[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fyYH9JSoYunfZTRUfNKtGIKTeqXzGh-cuZSFrUbcBzSI":3,"$fTMd3l2veG9M_r_nWVM_4hNURO1MkjYnnvIhEXkday_k":371,"$fxXnq5TsW_Zi4hVtCBODaGnn61M1fi0IYuTaOyZPrnLk":375},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":31,"crawl_stats":27,"alternatives":38,"analysis":147,"fingerprints":343},"geo-location","Geo Location","2.5.1","UjW0L","https:\u002F\u002Fprofiles.wordpress.org\u002Fujw0l\u002F","\u003Cp>This plugin lets you track vistors IP and Map them in Bing Map, or just can be use in backend only. Good for tracking website activities based on geographical region.\u003C\u002Fp>\n\u003Cp>This plugin also lets you block users based on IP address from admin menu.\u003C\u002Fp>\n\u003Cp>You can also use it with out IPinfoDB API key, just to block IP address, however Location functionality will not work.\u003C\u002Fp>\n\u003Cp>It displays all of the unique vistiors on the bing map\u003C\u002Fp>\n\u003Cp>You need to get IPinfobd API key from\u003Cbr \u002F>\nhttps:\u002F\u002Fipinfodb.com\u002Fregister.php\u003C\u002Fp>\n\u003Cp>Bing Map API key from(Developers have option of getting free key)\u003Cbr \u002F>\nhttps:\u002F\u002Fwww.microsoft.com\u002Fen-us\u002Fmaps\u002Fchoose-your-bing-maps-api\u003C\u002Fp>\n\u003Cp>Note:\u003C\u002Fp>\n","Plugin that that collect geological info of visitors and display them in Bing Map and gives admin ability to block them.",20,5794,0,"2024-08-27T03:20:00.000Z","4.9.29","3.5","",[19,20,21,22,23],"bing-map","ip-tracking","mapping","tracking","visitor","https:\u002F\u002Fgithub.com\u002Fujw0l\u002Fgeo_location","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgeo-location.zip",92,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":11,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"ujw0l",1910,98,30,93,"2026-05-20T01:12:33.817Z",[39,62,80,105,126],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":17,"tags":54,"homepage":59,"download_link":60,"security_score":61,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"lead-forensics-roi","Lead Forensics","3.3.11","Lead Forensics Wordpress Plugin Support","https:\u002F\u002Fprofiles.wordpress.org\u002Fleadforensicspluginsupport\u002F","\u003Cp>Lead Forensics helps you to turn your anonymous website visitors into paying customers. Our business database is the biggest in the world, so every visitor who lands on your site becomes a potential lead.\u003Cbr \u002F>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FcWOONn32qtM?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Identify your anonymous business visitors and access their business name, telephone number, address, industry and company size. Close sales you never knew you had since 98% of businesses don’t make an enquiry. Take action on leads before your competitors, create watch lists and even assign leads by geography. Increase your online ROI by getting more leads out of your site.  On top of all that you can improve relationships with your current clients by setting alerts as they visit your site and review additional product or service offerings.\u003C\u002Fp>\n","Lead Forensics helps you to turn your anonymous website visitors into paying customers. Our business database is the biggest in the world, so every vi &hellip;",8000,102453,80,4,"2025-06-20T09:32:00.000Z","6.8.5","3.0",[55,56,20,57,58],"anonymous-visitors","b2b","lead-forensics","leadforensics","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flead-forensics-roi\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flead-forensics-roi.3.3.11.zip",100,{"slug":63,"name":64,"version":65,"author":66,"author_profile":67,"description":68,"short_description":69,"active_installs":49,"downloaded":70,"rating":13,"num_ratings":13,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":17,"tags":74,"homepage":77,"download_link":78,"security_score":79,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"clickback-web-tracker","Clickback","2.05","cbmfoerster","https:\u002F\u002Fprofiles.wordpress.org\u002Fcbmfoerster\u002F","\u003Cp>Clickback is website visitor identification software that provides you with the names of companies that visit your website, but don’t convert. This allows you to turn anonymous visits into sales prospects. This plugin lets you easily add your unique Clickback tracking code into the header of your WordPress site.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>Fill your sales funnel with the 98% of website visitors that don’t contact you by identifying key decision-makers who work at the companies that visit your website. Have your sales team follow up with early-stage prospects before your competitors do. You can create automated email notifications to manage your pipeline more efficiently because you’ll know when a current prospect revisits your site. Take advantage of our sophisticated website visitor identification software that shows you leads, not just analytics (such as IP addresses), so you can grow your revenue.\u003C\u002Fp>\n\u003Cp>You can learn more about the Clickback visitor identification software on their \u003Ca href=\"https:\u002F\u002Fwww.clickback.com\u002Fwebsite-lead-generation-software\u002F\" rel=\"nofollow ugc\">official website\u003C\u002Fa>.\u003C\u002Fp>\n","Clickback adds a small line of code to your WordPress site so you can identify companies who have visited your website but haven't converted.",2499,"2021-03-03T13:19:00.000Z","5.7.0","4.0",[55,56,75,76,20],"click-back","clickback","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fclickback-web-tracker","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclickback-web-tracker.zip",85,{"slug":81,"name":82,"version":83,"author":81,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":89,"num_ratings":90,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":94,"tags":95,"homepage":17,"download_link":101,"security_score":102,"vuln_count":103,"unpatched_count":13,"last_vuln_date":104,"fetched_at":28},"pure-chat","Pure Chat – Live Chat & More!","2.41","https:\u002F\u002Fprofiles.wordpress.org\u002Fpure-chat\u002F","\u003Cp>Pure Chat is a Live Chat plugin for WordPress. It offers unlimited chats. All chat widget customizations, transcript history, triggers, email forms (when unavailable), etc.\u003C\u002Fp>\n\u003Cp>Pure Chat PRO offers realtime analytics, visitor tracking and contact tracking features. Start your free-trial and get all the features of the PRO plan for 30 days free!\u003C\u002Fp>\n\u003Cp>For more information, visit \u003Ca href=\"https:\u002F\u002Fwww.purechat.com\" title=\"Pure Chat\" rel=\"nofollow ugc\">PureChat.com\u003C\u002Fa>\u003C\u002Fp>\n","Pure Chat provides a Live Chat plugin with Unlimited Chats for your website!",3000,247625,82,45,"2025-02-24T19:19:00.000Z","6.7.5","3.0.1","5.3.0",[96,97,98,99,100],"chat-widget","live-chat","purechat","visitor-tracking","wordpress-chat","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpure-chat.2.41.zip",90,3,"2025-02-18 19:21:46",{"slug":106,"name":107,"version":108,"author":109,"author_profile":110,"description":111,"short_description":112,"active_installs":113,"downloaded":114,"rating":102,"num_ratings":11,"last_updated":115,"tested_up_to":116,"requires_at_least":117,"requires_php":118,"tags":119,"homepage":124,"download_link":125,"security_score":61,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"tracemyip-visitor-analytics-ip-tracking-control","Trace My IP – Visitor IP Tracker, Stats Analytics & Page Views Counter with Email Alerts","2.72","TraceMyIP","https:\u002F\u002Fprofiles.wordpress.org\u002Ftracemyip\u002F","\u003Cp>\u003Cstrong>Trace My IP\u003C\u002Fstrong> is the ultimate WordPress plugin for visitor tracking, IP analytics, and website statistics. Get detailed insights about your visitors including:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Real-time \u003Cstrong>IP tracking\u003C\u002Fstrong> and geolocation data\u003C\u002Fli>\n\u003Cli>Accurate \u003Cstrong>page views counter\u003C\u002Fstrong> and \u003Cstrong>post views counter\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Customizable \u003Cstrong>email alerts\u003C\u002Fstrong> for visitor activity\u003C\u002Fli>\n\u003Cli>Advanced \u003Cstrong>visitor statistics\u003C\u002Fstrong> and \u003Cstrong>website analytics\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Powerful \u003Cstrong>IP blocker\u003C\u002Fstrong> and access control features\u003C\u002Fli>\n\u003Cli>Comprehensive \u003Cstrong>visitor stats\u003C\u002Fstrong> dashboard\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>TWO Independent Visitor Tracking Systems Included\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>1. Cloud-Based SaaS Tracking\u003C\u002Fstrong>\u003Cbr \u002F>\nEmbed a tracker code into your site and access full-featured analytics via the TraceMyIP SaaS console — integrated directly within your WordPress admin.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>2. Local “UnFiltered Stats” Tracker\u003C\u002Fstrong>\u003Cbr \u002F>\nA standalone, compact tracking system that logs visitor activity directly inside your WordPress dashboard, with no external connections required to log the page views. It also captures data that other website statistics services may not be able to detect due to web tracker blockers.\u003C\u002Fp>\n\u003Ch3>FEATURE HIGHLIGHTS\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>All your sites. No-Delays stats. All on the primary SaaS dashboard.\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.tracemyip.org\u002Ftools\u002Flink-click-tracker-ad-clicks-counter-ip-blocker\u002F?wpp=readme_txt\" rel=\"nofollow ugc\">UnFiltered Stats Tracker\u003C\u002Fa> – instantly view behind-the-scenes activity right inside WordPress, including key server requests like post, page, and article views, scraping attempts, AD and tracking blocked page views, IPv4 and IPv6 connections (hosting server must have IPv6 support), ghost traffic and traffic trends — directly on your WordPress dashboard.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.tracemyip.org\u002Fwebsite-analytics.htm?wpp=readme_txt\" rel=\"nofollow ugc\">WordPress Blog \u003Cstrong>Visitor IP Tracking\u003C\u002Fstrong> and Analytics\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.tracemyip.org\u002Fwebsite-visitors-alerts.htm?wpp=readme_txt\" rel=\"nofollow ugc\">Website Visits \u003Cstrong>Email Alerts\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.tracemyip.org\u002Flearn\u002Fhow-to-block-an-ip-address-1017\u002F?wpp=readme_txt\" rel=\"nofollow ugc\">Page \u003Cstrong>Visitor IP\u003C\u002Fstrong> Blocking and Control\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.tracemyip.org\u002Ftools\u002Flink-click-tracker-ad-clicks-counter-ip-blocker\u002F?wpp=readme_txt\" rel=\"nofollow ugc\">WordPress individual \u003Cstrong>Link Tracking\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.tracemyip.org\u002Ftools\u002Fonline-address-book-web-contact-list\u002F?wpp=readme_txt\" rel=\"nofollow ugc\">Tracking WordPress \u003Cstrong>Visitor IP changes\u003C\u002Fstrong> and \u003Cstrong>Visitor Tagging\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.tracemyip.org\u002FGDPR-compliant-website-tracking-software.htm?wpp=readme_txt\" rel=\"nofollow ugc\">EU GDPR Compliant Website and Blog Tracking\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.tracemyip.org\u002Ftools\u002Fcookie-free-tracking-analytics-eu-cookie-law-solution\u002F\" rel=\"nofollow ugc\">Cookieless Tracking for WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Provides additional features\u003C\u002Fstrong> and targeted IP data to \u003Cstrong>complement built-in dashboard statistics\u003C\u002Fstrong> and popular analytics tools such as \u003Cem>Google Analytics, Semrush, Adobe Analytics, Statcounter, Clicky, Matomo Analytics, Plausible, Fathom Analytics, Piwik PRO, Heap, Mixpanel, Amplitude, cPanel Analytics\u003C\u002Fem>, and more. \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>IP address data can be matched with other statistics platforms and tagged to reveal visit history for individual site visitors.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Ch4>Visitor Tracking & IP Analytics\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Complete \u003Cstrong>visitor IP tracker\u003C\u002Fstrong> with detailed location data\u003C\u002Fli>\n\u003Cli>Advanced \u003Cstrong>website analytics\u003C\u002Fstrong> and traffic statistics\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Page views tracker\u003C\u002Fstrong> with historical data\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post views counter\u003C\u002Fstrong> for individual content analysis\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Access Control & Alerts\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>IP blocker\u003C\u002Fstrong> to restrict unwanted visitors\u003C\u002Fli>\n\u003Cli>Custom rules for \u003Cstrong>IP access control\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Instant \u003Cstrong>email alerts\u003C\u002Fstrong> for specific visitor actions\u003C\u002Fli>\n\u003Cli>Automated notifications for suspicious activity\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Statistics & Reporting\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Comprehensive \u003Cstrong>visitor statistics\u003C\u002Fstrong> dashboard\u003C\u002Fli>\n\u003Cli>Detailed \u003Cstrong>website analytics\u003C\u002Fstrong> reports\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hits counter\u003C\u002Fstrong> with traffic trends analysis\u003C\u002Fli>\n\u003Cli>Exportable \u003Cstrong>stats\u003C\u002Fstrong> for further analysis\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why Choose Trace My IP?\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Optimized for accuracy:\u003C\u002Fstrong> Captures genuine user interactions while excluding bots, scrapers, and artificial traffic. Our advanced \u003Cstrong>IP tracker\u003C\u002Fstrong> provides the most reliable \u003Cstrong>visitor statistics\u003C\u002Fstrong> available.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Delivers TWO tracking systems in ONE:\u003C\u002Fstrong> Logs \u003Cstrong>all\u003C\u002Fstrong> visits — even those that are normally invisible due to the use of proxy scripts, ad blockers, and website tracker blockers.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Complete visitor insights:\u003C\u002Fstrong> From basic \u003Cstrong>page views counter\u003C\u002Fstrong> to advanced \u003Cstrong>website analytics\u003C\u002Fstrong>, get all the data you need in one powerful plugin.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Stay in control:\u003C\u002Fstrong> With our \u003Cstrong>IP blocker\u003C\u002Fstrong> and \u003Cstrong>email alerts\u003C\u002Fstrong>, you’ll always know who’s accessing your site and can take immediate action when needed.\u003C\u002Fp>\n","Comprehensive visitor IP tracking and website analytics solution with real-time statistics, page view counting, and customizable email alerts.",1000,130862,"2026-01-22T17:09:00.000Z","6.9.4","2.0.4","7.2",[120,121,122,99,123],"ip-tracker","statistics","visitor-stats","website-analytics","https:\u002F\u002Fwww.tracemyip.org","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftracemyip-visitor-analytics-ip-tracking-control.2.72.zip",{"slug":127,"name":128,"version":129,"author":130,"author_profile":131,"description":132,"short_description":133,"active_installs":134,"downloaded":135,"rating":61,"num_ratings":136,"last_updated":137,"tested_up_to":116,"requires_at_least":138,"requires_php":139,"tags":140,"homepage":17,"download_link":146,"security_score":61,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"outfunnel","Outfunnel: Web Visitor Tracking & CRM Integration","2.9.5","Outfunnel","https:\u002F\u002Fprofiles.wordpress.org\u002Foutfunnel\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Foutfunnel.com\" rel=\"nofollow ugc\">Outfunnel\u003C\u002Fa> helps sales and marketing teams turn website traffic into actionable sales intelligence — and ensures every form submission reaches your CRM automatically.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Web visitor tracking\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Know exactly which leads are browsing your website, what pages they view, and where they came from. Visitor activity is recorded directly in your CRM contact timeline, so your sales team has full context before reaching out. Use attribution data to understand which marketing channels and campaigns bring in the best leads.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Identify which CRM contacts visit your site\u003C\u002Fli>\n\u003Cli>See page views, referral sources, and UTM data per contact\u003C\u002Fli>\n\u003Cli>Prioritize outreach based on real browsing behavior\u003C\u002Fli>\n\u003Cli>Understand which campaigns drive the highest-quality traffic\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Automatic form-to-CRM sync\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Stop copying form submissions into your CRM manually. Every new submission from your WordPress forms is automatically created as a contact in your CRM with all fields mapped — so no lead slips through the cracks.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>New form entries instantly appear in your CRM\u003C\u002Fli>\n\u003Cli>All form fields are mapped to CRM contact fields\u003C\u002Fli>\n\u003Cli>Works with Elementor Forms, Contact Form 7, and Gravity Forms\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Supported CRMs:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Pipedrive\u003Cbr \u002F>\n– HubSpot\u003Cbr \u002F>\n– Copper\u003Cbr \u002F>\n– Salesforce\u003C\u002Fp>\n\u003Cp>You need an \u003Ca href=\"https:\u002F\u002Fapp.outfunnel.com\u002Fregister\" rel=\"nofollow ugc\">Outfunnel account\u003C\u002Fa> to use this plugin. Set up web tracking from the \u003Ca href=\"https:\u002F\u002Fapp.outfunnel.com\u002Fnew-web-tracking\u002Fsetup\" rel=\"nofollow ugc\">web tracking page\u003C\u002Fa>.\u003C\u002Fp>\n","Track which leads visit your website and automatically sync WordPress form submissions to Pipedrive, HubSpot, Copper, or Salesforce.",700,15026,1,"2026-03-16T18:11:00.000Z","4.2","7.0",[141,142,143,144,145],"crm","hubspot","pipedrive","salesforce","web-visitor-tracking","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Foutfunnel.2.9.5.zip",{"attackSurface":148,"codeSignals":202,"taintFlows":260,"riskAssessment":326,"analyzedAt":342},{"hooks":149,"ajaxHandlers":176,"restRoutes":190,"shortcodes":191,"cronEvents":200,"entryPointCount":201,"unprotectedCount":50},[150,156,160,163,167,172],{"type":151,"name":152,"callback":153,"file":154,"line":155},"action","admin_menu","geolocation_geoLocationAdminMenu","geolocation.php",28,{"type":151,"name":157,"callback":158,"file":154,"line":159},"admin_init","gelocation_registerApiKey",29,{"type":151,"name":161,"callback":162,"file":154,"line":35},"admin_enqueue_scripts","geo_location_admin_eneque",{"type":151,"name":164,"callback":165,"file":154,"line":166},"wp_enqueue_scripts","geo_location_front_end_eneque",34,{"type":168,"name":169,"callback":170,"priority":11,"file":154,"line":171},"filter","script_loader_tag","geoLocation_addAsyncAttribute",35,{"type":151,"name":173,"callback":174,"file":154,"line":175},"wp_head","gelocation_blockedIp",36,[177,181,184,187],{"action":178,"nopriv":179,"callback":178,"hasNonce":179,"hasCapCheck":179,"file":154,"line":180},"block_visitor_from_site",false,39,{"action":182,"nopriv":179,"callback":182,"hasNonce":179,"hasCapCheck":179,"file":154,"line":183},"delete_visitor_from_table",40,{"action":185,"nopriv":179,"callback":185,"hasNonce":179,"hasCapCheck":179,"file":154,"line":186},"geolocation_insert_visitor_info",47,{"action":185,"nopriv":188,"callback":185,"hasNonce":179,"hasCapCheck":179,"file":154,"line":189},true,48,[],[192,196],{"tag":193,"callback":194,"file":154,"line":195},"getip","geolocation_getVisitorIp",43,{"tag":197,"callback":198,"file":154,"line":199},"displaymap","gelocation_displaySiteVisitorMap",44,[],6,{"dangerousFunctions":203,"sqlUsage":204,"outputEscaping":215,"fileOperations":136,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":259},[],{"prepared":205,"raw":103,"locations":206},7,[207,210,213],{"file":154,"line":208,"context":209},114,"$wpdb->get_var() with variable interpolation",{"file":154,"line":211,"context":212},232,"$wpdb->query() with variable interpolation",{"file":154,"line":214,"context":209},372,{"escaped":136,"rawEcho":216,"locations":217},21,[218,221,223,225,227,229,231,233,235,237,239,241,243,245,247,249,251,252,254,256,258],{"file":154,"line":219,"context":220},241,"raw output",{"file":154,"line":222,"context":220},253,{"file":154,"line":224,"context":220},297,{"file":154,"line":226,"context":220},302,{"file":154,"line":228,"context":220},307,{"file":154,"line":230,"context":220},308,{"file":154,"line":232,"context":220},332,{"file":154,"line":234,"context":220},333,{"file":154,"line":236,"context":220},334,{"file":154,"line":238,"context":220},409,{"file":154,"line":240,"context":220},446,{"file":154,"line":242,"context":220},449,{"file":154,"line":244,"context":220},454,{"file":154,"line":246,"context":220},462,{"file":154,"line":248,"context":220},465,{"file":154,"line":250,"context":220},475,{"file":154,"line":250,"context":220},{"file":154,"line":253,"context":220},507,{"file":154,"line":255,"context":220},520,{"file":154,"line":257,"context":220},552,{"file":154,"line":257,"context":220},[],[261,278,293,304],{"entryPoint":262,"graph":263,"unsanitizedCount":136,"severity":277},"delete_visitor_from_table (geolocation.php:249)",{"nodes":264,"edges":275},[265,270],{"id":266,"type":267,"label":268,"file":154,"line":269},"n0","source","$_POST",252,{"id":271,"type":272,"label":273,"file":154,"line":222,"wp_function":274},"n1","sink","echo() [XSS]","echo",[276],{"from":266,"to":271,"sanitized":179},"medium",{"entryPoint":279,"graph":280,"unsanitizedCount":291,"severity":292},"geolocation_getVisitorIp (geolocation.php:142)",{"nodes":281,"edges":289},[282,285],{"id":266,"type":267,"label":283,"file":154,"line":284},"$_SERVER (x2)",147,{"id":271,"type":272,"label":286,"file":154,"line":287,"wp_function":288},"query() [SQLi]",153,"query",[290],{"from":266,"to":271,"sanitized":179},2,"high",{"entryPoint":294,"graph":295,"unsanitizedCount":136,"severity":292},"geolocation_insert_no_api_key (geolocation.php:165)",{"nodes":296,"edges":302},[297,300],{"id":266,"type":267,"label":298,"file":154,"line":299},"$_SERVER",169,{"id":271,"type":272,"label":286,"file":154,"line":301,"wp_function":288},172,[303],{"from":266,"to":271,"sanitized":179},{"entryPoint":305,"graph":306,"unsanitizedCount":205,"severity":292},"\u003Cgeolocation> (geolocation.php:0)",{"nodes":307,"edges":322},[308,310,311,313,315,317],{"id":266,"type":267,"label":309,"file":154,"line":284},"$_SERVER (x4)",{"id":271,"type":272,"label":286,"file":154,"line":287,"wp_function":288},{"id":312,"type":267,"label":268,"file":154,"line":269},"n2",{"id":314,"type":272,"label":273,"file":154,"line":222,"wp_function":274},"n3",{"id":316,"type":267,"label":283,"file":154,"line":299},"n4",{"id":318,"type":272,"label":319,"file":154,"line":320,"wp_function":321},"n5","get_results() [SQLi]",400,"get_results",[323,324,325],{"from":266,"to":271,"sanitized":179},{"from":312,"to":314,"sanitized":179},{"from":316,"to":318,"sanitized":179},{"summary":327,"deductions":328},"The 'geo-location' v2.5.1 plugin exhibits a concerning security posture due to a significant number of unprotected entry points, particularly its AJAX handlers. While the static analysis shows no direct dangerous functions or external HTTP requests, the lack of authentication checks on four out of four AJAX handlers presents a substantial risk. This means that any unauthenticated user could potentially trigger these functions, leading to unintended actions or information exposure.  Furthermore, the taint analysis reveals three high-severity flows with unsanitized paths, indicating potential vulnerabilities where user-supplied data could be manipulated to execute malicious code or access unauthorized resources. The absence of nonce and capability checks on AJAX handlers exacerbates this risk. The plugin's vulnerability history is clean, with no recorded CVEs, which is a positive indicator. However, this does not negate the present risks identified in the static and taint analyses. The plugin's strengths lie in its moderate SQL preparedness and a file operation that appears to be a single, isolated instance. The weaknesses, however, are critical: a large unprotected attack surface via AJAX and high-severity taint flows demand immediate attention.",[329,332,335,338,340],{"reason":330,"points":331},"AJAX handlers without auth checks",10,{"reason":333,"points":334},"High severity taint flows (3)",15,{"reason":336,"points":337},"Output escaping only 5%",8,{"reason":339,"points":331},"Nonce checks missing",{"reason":341,"points":331},"Capability checks missing","2026-03-16T22:44:51.206Z",{"wat":344,"direct":354},{"assetPaths":345,"generatorPatterns":350,"scriptPaths":351,"versionParams":353},[346,347,348,349],"\u002Fwp-content\u002Fplugins\u002Fgeo-location\u002Fjs\u002Ffrontend_geolocation.js","\u002Fwp-content\u002Fplugins\u002Fgeo-location\u002Fjs\u002Fbackend_geolocation.js","\u002Fwp-content\u002Fplugins\u002Fgeo-location\u002Fjs\u002Fctc_overlay.jquery.js","\u002Fwp-content\u002Fplugins\u002Fgeo-location\u002Fcss\u002Fctc_overlay_style.css",[],[352],"https:\u002F\u002Fwww.bing.com\u002Fapi\u002Fmaps\u002Fmapcontrol?callback=GetMap",[],{"cssClasses":355,"htmlComments":357,"htmlAttributes":358,"restEndpoints":364,"jsGlobals":365,"shortcodeOutput":368},[356],"ctc-overlay",[],[359,360,361,362,363],"data-geoloc-latitude","data-geoloc-longitude","data-geoloc-city","data-geoloc-region","data-geoloc-country",[],[366,367],"geolocation_params","geolocation_backend_params",[369,370],"[getip]","[displaymap]",{"error":188,"url":372,"statusCode":373,"statusMessage":374,"message":374},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fgeo-location\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":103,"versions":376},[377,384,391],{"version":378,"download_url":379,"svn_tag_url":380,"released_at":27,"has_diff":179,"diff_files_changed":381,"diff_lines":27,"trac_diff_url":382,"vulnerabilities":383,"is_current":179},"2.0.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgeo-location.2.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fgeo-location\u002Ftags\u002F2.0.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fgeo-location%2Ftags%2F1.1&new_path=%2Fgeo-location%2Ftags%2F2.0.0",[],{"version":385,"download_url":386,"svn_tag_url":387,"released_at":27,"has_diff":179,"diff_files_changed":388,"diff_lines":27,"trac_diff_url":389,"vulnerabilities":390,"is_current":179},"1.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgeo-location.1.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fgeo-location\u002Ftags\u002F1.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fgeo-location%2Ftags%2F1.0.0&new_path=%2Fgeo-location%2Ftags%2F1.1",[],{"version":392,"download_url":393,"svn_tag_url":394,"released_at":27,"has_diff":179,"diff_files_changed":395,"diff_lines":27,"trac_diff_url":27,"vulnerabilities":396,"is_current":179},"1.0.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgeo-location.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fgeo-location\u002Ftags\u002F1.0.0\u002F",[],[]]