[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f5BzkINrHFBrgq1ZD6vk8N9yHhM0yL6lOcuMwiRdox0Q":3,"$fBJCQgzhFGVBMVV4pRQf69_L8q-uVdSFpdJCrr7EsgEA":235,"$fLVJ_gN8kT-52YA580XYRwjDd-Ft1cRIprRfGCRsG2ZU":239},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":31,"crawl_stats":27,"alternatives":37,"analysis":130,"fingerprints":216},"apoyl-ip","[凹凸曼]显示IP归属地","1.6.0","apoyl","https:\u002F\u002Fprofiles.wordpress.org\u002Fapoyl\u002F","\u003Cp>实现发布文章记录IP地址，用户发布文章显示IP归属地，评论显示IP归属地,更加方便了解用户来自哪里.\u003C\u002Fp>\n\u003Ch3>插件功能\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>支持发布文章记录IP地址，\u003C\u002Fli>\n\u003Cli>支持发布文章显示IP归属地（比如来自 上海）  +\u003C\u002Fli>\n\u003Cli>支持评论显示IP归属地（比如来自 北京）\u003C\u002Fli>\n\u003Cli>归属地以系统查询结果为准\u003C\u002Fli>\n\u003Cli>采用固定的存放IP归属地到数据库中，好处比如即使IP归属地发生变化对之前用户也不会影响，减少查询消耗\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>以上功能部分免费,点击购买付费版：\u003Ca href=\"http:\u002F\u002Fwww.girltm.com\u002F\" rel=\"nofollow ugc\">凹凸曼插件\u003C\u002Fa>\u003Cbr \u002F>\n也可以加开发者QQ：3201361925 email: 3201361925@qq.com\u003C\u002Fp>\n","实现发布文章记录IP地址，用户发布文章显示IP归属地，评论显示IP归属地,更加方便了解用户来自哪里.",10,1342,0,"2025-04-24T02:03:00.000Z","6.8.5","6.0","7.4",[19,20,21,22,23],"geolocation","ip","ip-address","%e5%9c%b0%e7%90%86%e4%bd%8d%e7%bd%ae","%e5%bd%92%e5%b1%9e%e5%9c%b0","http:\u002F\u002Fwww.girltm.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fapoyl-ip.zip",92,null,"2026-04-06T09:54:40.288Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":26,"computed_at":36},29,740,97,30,"2026-05-20T04:32:38.559Z",[38,61,85,99,110],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":26,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":57,"download_link":58,"security_score":59,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":60},"ip-location-block","IP Location Block","1.3.8","Darko G.","https:\u002F\u002Fprofiles.wordpress.org\u002Fdarkog\u002F","\u003Cp>IP Location Block plugin that allows you to block access to your site based on the visitor location while also keeping your site safe from malicious attacks. The plugin brings a smart and powerful protection methods such as “\u003Cstrong>WP Metadata Exploit Protection\u003C\u002Fstrong>“.\u003C\u002Fp>\n\u003Cp>Combined with those methods and IP address geolocation, you’ll be surprised to find a bunch of malicious or undesirable access blocked in the logs of this plugin after several days of installation.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> This plugin is based on the now abandoned “IP Geo Block” plugin by tokkonopapa. I fixed various issues and improved the overall codebase.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Native Geo-Location Provider\u003C\u002Fstrong>\u003Cbr \u002F>\nIP Location Block provides \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002Fnative-geo-location-provider\u002F?utm_source=plugin&utm_medium=wporgpage&utm_campaign=readme\" rel=\"nofollow ugc\">Native Geo-Location Provider\u003C\u002Fa> that is faster, more secure and provides the needed \u003Cstrong>precision\u003C\u002Fstrong> for matching \u003Cstrong>CITY\u003C\u002Fstrong> and \u003Cstrong>STATE\u003C\u002Fstrong> besides the standard COUNTRY matching.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Privacy by design:\u003C\u002Fstrong>\u003Cbr \u002F>\nIP address is always encrypted on recording in logs\u002Fcache. Moreover, it can be anonymized and restricted on sending to the 3rd parties such as geolocation APIs or whois service.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Immigration control:\u003C\u002Fstrong>\u003Cbr \u002F>\nAccess to the basic and important entrances into back-end such as \u003Ccode>wp-comments-post.php\u003C\u002Fcode>, \u003Ccode>xmlrpc.php\u003C\u002Fcode>, \u003Ccode>wp-login.php\u003C\u002Fcode>, \u003Ccode>wp-signup.php\u003C\u002Fcode>, \u003Ccode>wp-admin\u002Fadmin.php\u003C\u002Fcode>, \u003Ccode>wp-admin\u002Fadmin-ajax.php\u003C\u002Fcode>, \u003Ccode>wp-admin\u002Fadmin-post.php\u003C\u002Fcode> will be validated by means of a country code based on IP address. It allows you to configure either whitelist or blacklist to \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FISO_3166-1_alpha-2#Officially_assigned_code_elements\" title=\"ISO 3166-1 alpha-2 - Wikipedia\" rel=\"nofollow ugc\">specify the countires\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FClassless_Inter-Domain_Routing\" title=\"Classless Inter-Domain Routing - Wikipedia\" rel=\"nofollow ugc\">CIDR notation\u003C\u002Fa> for a range of IP addresses and \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FAutonomous_system_(Internet)\" title=\"Autonomous system (Internet) - Wikipedia\" rel=\"nofollow ugc\">AS number\u003C\u002Fa> for a group of IP networks.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Guard against login attempts:\u003C\u002Fstrong>\u003Cbr \u002F>\nIn order to prevent hacking through the login form and XML-RPC by brute-force and the reverse-brute-force attacks, the number of login attempts will be limited per IP address even from the permitted countries.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Minimize server load against brute-force attacks:\u003C\u002Fstrong>\u003Cbr \u002F>\nYou can configure this plugin as a \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FMust_Use_Plugins\" title=\"Must Use Plugins « WordPress Codex\" rel=\"nofollow ugc\">Must Use Plugins\u003C\u002Fa> so that this plugin can be loaded prior to regular plugins. It can massively \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002Fvalidation-timing\u002F\" title=\"Validation timing | IP Location Block\" rel=\"nofollow ugc\">reduce the load on server\u003C\u002Fa>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Prevent malicious down\u002Fuploading:\u003C\u002Fstrong>\u003Cbr \u002F>\nA malicious request such as exposing \u003Ccode>wp-config.php\u003C\u002Fcode> or uploading malwares via vulnerable plugins\u002Fthemes can be blocked.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Block badly-behaved bots and crawlers:\u003C\u002Fstrong>\u003Cbr \u002F>\nA simple logic may help to reduce the number of rogue bots and crawlers scraping your site.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Support of BuddyPress and bbPress:\u003C\u002Fstrong>\u003Cbr \u002F>\nYou can configure this plugin so that a registered user can login as a membership from anywhere, while a request such as a new user registration, lost password, creating a new topic and subscribing comment can be blocked by country. It is suitable for \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbuddypress\u002F\" title=\"BuddyPress — WordPress Plugins\" rel=\"ugc\">BuddyPress\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbbpress\u002F\" title=\"WordPress › bbPress « WordPress Plugins\" rel=\"ugc\">bbPress\u003C\u002Fa> to help reducing spams.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Referrer suppressor for external links:\u003C\u002Fstrong>\u003Cbr \u002F>\nWhen you click an external hyperlink on admin screens, http referrer will be eliminated to hide a footprint of your site.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Multiple source of IP Geolocation databases:\u003C\u002Fstrong>\u003Cbr \u002F>\nBesides the \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002Fnative-geo-location-provider\u002F?utm_source=plugin&utm_medium=wporgpage&utm_campaign=readme\" rel=\"nofollow ugc\">Native Geo-Location provider\u003C\u002Fa>, this plugin supports \u003Ca href=\"https:\u002F\u002Fwww.maxmind.com\" title=\"MaxMind - IP Geolocation and Online Fraud Prevention\" rel=\"nofollow ugc\">MaxMind GeoLite2 free databases\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwww.ip2location.com\u002F\" title=\"IP Address Geolocation to Identify Website Visitor's Geographical Location\" rel=\"nofollow ugc\">IP2Location LITE databases\u003C\u002Fa>. Also free Geolocation REST APIs and whois information can be available for audit purposes.\u003Cbr \u002F>\nFather more, \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcloudflare-cloudfront-api-class-library\u002F\" title=\"CloudFlare & CloudFront API class library | IP Location Block\" rel=\"nofollow ugc\">dedicated API class libraries\u003C\u002Fa> can be installed for CloudFlare and CloudFront as a reverse proxy service.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Customizing response:\u003C\u002Fstrong>\u003Cbr \u002F>\nHTTP response code can be selectable as \u003Ccode>403 Forbidden\u003C\u002Fcode> to deny access pages, \u003Ccode>404 Not Found\u003C\u002Fcode> to hide pages or even \u003Ccode>200 OK\u003C\u002Fcode> to redirect to the top page.\u003Cbr \u002F>\nYou can also have a human friendly page (like \u003Ccode>404.php\u003C\u002Fcode>) in your parent\u002Fchild theme template directory to fit your site design.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Validation logs:\u003C\u002Fstrong>\u003Cbr \u002F>\nValidation logs for useful information to audit attack patterns can be manageable.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Cooperation with full spec security plugin:\u003C\u002Fstrong>\u003Cbr \u002F>\nThis plugin is lite enough to be able to cooperate with other full spec security plugin such as \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwordfence\u002F\" title=\"Wordfence Security — WordPress Plugins\" rel=\"ugc\">Wordfence Security\u003C\u002Fa>. See \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002Fpage-speed-performance\u002F\" title=\"Page speed performance | IP Location Block\" rel=\"nofollow ugc\">this report\u003C\u002Fa> about page speed performance.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Extendability:\u003C\u002Fstrong>\u003Cbr \u002F>\nYou can customize the behavior of this plugin via \u003Ccode>add_filter()\u003C\u002Fcode> with \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002F\" title=\"Codex | IP Location Block\" rel=\"nofollow ugc\">pre-defined filter hook\u003C\u002Fa>. See various use cases in \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002Fexample-use-cases-for-the-developer-hooks\u002F\" rel=\"nofollow ugc\">samples.php\u003C\u002Fa> bundled within this package.\u003Cbr \u002F>\nYou can also get the extension \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fddur\u002FWordPress-IP-Geo-Allow\" title=\"GitHub - ddur\u002FWordPress-IP-Geo-Allow: WordPress Plugin Exension for WordPress-IP-Geo-Block Plugin\" rel=\"nofollow ugc\">IP Geo Allow\u003C\u002Fa> by \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fddur\" title=\"ddur (Dragan) - GitHub\" rel=\"nofollow ugc\">Dragan\u003C\u002Fa>. It makes admin screens strictly private with more flexible way than specifying IP addresses.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Self blocking prevention and easy rescue:\u003C\u002Fstrong>\u003Cbr \u002F>\nWebsite owners do not prefer themselves to be blocked. This plugin prevents such a sad thing unless you force it. And futhermore, if such a situation occurs, you can \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002Fwhat-should-i-do-when-im-locked-out\u002F\" title=\"What should I do when I'm locked out? | IP Location Block\" rel=\"nofollow ugc\">rescue yourself\u003C\u002Fa> easily.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Clean uninstallation:\u003C\u002Fstrong>\u003Cbr \u002F>\nNothing is left in your precious mySQL database after uninstallation. So you can feel free to install and activate to make a trial of this plugin’s functionality.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Documentation\u003C\u002Fh4>\n\u003Cp>Documentation and more information can always be found on our \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002F\" title=\"IP Location Block\" rel=\"nofollow ugc\">plugin website\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Attribution\u003C\u002Fh4>\n\u003Cp>This package includes GeoLite2 library distributed by MaxMind, available from \u003Ca href=\"https:\u002F\u002Fwww.maxmind.com\" title=\"MaxMind - IP Geolocation and Online Fraud Prevention\" rel=\"nofollow ugc\">MaxMind\u003C\u002Fa>, and also includes IP2Location open source libraries available from \u003Ca href=\"https:\u002F\u002Fwww.ip2location.com\" title=\"IP Address Geolocation to Identify Website Visitor's Geographical Location\" rel=\"nofollow ugc\">IP2Location\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Also thanks for providing the following services and REST APIs for free.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fgeoiplookup.net\u002F\" title=\"What Is My IP Address | GeoIP Lookup\" rel=\"nofollow ugc\">http:\u002F\u002Fgeoiplookup.net\u002F\u003C\u002Fa> (IPv4, IPv6 \u002F free)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fipinfo.io\u002F\" title=\"IP Address API and Data Solutions\" rel=\"nofollow ugc\">https:\u002F\u002Fipinfo.io\u002F\u003C\u002Fa> (IPv4, IPv6 \u002F free)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fipapi.com\u002F\" title=\"ipapi - IP Address Lookup and Geolocation API\" rel=\"nofollow ugc\">https:\u002F\u002Fipapi.com\u002F\u003C\u002Fa> (IPv4, IPv6 \u002F free, need API key)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fipstack.com\u002F\" title=\"ipstack - Free IP Geolocation API\" rel=\"nofollow ugc\">https:\u002F\u002Fipstack.com\u002F\u003C\u002Fa> (IPv4, IPv6 \u002F free, need API key)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fipinfodb.com\u002F\" title=\"Free IP Geolocation Tools and API| IPInfoDB\" rel=\"nofollow ugc\">https:\u002F\u002Fipinfodb.com\u002F\u003C\u002Fa> (IPv4, IPv6 \u002F free, need API key)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Development\u003C\u002Fh4>\n\u003Cp>Development of this plugin happens at \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fgdarko\u002Fip-location-block\" title=\"gdarko\u002Fip-location-block - GitHub\" rel=\"nofollow ugc\">IP Location Block – GitHub\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>All contributions will always be welcome.\u003C\u002Fp>\n\u003Ch4>Known issues\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>From \u003Ca href=\"https:\u002F\u002Fmake.wordpress.org\u002Fcore\u002F2016\u002F03\u002F09\u002Fcomment-changes-in-wordpress-4-5\u002F\" title=\"Comment Changes in WordPress 4.5 – Make WordPress Core\" rel=\"nofollow ugc\">WordPress 4.5\u003C\u002Fa>, \u003Ccode>rel=nofollow\u003C\u002Fcode> had no longer be attached to the links in \u003Ccode>comment_content\u003C\u002Fcode>. This change prevents to block “\u003Ca href=\"https:\u002F\u002Fwww.owasp.org\u002Findex.php\u002FServer_Side_Request_Forgery\" title=\"Server Side Request Forgery - OWASP\" rel=\"nofollow ugc\">Server Side Request Forgeries\u003C\u002Fa>” (not Cross Site but a malicious internal link in the comment field).\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fapps.wordpress.com\u002Fmobile\u002F\" title=\"WordPress.com Apps - Mobile Apps\" rel=\"nofollow ugc\">WordPress.com Mobile App\u003C\u002Fa> can’t execute image uploading because of its own authentication system via XMLRPC.\u003C\u002Fli>\n\u003C\u002Ful>\n","Easily block visitors by country, state or ISP provider. Also, protects your site from spam, login attempts, malicious access & more.",10000,198024,33,"2026-03-13T00:57:00.000Z","7.0","3.7","",[54,55,19,21,56],"block","country","ip-geo-block","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fip-location-block\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fip-location-block.1.3.8.zip",100,"2026-04-16T10:56:18.058Z",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":71,"num_ratings":72,"last_updated":73,"tested_up_to":15,"requires_at_least":74,"requires_php":75,"tags":76,"homepage":81,"download_link":82,"security_score":59,"vuln_count":83,"unpatched_count":13,"last_vuln_date":84,"fetched_at":60},"user-ip-and-location","User IP and Location","4.0.2","Sunny Kumar","https:\u002F\u002Fprofiles.wordpress.org\u002Ftheguidex\u002F","\u003Cp>Looking to display your website visitor’s IP address, location, browser details, and other information on your WordPress site? Then “User IP and Location” plugin is exactly what you need!\u003C\u002Fp>\n\u003Cp>This plugin is very simple to set up and use. Just install it, and you can start showing visitor information anywhere on your website using easy shortcodes. You can put these shortcodes in your posts, pages, sidebar, footer – anywhere you want!\u003C\u002Fp>\n\u003Cp>The best part? We use the reliable and free \u003Ca href=\"http:\u002F\u002Fip-api.com\" title=\"IP-API\" rel=\"friend nofollow ugc\">IP-API\u003C\u002Fa> service to get all the location data, so the information is always accurate and up-to-date.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>New in Version 4.x.x – Works with Caching Plugins!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Are you using WP-Rocket, W3 Total Cache, or any other caching plugin? No problem at all! We’ve completely rebuilt the plugin to work perfectly with all caching plugins. Your visitors will always see their own correct information, not some cached data from another visitor.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Advanced Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Multi-Language Support\u003C\u002Fstrong> – Get location names in 8 different languages (English, German, Spanish, Portuguese, French, Japanese, Chinese, Russian)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PRO API Key Support\u003C\u002Fstrong> – Use your premium IP-API key for higher limits and HTTPS security\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Caching System\u003C\u002Fstrong> – Built-in server-side caching with customizable expiration times (1 hour to 1 week)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Conditional Content\u003C\u002Fstrong> – Show different content to visitors from specific countries, regions, or cities\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Developer Tools\u003C\u002Fstrong> – PHP functions and REST API endpoints for custom development\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable Output\u003C\u002Fstrong> – Change “Yes\u002FNo” text to any language or format you prefer\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Here are all the shortcodes you can use:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[userip_location type=\"ip\"] - Shows visitor's IP address\n[userip_location type=\"continent\"] - Shows continent name\n[userip_location type=\"country\"] - Shows country name\n[userip_location type=\"countrycode\"] - Shows country code (like IN, US, UK)\n[userip_location type=\"region\"] - Shows region code\n[userip_location type=\"regionname\"] - Shows region\u002Fstate name\n[userip_location type=\"city\"] - Shows city name\n[userip_location type=\"zip\"] - **NEW!** Shows ZIP\u002Fpostal code\n[userip_location type=\"lat\"] - Shows latitude\n[userip_location type=\"lon\"] - Shows longitude\n[userip_location type=\"timezone\"] - Shows timezone\n[userip_location type=\"currency\"] - Shows local currency\n[userip_location type=\"isp\"] - Shows internet provider name\n[userip_location type=\"mobile\"] - Shows if visitor is on mobile network\n[userip_location type=\"proxy\"] - Shows if visitor is using proxy\n[userip_location type=\"hosting\"] - Shows if IP is from hosting provider\n[userip_location type=\"browser\"] - Shows browser name\n[userip_location type=\"os\"] - Shows operating system\n[userip_location type=\"flag\" height=\"auto\" width=\"50px\" vertical_align=\"middle\"] - Shows country flag\n[userip_localtime] - **NEW!** Shows visitor's current local time\n[userip_localdate] - **NEW!** Shows visitor's current local date\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Smart Conditional Content:\u003C\u002Fstrong>\u003Cbr \u002F>\nShow different content to visitors from different places! Perfect for targeted marketing, regional offers, or localized messages.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[userip_conditional country=\"US,IN\"]Content for US and India visitors only[\u002Fuserip_conditional]\n[userip_conditional country_not=\"CN,RU\"]Content for everyone except China and Russia[\u002Fuserip_conditional]\n[userip_conditional region=\"CA,TX\"]Special offers for California and Texas![\u002Fuserip_conditional]\n[userip_conditional city=\"Mumbai,Delhi\"]Mumbai and Delhi exclusive deals[\u002Fuserip_conditional]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>About the Flag Shortcode:\u003C\u002Fstrong>\u003Cbr \u002F>\nWhen using the flag shortcode, you can control its size and position. The \u003Ccode>height\u003C\u002Fcode>, \u003Ccode>width\u003C\u002Fcode>, and \u003Ccode>vertical_align\u003C\u002Fcode> options are all optional. By default, height is auto, width is 50px, and it aligns in the middle. You can change these as per your needs.\u003C\u002Fp>\n\u003Ch4>Why Choose User IP and Location Plugin?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Super Easy Setup\u003C\u002Fstrong> – Just install and activate, that’s it!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Works with All Caching Plugins\u003C\u002Fstrong> – WP-Rocket, W3 Total Cache, you name it!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fast Loading\u003C\u002Fstrong> – Uses modern AJAX technology so it doesn’t slow down your site\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lots of Information\u003C\u002Fstrong> – IP, country, city, flag, browser, OS, ISP, and much more\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multi-Language Support\u003C\u002Fstrong> – Location names in 8 different languages\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PRO API Support\u003C\u002Fstrong> – Use premium IP-API keys for higher limits and HTTPS\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Caching\u003C\u002Fstrong> – Server-side caching with customizable expiration (1 hour to 1 week)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>New Features\u003C\u002Fstrong> – ZIP code and local time shortcodes added\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Content\u003C\u002Fstrong> – Show different content to visitors from different countries, regions, or cities\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Always Updated\u003C\u002Fstrong> – Uses reliable IP-API service for accurate data\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Developer Friendly\u003C\u002Fstrong> – Includes PHP functions and REST API for custom development\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable\u003C\u002Fstrong> – Change output text, caching settings, and more from admin panel\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Perfect for bloggers, businesses, and developers who want to personalize their website based on visitor location!\u003C\u002Fp>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>This awesome plugin is created by the talented team at \u003Ca href=\"https:\u002F\u002Fheyserp.com\" title=\"HeySERP\" rel=\"friend nofollow ugc\"> HeySERP \u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Want to learn more about WordPress? Check out our website \u003Ca href=\"https:\u002F\u002Ftheguidex.com\u002F\" title=\"TheGuideX\" rel=\"friend nofollow ugc\"> TheGuideX \u003C\u002Fa> where we share helpful tutorials on:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fthewpx.com\u002Fget-ip-address-and-location-in-wordpress\u002F\" title=\"How to Get the IP Address and Location of Users in WordPress\" rel=\"friend nofollow ugc\">How to Get User IP and Location in WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftheguidex.com\u002Fcommon-wordpress-errors\u002F\" title=\"Common WordPress Errors & Solutions\" rel=\"friend nofollow ugc\">Common WordPress Errors & How to Fix Them\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftheguidex.com\u002Fgoogle-adsense-plugins-for-wordpress\u002F\" title=\"Best WordPress Ads Manager Plugins\" rel=\"friend nofollow ugc\">Best WordPress Ad Management Plugins\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>…and many more helpful \u003Ca href=\"https:\u002F\u002Ftheguidex.com\u002Fcategory\u002Fwordpress\u002F\" title=\"WordPress Tutorials\" rel=\"friend nofollow ugc\">WordPress tutorials\u003C\u002Fa> in simple language!\u003C\u002Fp>\n","Want to show your website visitors their IP address, location, and other cool details? This plugin makes it super easy! Now works perfectly with cachi &hellip;",3000,38194,84,9,"2025-07-15T07:41:00.000Z","5.0","7.2",[77,19,78,79,80],"country-code","region","user-ip-address","user-location","https:\u002F\u002Ftheguidex.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-ip-and-location.zip",1,"2023-04-28 00:00:00",{"slug":86,"name":87,"version":88,"author":89,"author_profile":90,"description":91,"short_description":92,"active_installs":11,"downloaded":93,"rating":13,"num_ratings":13,"last_updated":94,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":95,"homepage":97,"download_link":98,"security_score":59,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":60},"docodoco-country-redirection","DocoDoco Country Redirection","1.0.2","Geolocation Technology","https:\u002F\u002Fprofiles.wordpress.org\u002Fgeolocationtechnology\u002F","\u003Cp>本プラグインは、IPアドレスに基づくアクセス元の国や地域を判定し、その結果に応じてサイト訪問者に表示するページをリダイレクトすることができます。\u003C\u002Fp>\n\u003Ch4>Language\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Japanese  – default\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>どこどこJP\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>このプラグインでは、アクセス元の国もしくは匿名アクセス情報を判定するために、\u003Ca href=\"https:\u002F\u002Fwww.docodoco.jp\u002F\" rel=\"nofollow ugc\">どこどこJP\u003C\u002Fa> のAPIを使用します。\u003C\u002Fli>\n\u003Cli>どこどこJPとは、IPアドレスとそれに紐づいた地域・組織・気象・回線情報など100種類以上の情報を利用できるAPIサービスです。\u003C\u002Fli>\n\u003Cli>本プラグインを使用することにより、サイトの訪問者のIPアドレス等の情報が、どこどこJPのAPI（api.docodoco.jp）を通じてサービス提供者に送信されることがあります。\u003C\u002Fli>\n\u003Cli>プライバシーポリシーは\u003Ca href=\"https:\u002F\u002Fwww.geolocation.co.jp\u002Fprivacy\u002F\" rel=\"nofollow ugc\">サービス提供者のWebサイト\u003C\u002Fa>を確認してください。\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Google Charts\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>プラグインの設定画面で地図を表示するために \u003Ca href=\"https:\u002F\u002Fdevelopers.google.com\u002Fchart\" rel=\"nofollow ugc\">Google Charts\u003C\u002Fa> を使用します。\u003C\u002Fli>\n\u003Cli>Google Charts を使用するために、プラグインの設定画面を表示する利用者の環境から https:\u002F\u002Fwww.gstatic.com\u002Fcharts\u002Floader.js にアクセスできる必要があります。\u003C\u002Fli>\n\u003Cli>このプラグインでの Google Charts の利用に関して、データがサーバーに送信されることはありません。\u003C\u002Fli>\n\u003Cli>プライバシーポリシーは\u003Ca href=\"https:\u002F\u002Fdevelopers.google.com\u002Fchart\u002Finteractive\u002Fdocs\u002Fsecurity_privacy\" rel=\"nofollow ugc\">サービス提供者のWebサイト\u003C\u002Fa>を確認してください。\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.docodoco.jp\u002Fplugin\u002Fdocodoco-country-redirection\u002F\" rel=\"nofollow ugc\">プラグイン紹介ページ\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","サイト訪問者のアクセス元の国もしくは匿名アクセスを判定して、表示するページを切り替えるためのプラグインです。",1559,"2025-07-02T07:57:00.000Z",[19,21,96],"redirection","https:\u002F\u002Fwww.docodoco.jp\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdocodoco-country-redirection.1.0.2.zip",{"slug":100,"name":101,"version":102,"author":89,"author_profile":90,"description":103,"short_description":104,"active_installs":11,"downloaded":105,"rating":13,"num_ratings":13,"last_updated":106,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":107,"homepage":97,"download_link":109,"security_score":59,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"docodoco-geotargeting","DocoDoco GeoTargeting","2.0.1","\u003Cp>本プラグインは、IPアドレスに基づくアクセス元の位置情報や企業属性に基づき、サイト訪問者に表示するコンテンツを切り換えることができます。\u003C\u002Fp>\n\u003Cp>また、ABテスト機能でコンテンツの切り替えを有効にした場合・無効にした場合のクリック率などを計測して、コンテンツ切替の効果測定ができます。\u003C\u002Fp>\n\u003Ch4>Language\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Japanese  – default\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>どこどこJP\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>このプラグインでは、アクセス元の国もしくは匿名アクセス情報を判定するために、\u003Ca href=\"https:\u002F\u002Fwww.docodoco.jp\u002F\" rel=\"nofollow ugc\">どこどこJP\u003C\u002Fa> のAPIを使用します。\u003C\u002Fli>\n\u003Cli>どこどこJPとは、IPアドレスとそれに紐づいた地域・組織・気象・回線情報など100種類以上の情報を利用できるAPIサービスです。\u003C\u002Fli>\n\u003Cli>本プラグインを使用することにより、サイトの訪問者のIPアドレス等の情報が、どこどこJPのAPI（api.docodoco.jp）を通じてサービス提供者に送信されることがあります。\u003C\u002Fli>\n\u003Cli>プライバシーポリシーは\u003Ca href=\"https:\u002F\u002Fwww.geolocation.co.jp\u002Fprivacy\u002F\" rel=\"nofollow ugc\">サービス提供者のWebサイト\u003C\u002Fa>を確認してください。\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Developers\u003C\u002Fh4>\n\u003Cp>※ これはプラグイン開発者向けの情報です。\u003C\u002Fp>\n\u003Cp>public\u002Fjs\u002Ffrontend.bundle.js は webpack によってビルドされたファイルです。\u003Cbr \u002F>\nビルド方法は how-to-build.md を参照してください。\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.docodoco.jp\u002Fplugin\u002Fdocodoco-geotargeting\u002F\" rel=\"nofollow ugc\">プラグイン紹介ページ\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","サイト訪問者のアクセス元の国や企業属性に基づき、表示するコンテンツを切り替えるためのプラグインです。",1003,"2025-07-02T08:00:00.000Z",[19,108,21],"geotargeting","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdocodoco-geotargeting.2.0.1.zip",{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":11,"downloaded":118,"rating":13,"num_ratings":13,"last_updated":119,"tested_up_to":120,"requires_at_least":121,"requires_php":52,"tags":122,"homepage":127,"download_link":128,"security_score":129,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":60},"shift8-geoip-location","Shift8 GEO IP Location","1.08","shift8","https:\u002F\u002Fprofiles.wordpress.org\u002Fshift8\u002F","\u003Cp>Plugin that utilizes \u003Ca href=\"http:\u002F\u002Fip-api.com\" rel=\"nofollow ugc\">ip-api\u003C\u002Fa> to get geolocation coordinates based on the end-users’ IP address. Read the \u003Ca href=\"https:\u002F\u002Fwww.shift8web.ca\u002F2018\u002F01\u002Fwordpress-plugin-get-geolocation-coordinates-visitors-ip-address\u002F\" rel=\"nofollow ugc\">blog post detailing how to interact with the plugin\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Want to see the plugin in action?\u003C\u002Fh3>\n\u003Cp>You can view three example sites where this plugin is live :\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Example Site 1 : \u003Ca href=\"https:\u002F\u002Fwww.stackstar.com\" title=\"Wordpress Hosting\" rel=\"nofollow ugc\">WordPress Hosting\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Example Site 2 : \u003Ca href=\"https:\u002F\u002Fwww.shift8web.ca\" title=\"Web Design in Toronto\" rel=\"nofollow ugc\">Web Design in Toronto\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Cookie session established with IP address and latitude \u002F longitude coordinates of the end-user browsing the site\u003C\u002Fli>\n\u003C\u002Ful>\n","Plugin that utilizes ip-api to get geolocation coordinates based on the end-users' IP address. Read the blog post detailing how to interact with  &hellip;",1682,"2023-04-10T14:52:00.000Z","6.2.9","3.0.1",[123,124,19,125,126],"geo-location","geographic-location","ip-address-location","ip-geolocation","https:\u002F\u002Fgithub.com\u002Fstardothosting\u002Fshift8-geoip","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshift8-geoip-location.zip",85,{"attackSurface":131,"codeSignals":158,"taintFlows":187,"riskAssessment":207,"analyzedAt":215},{"hooks":132,"ajaxHandlers":154,"restRoutes":155,"shortcodes":156,"cronEvents":157,"entryPointCount":13,"unprotectedCount":13},[133,139,142,145,148,151],{"type":134,"name":135,"callback":136,"file":137,"line":138},"action","plugins_loaded","anonymous","includes\\ip.php",46,{"type":134,"name":140,"callback":136,"file":137,"line":141},"admin_menu",52,{"type":134,"name":143,"callback":136,"file":137,"line":144},"save_post",53,{"type":134,"name":146,"callback":136,"file":137,"line":147},"wp_enqueue_scripts",64,{"type":134,"name":149,"callback":136,"file":137,"line":150},"the_author",65,{"type":134,"name":152,"callback":136,"file":137,"line":153},"get_comment_author",66,[],[],[],[],{"dangerousFunctions":159,"sqlUsage":160,"outputEscaping":175,"fileOperations":13,"externalRequests":13,"nonceChecks":83,"capabilityChecks":13,"bundledLibraries":186},[],{"prepared":13,"raw":161,"locations":162},3,[163,167,171],{"file":164,"line":165,"context":166},"admin\\admin.php",57,"$wpdb->get_results() with variable interpolation",{"file":168,"line":169,"context":170},"includes\\activator.php",35,"$wpdb->get_var() with variable interpolation",{"file":172,"line":173,"context":174},"public\\partials\\public-display.php",11,"$wpdb->get_row() with variable interpolation",{"escaped":176,"rawEcho":161,"locations":177},17,[178,182,184],{"file":179,"line":180,"context":181},"admin\\partials\\nav.php",13,"raw output",{"file":183,"line":32,"context":181},"admin\\partials\\setting.php",{"file":183,"line":185,"context":181},36,[],[188],{"entryPoint":189,"graph":190,"unsanitizedCount":13,"severity":206},"\u003Csetting> (admin\\partials\\setting.php:0)",{"nodes":191,"edges":203},[192,197],{"id":193,"type":194,"label":195,"file":183,"line":196},"n0","source","$_POST",19,{"id":198,"type":199,"label":200,"file":183,"line":201,"wp_function":202},"n1","sink","update_option() [Settings Manipulation]",23,"update_option",[204],{"from":193,"to":198,"sanitized":205},true,"low",{"summary":208,"deductions":209},"The \"apoyl-ip\" plugin v1.6.0 exhibits a generally strong security posture, primarily due to its minimal attack surface and the absence of known vulnerabilities. The static analysis reveals no AJAX handlers, REST API routes, shortcodes, or cron events, significantly reducing the potential entry points for attackers. This is a positive indicator of secure coding practices. Furthermore, the taint analysis shows no high or critical severity flows, and there are no recorded CVEs, suggesting a mature and stable codebase. The presence of a nonce check is also a good sign.  However, there are a couple of areas for improvement. The plugin uses raw SQL queries without prepared statements, which, while not immediately exploitable in this context due to the lack of entry points, represents a potential risk if new entry points are added or existing ones are modified. Additionally, while most output is properly escaped, 15% is not, which could lead to cross-site scripting (XSS) vulnerabilities in specific scenarios.  Overall, \"apoyl-ip\" v1.6.0 appears to be a secure plugin with a low risk profile, but addressing the raw SQL queries and ensuring 100% output escaping would further solidify its security.",[210,212],{"reason":211,"points":11},"Raw SQL queries without prepared statements",{"reason":213,"points":214},"Unescaped output (15% of total)",5,"2026-03-17T01:05:56.143Z",{"wat":217,"direct":228},{"assetPaths":218,"generatorPatterns":222,"scriptPaths":223,"versionParams":224},[219,220,221],"\u002Fwp-content\u002Fplugins\u002Fapoyl-ip\u002Fadmin\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fapoyl-ip\u002Fadmin\u002Fjs\u002Fadmin.js","\u002Fwp-content\u002Fplugins\u002Fapoyl-ip\u002Fpublic\u002Fcss\u002Fpublic.css",[],[],[225,226,227],"apoyl-ip\u002Fadmin\u002Fcss\u002Fadmin.css?ver=","apoyl-ip\u002Fadmin\u002Fjs\u002Fadmin.js?ver=","apoyl-ip\u002Fpublic\u002Fcss\u002Fpublic.css?ver=",{"cssClasses":229,"htmlComments":230,"htmlAttributes":231,"restEndpoints":232,"jsGlobals":233,"shortcodeOutput":234},[],[],[],[],[],[],{"error":205,"url":236,"statusCode":237,"statusMessage":238,"message":238},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fapoyl-ip\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":13,"versions":240},[]]