WP-Safety

The 9 Dollar Menu Valet Security & Risk Analysis

wordpress.org/plugins/the-9-dollar-menu-valet

Take full control of your WordPress admin sidebar: hide items with a click, reorder them via drag & drop, and rename them to fit your workflow.

0 active installs v1.1 PHP 7.4+ WP 5.5+ Updated Apr 12, 2026
admin-menuadmin-sidebarhide-menu-itemsmenu-managerreorder-menu
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is The 9 Dollar Menu Valet Safe to Use in 2026?

Generally Safe

Score 100/100

The 9 Dollar Menu Valet has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The plugin "the-9-dollar-menu-valet" v1.1 exhibits a generally strong security posture based on the provided static analysis. The absence of dangerous functions, 100% use of prepared statements for SQL queries, and complete output escaping are significant strengths. Furthermore, the presence of nonce and capability checks for most entry points, along with no recorded vulnerabilities or CVEs, suggests a developer who prioritizes security.

However, there is a notable concern regarding an unprotected REST API route. While the overall attack surface is small, this single unprotected entry point presents a potential avenue for attackers. The lack of taint analysis data also means that while no critical or high severity flows were detected, it doesn't offer complete assurance against all possible injection vulnerabilities if data is not handled with extreme care across all flows.

In conclusion, the plugin is largely secure with good development practices evident. The primary area for improvement and heightened vigilance is the single unprotected REST API route. Continued attention to security best practices, especially around data validation and sanitization for any future development, will be crucial.

Key Concerns

  • Unprotected REST API route
  • Bundled Freemius v1.0 library may be outdated
Vulnerabilities
None known

The 9 Dollar Menu Valet Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

The 9 Dollar Menu Valet Release Timeline

v1.1Current
v1.0
Code Analysis
Analyzed Apr 16, 2026

The 9 Dollar Menu Valet Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
2 prepared
Unescaped Output
0
128 escaped
Nonce Checks
4
Capability Checks
7
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

Freemius1.0

SQL Query Safety

100% prepared2 total queries

Output Escaping

100% escaped128 total outputs
Attack Surface
1 unprotected

The 9 Dollar Menu Valet Attack Surface

Entry Points5
Unprotected1

AJAX Handlers 4

authwp_ajax_t9p_tmv_toggle_itemthe-9-dollar-menu-valet.php:930
authwp_ajax_t9p_tmv_save_orderthe-9-dollar-menu-valet.php:969
authwp_ajax_t9p_tmv_save_delete_settingthe-9-dollar-menu-valet.php:991
authwp_ajax_t9p_tmv_dismiss_review_noticethe-9-dollar-menu-valet.php:1056

REST API Routes 1

GET/wp-json/t9p-tmv/v1/settingsthe-9-dollar-menu-valet.php:1069
WordPress Hooks 11
actionplugins_loadedthe-9-dollar-menu-valet.php:65
actionafter_uninstallthe-9-dollar-menu-valet.php:98
actionadmin_menuthe-9-dollar-menu-valet.php:147
actionadmin_menuthe-9-dollar-menu-valet.php:156
filtercustom_menu_orderthe-9-dollar-menu-valet.php:206
filtermenu_orderthe-9-dollar-menu-valet.php:207
actionadmin_menuthe-9-dollar-menu-valet.php:229
actionadmin_headthe-9-dollar-menu-valet.php:243
actionadmin_enqueue_scriptsthe-9-dollar-menu-valet.php:250
actionadmin_noticesthe-9-dollar-menu-valet.php:1007
actionrest_api_initthe-9-dollar-menu-valet.php:1067
Maintenance & Trust

The 9 Dollar Menu Valet Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedApr 12, 2026
PHP min version7.4
Downloads108

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

The 9 Dollar Menu Valet Alternatives

Easy Admin Menu Manager – Hide the dashboard clutter

Easy Admin Menu Manager – Hide the dashboard clutter

easy-admin-menu-manager

A
100

Take control of your Dashboard Menu with the Easy Admin Menu Manager. Remove the clutter without losing any functionality.

40 No CVEs
Admin Top-Menu

Admin Top-Menu

admin-top-menu

A
85

Move any menu items from the sidebar to the admin bar - to the new dropdown Top-Menu.

10 No CVEs
Easy Custom Login

Easy Custom Login

easy-custom-login

A
85

You can fully customize your WordPress login page with Easy Custom Login plugin.

10 No CVEs
Polanger – Admin Menu Manager

Polanger – Admin Menu Manager

polanger-admin-menu-manager

A
100

The easiest admin menu editor for WordPress. Hide admin menu items, customize dashboard menu, and manage your WordPress sidebar.

0 No CVEs
PublishPress Capabilities – User Role Editor, Access Permissions, User Capabilities, Admin Menus

PublishPress Capabilities – User Role Editor, Access Permissions, User Capabilities, Admin Menus

capability-manager-enhanced

A
86

PublishPress Capabilities is the access control plugin. You can manage user capabilities, permissions, user roles, admin menus and more.

100K 5 CVEs
Developer Profile

The 9 Dollar Menu Valet Developer Profile

The 9 Dollar Plugins

2 plugins · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect The 9 Dollar Menu Valet

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/the-9-dollar-menu-valet/admin/css/menu-valet-admin.css/wp-content/plugins/the-9-dollar-menu-valet/admin/js/menu-valet-admin.js
Version Parameters
the-9-dollar-menu-valet/admin/css/menu-valet-admin.css?ver=the-9-dollar-menu-valet/admin/js/menu-valet-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
t9p-tmv-settings
Data Attributes
data-t9p-tmv-hiddendata-t9p-tmv-renameddata-t9p-tmv-orderdata-t9p-tmv-searchdata-t9p-tmv-width
JS Globals
t9p_tmv_admin_data
FAQ

Frequently Asked Questions about The 9 Dollar Menu Valet