WP-Safety

NoteFlow – Smart Notes Manager for WordPress Admin Security & Risk Analysis

wordpress.org/plugins/noteflow

A simple and efficient notes manager for WordPress admin dashboard. Create, organize, and manage your notes directly from WordPress.

0 active installs v1.6.0 PHP 7.2+ WP 5.2+ Updated Feb 24, 2026
admin-notesdashboard-notesnotestask-managementto-do-list
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is NoteFlow – Smart Notes Manager for WordPress Admin Safe to Use in 2026?

Generally Safe

Score 100/100

NoteFlow – Smart Notes Manager for WordPress Admin has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The 'noteflow' v1.6.0 plugin demonstrates a generally strong security posture based on the provided static analysis. The absence of shortcodes, cron events, and REST API routes limits its attack surface. Crucially, all identified AJAX handlers are protected with nonce checks, and there are no recorded vulnerabilities or CVEs, indicating a history of secure development. The code also shows good practices by exclusively using prepared statements for SQL queries and properly escaping all output. The bundled Freemius library, version 1.0, is a minor concern due to its age, as older versions of bundled libraries can sometimes harbor undiscovered vulnerabilities. However, given the overall lack of exploitable issues in the plugin's own code, this is a low-priority risk. The plugin appears to be well-maintained and developed with security in mind.

Key Concerns

  • Bundled Freemius library is outdated (v1.0)
Vulnerabilities
None known

NoteFlow – Smart Notes Manager for WordPress Admin Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

NoteFlow – Smart Notes Manager for WordPress Admin Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
12 escaped
Nonce Checks
7
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

Freemius1.0

Output Escaping

100% escaped12 total outputs
Attack Surface

NoteFlow – Smart Notes Manager for WordPress Admin Attack Surface

Entry Points7
Unprotected0

AJAX Handlers 7

authwp_ajax_get_notes_listincludes\class-noteflow-notes-admin.php:7
authwp_ajax_get_noteincludes\class-noteflow-notes-admin.php:8
authwp_ajax_save_noteincludes\class-noteflow-notes-admin.php:9
authwp_ajax_delete_noteincludes\class-noteflow-notes-admin.php:10
authwp_ajax_search_notesincludes\class-noteflow-notes-admin.php:11
noprivwp_ajax_search_notesincludes\class-noteflow-notes-admin.php:12
authwp_ajax_update_pin_statusincludes\class-noteflow-notes-admin.php:15
WordPress Hooks 7
actionadmin_menuincludes\class-noteflow-notes-admin.php:4
actioninitincludes\class-noteflow-notes-post-type.php:4
actioninitincludes\class-noteflow-notes-post-type.php:5
actioninitnoteflow-notes.php:53
actionadmin_enqueue_scriptsnoteflow-notes.php:54
actionadmin_noticesnoteflow-notes.php:149
actionadmin_initnoteflow-notes.php:167
Maintenance & Trust

NoteFlow – Smart Notes Manager for WordPress Admin Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 24, 2026
PHP min version7.2
Downloads675

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

NoteFlow – Smart Notes Manager for WordPress Admin Alternatives

Sticky Notes for WP Dashboard

Sticky Notes for WP Dashboard

wb-sticky-notes

A
99

Create sticky notes in your WP admin for reminders and to-dos. Restrict notes by user roles and disable them on specific pages.

1K 1 CVE
A Note Above – WP Dashboard Notes

A Note Above – WP Dashboard Notes

a-note-above-wp-dashboard-notes

A
85

A WordPress Note taking system to live on your WP Admin dashboard.

50 No CVEs
Plugmint – Draggable Admin Notes

Plugmint – Draggable Admin Notes

plugmint-draggable-notes

A
100

Create draggable admin notes with checklists inside your WordPress dashboard. Easily organize important tasks or reminders.

0 No CVEs
WP Dashboard Notes

WP Dashboard Notes

wp-dashboard-notes

A
90

Working with multiple persons on a website? Want to make notes? You can do just that with WP Dashboard Notes. Create beautiful notes with a nice user …

20K 3 CVEs
User Notes

User Notes

user-notes

A
98

Keep private notes about each of your users that only Administrators can see.

900 2 CVEs
Developer Profile

NoteFlow – Smart Notes Manager for WordPress Admin Developer Profile

Ankit Panchal

7 plugins · 21K total installs

79
trust score
Avg Security Score
100/100
Avg Patch Time
701 days
View full developer profile
Detection Fingerprints

How We Detect NoteFlow – Smart Notes Manager for WordPress Admin

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/noteflow/assets/css/wp-notes-admin.css/wp-content/plugins/noteflow/assets/js/wp-notes-admin.js
Script Paths
/wp-content/plugins/noteflow/assets/js/wp-notes-admin.js
Version Parameters
noteflow/assets/css/wp-notes-admin.css?ver=noteflow/assets/js/wp-notes-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
noteflow-promo-noticewp-notes-appwp-notes-sidebarwp-notes-searchwp-notes-listwp-notes-contentwp-notes-toolbar
Data Attributes
data-nonce
JS Globals
wpNotesObj
REST Endpoints
/wp-json/noteflow
FAQ

Frequently Asked Questions about NoteFlow – Smart Notes Manager for WordPress Admin