Does Geosec have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Geosec compatible with WordPress 6.9.4?

According to WordPress.org data, Geosec 1.0.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Geosec compatible with PHP 7.2+?

Geosec requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Geosec updated?

Geosec was last updated on Feb 6, 2026. Frequent updates are generally a positive security signal.

What is Geosec's security score?

Geosec has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Geosec Security & Risk Analysis

wordpress.org/plugins/geosec

Geosec protects your admin panel (wp-admin) by allowing access only from the countries you authorize.

0 active installs v1.0.1 PHP 7.2+ WP 5.0+ Updated Feb 6, 2026

access-controlblock-countrygeoipprotectionsecurity

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Geosec Safe to Use in 2026?

Generally Safe

Score 100/100

Geosec has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

The geosec plugin v1.0.1 demonstrates a generally strong security posture based on the provided static analysis. The absence of any critical or high-severity taint flows, dangerous functions, or raw SQL queries is a significant positive. The plugin also shows good practice in output escaping, with a very high percentage of outputs being properly escaped. File operations are not present, further reducing the attack surface. The single external HTTP request is noted, and while not inherently risky, warrants awareness if the target service is untrusted.

However, the plugin's security is somewhat undermined by the complete lack of capability checks and the presence of only one nonce check across its entire, albeit small, attack surface. This indicates a potential weakness in authorization and session validation, especially if any of the code entry points (even if currently zero) were to be exposed in future versions or through other means. The vulnerability history being completely clean is positive, suggesting a history of secure development, but this does not mitigate the identified potential weaknesses in the current version.

In conclusion, while the current version of geosec exhibits robust code hygiene concerning SQL injection and output sanitization, the lack of comprehensive authorization checks presents a notable concern. The small attack surface is a mitigating factor, but future development should prioritize implementing proper capability checks on all relevant functionalities to ensure a more secure user experience.

Key Concerns

Missing capability checks
Only 1 nonce check for entire codebase

Vulnerabilities

None known

Geosec Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Geosec Release Timeline

v1.0.1Current

v1.0.0

Code Analysis

Analyzed Apr 16, 2026

Geosec Code Analysis

Dangerous Functions

Raw SQL Queries

7 prepared

Unescaped Output

87 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared7 total queries

Output Escaping

96% escaped91 total outputs

Attack Surface

Geosec Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 4

actionadmin_menuincludes/admin.php:8

actionadmin_initincludes/admin.php:9

actionadmin_enqueue_scriptsincludes/admin.php:360

actioninitincludes/core.php:9

Maintenance & Trust

Geosec Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 6, 2026

PHP min version7.2

Downloads187

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Geosec Alternatives

Simple Password Protect

simple-password-protect

100

Protect your entire WordPress site with a simple password. GDPR-compliant with modal links for legal pages.

200 No CVEs

PasswordSentry

passwordsentry

Secure WordPress by detecting shared passwords, and blocking password sharing. The plugin integrates Password Sentry app into WP to track logins.

10 No CVEs

Section-Specific Dashboard Lock

section-specific-dashboard-lock

Lock specific sections and submenus of the WordPress admin dashboard with custom passwords for enhanced control and security.

10 No CVEs

Solid Security – Password, Two Factor Authentication, and Brute Force Protection

better-wp-security

Harden your site security with Login Security, Two-Factor Authentication (2FA), Vulnerability Scanner, Firewall, and more. Formerly iThemes Security.

700K 19 CVEs

NinjaFirewall (WP Edition) – Advanced Security Plugin and Firewall

ninjafirewall

100

A true Web Application Firewall to protect and secure WordPress.

100K 1 CVE

Developer Profile

Geosec Developer Profile

rbonfil

2 plugins · 10 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Geosec

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/geosec/assets/js/geosec-admin.js/wp-content/plugins/geosec/assets/css/geosec-admin.css

Script Paths

/wp-content/plugins/geosec/assets/js/geosec-admin.js

HTML / DOM Fingerprints

CSS Classes

geosec-switchgeosec-slidergeosec-wrappergeosec-chips-containergeosec-input

HTML Comments

Data Attributes

id="geosec_active_status"id="geosec_allowed_countries"name="geosec_allowed_countries"id="geosec-chips-container"id="geosec-country-input"id="geosec_allowed_countries"+6 more

FAQ