Does Access have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Access compatible with WordPress 5.3.21?

According to WordPress.org data, Access 1.0.4 has been tested up to WordPress 5.3.21. Check the plugin's changelog for the latest compatibility information.

How often is Access updated?

Access was last updated on Nov 16, 2019. Frequent updates are generally a positive security signal.

What is Access's security score?

Access has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Access Security & Risk Analysis

wordpress.org/plugins/leira-access

Restrict your users access to different site sections like navs, widgets, blocks, pages, categories etc.

10 active installs v1.0.4 PHP + WP 4.1+ Updated Nov 16, 2019

accesscontentrestrictuserswidgets

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Access Safe to Use in 2026?

Generally Safe

Score 85/100

Access has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago

Risk Assessment

The 'leira-access' plugin v1.0.4 exhibits a generally good security posture based on the provided static analysis. The absence of any recorded vulnerabilities in its history, including critical or high severity issues, is a positive indicator. The code also demonstrates sound development practices with 100% of SQL queries using prepared statements and the inclusion of nonce and capability checks. File operations and external HTTP requests are also not present, reducing common attack vectors.

However, a significant concern lies in the limited output escaping, with only 46% of outputs being properly escaped. This leaves the plugin vulnerable to potential cross-site scripting (XSS) attacks if user-supplied data is not sufficiently sanitized before being rendered in the frontend or backend. While the attack surface appears minimal with zero entry points detected, and therefore no unprotected ones, the identified output escaping deficiency represents a tangible risk that could be exploited.

In conclusion, 'leira-access' v1.0.4 benefits from a clean vulnerability history and several good security practices. The main weakness is the insufficient output escaping, which requires immediate attention. Addressing this will significantly improve the plugin's overall security and mitigate the risk of XSS vulnerabilities.

Key Concerns

Insufficient output escaping (46%)

Vulnerabilities

None known

Access Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Access Release Timeline

v1.0.4Current

v1.0.3

v1.0.2

v1.0.1

v1.0.0

Code Analysis

Analyzed Apr 16, 2026

Access Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

16 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared2 total queries

Output Escaping

46% escaped35 total outputs

Attack Surface

Access Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 36

actionadd_meta_boxesadmin/class-leira-access-admin-post-type.php:28

actioninitadmin/class-leira-access-admin.php:65

actionenqueue_block_editor_assetsadmin/class-leira-access-admin.php:71

actionplugins_loadedincludes/class-leira-access.php:225

actionadmin_enqueue_scriptsincludes/class-leira-access.php:241

actionadmin_enqueue_scriptsincludes/class-leira-access.php:243

filterwp_edit_nav_menu_walkerincludes/class-leira-access.php:254

filterwp_nav_menu_item_custom_fieldsincludes/class-leira-access.php:257

actionwp_update_nav_menu_itemincludes/class-leira-access.php:260

actionin_widget_formincludes/class-leira-access.php:270

filterwidget_update_callbackincludes/class-leira-access.php:272

actionload-post.phpincludes/class-leira-access.php:282

actionload-post-new.phpincludes/class-leira-access.php:285

actionquick_edit_custom_boxincludes/class-leira-access.php:305

actionsave_postincludes/class-leira-access.php:308

actionadmin_enqueue_scriptsincludes/class-leira-access.php:311

actionquick_edit_custom_boxincludes/class-leira-access.php:345

actionadmin_enqueue_scriptsincludes/class-leira-access.php:348

actionenqueue_block_editor_assetsincludes/class-leira-access.php:363

actionadmin_footerincludes/class-leira-access.php:365

actionwp_enqueue_scriptsincludes/class-leira-access.php:383

actionwp_enqueue_scriptsincludes/class-leira-access.php:384

filterwp_get_nav_menu_itemsincludes/class-leira-access.php:398

filterleira_access_menu_item_visibilityincludes/class-leira-access.php:402

filterwidget_display_callbackincludes/class-leira-access.php:412

filterwidget_posts_argsincludes/class-leira-access.php:414

filterwidget_pages_argsincludes/class-leira-access.php:416

filterwidget_comments_argsincludes/class-leira-access.php:418

filterwidget_categories_argsincludes/class-leira-access.php:420

actionrss_headincludes/class-leira-access.php:431

actionwpincludes/class-leira-access.php:440

actionwpincludes/class-leira-access.php:449

actionpre_get_postsincludes/class-leira-access.php:451

actionrender_blockincludes/class-leira-access.php:460

actioninitincludes/class-leira-access.php:473

filterthe_contentpublic/class-leira-access-public-feed.php:21

Maintenance & Trust

Access Maintenance & Trust

Maintenance Signals

WordPress version tested5.3.21

Last updatedNov 16, 2019

PHP min version

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Access Alternatives

Advanced Access Manager – Access Governance for WordPress

advanced-access-manager

Access Governance for WordPress. Control roles, users, content, admin areas, and APIs to prevent broken access controls and excessive privileges.

100K 11 CVEs

Content Control – The Ultimate Content Restriction Plugin! Restrict Content, Create Conditional Blocks & More

content-control

Restrict content based on login status, user roles, device type & more. Monetize your content with a paywall or members-only content.

40K 4 CVEs

Restrict User Access – Ultimate Membership & Content Protection

restrict-user-access

Create Access Levels and restrict any post, page, category, etc. Supports bbPress, BuddyPress, WooCommerce, WPML, and more.

10K 2 CVEs

s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions

s2member

❤️ Excellent membership plugin! Easy, quick, flexible. Monetize your site with memberships and subscriptions. Protect content instantly and securely.

9K 12 CVEs

Page and Post Restriction

page-and-post-restriction

Restrict content access for WordPress (WP) | Restrict pages/posts in WP based on user roles and login status to protect content

2K 3 CVEs

Developer Profile

Access Developer Profile

Ariel

5 plugins · 9K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

12 days

View full developer profile

Detection Fingerprints

How We Detect Access

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/leira-access/js/leira-access-admin-block.js/wp-content/plugins/leira-access/js/leira-access-admin-quick-edit-post.js

Script Paths

/wp-content/plugins/leira-access/js/leira-access-admin-block.js

HTML / DOM Fingerprints

Data Attributes

leira-access-meta-box

JS Globals

wp['_leira-access']

FAQ