Search Admin Menus Security & Risk Analysis
wordpress.org/plugins/wp-easy-adminThe plugin reduces your 40% time wasted on accessing admin menus.
Is Search Admin Menus Safe to Use in 2026?
Generally Safe
Score 85/100Search Admin Menus has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The wp-easy-admin plugin version 2.0 exhibits a mixed security posture. While it shows strengths in avoiding dangerous functions, performing all SQL queries with prepared statements, and not making external HTTP requests, several critical areas raise concerns. The plugin has a notable attack surface with two AJAX handlers, and alarmingly, both lack authentication checks, presenting a direct pathway for unauthenticated attackers to interact with the plugin's functionality.
Furthermore, the absence of any nonce checks on these AJAX handlers exacerbates the risk, making them susceptible to Cross-Site Request Forgery (CSRF) attacks. The static analysis also indicates that a significant portion of output (26%) is not properly escaped, which could lead to Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is not handled carefully. The lack of any recorded vulnerabilities in its history might suggest a lack of past exploitation or a relatively new plugin, but it does not mitigate the immediate risks identified in the current version's code.
In conclusion, while the plugin demonstrates good practices in data handling for SQL and avoids certain risky coding patterns, the lack of authentication and nonce checks on its AJAX endpoints, coupled with insufficient output escaping, represents a significant security weakness. These issues create tangible vulnerabilities that could be exploited by attackers, despite the plugin's clean vulnerability history.
Key Concerns
- AJAX handlers without auth checks
- AJAX handlers without nonce checks
- Unescaped output (26%)
Search Admin Menus Security Vulnerabilities
Search Admin Menus Release Timeline
Search Admin Menus Code Analysis
Output Escaping
Search Admin Menus Attack Surface
AJAX Handlers 2
WordPress Hooks 10
Maintenance & Trust
Search Admin Menus Maintenance & Trust
Maintenance Signals
Community Trust
Search Admin Menus Alternatives
PublishPress Capabilities – User Role Editor, Access Permissions, User Capabilities, Admin Menus
capability-manager-enhanced
PublishPress Capabilities is the access control plugin. You can manage user capabilities, permissions, user roles, admin menus and more.
Ultimate Dashboard – Custom WordPress Dashboard
ultimate-dashboard
The #1 Plugin to Customize the WordPress Dashboard!
Hide Admin Menu
hide-admin-menu
Using this plugin, we can hide the admin menu easily.
WP Adminify – White Label WordPress, Admin Menu Editor, Login Customizer
adminify
Transform your WordPress admin into a fully white-labeled, organized client dashboard. Customize, Dark mode, Secure, Boost productivity, and more.
Admin Tools
admin-tools
Admin Tools Helps you to get better admin for your customers. Manage your menus, plugins, Top Bar, updates and more
Search Admin Menus Developer Profile
4 plugins · 109K total installs
How We Detect Search Admin Menus
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/wp-easy-admin/admin/css/wp-easy-admin.css/wp-content/plugins/wp-easy-admin/admin/js/wp-easy-admin.js/wp-content/plugins/wp-easy-admin/admin/js/wp-easy-admin.jswp-easy-admin/admin/css/wp-easy-admin.css?ver=wp-easy-admin/admin/js/wp-easy-admin.js?ver=HTML / DOM Fingerprints
wp-easy-adminwp_easy_admin