[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f3q0SFDw9cuL4DWXKWVzBViJBToHTD-nEHrsC7a5Q_Tc":3,"$fdCGBHVX9eSF1nj9yIbupMQk1kAC7W7lISdzoRF8cTMw":365,"$fTiTBoewb0w3QMbpSv69SazS2LQa37mtbMs0dNhiyR3E":370},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"discovery_status":30,"vulnerabilities":31,"developer":32,"crawl_stats":28,"alternatives":40,"analysis":144,"fingerprints":329},"geo-blocker","Geo Blocker – Control Site Access by Region and IP","1.0.0","Mohamed Shili","https:\u002F\u002Fprofiles.wordpress.org\u002Fmedshi8\u002F","\u003Cp>🔐 Block or allow visitors by country. Track access attempts. View analytics. Stay in control — effortlessly.\u003C\u002Fp>\n\u003Ch3>🧠 Description\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Geo Blocker\u003C\u002Fstrong> gives you full control over who can access your WordPress site — based on visitor country and IP. Whether you’re protecting content, reducing attack surface, or managing regional access, this plugin does it with precision and clarity.\u003C\u002Fp>\n\u003Cp>🎯 Designed for performance, security, and ease of use.\u003Cbr \u002F>\n📊 Built-in analytics and access logs.\u003Cbr \u002F>\n🧭 Never get locked out — admin-safe bypass included.\u003C\u002Fp>\n\u003Ch3>🚀 Features\u003C\u002Fh3>\n\u003Ch3>✅ Access Control That Makes Sense\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Block Selected Countries\u003C\u002Fstrong> – deny access to specific regions  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Allow Selected Countries\u003C\u002Fstrong> – restrict site only to approved countries  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🧩 Smart Blocking Actions\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>📜 Show custom message  \u003C\u002Fli>\n\u003Cli>🔁 Redirect to a URL  \u003C\u002Fli>\n\u003Cli>🚫 Send HTTP 403 Forbidden response  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🌐 Visual Country Selector\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Flag icons & search bar for quick targeting  \u003C\u002Fli>\n\u003Cli>Filter by continent (Africa, Asia, Europe, etc.)  \u003C\u002Fli>\n\u003Cli>One-click select\u002Fdeselect all  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📈 Analytics Dashboard\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Summary cards: total visits, blocks, IPs  \u003C\u002Fli>\n\u003Cli>Hourly charts for real-time insights  \u003C\u002Fli>\n\u003Cli>Filter by date range & data type (accesses, unique IPs, etc.)  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📋 Detailed Logs\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>See IP, country, URL, status, user agent  \u003C\u002Fli>\n\u003Cli>Filters out common junk (favicon, robots.txt)  \u003C\u002Fli>\n\u003Cli>Admin visits are auto-ignored to reduce noise  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🛠️ Admin-Proof Bypass URL\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Special URL with bypass parameter to access login anytime  \u003C\u002Fli>\n\u003Cli>Prevents accidental lockouts  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔄 Data Export & Log Management\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Export logs in CSV or JSON  \u003C\u002Fli>\n\u003Cli>Clear logs with a single click  \u003C\u002Fli>\n\u003Cli>Sort & search logs in the UI\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🌐 External Services\u003C\u002Fh3>\n\u003Cp>This plugin uses a third-party API to determine the visitor’s country based on their IP address.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service used:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fipwho.is\" rel=\"nofollow ugc\">IPWho.is\u003C\u002Fa>  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Purpose:\u003C\u002Fstrong> To perform IP geolocation and detect the country of each visitor, allowing the plugin to block or allow access accordingly.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data sent:\u003C\u002Fstrong> The visitor’s IP address is sent to the IPWho.is API on page load when geo-blocking is active.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Service:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fipwhois.io\u002Fterms\" rel=\"nofollow ugc\">https:\u002F\u002Fipwhois.io\u002Fterms\u003C\u002Fa>  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Policy:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fipwhois.io\u002Fprivacy\" rel=\"nofollow ugc\">https:\u002F\u002Fipwhois.io\u002Fprivacy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🖥️ Screenshots\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>📊 Dashboard Overview\u003C\u002Fstrong> – See country blocks, allowed hits & total attempts   \u003C\u002Fli>\n\u003Cli>\u003Cstrong>🔧 Blocking Rules\u003C\u002Fstrong> – Choose block mode, action type, and targets. Enable or disable countries visually\u003C\u002Fli>\n\u003Cli>\u003Cstrong>📉 Analytics Graphs\u003C\u002Fstrong> – View access by time, state, and IP 5. \u003Cstrong>📑 Logs Table\u003C\u002Fstrong> – Deep insights with full logs of visitor attempts. Export CSV\u002FJSON logs with one click\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>📦 Installation\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Upload the plugin folder to \u003Ccode>\u002Fwp-content\u002Fplugins\u002Fgeo-blocker\u003C\u002Fcode>  \u003C\u002Fli>\n\u003Cli>Activate via \u003Cstrong>Plugins \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Installed Plugins\u003C\u002Fstrong>  \u003C\u002Fli>\n\u003Cli>Go to \u003Cstrong>Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Geo Blocker\u003C\u002Fstrong>  \u003C\u002Fli>\n\u003Cli>Enable Geo Blocking using the toggle  \u003C\u002Fli>\n\u003Cli>Choose between \u003Cstrong>block\u003C\u002Fstrong> or \u003Cstrong>allow\u003C\u002Fstrong> mode  \u003C\u002Fli>\n\u003Cli>Select countries using the visual interface  \u003C\u002Fli>\n\u003Cli>Pick your blocking action (message, redirect, or 403)  \u003C\u002Fli>\n\u003Cli>Save settings — done!\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>❓ Frequently Asked Questions\u003C\u002Fh3>\n\u003Ch3>How does Geo Blocker detect country?\u003C\u002Fh3>\n\u003Cp>It uses the reliable \u003Cstrong>IpWhoIs API\u003C\u002Fstrong> to fetch country data based on the visitor’s IP.\u003C\u002Fp>\n\u003Ch3>Will it slow down my site?\u003C\u002Fh3>\n\u003Cp>Nope. It’s optimized with \u003Cstrong>transient caching\u003C\u002Fstrong> and smart triggers — no unnecessary lookups.\u003C\u002Fp>\n\u003Ch3>Can I lock myself out?\u003C\u002Fh3>\n\u003Cp>No. There’s a \u003Cstrong>login bypass URL\u003C\u002Fstrong> generated for administrators — shown right on the dashboard.\u003C\u002Fp>\n\u003Ch3>Can I block specific pages?\u003C\u002Fh3>\n\u003Cp>Not yet — current version works site-wide. Per-page rules may come in a future update.\u003C\u002Fp>\n\u003Ch3>Can I export visitor logs?\u003C\u002Fh3>\n\u003Cp>Yes. Logs can be exported in \u003Cstrong>CSV or JSON\u003C\u002Fstrong> format directly from the Logs tab.\u003C\u002Fp>\n\u003Ch3>Does it work with caching plugins?\u003C\u002Fh3>\n\u003Cp>Yes, but you may need to \u003Cstrong>exclude the plugin’s logic\u003C\u002Fstrong> from caching. Dynamic geo checks should not be cached.\u003C\u002Fp>\n\u003Ch3>🗂️ Changelog\u003C\u002Fh3>\n\u003Ch4>1.0.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>🎉 Initial release with all core features\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🛡️ Additional Notes\u003C\u002Fh3>\n\u003Ch3>Emergency Bypass\u003C\u002Fh3>\n\u003Cp>Every admin gets a custom bypass link to avoid accidental lockouts. It’s always visible in the dashboard.\u003C\u002Fp>\n\u003Ch3>Blocking Actions\u003C\u002Fh3>\n\u003Cp>Choose the experience blocked users receive:\u003Cbr \u002F>\n– Custom message\u003Cbr \u002F>\n– Redirect to another URL\u003Cbr \u002F>\n– Send 403 Forbidden header\u003C\u002Fp>\n\u003Ch3>Logs & Privacy\u003C\u002Fh3>\n\u003Cp>Logs are stored locally in your WordPress database. The plugin sends only the visitor’s IP to IPWho.is — no personally identifiable information is shared or stored externally.\u003C\u002Fp>\n\u003Ch3>💡 Enjoying Geo Blocker? Try Our Other Free Plugins\u003C\u002Fh3>\n\u003Cp>Looking for even more control and peace of mind? Check out our other tools:\u003C\u002Fp>\n\u003Cp>🔕 \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnotification-blocker\u002F\" rel=\"ugc\">Notification Blocker\u003C\u002Fa>\u003C\u002Fstrong> – Hide annoying plugin notices from your dashboard without hacking core files.\u003C\u002Fp>\n\u003Cp>🛡️ \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffortress-login-pro\u002F\" rel=\"ugc\">Fortress Login Pro\u003C\u002Fa>\u003C\u002Fstrong> – Obscure your login page, add brute-force protection, and block unauthorized access attempts with ease.\u003C\u002Fp>\n\u003Cp>If you like Geo Blocker, you’ll probably find these just as helpful. Try them out!\u003C\u002Fp>\n","🔐 Block or allow visitors by country. Track access attempts. View analytics. Stay in control — effortlessly.",700,1958,100,1,"2025-05-18T22:09:00.000Z","6.8.5","5.0","7.2",[20,21,22,23,24],"access-control","country-restriction","geo-blocking","geolocation","ip-blocker","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgeo-blocker\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgeo-blocker.1.0.0.zip",0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"medshi8",2,750,96,30,91,"2026-05-19T19:22:33.623Z",[41,63,80,97,120],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":51,"num_ratings":52,"last_updated":53,"tested_up_to":54,"requires_at_least":55,"requires_php":56,"tags":57,"homepage":61,"download_link":62,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"woo-product-country-base-restrictions","Country Based Restrictions for WooCommerce","3.7.7","Zorem","https:\u002F\u002Fprofiles.wordpress.org\u002Fzorem\u002F","\u003Cp>\u003Cstrong>Country Based Restrictions for WooCommerce (CBR)\u003C\u002Fstrong> lets you control which products customers can see and purchase based on their country. Whether you need to comply with regional regulations, limit shipping to certain destinations, or create country-specific catalogs, CBR gives you per-product control using WooCommerce’s built-in geolocation.\u003C\u002Fp>\n\u003Cp>If a product shouldn’t be sold in a particular country — because of shipping limitations, legal requirements, licensing, or business strategy — CBR makes sure customers in that country either can’t see it or can’t buy it. No code required.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Hide Restricted Products Completely\u003C\u002Fstrong> — Remove products from your shop, search results, and catalog for customers in restricted countries. Products become invisible as if they don’t exist.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hide from Catalog, Keep Direct Links\u003C\u002Fstrong> — Remove products from shop pages and search, but still allow access via a direct URL. Useful for wholesale or private distribution.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Visible but Not Purchasable\u003C\u002Fstrong> — Keep products visible in your shop and search results, but disable the Add to Cart button for restricted countries. Customers can browse but not buy.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Per-Product Include or Exclude Rules\u003C\u002Fstrong> — For each product, choose whether to allow it in specific countries (include) or block it in specific countries (exclude). Flexible enough for any restriction scenario.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Country Detection\u003C\u002Fstrong> — Uses WooCommerce Geolocation (IP-based) and the customer’s shipping address to determine their country — no manual input needed from the shopper.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Translation Ready\u003C\u002Fstrong> — Fully translatable and compatible with multilingual stores.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Common Use Cases\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Legal & Regulatory Compliance\u003C\u002Fstrong> — Block products that can’t legally be sold in certain countries (alcohol, supplements, electronics, age-restricted items).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shipping Limitations\u003C\u002Fstrong> — Don’t sell products in countries your logistics provider can’t deliver to. Avoid failed deliveries and refund requests.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Regional Licensing\u003C\u002Fstrong> — Restrict digital or licensed products to territories covered by your distribution agreement.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Country-Specific Catalogs\u003C\u002Fstrong> — Show different product selections to different markets, creating a tailored shopping experience per region.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Reduce Chargebacks & Wrong Orders\u003C\u002Fstrong> — Prevent customers from ordering products that can’t be fulfilled in their location.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How Country Detection Works\u003C\u002Fh4>\n\u003Cp>CBR determines the customer’s country in this order:\u003C\u002Fp>\n\u003Col>\n\u003Cli>If the visitor is a \u003Cstrong>logged-in customer\u003C\u002Fstrong> with a shipping address on file, CBR uses that shipping country.\u003C\u002Fli>\n\u003Cli>If no shipping country is set (or the visitor is a guest), CBR falls back to \u003Cstrong>WooCommerce Geolocation\u003C\u002Fstrong> (IP-based detection).\u003C\u002Fli>\n\u003Cli>You can optionally force the plugin to always use geolocation only.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Upgrade to Country Based Restrictions PRO\u003C\u002Fh4>\n\u003Cp>Need to manage restrictions at scale? \u003Ca href=\"https:\u002F\u002Fwww.zorem.com\u002Fproduct\u002Fcountry-based-restriction-pro\u002F\" rel=\"nofollow ugc\">CBR PRO\u003C\u002Fa> adds powerful bulk tools and advanced controls:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Bulk Restrictions by Category, Tag, Attribute, or Shipping Class\u003C\u002Fstrong> — Apply country rules to entire groups of products at once instead of editing each product individually.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Global (All Products) Restrictions\u003C\u002Fstrong> — Set a single rule that applies to your entire catalog.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Payment Methods by Country\u003C\u002Fstrong> — Control which payment gateways are available based on the customer’s country.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hide Product Prices for Restricted Products\u003C\u002Fstrong> — Instead of hiding the product entirely, hide only the price and Add to Cart button.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove Single Product Rules in Bulk\u003C\u002Fstrong> — Clean up individual product rules using bulk actions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Debug Mode\u003C\u002Fstrong> — Display a front-end toolbar (visible to admins only) showing the detected country, so you can test restrictions without affecting customers.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Country Detection Widget\u003C\u002Fstrong> — Display the detected shipping country to shoppers and let them change their location while browsing.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.zorem.com\u002Fproduct\u002Fcountry-based-restriction-pro\u002F\" rel=\"nofollow ugc\">Get Country Based Restrictions PRO\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Documentation & Support\u003C\u002Fh4>\n\u003Cp>Setup guides, configuration tutorials, and developer resources are available in the \u003Ca href=\"https:\u002F\u002Fdocs.zorem.com\u002Fdocs\u002Fcountry-based-restrictions-pro\u002F\" rel=\"nofollow ugc\">CBR documentation\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Need help? Visit the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwoo-product-country-base-restrictions\u002F\" rel=\"ugc\">support forum\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>More Plugins by Zorem\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.zorem.com\u002Fproduct\u002Fwoocommerce-advanced-shipment-tracking\u002F\" rel=\"nofollow ugc\">Advanced Shipment Tracking PRO\u003C\u002Fa> — Add tracking numbers to orders and share them with customers automatically.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzorem.com\u002Fplugins\u002Fsms-for-woocommerce\u002F\" rel=\"nofollow ugc\">SMS for WooCommerce\u003C\u002Fa> — Send SMS order notifications to customers.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzorem.com\u002Fplugins\u002Fzorem-local-pickup-pro\u002F\" rel=\"nofollow ugc\">Zorem Local Pickup Pro\u003C\u002Fa> — Local pickup and store pickup for WooCommerce.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzorem.com\u002Fplugins\u002Fcustomer-email-verification-for-woocommerce\u002F\" rel=\"nofollow ugc\">Customer Email Verification for WooCommerce\u003C\u002Fa> — Verify customer emails during registration.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzorem.com\u002Fplugins\u002Fzorem-returns\u002F\" rel=\"nofollow ugc\">Zorem Returns\u003C\u002Fa> — Manage product returns and RMA requests.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Explore all plugins at \u003Ca href=\"https:\u002F\u002Fwww.zorem.com\u002F\" rel=\"nofollow ugc\">zorem.com\u003C\u002Fa>.\u003C\u002Fp>\n","Restrict WooCommerce products by country — hide or block purchases using geolocation so only customers in allowed countries can buy.",5000,225408,90,52,"2026-02-10T13:26:00.000Z","6.9.4","5.3","7.0",[21,23,58,59,60],"product-visibility","restrict-products","woocommerce","https:\u002F\u002Fwww.zorem.com\u002Fshop\u002Fwoocommerce-product-country-based-restrictions\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoo-product-country-base-restrictions.3.7.7.zip",{"slug":64,"name":65,"version":66,"author":67,"author_profile":68,"description":69,"short_description":70,"active_installs":71,"downloaded":72,"rating":13,"num_ratings":34,"last_updated":73,"tested_up_to":54,"requires_at_least":17,"requires_php":74,"tags":75,"homepage":74,"download_link":79,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"country-access-blocker","Country Access Blocker","1.6","Valeri Kluger","https:\u002F\u002Fprofiles.wordpress.org\u002Fvalerikluger\u002F","\u003Cp>Country Access Blocker lets you restrict or allow access to your WordPress site based on visitor countries.\u003C\u002Fp>\n\u003Cp>Features:\u003Cbr \u002F>\n* Block visitors from specific countries\u003Cbr \u002F>\n* Clean, GDPR-compliant country list\u003Cbr \u002F>\n* Easy admin interface to configure blocked countries\u003Cbr \u002F>\n* Enable or disable IP-based country blocking with one checkbox\u003Cbr \u002F>\n* No external dependencies or WooCommerce required\u003Cbr \u002F>\n* Uses ip-api.com free API for geolocation\u003C\u002Fp>\n\u003Cp>This plugin is ideal if you want to restrict access from certain countries or comply with geo-based regulations.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPLv2 or later.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For support or bug reports, please open an issue on the plugin’s GitHub repository or contact the author.\u003C\u002Fp>\n","Block or allow website visitors from specific countries based on IP geolocation.",600,2056,"2026-01-24T22:53:00.000Z","",[76,77,78,22,24],"block-country","block-ip","country-blocker","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcountry-access-blocker.1.6.zip",{"slug":81,"name":82,"version":66,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":27,"num_ratings":27,"last_updated":89,"tested_up_to":56,"requires_at_least":17,"requires_php":90,"tags":91,"homepage":74,"download_link":95,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":96},"restrict-admin-login-by-country-grc","Restrict Admin Login by Country – GRC","Robert G.","https:\u002F\u002Fprofiles.wordpress.org\u002Frobertutzu\u002F","\u003Cp>This plugin protects your WordPress login area by restricting access to specific countries based on geolocation. It is especially useful for hardening security for roles such as administrator, shop manager, editor, and author.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Restricts logins for admin, shop manager, editor, and author roles based on IP geolocation.  \u003C\u002Fli>\n\u003Cli>Automatically whitelists the country where the plugin was first activated.  \u003C\u002Fli>\n\u003Cli>Settings page to manually select allowed countries.  \u003C\u002Fli>\n\u003Cli>Dynamically fetches a list of countries via a public API.  \u003C\u002Fli>\n\u003Cli>Lightweight and easy to configure.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Powered by \u003Ca href=\"https:\u002F\u002Fipinfo.io\" rel=\"nofollow ugc\">ipinfo.io\u003C\u002Fa> for IP geolocation detection.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin relies on two external services to function properly. These services are used to identify user locations and provide country data for configuration purposes.\u003C\u002Fp>\n\u003Ch3>1. ipinfo.io\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>What is the service used for?\u003C\u002Fstrong>\u003Cbr \u002F>\n– Used to determine the geolocation (specifically, the country) of an IP address attempting to log in.\u003Cbr \u002F>\n– Ensures that only users from allowed countries can log in as administrator, shop manager, editor, or author.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What data is sent and when?\u003C\u002Fstrong>\u003Cbr \u002F>\n– The plugin sends the IP address of the user attempting to log in to \u003Ccode>ipinfo.io\u003C\u002Fcode> at the time of login.\u003Cbr \u002F>\n– This is done in real time to determine the user’s country and enforce access rules.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Service Provider:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Website: \u003Ca href=\"https:\u002F\u002Fipinfo.io\" rel=\"nofollow ugc\">https:\u002F\u002Fipinfo.io\u003C\u002Fa>\u003Cbr \u002F>\n– Terms of Service: \u003Ca href=\"https:\u002F\u002Fipinfo.io\u002Fterms\" rel=\"nofollow ugc\">https:\u002F\u002Fipinfo.io\u002Fterms\u003C\u002Fa>\u003Cbr \u002F>\n– Privacy Policy: \u003Ca href=\"https:\u002F\u002Fipinfo.io\u002Fprivacy-policy\" rel=\"nofollow ugc\">https:\u002F\u002Fipinfo.io\u002Fprivacy-policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>2. restcountries.com\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>What is the service used for?\u003C\u002Fstrong>\u003Cbr \u002F>\n– Used to dynamically fetch the list of countries (with country codes and names) displayed in the plugin settings.\u003Cbr \u002F>\n– Allows users to easily select which countries should be allowed for admin login access.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What data is sent and when?\u003C\u002Fstrong>\u003Cbr \u002F>\n– No user data is sent.\u003Cbr \u002F>\n– The plugin performs a GET request to \u003Ccode>https:\u002F\u002Frestcountries.com\u002Fv3.1\u002Fall?fields=cca2,name\u003C\u002Fcode> to fetch a list of country codes and names during plugin settings initialization.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Service Provider:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Website: \u003Ca href=\"https:\u002F\u002Frestcountries.com\" rel=\"nofollow ugc\">https:\u002F\u002Frestcountries.com\u003C\u002Fa>\u003Cbr \u002F>\n– API Documentation: \u003Ca href=\"https:\u002F\u002Frestcountries.com\u002F#api-endpoints-v3-all\" rel=\"nofollow ugc\">https:\u002F\u002Frestcountries.com\u002F#api-endpoints-v3-all\u003C\u002Fa>\u003Cbr \u002F>\n– No specific privacy policy is published, as this is a public API that does not handle user-specific data.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPLv2 or later. See \u003Ca href=\"https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\u003C\u002Fa> for details.\u003C\u002Fp>\n","Restrict admin, shop manager, editor, and author logins based on the user’s country. Automatically blocks access from non-authorized locations.",10,456,"2026-02-20T12:22:00.000Z","7.4",[92,21,23,93,94],"admin-login","ipinfo","security","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frestrict-admin-login-by-country-grc.1.6.zip","2026-04-06T09:54:40.288Z",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":36,"num_ratings":107,"last_updated":108,"tested_up_to":54,"requires_at_least":109,"requires_php":90,"tags":110,"homepage":115,"download_link":116,"security_score":117,"vuln_count":118,"unpatched_count":27,"last_vuln_date":119,"fetched_at":29},"wp-slimstat","SlimStat Analytics","5.4.9","VeronaLabs","https:\u002F\u002Fprofiles.wordpress.org\u002Fveronalabs\u002F","\u003Cp>Track returning customers and registered users, monitor Javascript events, detect intrusions, analyze email campaigns. Thousands of WordPress sites are already using it.\u003C\u002Fp>\n\u003Ch4>Main Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Real-Time Access Log\u003C\u002Fstrong>: measure server latency, track page events, keep an eye on your bounce rate and much more.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin Bar Stats\u003C\u002Fstrong>: view real-time site stats directly from the WordPress admin bar — online visitors, pageviews, and top pages at a glance.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shortcodes\u003C\u002Fstrong>: display reports in widgets or directly in posts and pages.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customize Reports\u003C\u002Fstrong>: Customize all pages—Real-time, Overview, Audience, Site Analysis, and Traffic Sources—to fit your needs easily!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>GDPR\u003C\u002Fstrong>: fully compliant with GDPR European law. Integrates seamlessly with WP Consent API. Consent banner translatable with WPML and Polylang.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Filters\u003C\u002Fstrong>: exclude users from statistics collection based on various criteria, including user roles, common robots, IP subnets, admin pages, country, etc.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Export to Excel\u003C\u002Fstrong>: download your reports as CSV files, generate user heatmaps or get daily emails right in your mailbox (via Pro).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cache\u003C\u002Fstrong>: compatible with W3 Total Cache, WP SuperCache, CloudFlare and most caching plugins.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy\u003C\u002Fstrong>: hash IP addresses to protect your users’ privacy.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Geolocation\u003C\u002Fstrong>: identify your visitors by city and country, browser type and operating system (courtesy of \u003Ca href=\"https:\u002F\u002Fwww.maxmind.com\u002F\" rel=\"nofollow ugc\">MaxMind\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fbrowscap.org\" rel=\"nofollow ugc\">Browscap\u003C\u002Fa>).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>World Map\u003C\u002Fstrong>: see where your visitors are coming from, even on your mobile device (courtesy of \u003Ca href=\"https:\u002F\u002Fgithub.com\u002F10bestdesign\u002Fjqvmap\" rel=\"nofollow ugc\">JQVMap\u003C\u002Fa>).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Pro Pack Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Network Analytics\u003C\u002Fstrong>: Enable a network-wide view of your reports and settings.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email Reports\u003C\u002Fstrong>: Receive your reports directly in your mailbox with customizable column mappings and HTML tables.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Export to Excel\u003C\u002Fstrong>: Download your reports as CSV files.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Heatmap\u003C\u002Fstrong>: Display a heatmap layer of the most clicked areas on your website.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Overview\u003C\u002Fstrong>: Monitor your registered users by tracking their activities and time on site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Avatars\u003C\u002Fstrong>: Gravatar integration in the User Overview report for quick visitor identification.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>MaxMind Integration\u003C\u002Fstrong>: Connect to MaxMind’s Geolocation API to retrieve detailed information about your visitors.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom DB\u003C\u002Fstrong>: Use an external database to store all the information about your visitors.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Extended Overview\u003C\u002Fstrong>: Add custom columns to the User Overview widget and export file.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 5.6+\u003C\u002Fli>\n\u003Cli>PHP 7.4+\u003C\u002Fli>\n\u003Cli>MySQL 5.0.3+\u003C\u002Fli>\n\u003Cli>At least 5 MB of free web space (240 MB if you plan on using the external libraries for geolocation and browser detection)\u003C\u002Fli>\n\u003Cli>At least 10 MB of free DB space\u003C\u002Fli>\n\u003Cli>At least 32 Mb of free PHP memory for the tracker (peak memory usage)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Please note\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>If you decide to uninstall Slimstat Analytics, all the stats will be \u003Cstrong>PERMANENTLY\u003C\u002Fstrong> deleted from your database. Make sure to setup a database backup (wp_slim_*) to avoid losing your data.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Report Bugs\u003C\u002Fh4>\n\u003Cp>Having trouble with a bug? Please \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwp-slimstat\u002Fwp-slimstat\u002Fissues\u002Fnew\" rel=\"nofollow ugc\">create an issue\u003C\u002Fa> on GitHub. Kindly note that \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwp-slimstat\u002Fwp-slimstat\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa> is exclusively for bug reports; other inquiries will be closed.\u003C\u002Fp>\n\u003Cp>For security vulnerabilities, please report them through the \u003Ca href=\"https:\u002F\u002Fpatchstack.com\u002Fdatabase\u002Fwordpress\u002Fplugin\u002Fwp-slimstat\u002Fvdp\" rel=\"nofollow ugc\">Patchstack Vulnerability Disclosure Program\u003C\u002Fa>. The Patchstack team will validate, triage, and handle any security issues.\u003C\u002Fp>\n","The leading web analytics plugin for WordPress",80000,7116699,817,"2026-04-03T17:44:00.000Z","5.6",[111,23,112,113,114],"analytics","reports","statistics","tracking","https:\u002F\u002Fwp-slimstat.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-slimstat.5.4.9.zip",88,24,"2026-03-18 00:00:00",{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":128,"downloaded":129,"rating":130,"num_ratings":131,"last_updated":132,"tested_up_to":16,"requires_at_least":133,"requires_php":90,"tags":134,"homepage":139,"download_link":140,"security_score":141,"vuln_count":142,"unpatched_count":27,"last_vuln_date":143,"fetched_at":29},"content-control","Content Control – The Ultimate Content Restriction Plugin! Restrict Content, Create Conditional Blocks & More","2.6.5","Daniel Iser","https:\u002F\u002Fprofiles.wordpress.org\u002Fdanieliser\u002F","\u003Cp>Content Control is a transformative plugin, allowing you to fine-tune every aspect of your WordPress website’s content. Decide who gets to see what, where, and when – be it pages, posts, widgets, or individual block visibility using our handy shortcode. Your content, your rules, executed perfectly!\u003C\u002Fp>\n\u003Cp>Content Control is intuitive and powerful, designed for all users—whether logged in, holding specific roles, or even guests. Need top-tier content restriction or a dependable access manager for your site? Look no further. We’ve expanded our controls to include Gutenberg and Full Site Editor, giving you unmatched command.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cp>Discover what Content Control brings to your table:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Full control over your site’s content, restrict user access with ease!.\u003C\u002Fli>\n\u003Cli>Create a \u003Cstrong>Paid Membership\u003C\u002Fstrong> sites using your favorite or existing ecommerce plugins.\u003C\u002Fli>\n\u003Cli>Set up a seamless paywall for your content, providing teasers for users and prompting them to purchase access.\u003C\u002Fli>\n\u003Cli>Per block controls for Gutenberg and Full Site Editor, including user roles, device type, and more.\n\u003Cul>\n\u003Cli>Responsive block controls with customizable breakpoints.\u003C\u002Fli>\n\u003Cli>Control block visibility by user status, roles, device type & more.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Restrict access to pages, posts, widgets, and individual blocks based on user status, roles, device type & more.\u003C\u002Fli>\n\u003Cli>Offer membership tools for crafting membership access and members-only content.\u003C\u002Fli>\n\u003Cli>Provide responsive block designs that adapt to varying device sizes.\u003C\u002Fli>\n\u003Cli>Lockdown content selectively for improved user experiences.\u003C\u002Fli>\n\u003Cli>Implement role-based redirections to guide users effectively.\u003C\u002Fli>\n\u003Cli>Unlock the power of subscription content and monetization strategies.\u003C\u002Fli>\n\u003Cli>Safeguard specific categories, tags, custom post types, and custom taxonomies.\u003C\u002Fli>\n\u003Cli>Manage access to \u003Ca href=\"https:\u002F\u002Fwww.hongkiat.com\u002Fblog\u002Fwordpress-attachment-pages\u002F\" rel=\"nofollow ugc\">media attachment pages\u003C\u002Fa> for logged in\u002Fout users or specific user roles.\u003C\u002Fli>\n\u003Cli>Display a custom message to users who do not have permission to view the content.\u003C\u002Fli>\n\u003Cli>Display specific content on a page or post to logged in users only, specific user roles, or logged out users.\u003C\u002Fli>\n\u003Cli>Redirect users without access permission to a login page, website homepage, or a custom URL.\u003C\u002Fli>\n\u003Cli>Highlight subscriber-only content for premium users.\u003C\u002Fli>\n\u003Cli>Use the \u003Ccode>[content_control]\u003C\u002Fcode> shortcode to protect content inline and cater to subscriber preferences.\u003C\u002Fli>\n\u003Cli>Control widget visibility by selecting the user type that can view each widget.\u003C\u002Fli>\n\u003Cli>Conditionally show coming soon or maintenance mode pages based on various rules.\u003C\u002Fli>\n\u003Cli>Restrict access to your site’s REST API endpoints.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fcontentcontrolplugin.com\u002Fdocs\u002F?utm_campaign=plugin-info&utm_source=readme-description&utm_medium=wordpress&utm_content=documentation-link\" rel=\"nofollow ugc\">Content Control Documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Pro Features\u003C\u002Fh4>\n\u003Cp>Content Control Pro, with advanced features like:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Content Teasers for Paywalls, giving your users a sneak peek, leaving them wanting more.\u003C\u002Fli>\n\u003Cli>Optimize your WooCommerce & Easy Digital Downloads (EDD) & Paid Memberships Pro experiences with advanced rules.\u003C\u002Fli>\n\u003Cli>Schedule blocks, controlling content visibility timings using customizable scheduling rules.\u003C\u002Fli>\n\u003Cli>Dive deeper with advanced block rules and a boolean editor.\u003C\u002Fli>\n\u003Cli>Customize login, registration & recovery page urls. Custom login urls give a more personalized user experience.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fcontentcontrolplugin.com\u002Fpricing\u002F?utm_campaign=plugin-info&utm_source=readme-description&utm_medium=wordpress&utm_content=upgrade-link\" rel=\"nofollow ugc\">Upgrade to Content Control Pro\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note\u003C\u002Fstrong>: Content Control handles media access via content on media attachment pages but won’t restrict direct server-level access to media files.\u003C\u002Fp>\n\u003Ch4>Passionately Crafted by Code Atlantic\u003C\u002Fh4>\n\u003Cp>At \u003Ca href=\"https:\u002F\u002Fcode-atlantic.com\" title=\"Code Atlantic - High Quality WordPress Plugins\" rel=\"nofollow ugc\">Code Atlantic\u003C\u002Fa>, we’re passionate about crafting tools that empower your digital journey. Content Control is a testament to our commitment to quality.\u003C\u002Fp>\n\u003Cp>Dive into some of our renowned plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwppopupmaker.com\" title=\"#1 Popup & Marketing Plugin for WordPress\" rel=\"nofollow ugc\">Popup Maker\u003C\u002Fa>\u003C\u002Fstrong> – The #1 Popup & Marketing Plugin for WordPress\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fuser-menus\u002F\" title=\"Show, Hide & Customize Menu Items For Different Users\" rel=\"ugc\">User Menus\u003C\u002Fa>\u003C\u002Fstrong> – Innovatively Show, Hide & Customize Menu Items\u003C\u002Fli>\n\u003C\u002Ful>\n","Restrict content based on login status, user roles, device type & more. Monetize your content with a paywall or members-only content.",40000,874416,98,575,"2025-05-27T08:57:00.000Z","6.2",[20,135,136,137,138],"content-restriction","maintenance-mode","members-only","membership","https:\u002F\u002Fcontentcontrolplugin.com\u002F?utm_campaign=plugin-info&utm_source=php-file-header&utm_medium=plugin-ui&utm_content=plugin-uri","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontent-control.2.6.5.zip",97,4,"2025-05-07 00:00:00",{"attackSurface":145,"codeSignals":151,"taintFlows":292,"riskAssessment":311,"analyzedAt":328},{"hooks":146,"ajaxHandlers":147,"restRoutes":148,"shortcodes":149,"cronEvents":150,"entryPointCount":27,"unprotectedCount":27},[],[],[],[],[],{"dangerousFunctions":152,"sqlUsage":153,"outputEscaping":170,"fileOperations":14,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":288},[],{"prepared":154,"raw":142,"locations":155},36,[156,160,162,166],{"file":157,"line":158,"context":159},"includes\\Admin\\ActionHandler.php",80,"$wpdb->get_results() with variable interpolation",{"file":157,"line":161,"context":159},173,{"file":163,"line":164,"context":165},"includes\\Admin\\AdminPage.php",716,"$wpdb->get_var() with variable interpolation",{"file":167,"line":168,"context":169},"uninstall.php",34,"$wpdb->query() with variable interpolation",{"escaped":142,"rawEcho":171,"locations":172},62,[173,177,179,182,184,186,188,189,190,191,192,194,196,197,199,201,202,204,206,208,210,212,214,216,218,220,222,224,226,227,229,231,232,234,236,238,239,241,242,243,244,246,248,250,252,254,256,259,261,262,264,266,268,270,271,273,275,277,279,281,283,285],{"file":174,"line":175,"context":176},"admin\\views\\tab-blocking-rules.php",105,"raw output",{"file":174,"line":178,"context":176},115,{"file":180,"line":181,"context":176},"admin\\views\\tab-dashboard.php",16,{"file":180,"line":183,"context":176},19,{"file":180,"line":185,"context":176},20,{"file":180,"line":187,"context":176},23,{"file":180,"line":187,"context":176},{"file":180,"line":118,"context":176},{"file":180,"line":118,"context":176},{"file":180,"line":37,"context":176},{"file":180,"line":193,"context":176},32,{"file":180,"line":195,"context":176},35,{"file":180,"line":154,"context":176},{"file":180,"line":198,"context":176},39,{"file":180,"line":200,"context":176},42,{"file":180,"line":200,"context":176},{"file":180,"line":203,"context":176},45,{"file":180,"line":205,"context":176},57,{"file":180,"line":207,"context":176},60,{"file":180,"line":209,"context":176},61,{"file":180,"line":211,"context":176},69,{"file":180,"line":213,"context":176},70,{"file":180,"line":215,"context":176},73,{"file":180,"line":217,"context":176},74,{"file":180,"line":219,"context":176},82,{"file":180,"line":221,"context":176},83,{"file":180,"line":223,"context":176},86,{"file":180,"line":225,"context":176},87,{"file":180,"line":36,"context":176},{"file":180,"line":228,"context":176},101,{"file":180,"line":230,"context":176},104,{"file":180,"line":175,"context":176},{"file":180,"line":233,"context":176},106,{"file":180,"line":235,"context":176},107,{"file":180,"line":237,"context":176},113,{"file":180,"line":237,"context":176},{"file":180,"line":240,"context":176},114,{"file":180,"line":240,"context":176},{"file":180,"line":178,"context":176},{"file":180,"line":178,"context":176},{"file":180,"line":245,"context":176},116,{"file":180,"line":247,"context":176},117,{"file":180,"line":249,"context":176},118,{"file":180,"line":251,"context":176},127,{"file":180,"line":253,"context":176},128,{"file":180,"line":255,"context":176},132,{"file":257,"line":258,"context":176},"admin\\views\\tab-logs-display.php",28,{"file":257,"line":260,"context":176},40,{"file":257,"line":52,"context":176},{"file":257,"line":263,"context":176},64,{"file":257,"line":265,"context":176},167,{"file":257,"line":267,"context":176},199,{"file":257,"line":269,"context":176},202,{"file":157,"line":245,"context":176},{"file":157,"line":272,"context":176},184,{"file":163,"line":274,"context":176},443,{"file":163,"line":276,"context":176},515,{"file":163,"line":278,"context":176},529,{"file":163,"line":280,"context":176},550,{"file":163,"line":282,"context":176},551,{"file":163,"line":284,"context":176},552,{"file":286,"line":287,"context":176},"includes\\Plugin.php",228,[289],{"name":290,"version":28,"knownCves":291},"Select2",[],[293],{"entryPoint":294,"graph":295,"unsanitizedCount":14,"severity":310},"\u003Ctab-logs-display> (admin\\views\\tab-logs-display.php:0)",{"nodes":296,"edges":307},[297,302],{"id":298,"type":299,"label":300,"file":257,"line":301},"n0","source","$_GET",158,{"id":303,"type":304,"label":305,"file":257,"line":265,"wp_function":306},"n1","sink","echo() [XSS]","echo",[308],{"from":298,"to":303,"sanitized":309},false,"low",{"summary":312,"deductions":313},"The \"geo-blocker\" v1.0.0 plugin exhibits a mixed security posture.  On the positive side, the static analysis shows a very small attack surface with no apparent entry points that are unprotected.  The plugin also appears to handle SQL queries predominantly using prepared statements, which is a good practice for preventing SQL injection.  Furthermore, there is no recorded vulnerability history, suggesting a history of stable and secure releases.\n\nHowever, there are significant concerns regarding output escaping and taint analysis. Only 6% of output escapes are properly handled, leaving a high likelihood of Cross-Site Scripting (XSS) vulnerabilities.  The taint analysis revealed one flow with unsanitized paths, which, while not classified as critical or high severity in this specific instance, points to a potential for injection attacks if an attacker can control the input that feeds this flow.  The complete lack of nonce checks and capability checks, coupled with file operations, raises flags for potential unauthorized actions or privilege escalation, especially if combined with other vulnerabilities.\n\nIn conclusion, while the plugin has a clean vulnerability history and a well-contained attack surface, the critical deficiency in output escaping and the presence of unsanitized taint flows represent serious security weaknesses. The absence of nonce and capability checks further exacerbates these risks. These areas require immediate attention to mitigate potential exploitation.",[314,317,320,323,325],{"reason":315,"points":316},"Output escaping is severely lacking (94% not properly escaped)",18,{"reason":318,"points":319},"Taint analysis shows unsanitized path flow",8,{"reason":321,"points":322},"No nonce checks implemented",5,{"reason":324,"points":322},"No capability checks implemented",{"reason":326,"points":327},"Bundled library (Select2) may be outdated",3,"2026-03-16T19:25:26.365Z",{"wat":330,"direct":353},{"assetPaths":331,"generatorPatterns":341,"scriptPaths":342,"versionParams":343},[332,333,334,335,336,337,338,339,340],"\u002Fwp-content\u002Fplugins\u002Fgeo-blocker\u002Fadmin\u002Fcss\u002Fmedshi-geo-block-admin.css","\u002Fwp-content\u002Fplugins\u002Fgeo-blocker\u002Fadmin\u002Fcss\u002Fselect2.min.css","\u002Fwp-content\u002Fplugins\u002Fgeo-blocker\u002Fadmin\u002Fjs\u002Fmedshi-geo-block-admin.js","\u002Fwp-content\u002Fplugins\u002Fgeo-blocker\u002Fadmin\u002Fjs\u002Fselect2.full.min.js","\u002Fwp-content\u002Fplugins\u002Fgeo-blocker\u002Fadmin\u002Fjs\u002Fchart.min.js","\u002Fwp-content\u002Fplugins\u002Fgeo-blocker\u002Fadmin\u002Fjs\u002Fchartjs-adapter-date-fns.min.js","\u002Fwp-content\u002Fplugins\u002Fgeo-blocker\u002Fadmin\u002Fjs\u002Fmoment.min.js","\u002Fwp-content\u002Fplugins\u002Fgeo-blocker\u002Fadmin\u002Fjs\u002Fchartjs-plugin-datalabels.min.js","\u002Fwp-content\u002Fplugins\u002Fgeo-blocker\u002Fadmin\u002Fjs\u002Fmedshi-geo-blocker-settings.js",[],[334,335,336,337,338,339,340],[344,345,346,347,348,349,350,351,352],"geo-blocker\u002Fadmin\u002Fcss\u002Fmedshi-geo-block-admin.css?ver=","geo-blocker\u002Fadmin\u002Fcss\u002Fselect2.min.css?ver=","geo-blocker\u002Fadmin\u002Fjs\u002Fmedshi-geo-block-admin.js?ver=","geo-blocker\u002Fadmin\u002Fjs\u002Fselect2.full.min.js?ver=","geo-blocker\u002Fadmin\u002Fjs\u002Fchart.min.js?ver=","geo-blocker\u002Fadmin\u002Fjs\u002Fchartjs-adapter-date-fns.min.js?ver=","geo-blocker\u002Fadmin\u002Fjs\u002Fmoment.min.js?ver=","geo-blocker\u002Fadmin\u002Fjs\u002Fchartjs-plugin-datalabels.min.js?ver=","geo-blocker\u002Fadmin\u002Fjs\u002Fmedshi-geo-blocker-settings.js?ver=",{"cssClasses":354,"htmlComments":356,"htmlAttributes":357,"restEndpoints":359,"jsGlobals":361,"shortcodeOutput":364},[355],"medshi-geo-blocker-settings",[],[358],"data-geo-blocker-url",[360],"\u002Fwp-json\u002Fmedshi-geo-blocker\u002Fv1\u002Fsettings",[362,363],"MedshiGeoBlockerAdmin","medshi_geo_blocker_ajax_object",[],{"error":366,"url":367,"statusCode":368,"statusMessage":369,"message":369},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fgeo-blocker\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":14,"versions":371},[372],{"version":6,"download_url":26,"svn_tag_url":373,"released_at":28,"has_diff":309,"diff_files_changed":374,"diff_lines":28,"trac_diff_url":28,"vulnerabilities":375,"is_current":366},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fgeo-blocker\u002Ftags\u002F1.0.0\u002F",[],[]]