WP-Safety

Quick Admin Launcher Security & Risk Analysis

wordpress.org/plugins/quick-admin-launcher

Quickly launch any admin tool & search posts/pages with a shortcut key for enhanced productivity.

10 active installs v1.1.1 PHP 7.4+ WP 5.7+ Updated Unknown
admindashboardmenusearch
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Quick Admin Launcher Safe to Use in 2026?

Generally Safe

Score 100/100

Quick Admin Launcher has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The "quick-admin-launcher" v1.1.1 plugin demonstrates a strong security posture based on the provided static analysis. It exhibits excellent practices by having no dangerous functions, all SQL queries using prepared statements, and 100% of output properly escaped. The absence of file operations and external HTTP requests further reduces its attack surface. Crucially, the plugin has identified capability checks on its entry points, which are REST API routes, preventing unauthorized access to these functions.

The static analysis reveals no critical or high-severity issues in taint flows, indicating a lack of unsanitized data leading to potentially malicious operations. The vulnerability history is also clean, with no known CVEs recorded. This suggests a generally well-maintained and secure plugin. The limited attack surface, consisting only of two REST API routes, both with permission callbacks, is a significant strength.

While the plugin adheres to many security best practices, the absence of nonce checks on the two identified REST API routes is a minor concern, although this is mitigated by the presence of capability checks. The plugin's small attack surface and positive vulnerability history are commendable. Overall, the plugin appears to be secure, with only a minor area for potential improvement regarding nonce validation on its REST API endpoints.

Key Concerns

  • REST API routes without nonce checks
Vulnerabilities
None known

Quick Admin Launcher Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Quick Admin Launcher Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
45 escaped
Nonce Checks
0
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

100% escaped45 total outputs
Attack Surface

Quick Admin Launcher Attack Surface

Entry Points2
Unprotected0

REST API Routes 2

GET/wp-json/quickal/v1/search/(?P<term>\S+)includes\class-quickal.php:130
GET/wp-json/quickal/v1/search/(?P<term>\S+)includes\Services\SearchService.php:48
WordPress Hooks 17
actioninitincludes\class-quickal.php:29
actionadmin_enqueue_scriptsincludes\class-quickal.php:42
filterscript_loader_tagincludes\class-quickal.php:43
actionrest_api_initincludes\class-quickal.php:46
actionadmin_footerincludes\class-quickal.php:49
actionadmin_menuincludes\class-quickal.php:52
actionadmin_initincludes\class-quickal.php:53
actionadmin_bar_menuincludes\class-quickal.php:56
actioninitincludes\QuickAL.php:50
actionadmin_enqueue_scriptsincludes\Services\AdminScriptsService.php:30
filterscript_loader_tagincludes\Services\AdminScriptsService.php:31
actionadmin_footerincludes\Services\AdminScriptsService.php:32
actionadmin_bar_menuincludes\Services\AdminScriptsService.php:33
actionrest_api_initincludes\Services\SearchService.php:38
actionadmin_menuincludes\Services\SettingsService.php:30
actionadmin_initincludes\Services\SettingsService.php:31
actionplugins_loadedquick-admin-launcher.php:94
Maintenance & Trust

Quick Admin Launcher Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedUnknown
PHP min version7.4
Downloads1K

Community Trust

Rating80/100
Number of ratings1
Active installs10
Alternatives

Quick Admin Launcher Alternatives

Advanced All in One Admin Search by WP Spotlight

Advanced All in One Admin Search by WP Spotlight

wp-spotlight-search

A
99

Advanced All in One Admin Search by WP Spotlight Global Search is a powerful quick navigation plugin for WordPress Dashboard - it is an advancement of &hellip;

1K 1 CVE
Admin Menu Search (AMS)

Admin Menu Search (AMS)

admin-menu-search-ams

A
100

Quickly search for menu items with support for multiple keyboard layouts.

0 No CVEs
Admin Menu Editor

Admin Menu Editor

admin-menu-editor

A
98

Lets you edit the WordPress admin menu. You can re-order, hide or rename menus, add custom menus and more.

400K 2 CVEs
Ultimate Dashboard – Custom WordPress Dashboard

Ultimate Dashboard – Custom WordPress Dashboard

ultimate-dashboard

A
97

The #1 Plugin to Customize the WordPress Dashboard!

60K 8 CVEs
AGCA – Custom Dashboard & Login Page

AGCA – Custom Dashboard & Login Page

ag-custom-admin

A
97

CHANGE: admin menu, login page, admin bar, dashboard widgets, custom colors, custom CSS & JS, logo & images

20K 5 CVEs
Developer Profile

Quick Admin Launcher Developer Profile

David Beja

3 plugins · 30 total installs

88
trust score
Avg Security Score
92/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Quick Admin Launcher

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/quick-admin-launcher/build/index.js/wp-content/plugins/quick-admin-launcher/build/index.css
Script Paths
/wp-content/plugins/quick-admin-launcher/build/index.js
Version Parameters
quickal-reactquickal-react

HTML / DOM Fingerprints

JS Globals
quickalData
REST Endpoints
/wp-json/quickal/v1/search/
Shortcode Output
<div id="quickal-modal-root"></div>
FAQ

Frequently Asked Questions about Quick Admin Launcher