WP-Safety

Smart Admin Assistant – Dashboard and Site Enhancements Security & Risk Analysis

wordpress.org/plugins/smart-admin-assistant

All-in-one plugin for admin menu, dashboard customization, custom login URL, post duplication, custom code, SMTP, login protection and more.

200 active installs v1.5.2 PHP 7.4+ WP 5.0+ Updated Mar 31, 2026
adminadmin-dashboarddashboardenhancementsoptimizations
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Smart Admin Assistant – Dashboard and Site Enhancements Safe to Use in 2026?

Generally Safe

Score 100/100

Smart Admin Assistant – Dashboard and Site Enhancements has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "smart-admin-assistant" v1.5.1 plugin exhibits a generally strong security posture, with a significant number of protective measures in place. The plugin effectively utilizes nonce and capability checks, and a high percentage of SQL queries are prepared. Furthermore, the lack of any recorded vulnerabilities or CVEs in its history is a positive indicator of the developer's attention to security. However, the static analysis reveals a few areas of concern. The presence of the `shell_exec` function is a critical flag, as it can be a gateway to command injection vulnerabilities if not handled with extreme care. Additionally, the taint analysis shows a concerning number of flows with unsanitized paths, specifically 8 out of 10 analyzed flows. This indicates a potential for malicious input to be processed without adequate sanitization, leading to security risks. While the plugin's overall history is clean, these specific code-level findings warrant careful review and remediation.

Key Concerns

  • Dangerous function detected (shell_exec)
  • High number of unsanitized taint flows
Vulnerabilities
None known

Smart Admin Assistant – Dashboard and Site Enhancements Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Smart Admin Assistant – Dashboard and Site Enhancements Release Timeline

v1.5.2Current
v1.5.1
v1.5.0
v1.4.1
v1.4.0
v1.3.0
v1.2.1
v1.2.0
v1.1.15
v1.1.14
v1.1.13
v1.1.12
v1.1.11
v1.1.10
v1.1.9
v1.1.8
v1.1.7
v1.1.6
v1.1.5
v1.1.4
Code Analysis
Analyzed Mar 16, 2026

Smart Admin Assistant – Dashboard and Site Enhancements Code Analysis

Dangerous Functions
1
Raw SQL Queries
7
19 prepared
Unescaped Output
59
543 escaped
Nonce Checks
42
Capability Checks
47
File Operations
13
External Requests
1
Bundled Libraries
0

Dangerous Functions Found

shell_exec$output = shell_exec($cmd);includes\Modules\CustomCode.php:509

SQL Query Safety

73% prepared26 total queries

Output Escaping

90% escaped602 total outputs
Data Flows · Security
8 unsanitized

Data Flow Analysis

10 flows8 with unsanitized paths
ajax_test_code_snippet (includes\Modules\CustomCode.php:442)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Smart Admin Assistant – Dashboard and Site Enhancements Attack Surface

Entry Points30
Unprotected0

AJAX Handlers 30

authwp_ajax_bdt_admin_api_biggopti_dismissincludes\Admin\Biggopties.php:22
authwp_ajax_bdtsaa_export_settingsincludes\Admin\Dashboard.php:31
authwp_ajax_bdtsaa_ai_search_settingsincludes\Core\AISettingsHandler.php:44
authwp_ajax_bdtsaa_ai_apply_settingsincludes\Core\AISettingsHandler.php:45
authwp_ajax_bdtsaa_ai_get_setting_detailsincludes\Core\AISettingsHandler.php:46
authwp_ajax_bdtsaa_save_settingsincludes\Core\Settings.php:35
authwp_ajax_bdtsaa_save_module_settingsincludes\Core\Settings.php:36
authwp_ajax_bdtsaa_reset_module_settingsincludes\Core\Settings.php:37
authwp_ajax_bdtsaa_reset_settingsincludes\Core\Settings.php:38
authwp_ajax_bdtsaa_export_settingsincludes\Core\Settings.php:39
authwp_ajax_bdtsaa_import_settingsincludes\Core\Settings.php:40
authwp_ajax_bdtsaa_get_security_statsincludes\Core\Settings.php:41
authwp_ajax_bdtsaa_get_blocked_ipsincludes\Core\Settings.php:42
authwp_ajax_bdtsaa_get_security_logsincludes\Core\Settings.php:43
authwp_ajax_bdtsaa_test_smtpincludes\Core\Settings.php:44
authwp_ajax_bdtsaa_save_code_snippetincludes\Modules\CustomCode.php:105
authwp_ajax_bdtsaa_delete_code_snippetincludes\Modules\CustomCode.php:106
authwp_ajax_bdtsaa_toggle_code_snippetincludes\Modules\CustomCode.php:107
authwp_ajax_bdtsaa_test_code_snippetincludes\Modules\CustomCode.php:108
authwp_ajax_bdtsaa_get_code_snippetincludes\Modules\CustomCode.php:109
authwp_ajax_bdtsaa_import_code_snippetsincludes\Modules\CustomCode.php:110
authwp_ajax_bdtsaa_export_code_snippetsincludes\Modules\CustomCode.php:111
authwp_ajax_bdtsaa_cleanup_revisionsincludes\Modules\Performance.php:89
authwp_ajax_bdtsaa_cleanup_transientsincludes\Modules\Performance.php:90
authwp_ajax_bdtsaa_cleanup_spamincludes\Modules\Performance.php:91
authwp_ajax_bdtsaa_optimize_dbincludes\Modules\Performance.php:92
authwp_ajax_bdtsaa_remove_htaccess_rulesincludes\Modules\Performance.php:93
authwp_ajax_bdtsaa_clear_blocked_ipsincludes\Modules\Security.php:61
authwp_ajax_bdtsaa_unblock_ipincludes\Modules\Security.php:62
authwp_ajax_bdtsaa_add_blocked_ipincludes\Modules\Security.php:63
WordPress Hooks 105
actionadmin_enqueue_scriptsincludes\Admin\Biggopties.php:24
actionadmin_enqueue_scriptsincludes\Admin\Enqueue.php:17
actionadmin_menuincludes\Admin\Menu.php:21
actionadmin_initincludes\Core\Misc.php:16
actionadmin_footerincludes\Core\Misc.php:17
actionwp_enqueue_scriptsincludes\Core\Performance.php:29
filterscript_loader_tagincludes\Core\Performance.php:30
actionshow_user_profileincludes\Modules\AdditionalFeatures.php:26
actionedit_user_profileincludes\Modules\AdditionalFeatures.php:27
actionpersonal_options_updateincludes\Modules\AdditionalFeatures.php:28
actionedit_user_profile_updateincludes\Modules\AdditionalFeatures.php:29
actionshow_user_profileincludes\Modules\AdditionalFeatures.php:34
actionedit_user_profileincludes\Modules\AdditionalFeatures.php:35
actionpersonal_options_updateincludes\Modules\AdditionalFeatures.php:36
actionedit_user_profile_updateincludes\Modules\AdditionalFeatures.php:37
actionwp_before_admin_bar_renderincludes\Modules\AdminInterface.php:31
actionadmin_enqueue_scriptsincludes\Modules\AdminInterface.php:32
actionwp_enqueue_scriptsincludes\Modules\AdminInterface.php:33
actionadmin_headincludes\Modules\AdminInterface.php:34
actionwp_headincludes\Modules\AdminInterface.php:35
filterbody_classincludes\Modules\AdminInterface.php:38
filteradmin_body_classincludes\Modules\AdminInterface.php:39
filteradmin_footer_textincludes\Modules\AdminInterface.php:44
filterupdate_footerincludes\Modules\AdminInterface.php:45
actionin_admin_headerincludes\Modules\AdminInterface.php:49
actionadmin_action_duplicate_postincludes\Modules\ContentManagement.php:43
filterpost_row_actionsincludes\Modules\ContentManagement.php:44
filterpage_row_actionsincludes\Modules\ContentManagement.php:45
filterupload_mimesincludes\Modules\ContentManagement.php:49
filterwp_handle_upload_prefilterincludes\Modules\ContentManagement.php:50
filterwp_check_filetype_and_extincludes\Modules\ContentManagement.php:51
filterwp_generate_attachment_metadataincludes\Modules\ContentManagement.php:52
actioninitincludes\Modules\ContentManagement.php:55
filterthe_contentincludes\Modules\ContentManagement.php:56
actionwp_loadedincludes\Modules\ContentManagement.php:57
filterwp_nav_menu_argsincludes\Modules\ContentManagement.php:60
actionwp_nav_menu_item_custom_fieldsincludes\Modules\ContentManagement.php:61
actionwp_update_nav_menu_itemincludes\Modules\ContentManagement.php:62
filternav_menu_link_attributesincludes\Modules\ContentManagement.php:63
actionsave_postincludes\Modules\ContentManagement.php:66
actionadmin_enqueue_scriptsincludes\Modules\ContentManagement.php:69
filteruse_block_editor_for_post_typeincludes\Modules\ContentManagement.php:81
filteruse_block_editor_for_postincludes\Modules\ContentManagement.php:82
filteruse_block_editor_for_post_typeincludes\Modules\ContentManagement.php:84
filteruse_block_editor_for_postincludes\Modules\ContentManagement.php:85
actionadmin_menuincludes\Modules\ContentManagement.php:89
filtercomments_openincludes\Modules\ContentManagement.php:106
filterpings_openincludes\Modules\ContentManagement.php:107
filtercomments_arrayincludes\Modules\ContentManagement.php:108
filtercomments_openincludes\Modules\ContentManagement.php:113
filterpings_openincludes\Modules\ContentManagement.php:114
filtercomments_arrayincludes\Modules\ContentManagement.php:115
filtercomments_openincludes\Modules\ContentManagement.php:119
actionpost_submitbox_misc_actionsincludes\Modules\ContentManagement.php:434
actioninitincludes\Modules\ContentManagement.php:435
filterthe_postsincludes\Modules\ContentManagement.php:505
actionsave_postincludes\Modules\ContentManagement.php:1063
actionadmin_enqueue_scriptsincludes\Modules\CustomCode.php:112
filterlogin_urlincludes\Modules\LoginManagement.php:62
actionwp_loadedincludes\Modules\LoginManagement.php:63
filternetwork_site_urlincludes\Modules\LoginManagement.php:64
filtersite_urlincludes\Modules\LoginManagement.php:65
filterwp_redirectincludes\Modules\LoginManagement.php:66
filterauthenticateincludes\Modules\LoginManagement.php:73
actionlogin_formincludes\Modules\LoginManagement.php:74
actionbdtsaa_module_deactivated_performanceincludes\Modules\Performance.php:30
filterwp_revisions_to_keepincludes\Modules\Performance.php:36
actionadmin_initincludes\Modules\Performance.php:39
filterheartbeat_settingsincludes\Modules\Performance.php:45
actionadmin_enqueue_scriptsincludes\Modules\Performance.php:46
actionwp_scheduled_deleteincludes\Modules\Performance.php:50
actionwp_scheduled_deleteincludes\Modules\Performance.php:53
actionwp_scheduled_deleteincludes\Modules\Performance.php:57
actionwpincludes\Modules\Performance.php:62
actionwpincludes\Modules\Performance.php:70
actiontemplate_redirectincludes\Modules\Performance.php:79
actionshutdownincludes\Modules\Performance.php:80
actionwp_headincludes\Modules\Performance.php:85
actionbdtsaa_revision_cleanupincludes\Modules\Performance.php:247
actionwp_login_failedincludes\Modules\Security.php:42
filterauthenticateincludes\Modules\Security.php:43
actionwp_loginincludes\Modules\Security.php:44
filterthe_contentincludes\Modules\Security.php:48
filterwidget_textincludes\Modules\Security.php:49
filterthe_excerptincludes\Modules\Security.php:50
filtercomment_textincludes\Modules\Security.php:51
actionsend_headersincludes\Modules\Security.php:54
actionadmin_initincludes\Modules\Security.php:60
actionwp_loadedincludes\Modules\Security.php:66
actionwp_scheduled_deleteincludes\Modules\Security.php:69
filterthe_generatorincludes\Modules\Security.php:573
filterscript_loader_srcincludes\Modules\Security.php:577
filterstyle_loader_srcincludes\Modules\Security.php:578
filterxmlrpc_enabledincludes\Modules\Security.php:597
filterpings_openincludes\Modules\Security.php:598
actionwpincludes\Modules\Security.php:599
filterxmlrpc_methodsincludes\Modules\Security.php:600
filterwp_xmlrpc_server_classincludes\Modules\Security.php:601
filterwp_headersincludes\Modules\Security.php:602
actionwp_dashboard_setupincludes\Modules\Security.php:865
actionwp_headincludes\Modules\Utilities.php:25
actionphpmailer_initincludes\Modules\Utilities.php:29
filterwp_mail_fromincludes\Modules\Utilities.php:30
filterwp_mail_from_nameincludes\Modules\Utilities.php:31
actioninitsmart-admin-assistant.php:237

Scheduled Events 1

bdtsaa_revision_cleanup
Maintenance & Trust

Smart Admin Assistant – Dashboard and Site Enhancements Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 31, 2026
PHP min version7.4
Downloads5K

Community Trust

Rating100/100
Number of ratings1
Active installs200
Alternatives

Smart Admin Assistant – Dashboard and Site Enhancements Alternatives

Admin Bar & Dashboard Access Control

Admin Bar & Dashboard Access Control

admin-bar-dashboard-control

A
100

Disable admin bar and control users access to WordPress dashboard.

3K 1 CVE
Admin Dashboard RSS Feed

Admin Dashboard RSS Feed

admin-dashboard-rss-feed

A
91

Admin Dashboard RSS Feed displays company news in the WordPress Admin Dashboard using an RSS feed. It provides quick access to the latest updates.

500 1 CVE
ABD Dashboard Widget Manager

ABD Dashboard Widget Manager

abd-dashboard-widget-manager

A
85

Customize your WordPress administrator dashboard. You can choose which admin widgets to display, the user roles, and add your own dashboard content.

300 No CVEs
ORABOX THEME

ORABOX THEME

orabox-theme

A
85

The definitive skin for the Wordpress Admin Dashboard

100 No CVEs
Admin Dashboard

Admin Dashboard

admin-dashboard

A
85

Admin Dashboard is a simple dashboard plugin, it\'s overwrite default dashboard page

60 No CVEs
Developer Profile

Smart Admin Assistant – Dashboard and Site Enhancements Developer Profile

bdthemes

24 plugins · 250K total installs

92
trust score
Avg Security Score
97/100
Avg Patch Time
21 days
View full developer profile
Detection Fingerprints

How We Detect Smart Admin Assistant – Dashboard and Site Enhancements

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/smart-admin-assistant/assets/css/admin.css/wp-content/plugins/smart-admin-assistant/assets/js/admin.js/wp-content/plugins/smart-admin-assistant/assets/css/style.css/wp-content/plugins/smart-admin-assistant/assets/js/frontend.js
Script Paths
/wp-content/plugins/smart-admin-assistant/assets/js/admin.js/wp-content/plugins/smart-admin-assistant/assets/js/frontend.js
Version Parameters
smart-admin-assistant/assets/css/admin.css?ver=smart-admin-assistant/assets/js/admin.js?ver=smart-admin-assistant/assets/css/style.css?ver=smart-admin-assistant/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
bdtsaa-admin-wrapbdtsaa-settings-wrap
HTML Comments
<!-- Smart Admin Assistant Start --><!-- Smart Admin Assistant End -->
Data Attributes
data-bdtsaa-feature
JS Globals
bdtsaa_admin_obj
FAQ

Frequently Asked Questions about Smart Admin Assistant – Dashboard and Site Enhancements