Plugin inspection:

Hide Admin Menu

Use with caution

Last revised:

Confidence: Medium
This plugin has been given a short, targeted code review.

Before using this plugin, you should carefully consider these findings. Read more about this recommendation.

Findings

The plugin appears safe from a basic inspection of the code. The coding style could be improved, for example with consistent indentation and more use of classes to encapsulate functions out of the global namespace.

There is functionality to create plugin database records when the plugin is activated but there does not appear to be functionality to remove these on deactivation, so repeatedly activating may create duplicate records.

Note the solution if one accidentally hides all menus at https://wordpress.org/plugins/hide-admin-menu/#what%20should%20you%20do%20when%20you%20hide%20all%20the%20menu%20by%20this%20plugin%3F

 

 

Reason for the 'Use with caution' result

The plugin meets a large number of failure criteria and is of poor quality, leading the tester to fear that subsequent versions of the plugin are likely to introduce vulnerabilities:

While the plugin appears safe in its current form, there are unfortunately points about the coding quality that are concerning, as above.

Failure criteria

  • Poor coding style
  • Failure to use available core functionality

Read more about our failure criteria.