WP-Safety

Smart Admin Assistant – Dashboard and Site Enhancements Security & Risk Analysis

wordpress.org/plugins/smart-admin-assistant

All-in-one plugin for admin menu, dashboard customization, custom login URL, post duplication, custom code, SMTP, login protection and more.

200 active installs v1.5.1 PHP 7.4+ WP 5.0+ Updated Mar 10, 2026
adminadmin-dashboarddashboardenhancementsoptimizations
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Smart Admin Assistant – Dashboard and Site Enhancements Safe to Use in 2026?

Generally Safe

Score 100/100

Smart Admin Assistant – Dashboard and Site Enhancements has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 24d ago
Risk Assessment

The "smart-admin-assistant" v1.5.1 plugin exhibits a generally strong security posture, with a significant number of protective measures in place. The plugin effectively utilizes nonce and capability checks, and a high percentage of SQL queries are prepared. Furthermore, the lack of any recorded vulnerabilities or CVEs in its history is a positive indicator of the developer's attention to security. However, the static analysis reveals a few areas of concern. The presence of the `shell_exec` function is a critical flag, as it can be a gateway to command injection vulnerabilities if not handled with extreme care. Additionally, the taint analysis shows a concerning number of flows with unsanitized paths, specifically 8 out of 10 analyzed flows. This indicates a potential for malicious input to be processed without adequate sanitization, leading to security risks. While the plugin's overall history is clean, these specific code-level findings warrant careful review and remediation.

Key Concerns

  • Dangerous function detected (shell_exec)
  • High number of unsanitized taint flows
Vulnerabilities
None known

Smart Admin Assistant – Dashboard and Site Enhancements Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Smart Admin Assistant – Dashboard and Site Enhancements Code Analysis

Dangerous Functions
1
Raw SQL Queries
7
19 prepared
Unescaped Output
59
543 escaped
Nonce Checks
42
Capability Checks
47
File Operations
13
External Requests
1
Bundled Libraries
0

Dangerous Functions Found

shell_exec$output = shell_exec($cmd);includes\Modules\CustomCode.php:509

SQL Query Safety

73% prepared26 total queries

Output Escaping

90% escaped602 total outputs
Data Flows
8 unsanitized

Data Flow Analysis

10 flows8 with unsanitized paths
ajax_test_code_snippet (includes\Modules\CustomCode.php:442)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Smart Admin Assistant – Dashboard and Site Enhancements Attack Surface

Entry Points30
Unprotected0

AJAX Handlers 30

authwp_ajax_bdt_admin_api_biggopti_dismissincludes\Admin\Biggopties.php:22
authwp_ajax_bdtsaa_export_settingsincludes\Admin\Dashboard.php:31
authwp_ajax_bdtsaa_ai_search_settingsincludes\Core\AISettingsHandler.php:44
authwp_ajax_bdtsaa_ai_apply_settingsincludes\Core\AISettingsHandler.php:45
authwp_ajax_bdtsaa_ai_get_setting_detailsincludes\Core\AISettingsHandler.php:46
authwp_ajax_bdtsaa_save_settingsincludes\Core\Settings.php:35
authwp_ajax_bdtsaa_save_module_settingsincludes\Core\Settings.php:36
authwp_ajax_bdtsaa_reset_module_settingsincludes\Core\Settings.php:37
authwp_ajax_bdtsaa_reset_settingsincludes\Core\Settings.php:38
authwp_ajax_bdtsaa_export_settingsincludes\Core\Settings.php:39
authwp_ajax_bdtsaa_import_settingsincludes\Core\Settings.php:40
authwp_ajax_bdtsaa_get_security_statsincludes\Core\Settings.php:41
authwp_ajax_bdtsaa_get_blocked_ipsincludes\Core\Settings.php:42
authwp_ajax_bdtsaa_get_security_logsincludes\Core\Settings.php:43
authwp_ajax_bdtsaa_test_smtpincludes\Core\Settings.php:44
authwp_ajax_bdtsaa_save_code_snippetincludes\Modules\CustomCode.php:105
authwp_ajax_bdtsaa_delete_code_snippetincludes\Modules\CustomCode.php:106
authwp_ajax_bdtsaa_toggle_code_snippetincludes\Modules\CustomCode.php:107
authwp_ajax_bdtsaa_test_code_snippetincludes\Modules\CustomCode.php:108
authwp_ajax_bdtsaa_get_code_snippetincludes\Modules\CustomCode.php:109
authwp_ajax_bdtsaa_import_code_snippetsincludes\Modules\CustomCode.php:110
authwp_ajax_bdtsaa_export_code_snippetsincludes\Modules\CustomCode.php:111
authwp_ajax_bdtsaa_cleanup_revisionsincludes\Modules\Performance.php:89
authwp_ajax_bdtsaa_cleanup_transientsincludes\Modules\Performance.php:90
authwp_ajax_bdtsaa_cleanup_spamincludes\Modules\Performance.php:91
authwp_ajax_bdtsaa_optimize_dbincludes\Modules\Performance.php:92
authwp_ajax_bdtsaa_remove_htaccess_rulesincludes\Modules\Performance.php:93
authwp_ajax_bdtsaa_clear_blocked_ipsincludes\Modules\Security.php:61
authwp_ajax_bdtsaa_unblock_ipincludes\Modules\Security.php:62
authwp_ajax_bdtsaa_add_blocked_ipincludes\Modules\Security.php:63
WordPress Hooks 105
actionadmin_enqueue_scriptsincludes\Admin\Biggopties.php:24
actionadmin_enqueue_scriptsincludes\Admin\Enqueue.php:17
actionadmin_menuincludes\Admin\Menu.php:21
actionadmin_initincludes\Core\Misc.php:16
actionadmin_footerincludes\Core\Misc.php:17
actionwp_enqueue_scriptsincludes\Core\Performance.php:29
filterscript_loader_tagincludes\Core\Performance.php:30
actionshow_user_profileincludes\Modules\AdditionalFeatures.php:26
actionedit_user_profileincludes\Modules\AdditionalFeatures.php:27
actionpersonal_options_updateincludes\Modules\AdditionalFeatures.php:28
actionedit_user_profile_updateincludes\Modules\AdditionalFeatures.php:29
actionshow_user_profileincludes\Modules\AdditionalFeatures.php:34
actionedit_user_profileincludes\Modules\AdditionalFeatures.php:35
actionpersonal_options_updateincludes\Modules\AdditionalFeatures.php:36
actionedit_user_profile_updateincludes\Modules\AdditionalFeatures.php:37
actionwp_before_admin_bar_renderincludes\Modules\AdminInterface.php:31
actionadmin_enqueue_scriptsincludes\Modules\AdminInterface.php:32
actionwp_enqueue_scriptsincludes\Modules\AdminInterface.php:33
actionadmin_headincludes\Modules\AdminInterface.php:34
actionwp_headincludes\Modules\AdminInterface.php:35
filterbody_classincludes\Modules\AdminInterface.php:38
filteradmin_body_classincludes\Modules\AdminInterface.php:39
filteradmin_footer_textincludes\Modules\AdminInterface.php:44
filterupdate_footerincludes\Modules\AdminInterface.php:45
actionin_admin_headerincludes\Modules\AdminInterface.php:49
actionadmin_action_duplicate_postincludes\Modules\ContentManagement.php:43
filterpost_row_actionsincludes\Modules\ContentManagement.php:44
filterpage_row_actionsincludes\Modules\ContentManagement.php:45
filterupload_mimesincludes\Modules\ContentManagement.php:49
filterwp_handle_upload_prefilterincludes\Modules\ContentManagement.php:50
filterwp_check_filetype_and_extincludes\Modules\ContentManagement.php:51
filterwp_generate_attachment_metadataincludes\Modules\ContentManagement.php:52
actioninitincludes\Modules\ContentManagement.php:55
filterthe_contentincludes\Modules\ContentManagement.php:56
actionwp_loadedincludes\Modules\ContentManagement.php:57
filterwp_nav_menu_argsincludes\Modules\ContentManagement.php:60
actionwp_nav_menu_item_custom_fieldsincludes\Modules\ContentManagement.php:61
actionwp_update_nav_menu_itemincludes\Modules\ContentManagement.php:62
filternav_menu_link_attributesincludes\Modules\ContentManagement.php:63
actionsave_postincludes\Modules\ContentManagement.php:66
actionadmin_enqueue_scriptsincludes\Modules\ContentManagement.php:69
filteruse_block_editor_for_post_typeincludes\Modules\ContentManagement.php:81
filteruse_block_editor_for_postincludes\Modules\ContentManagement.php:82
filteruse_block_editor_for_post_typeincludes\Modules\ContentManagement.php:84
filteruse_block_editor_for_postincludes\Modules\ContentManagement.php:85
actionadmin_menuincludes\Modules\ContentManagement.php:89
filtercomments_openincludes\Modules\ContentManagement.php:106
filterpings_openincludes\Modules\ContentManagement.php:107
filtercomments_arrayincludes\Modules\ContentManagement.php:108
filtercomments_openincludes\Modules\ContentManagement.php:113
filterpings_openincludes\Modules\ContentManagement.php:114
filtercomments_arrayincludes\Modules\ContentManagement.php:115
filtercomments_openincludes\Modules\ContentManagement.php:119
actionpost_submitbox_misc_actionsincludes\Modules\ContentManagement.php:434
actioninitincludes\Modules\ContentManagement.php:435
filterthe_postsincludes\Modules\ContentManagement.php:505
actionsave_postincludes\Modules\ContentManagement.php:1063
actionadmin_enqueue_scriptsincludes\Modules\CustomCode.php:112
filterlogin_urlincludes\Modules\LoginManagement.php:62
actionwp_loadedincludes\Modules\LoginManagement.php:63
filternetwork_site_urlincludes\Modules\LoginManagement.php:64
filtersite_urlincludes\Modules\LoginManagement.php:65
filterwp_redirectincludes\Modules\LoginManagement.php:66
filterauthenticateincludes\Modules\LoginManagement.php:73
actionlogin_formincludes\Modules\LoginManagement.php:74
actionbdtsaa_module_deactivated_performanceincludes\Modules\Performance.php:30
filterwp_revisions_to_keepincludes\Modules\Performance.php:36
actionadmin_initincludes\Modules\Performance.php:39
filterheartbeat_settingsincludes\Modules\Performance.php:45
actionadmin_enqueue_scriptsincludes\Modules\Performance.php:46
actionwp_scheduled_deleteincludes\Modules\Performance.php:50
actionwp_scheduled_deleteincludes\Modules\Performance.php:53
actionwp_scheduled_deleteincludes\Modules\Performance.php:57
actionwpincludes\Modules\Performance.php:62
actionwpincludes\Modules\Performance.php:70
actiontemplate_redirectincludes\Modules\Performance.php:79
actionshutdownincludes\Modules\Performance.php:80
actionwp_headincludes\Modules\Performance.php:85
actionbdtsaa_revision_cleanupincludes\Modules\Performance.php:247
actionwp_login_failedincludes\Modules\Security.php:42
filterauthenticateincludes\Modules\Security.php:43
actionwp_loginincludes\Modules\Security.php:44
filterthe_contentincludes\Modules\Security.php:48
filterwidget_textincludes\Modules\Security.php:49
filterthe_excerptincludes\Modules\Security.php:50
filtercomment_textincludes\Modules\Security.php:51
actionsend_headersincludes\Modules\Security.php:54
actionadmin_initincludes\Modules\Security.php:60
actionwp_loadedincludes\Modules\Security.php:66
actionwp_scheduled_deleteincludes\Modules\Security.php:69
filterthe_generatorincludes\Modules\Security.php:573
filterscript_loader_srcincludes\Modules\Security.php:577
filterstyle_loader_srcincludes\Modules\Security.php:578
filterxmlrpc_enabledincludes\Modules\Security.php:597
filterpings_openincludes\Modules\Security.php:598
actionwpincludes\Modules\Security.php:599
filterxmlrpc_methodsincludes\Modules\Security.php:600
filterwp_xmlrpc_server_classincludes\Modules\Security.php:601
filterwp_headersincludes\Modules\Security.php:602
actionwp_dashboard_setupincludes\Modules\Security.php:865
actionwp_headincludes\Modules\Utilities.php:25
actionphpmailer_initincludes\Modules\Utilities.php:29
filterwp_mail_fromincludes\Modules\Utilities.php:30
filterwp_mail_from_nameincludes\Modules\Utilities.php:31
actioninitsmart-admin-assistant.php:237

Scheduled Events 1

bdtsaa_revision_cleanup
Maintenance & Trust

Smart Admin Assistant – Dashboard and Site Enhancements Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 10, 2026
PHP min version7.4
Downloads4K

Community Trust

Rating100/100
Number of ratings1
Active installs200
Alternatives

Smart Admin Assistant – Dashboard and Site Enhancements Alternatives

Admin Bar & Dashboard Access Control

Admin Bar & Dashboard Access Control

admin-bar-dashboard-control

A
100

Disable admin bar and control users access to WordPress dashboard.

3K 1 CVE
Admin Dashboard RSS Feed

Admin Dashboard RSS Feed

admin-dashboard-rss-feed

A
99

Admin Dashboard RSS Feed displays company news in the WordPress Admin Dashboard using an RSS feed. It provides quick access to the latest updates.

500 1 CVE
ABD Dashboard Widget Manager

ABD Dashboard Widget Manager

abd-dashboard-widget-manager

A
85

Customize your WordPress administrator dashboard. You can choose which admin widgets to display, the user roles, and add your own dashboard content.

300 No CVEs
ORABOX THEME

ORABOX THEME

orabox-theme

A
85

The definitive skin for the Wordpress Admin Dashboard

100 No CVEs
RD Order Note Templates for WooCommerce

RD Order Note Templates for WooCommerce

rd-wc-enhanced-order-notes

A
100

Create predefined templates for order notes that you can apply to orders

70 No CVEs
Developer Profile

Smart Admin Assistant – Dashboard and Site Enhancements Developer Profile

bdthemes

24 plugins · 251K total installs

93
trust score
Avg Security Score
98/100
Avg Patch Time
21 days
View full developer profile
Detection Fingerprints

How We Detect Smart Admin Assistant – Dashboard and Site Enhancements

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/smart-admin-assistant/assets/css/admin.css/wp-content/plugins/smart-admin-assistant/assets/js/admin.js/wp-content/plugins/smart-admin-assistant/assets/css/style.css/wp-content/plugins/smart-admin-assistant/assets/js/frontend.js
Script Paths
/wp-content/plugins/smart-admin-assistant/assets/js/admin.js/wp-content/plugins/smart-admin-assistant/assets/js/frontend.js
Version Parameters
smart-admin-assistant/assets/css/admin.css?ver=smart-admin-assistant/assets/js/admin.js?ver=smart-admin-assistant/assets/css/style.css?ver=smart-admin-assistant/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
bdtsaa-admin-wrapbdtsaa-settings-wrap
HTML Comments
<!-- Smart Admin Assistant Start --><!-- Smart Admin Assistant End -->
Data Attributes
data-bdtsaa-feature
JS Globals
bdtsaa_admin_obj
FAQ

Frequently Asked Questions about Smart Admin Assistant – Dashboard and Site Enhancements