WP-Safety

Temporary Access Security & Risk Analysis

wordpress.org/plugins/temporary-access

This plugin helps you to create a temporary login for a limited amount of time to give access anyone.

10 active installs v2.0.3 PHP 8.0+ WP 5.6+ Updated Dec 8, 2025
accessauto-loginloginone-time-accesstemporary-access
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Temporary Access Safe to Use in 2026?

Generally Safe

Score 100/100

Temporary Access has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago
Risk Assessment

The "temporary-access" plugin v2.0.3 exhibits a generally strong security posture based on the provided static analysis. The plugin demonstrates excellent adherence to secure coding practices, with all identified SQL queries utilizing prepared statements and all output being properly escaped. The absence of file operations, external HTTP requests, and dangerous functions further contributes to a reduced attack surface. The plugin also correctly avoids bundled libraries, which can often be a source of vulnerabilities if not kept up-to-date.

However, there are notable areas of concern. The taint analysis reveals two flows with unsanitized paths. While these are not classified as critical or high severity, unsanitized paths are a potential entry point for various injection attacks if not handled meticulously. The complete lack of nonce checks and capability checks across all entry points is a significant weakness. This implies that any interaction with these entry points, even if they are currently minimal in number, could be exploited by unauthenticated or unauthorized users to trigger plugin actions.

The vulnerability history is a strong positive, with zero recorded CVEs of any severity. This suggests a history of stable and secure development. In conclusion, while the plugin has a good foundation in secure coding for SQL and output, the absence of authentication and authorization checks on its entry points, coupled with the presence of unsanitized paths, represents a substantial security risk that needs to be addressed.

Key Concerns

  • Unsanitized paths in taint flows
  • Missing nonce checks
  • Missing capability checks
Vulnerabilities
None known

Temporary Access Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Temporary Access Release Timeline

v2.0.3Current
v2.0.2
v2.0.1
v2.0.0
v1.0.2
v1.0.1
v1.0.0
Code Analysis
Analyzed Mar 16, 2026

Temporary Access Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
4 prepared
Unescaped Output
0
58 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared4 total queries

Output Escaping

100% escaped58 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
capture_generate_link (public\class-temporary-access-public.php:74)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Temporary Access Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 9
actionadmin_enqueue_scriptsincludes\class-sajjad-dev-settings-api.php:324
actionadmin_enqueue_scriptsincludes\class-temporary-access.php:121
actionadmin_enqueue_scriptsincludes\class-temporary-access.php:122
actionadmin_menuincludes\class-temporary-access.php:126
actionadmin_initincludes\class-temporary-access.php:127
actionadmin_bar_menuincludes\class-temporary-access.php:128
actionwp_enqueue_scriptsincludes\class-temporary-access.php:141
actioninitincludes\class-temporary-access.php:143
actioninitincludes\class-temporary-access.php:144
Maintenance & Trust

Temporary Access Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 8, 2025
PHP min version8.0
Downloads3K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Temporary Access Alternatives

Temporary Login Without Password

Temporary Login Without Password

temporary-login-without-password

A
100

Create self-expiring, temporary admin accounts. Easily share direct login links (no need for username/password) with your developers or editors.

100K 1 CVE
Temporary Login

Temporary Login

temporary-login

A
86

Create a secure, temporary URL for easy access to your WP admin.

40K 1 CVE
Bifröst – Instant Passwordless Temporary Login Links

Bifröst – Instant Passwordless Temporary Login Links

create-temporary-login

A
98

🔗️ Create passwordless temporary login links. Instantly ⚡️

50 1 CVE
Login Links – Passwordless Login, Temporary Access Links & Custom Login Form

Login Links – Passwordless Login, Temporary Access Links & Custom Login Form

login-links

A
100

Create secure self-expiring login links for temporary access and guest users, and enable passwordless login for registered ones.

40 No CVEs
SafeTemp Login – Temporary Access with Approval

SafeTemp Login – Temporary Access with Approval

safetemplogin-tawa

A
100

Create temporary users with any role. When a temporary user is an administrator, sensitive actions require approval from a real administrator.

0 No CVEs
Developer Profile

Temporary Access Developer Profile

Sajjad Hossain Sagor

34 plugins · 10K total installs

79
trust score
Avg Security Score
100/100
Avg Patch Time
139 days
View full developer profile
Detection Fingerprints

How We Detect Temporary Access

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/temporary-access/admin/css/admin.css/wp-content/plugins/temporary-access/admin/js/admin.js
Script Paths
/wp-content/plugins/temporary-access/admin/js/admin.js
Version Parameters
temporary-access/admin/css/admin.css?ver=temporary-access/admin/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
temp-access-form-wrap
Data Attributes
data-temp-access-id
JS Globals
TemporaryAccess
FAQ

Frequently Asked Questions about Temporary Access