Does Geoplugin Currency Shortcode have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Geoplugin Currency Shortcode compatible with WordPress 4.6.30?

According to WordPress.org data, Geoplugin Currency Shortcode 1.0.1 has been tested up to WordPress 4.6.30. Check the plugin's changelog for the latest compatibility information.

How often is Geoplugin Currency Shortcode updated?

Geoplugin Currency Shortcode was last updated on Jul 8, 2016. Frequent updates are generally a positive security signal.

What is Geoplugin Currency Shortcode's security score?

Geoplugin Currency Shortcode has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Geoplugin Currency Shortcode Security & Risk Analysis

wordpress.org/plugins/geoplugin-currency-shortcode

Use geoplugin.net to automatically show a live conversion of a currency amount on your site.

10 active installs v1.0.1 PHP + WP 3.0+ Updated Jul 8, 2016

currencygeoplugin

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Geoplugin Currency Shortcode Safe to Use in 2026?

Generally Safe

Score 85/100

Geoplugin Currency Shortcode has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago

Risk Assessment

The geoplugin-currency-shortcode v1.0.1 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and ensuring all outputs are properly escaped. There are no known vulnerabilities (CVEs) associated with this plugin, suggesting a history of secure development or a lack of public exploitation. The attack surface is minimal, with only one shortcode and no unprotected entry points identified. However, the presence of the `unserialize` function is a significant concern, especially when coupled with two identified taint flows with unsanitized paths. Although these taint flows are not currently rated as critical or high severity in the static analysis, `unserialize` is inherently dangerous as it can lead to arbitrary object injection if untrusted data is processed. The lack of nonce checks and capability checks, while not directly problematic with the current entry point configuration, leaves the plugin vulnerable if its attack surface were to expand or if its functions were to be called in an authenticated context without proper authorization.

Key Concerns

Dangerous function unserialize detected
Taint flows with unsanitized paths found
No nonce checks
No capability checks

Vulnerabilities

None known

Geoplugin Currency Shortcode Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Geoplugin Currency Shortcode Release Timeline

v1.0.1Current

v1.0

Code Analysis

Analyzed Mar 17, 2026

Geoplugin Currency Shortcode Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$geoplugin_array = unserialize( file_get_contents( $url ) );geoplugin-currency-shortcode.php:61

Data Flows · Security

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

geoplugin_currency_shortcode (geoplugin-currency-shortcode.php:47)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Geoplugin Currency Shortcode Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[currency] geoplugin-currency-shortcode.php:26

Maintenance & Trust

Geoplugin Currency Shortcode Maintenance & Trust

Maintenance Signals

WordPress version tested4.6.30

Last updatedJul 8, 2016

PHP min version

Downloads3K

Community Trust

Rating66/100

Number of ratings3

Active installs10

Alternatives

Geoplugin Currency Shortcode Alternatives

WPML Multilingual & Multicurrency for WooCommerce

woocommerce-multilingual

Make your store multilingual and enable multiple currencies.

100K 5 CVEs

FOX – Currency Switcher Professional for WooCommerce

woocommerce-currency-switcher

FOX - Currency Switcher Professional for WooCommerce (former name is WOOCS) is currency plugin for woocommerce and multi currency shop, switch & pay

50K 14 CVEs

elegro Crypto Payment

elegro-payment

Increase your customers base by accepting cryptocurrencies.

20K No CVEs

CURCY – Multi Currency for WooCommerce – Smoothly on WooCommerce 9.x

woo-multi-currency

Show multi-currency pricing and dual-currency display, accept multi-currency payment, support IP detection, custom/global rate, fixed price and more

20K 6 CVEs

Price Based on Country for WooCommerce

woocommerce-product-price-based-on-countries

100

Product Pricing and Currency based on Shopper's Country for WooCommerce with multi-currency support and geolocation to boost international sales.

20K No CVEs

Developer Profile

Geoplugin Currency Shortcode Developer Profile

Gary Jones

8 plugins · 920 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Geoplugin Currency Shortcode

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Shortcode Output

~[0-9]+\.[0-9]{2}

FAQ