WP-Safety

Bot Block – Stop Spam Referrals in Google Analytics Security & Risk Analysis

wordpress.org/plugins/bot-block-stop-spam-google-analytics-referrals

Block spam referrals showing in Google Analytics and save bandwidth. Central database of sites, ability to add custom URL's and stats.

700 active installs v2.6 PHP + WP 3.9+ Updated Feb 24, 2016
googlegoogle-analyticsgoogle-analytics-spamseo
63
C · Use Caution
CVEs total1
Unpatched1
Last CVESep 22, 2025
Download
Safety Verdict

Is Bot Block – Stop Spam Referrals in Google Analytics Safe to Use in 2026?

Use With Caution

Score 63/100

Bot Block – Stop Spam Referrals in Google Analytics has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.

1 known CVE 1 unpatched Last CVE: Sep 22, 2025Updated 10yr ago
Risk Assessment

This plugin exhibits several concerning security practices. While the attack surface appears minimal with no direct entry points exposed to users, the static analysis reveals a significant lack of fundamental security measures. All SQL queries are executed without prepared statements, a major vulnerability that can lead to SQL injection. Furthermore, no output is properly escaped, creating a high risk of Cross-Site Scripting (XSS) attacks. The absence of nonce and capability checks on any potential entry points (though none are explicitly identified) is also a weakness. The vulnerability history confirms these concerns, showing a past medium-severity XSS vulnerability, which aligns with the unescaped output issue. While the plugin is updated, the persistent nature of these flaws and the historical XSS suggest a need for immediate remediation.

Key Concerns

  • Unpatched CVE (Medium severity)
  • No SQL prepared statements
  • No output escaping
  • No nonce checks
  • No capability checks
Vulnerabilities
1

Bot Block – Stop Spam Referrals in Google Analytics Security Vulnerabilities

CVEs by Year

1 CVE in 2025 · unpatched
2025
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2025-57935medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Bot Block &#8211; Stop Spam Referrals in Google Analytics <= 2.6 - Authenticated (Administrator+) Stored Cross-Site Scripting

Sep 22, 2025Unpatched
Code Analysis
Analyzed Mar 16, 2026

Bot Block – Stop Spam Referrals in Google Analytics Code Analysis

Dangerous Functions
0
Raw SQL Queries
9
0 prepared
Unescaped Output
8
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
2
Bundled Libraries
0

SQL Query Safety

0% prepared9 total queries

Output Escaping

0% escaped8 total outputs
Attack Surface

Bot Block – Stop Spam Referrals in Google Analytics Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 6
actionplugins_loadedbot-block.php:33
actionparse_requestbot-block.php:55
actionadmin_initbot-block.php:60
actionadmin_menubot-block.php:64
actionbot_block_cronbot-block.php:71
actionbot_block_send_statsbot-block.php:74

Scheduled Events 2

bot_block_cron
bot_block_send_stats
Maintenance & Trust

Bot Block – Stop Spam Referrals in Google Analytics Maintenance & Trust

Maintenance Signals

WordPress version tested4.4.34
Last updatedFeb 24, 2016
PHP min version
Downloads19K

Community Trust

Rating84/100
Number of ratings17
Active installs700
Alternatives

Bot Block – Stop Spam Referrals in Google Analytics Alternatives

Bruce Clay SEO WP

Bruce Clay SEO WP

bruce-clay-seo

A
85

Next-level SEO plugin! Get on-page guidance per keyword based on analysis of top competitors. See analytics in the WP dashboard.

10 No CVEs
Easy ToolBox

Easy ToolBox

easy-toolbox

A
100

This plugin is simple, all in one and really simplifies your life (SEO, Social networks, Google adsense, GetClicky, button +1, plusone, plus one, Twit &hellip;

10 No CVEs
Exclude IPs From Google Analytics

Exclude IPs From Google Analytics

exclude-ips-from-google-analytics

A
100

Exclude IP’s From Google Analytics. You can paste google analytics code in this plugin and it will work.

0 No CVEs
All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic

All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic

all-in-one-seo-pack

B
82

AIOSEO is the most powerful WordPress SEO plugin. Improve SEO rankings and traffic with comprehensive SEO tools and smart AI SEO optimizations!

3.0M 26 CVEs
Rank Math SEO – AI SEO Tools to Dominate SEO Rankings

Rank Math SEO – AI SEO Tools to Dominate SEO Rankings

seo-by-rank-math

A
86

Rank Math SEO is the best WordPress SEO plugin with the features of many SEO and AI SEO tools in a single package to help multiply your SEO traffic.

3.0M 20 CVEs
Developer Profile

Bot Block – Stop Spam Referrals in Google Analytics Developer Profile

Ricky Dawn

1 plugin · 700 total installs

68
trust score
Avg Security Score
63/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Bot Block – Stop Spam Referrals in Google Analytics

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/bot-block-stop-spam-google-analytics-referrals/bot-block.css/wp-content/plugins/bot-block-stop-spam-google-analytics-referrals/bot-block.js
Generator Patterns
Bot Block v2.6
Script Paths
/wp-content/plugins/bot-block-stop-spam-google-analytics-referrals/bot-block.js
Version Parameters
bot-block.css?ver=bot-block.js?ver=

HTML / DOM Fingerprints

CSS Classes
bot-block-admin-settings
HTML Comments
Bot Block v2.6 - For help and support please visit: http://www.webresultsdirect.com
Data Attributes
data-bot-block-id
JS Globals
bot_block_update_script
FAQ

Frequently Asked Questions about Bot Block – Stop Spam Referrals in Google Analytics