Does Basic Visitor Counter have any unpatched vulnerabilities?

No. All known vulnerabilities in Basic Visitor Counter have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Basic Visitor Counter compatible with WordPress 6.7.5?

According to WordPress.org data, Basic Visitor Counter 1.2.4 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Basic Visitor Counter compatible with PHP 8.2+?

Basic Visitor Counter requires PHP 8.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Basic Visitor Counter updated?

Basic Visitor Counter was last updated on Feb 24, 2025. Frequent updates are generally a positive security signal.

What is Basic Visitor Counter's security score?

Basic Visitor Counter has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Basic Visitor Counter Security & Risk Analysis

wordpress.org/plugins/basic-visitor-counter

Basic Visitor Counter – Simple & Lightweight Visitor Tracking.

10 active installs v1.2.4 PHP 8.2+ WP 6.0+ Updated Feb 24, 2025

1-2-4visitor

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Basic Visitor Counter Safe to Use in 2026?

Generally Safe

Score 92/100

Basic Visitor Counter has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "basic-visitor-counter" plugin, version 1.2.4, exhibits a generally strong security posture with several good practices in place. All identified SQL queries utilize prepared statements, and all output is properly escaped, significantly reducing the risk of common injection and cross-site scripting vulnerabilities. The plugin also avoids dangerous functions, file operations, and external HTTP requests, further contributing to its security. However, the static analysis reveals two taint flows with unsanitized paths, indicating a potential for vulnerabilities where user-supplied data might be processed in an insecure manner, especially concerning file operations or path manipulation if any were present internally. Furthermore, the lack of any nonce checks or capability checks, while not explicitly leading to an immediate vulnerability given the current attack surface, is a concern for future extensibility and robustness. The absence of any historical vulnerabilities is positive, suggesting a developer who has historically prioritized security or a plugin that has not yet attracted significant malicious attention. Overall, the plugin is reasonably secure for its current state, but the identified taint flows and missing security checks warrant attention for a more robust defense.

Key Concerns

Taint flows with unsanitized paths
Missing nonce checks
Missing capability checks

Vulnerabilities

None known

Basic Visitor Counter Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Basic Visitor Counter Code Analysis

Dangerous Functions

Raw SQL Queries

6 prepared

Unescaped Output

5 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared6 total queries

Output Escaping

100% escaped5 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

track_visitor (includes\class-basivicoun-tracker.php:12)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Basic Visitor Counter Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[basivicoun_track_visitor] includes\class-basivicoun-tracker.php:9

WordPress Hooks 4

actionplugins_loadedbasic-visitor-counter.php:30

actionadmin_menuincludes\class-basivicoun-admin.php:8

actionadmin_initincludes\class-basivicoun-admin.php:9

actionwp_footerincludes\class-basivicoun-tracker.php:8

Maintenance & Trust

Basic Visitor Counter Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedFeb 24, 2025

PHP min version8.2

Downloads675

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Basic Visitor Counter Alternatives

WP Statistics – Simple, privacy-friendly Google Analytics alternative

wp-statistics

Get website traffic insights with GDPR/CCPA compliant, privacy-friendly analytics. Includes visitor data, stunning graphs, and no data sharing.

600K 35 CVEs

Visitor Traffic Real Time Statistics

visitors-traffic-real-time-statistics

This plugin will help you to track your visitors, browsers, operating systems, visits and much more in one dashboard page.

40K 8 CVEs

WP Visitor Statistics (Real Time Traffic)

wp-stats-manager

This plugin will help you to track your visitors & visits, browsers, operating systems, GEO locations and much more, easy to install and working fine.

20K 1 unpatched

User Submitted Posts – Enable Users to Submit Posts from the Front End

user-submitted-posts

Enable visitors to submit posts and images from the front-end of your site. Many features including anti-spam security, content restriction, and more.

10K 12 CVEs

WP Notification Bars

wp-notification-bars

Create custom notification and alert bar for marketing promotions, alerts, increasing click throughs to other pages and so much more.

10K No CVEs

Developer Profile

Basic Visitor Counter Developer Profile

Trickyenough

1 plugin · 10 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Basic Visitor Counter

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Shortcode Output

[basivicoun_track_visitor]

FAQ