Does Current Location have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Current Location compatible with WordPress 3.2.1?

According to WordPress.org data, Current Location 1.5.9 has been tested up to WordPress 3.2.1. Check the plugin's changelog for the latest compatibility information.

How often is Current Location updated?

Current Location was last updated on Oct 18, 2011. Frequent updates are generally a positive security signal.

What is Current Location's security score?

Current Location has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Current Location Security & Risk Analysis

wordpress.org/plugins/current-location

Gets your current location from Google Badge System. Use to display your current location.

10 active installs v1.5.9 PHP + WP 2.9+ Updated Oct 18, 2011

googlegpsjsonlatitudelocation

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Current Location Safe to Use in 2026?

Generally Safe

Score 85/100

Current Location has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 14yr ago

Risk Assessment

The 'current-location' v1.5.9 plugin exhibits a mixed security posture, with some good practices but also notable concerns. The plugin has a very small attack surface, with only one shortcode and no identified AJAX, REST API, or cron entry points that are unprotected. The absence of known vulnerabilities in its history is a positive sign, suggesting a generally well-maintained codebase. However, the static analysis reveals critical weaknesses. The use of the `create_function` is a significant security risk due to its potential for code injection. Furthermore, a very low percentage of output is properly escaped (3%), indicating a high likelihood of Cross-Site Scripting (XSS) vulnerabilities. While SQL queries are prepared, the overall lack of robust output sanitization presents a substantial risk that could be exploited by attackers, potentially leading to arbitrary code execution or data leakage through crafted inputs.

Key Concerns

Use of create_function
Low percentage of properly escaped output

Vulnerabilities

None known

Current Location Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Current Location Release Timeline

v1.5.9Current

v1.5.8

v1.5.7

v1.5.6

v1.5.5

v1.5.4

v1.5.3

v1.5.2

v1.5.1

v1.5

v1.4

v1.3

v1.2

v1.1

Code Analysis

Analyzed Apr 16, 2026

Current Location Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

109

3 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

create_functionadd_action('widgets_init', create_function('', 'return register_widget("CurrentLocationWidget");'));cl-widget.php:75

Output Escaping

3% escaped112 total outputs

Attack Surface

Current Location Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[current-location] cl-post.php:148

WordPress Hooks 9

filtermce_external_pluginscl-editor-plugin.php:10

filtermce_buttonscl-editor-plugin.php:11

actioninitcl-editor-plugin.php:27

actionwp_dashboard_setupcl-options.php:316

actionadmin_menucl-post.php:146

actionsave_postcl-post.php:147

filterthe_contentcl-post.php:149

actionwidgets_initcl-widget.php:75

actionadmin_menuindex.php:49

Maintenance & Trust

Current Location Maintenance & Trust

Maintenance Signals

WordPress version tested3.2.1

Last updatedOct 18, 2011

PHP min version

Downloads6K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Current Location Alternatives

Simple Fields Map extension

simple-fields-map-extension

Extension to Simple Fields that adds a field type for selecting a location on a Google Map.

100 No CVEs

Smartphone Location Lookup

smartphone-location-lookup

This plugins displays a location based map on your sidebar. It tells visitors to your blog exactly where YOU are!

10 No CVEs

Easy Google Maps

google-maps-easy

Google Maps with markers, locations and clusterization, KML layers and filters. Custom Google map markers with text, images, videos, links.

20K 7 CVEs

Store Locator WordPress

agile-store-locator

Agile Store Locator is a premium store finder plugin designed to offer you immediate access to all the best stores in your local area.

10K 8 CVEs

Address Autocomplete via Google for Gravity Forms

gf-google-address-autocomplete

A simple and nice plugin to get auto suggestion from google place api in gravity form address field.

2K 1 CVE

Developer Profile

Current Location Developer Profile

Justin Givens

3 plugins · 80 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Current Location

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/current-location/icon.png

Version Parameters

current-location/style.css?ver=current-location/current-location.js?ver=

HTML / DOM Fingerprints

Data Attributes

name="current_location_date"name="current_location_static"name="current_location_coords"name="current_location_accuracy"name="current_location_city"id="current_location_date"+4 more

Shortcode Output

[current-location]<abbr title="My Current Location">

FAQ