WP-Safety

Multisite Enhancements Security & Risk Analysis

wordpress.org/plugins/multisite-enhancements

Enhance Multisite for Network Admins with different topics

70 active installs v1.7.1 PHP 7.2+ WP 4.6+ Updated Jul 18, 2024
admin-baradministrationmultisitenetwork
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Multisite Enhancements Safe to Use in 2026?

Generally Safe

Score 92/100

Multisite Enhancements has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

Based on the static analysis, this plugin exhibits a strong security posture. The complete absence of an attack surface, including AJAX handlers, REST API routes, shortcodes, and cron events, significantly reduces the potential for external exploitation. The code also demonstrates good practices with 100% of SQL queries using prepared statements and a high percentage of output escaping (88%). The presence of a nonce check and multiple capability checks further indicates an effort to secure its functionality. The vulnerability history is also clean, with no known CVEs, suggesting a history of secure development and maintenance.

While the static analysis reveals no critical or high-severity issues, the limited data on taint analysis (0 flows analyzed) means that the full extent of potential vulnerabilities related to data sanitization and handling might not be fully captured. The 12% of improperly escaped output, though not flagged as critical, could still present a Cross-Site Scripting (XSS) risk in certain contexts. The plugin's lack of an attack surface is a significant strength, but the limited taint analysis leaves room for potential, albeit likely minor, vulnerabilities to be undetected.

Key Concerns

  • Unescaped output detected
Vulnerabilities
None known

Multisite Enhancements Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Multisite Enhancements Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
4
28 escaped
Nonce Checks
1
Capability Checks
7
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

88% escaped32 total outputs
Attack Surface

Multisite Enhancements Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 40
actionplugins_loadedmultisite-enhancements.php:20
filteradmin_noticesmultisite-enhancements.php:58
actioninitmultisite-enhancements.php:67
actionadmin_bar_menusrc\class-add-admin-favicon.php:65
filterwpmu_blogs_columnssrc\class-add-blog-id.php:28
actionmanage_sites_custom_columnsrc\class-add-blog-id.php:29
filtermanage_users-network_columnssrc\class-add-blog-id.php:32
filtermanage_users_custom_columnsrc\class-add-blog-id.php:33
actionadmin_print_styles-sites.phpsrc\class-add-blog-id.php:35
actionadmin_print_styles-users.phpsrc\class-add-blog-id.php:36
actionadmin_enqueue_scriptssrc\class-add-css.php:32
actionload-plugins.phpsrc\class-add-plugin-list.php:75
actionactivated_pluginsrc\class-add-plugin-list.php:78
actiondeactivated_pluginsrc\class-add-plugin-list.php:80
filtermanage_plugins-network_columnssrc\class-add-plugin-list.php:93
actionmanage_plugins_custom_columnsrc\class-add-plugin-list.php:94
actionnetwork_admin_noticessrc\class-add-plugin-list.php:329
filtermultisite_enhancements_add_admin_bar_favicon_csssrc\class-add-site-status-labels.php:33
actionadmin_bar_menusrc\class-add-site-status-labels.php:34
filterwpmu_blogs_columnssrc\class-add-ssl-identifier.php:28
actionmanage_sites_custom_columnsrc\class-add-ssl-identifier.php:29
actionadmin_print_styles-sites.phpsrc\class-add-ssl-identifier.php:31
actionload-themes.phpsrc\class-add-theme-list.php:72
actionswitch_themesrc\class-add-theme-list.php:75
filtermanage_themes-network_columnssrc\class-add-theme-list.php:89
actionmanage_themes_custom_columnsrc\class-add-theme-list.php:90
actionupdate_site_option_allowedthemessrc\class-add-theme-list.php:92
actionnetwork_admin_noticessrc\class-add-theme-list.php:335
filtermanage_users-network_columnssrc\class-add-user-last-login.php:20
filtermanage_users-network_sortable_columnssrc\class-add-user-last-login.php:21
actionpre_get_userssrc\class-add-user-last-login.php:22
filtermanage_users_custom_columnsrc\class-add-user-last-login.php:23
actionset_auth_cookiesrc\class-add-user-last-login.php:24
actionadmin_bar_menusrc\class-admin-bar-tweaks.php:21
actionadmin_footer_textsrc\class-change-footer-text.php:54
actionadmin_enqueue_scriptssrc\class-filtering-themes.php:20
actionadmin_menusrc\class-multisite-add-new-plugin.php:26
actionadmin_initsrc\class-settings.php:50
actionnetwork_admin_menusrc\class-settings.php:52
actionnetwork_admin_edit_wpme_update_settingssrc\class-settings.php:54
Maintenance & Trust

Multisite Enhancements Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5
Last updatedJul 18, 2024
PHP min version7.2
Downloads174K

Community Trust

Rating90/100
Number of ratings48
Active installs70
Alternatives

Multisite Enhancements Alternatives

Unconfirmed

Unconfirmed

unconfirmed

B
84

Allows WordPress admins to manage unactivated users, by activating them manually, deleting their pending registrations, or resending the activation em …

2K 1 CVE
WP Hide Dashboard

WP Hide Dashboard

wp-hide-dashboard

A
85

Hide the Dashboard menu, Personal Options section and Help link on the Profile page from your subscribers when they are logged in.

2K No CVEs
Network Username Restrictions Override

Network Username Restrictions Override

network-username-restrictions-override

A
92

Override restrictions on WordPress network usernames.

100 No CVEs
Plugin Activation Status

Plugin Activation Status

plugin-activation-status

A
85

Scans a multisite or multi-network installation to identify all plugins that are active or not.

100 No CVEs
WP Over Network

WP Over Network

wp-over-network

A
85

Add ability to get posts from over your network sites. Supports widget, shortcode, and customizable original function.

90 No CVEs
Developer Profile

Multisite Enhancements Developer Profile

Frank Bueltge

5 plugins · 101K total installs

86
trust score
Avg Security Score
89/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Multisite Enhancements

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/multisite-enhancements/assets/css/wordpress-multisite-enhancements.css/wp-content/plugins/multisite-enhancements/assets/css/wordpress-multisite-enhancements.min.css/wp-content/plugins/multisite-enhancements/assets/js/filtering-themes.js/wp-content/plugins/multisite-enhancements/assets/js/filtering-themes.min.js
Script Paths
/wp-content/plugins/multisite-enhancements/assets/js/filtering-themes.js/wp-content/plugins/multisite-enhancements/assets/js/filtering-themes.min.js
Version Parameters
plugins_url( '/assets/css/wordpress-multisite-enhancementsplugins_url( '/assets/js/filtering-themes

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about Multisite Enhancements