Does Hide Admin Columns have any unpatched vulnerabilities?

No. All known vulnerabilities in Hide Admin Columns have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Hide Admin Columns compatible with WordPress 6.6.5?

According to WordPress.org data, Hide Admin Columns 1.0.1 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

Is Hide Admin Columns compatible with PHP 5.6+?

Hide Admin Columns requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Hide Admin Columns updated?

Hide Admin Columns was last updated on Aug 4, 2024. Frequent updates are generally a positive security signal.

What is Hide Admin Columns's security score?

Hide Admin Columns has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Hide Admin Columns Security & Risk Analysis

wordpress.org/plugins/hide-admin-columns

Hide columns in the WordPress admin list tables for custom post types.

10 active installs v1.0.1 PHP 5.6+ WP 5.0+ Updated Aug 4, 2024

admincolumnshidepost-typesvisibility

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Hide Admin Columns Safe to Use in 2026?

Generally Safe

Score 92/100

Hide Admin Columns has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The hide-admin-columns plugin v1.0.1 exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The absence of critical or high severity taint flows, dangerous functions, raw SQL queries, and file operations is highly commendable. Furthermore, the robust implementation of nonces and capability checks for all identified entry points (AJAX handlers) suggests a good understanding of WordPress security best practices. The plugin also boasts a clean vulnerability history with no recorded CVEs, further reinforcing its current security standing.

However, a minor concern arises from the output escaping. While 92% of outputs are properly escaped, the remaining 8% represent a small but present risk. This could potentially lead to stored or reflected cross-site scripting (XSS) vulnerabilities if the unescaped outputs are user-controlled or derived from untrusted sources. While the attack surface is small and all entry points are protected, maintaining 100% output escaping is ideal for complete security. Overall, the plugin is well-secured, with only a minimal area for improvement in output sanitization.

Key Concerns

Outputs not properly escaped (8%)

Vulnerabilities

None known

Hide Admin Columns Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Hide Admin Columns Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

11 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

92% escaped12 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

ajax_save_column_visibility (includes\class-hide-admin-columns.php:211)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Hide Admin Columns Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 2

authwp_ajax_get_columns_for_post_typeincludes\class-hide-admin-columns.php:50

authwp_ajax_save_column_visibilityincludes\class-hide-admin-columns.php:51

WordPress Hooks 6

actionwp_loadedhide-admin-columns.php:26

actionadmin_menuincludes\class-hide-admin-columns.php:47

actionadmin_enqueue_scriptsincludes\class-hide-admin-columns.php:48

actionadmin_initincludes\class-hide-admin-columns.php:49

actionadmin_initincludes\class-hide-admin-columns.php:53

filterwpseo_always_register_metaboxes_on_adminincludes\class-hide-admin-columns.php:140

Maintenance & Trust

Hide Admin Columns Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedAug 4, 2024

PHP min version5.6

Downloads719

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Hide Admin Columns Alternatives

Post Admin Word Count

post-admin-word-count

100

Adds a sortable word count column to the admin post list for all public post types. Efficient, lightweight and built with modern best practices.

3K No CVEs

Adjust Users Screen

adjust-users-screen

100

Alter the Users screen in the admin, re-ordering the columns and turning individual columns on or off.

10 No CVEs

Simple Custom Admin Columns

idevelop-simple-custom-admin-columns

100

Provides an intuitive way for each user to customize their WordPress admin dashboard by hiding unnecessary menu items.

0 No CVEs

Admin Columns

codepress-admin-columns

100

Customise columns on the administration screens for post(types), pages, media, comments, links and users with an easy to use drag-and-drop interface.

100K No CVEs

Disable Admin Notices – Hide Dashboard Notifications

disable-admin-notices

Disable admin notices and hide dashboard notifications from plugins, themes and core. Hide all notices, selected ones, or show them in a single line.

100K 2 CVEs

Developer Profile

Hide Admin Columns Developer Profile

Bishoy.A

5 plugins · 8K total installs

trust score

Avg Security Score

91/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Hide Admin Columns

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/hide-admin-columns/admin/css/style.css/wp-content/plugins/hide-admin-columns/admin/js/script.js

Script Paths

/wp-content/plugins/hide-admin-columns/admin/js/script.js

Version Parameters

hide-admin-columns/admin/css/style.css?ver=hide-admin-columns/admin/js/script.js?ver=

HTML / DOM Fingerprints

Data Attributes

data-post-type

JS Globals

hac_nonce_action

FAQ