

A
100

Automatically assign WordPress user roles based on email domains during registration with an easy-to-use domain management interface.

10 No CVEs
Role Based User Deleter

Role Based User Deleter

role-based-user-deleter

A
100

Easily delete users based on their roles with Role Based User Deleter. Manage your WordPress users efficiently and securely.

10 No CVEs
Developer Profile

Essential User Rights Developer Profile

Stephan Wagner

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Essential User Rights

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/essential-user-rights/assets/css/essential-user-rights-main.css/wp-content/plugins/essential-user-rights/assets/css/essential-user-rights-main.min.css/wp-content/plugins/essential-user-rights/assets/js/essential-user-rights-main.js/wp-content/plugins/essential-user-rights/assets/js/essential-user-rights-main.min.js
Script Paths
/wp-content/plugins/essential-user-rights/assets/js/essential-user-rights-main.js/wp-content/plugins/essential-user-rights/assets/js/essential-user-rights-main.min.js
Version Parameters
essential-user-rights/assets/css/essential-user-rights-main.css?ver=essential-user-rights/assets/css/essential-user-rights-main.min.css?ver=essential-user-rights/assets/js/essential-user-rights-main.js?ver=essential-user-rights/assets/js/essential-user-rights-main.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
essential-user-rights__form-descriptionessential-user-rights__form-pages
HTML Comments
<!-- TODO $blog_posts_allow_own = get_user_meta($user->ID, 'blog_posts_allow_own', true); --><!-- TODO margin-bottom: 5px; --><!-- TODO --><!-- TODO update_user_meta($user_id, 'blog_posts_allow_own', isset($_POST['blog_posts_allow_own']) ? '1' : '0'); -->
Data Attributes
name="blog_posts_disallow"id="blog_posts_disallow"name="blog_posts_allow_own"id="blog_posts_allow_own"name="allowed_pages[]"name="essential_user_rights__custom_user_profile_fields_nonce"
FAQ

Frequently Asked Questions about Essential User Rights