[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fIr_7P6cCg_uHP4dNudUihAWTcAZC6j4MKX5TXe3HKDI":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":40,"analysis":148,"fingerprints":798},"ip-location-block","IP Location Block","1.3.8","Darko G.","https:\u002F\u002Fprofiles.wordpress.org\u002Fdarkog\u002F","\u003Cp>IP Location Block plugin that allows you to block access to your site based on the visitor location while also keeping your site safe from malicious attacks. The plugin brings a smart and powerful protection methods such as “\u003Cstrong>WP Metadata Exploit Protection\u003C\u002Fstrong>“.\u003C\u002Fp>\n\u003Cp>Combined with those methods and IP address geolocation, you’ll be surprised to find a bunch of malicious or undesirable access blocked in the logs of this plugin after several days of installation.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> This plugin is based on the now abandoned “IP Geo Block” plugin by tokkonopapa. I fixed various issues and improved the overall codebase.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Native Geo-Location Provider\u003C\u002Fstrong>\u003Cbr \u002F>\nIP Location Block provides \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002Fnative-geo-location-provider\u002F?utm_source=plugin&utm_medium=wporgpage&utm_campaign=readme\" rel=\"nofollow ugc\">Native Geo-Location Provider\u003C\u002Fa> that is faster, more secure and provides the needed \u003Cstrong>precision\u003C\u002Fstrong> for matching \u003Cstrong>CITY\u003C\u002Fstrong> and \u003Cstrong>STATE\u003C\u002Fstrong> besides the standard COUNTRY matching.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Privacy by design:\u003C\u002Fstrong>\u003Cbr \u002F>\nIP address is always encrypted on recording in logs\u002Fcache. Moreover, it can be anonymized and restricted on sending to the 3rd parties such as geolocation APIs or whois service.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Immigration control:\u003C\u002Fstrong>\u003Cbr \u002F>\nAccess to the basic and important entrances into back-end such as \u003Ccode>wp-comments-post.php\u003C\u002Fcode>, \u003Ccode>xmlrpc.php\u003C\u002Fcode>, \u003Ccode>wp-login.php\u003C\u002Fcode>, \u003Ccode>wp-signup.php\u003C\u002Fcode>, \u003Ccode>wp-admin\u002Fadmin.php\u003C\u002Fcode>, \u003Ccode>wp-admin\u002Fadmin-ajax.php\u003C\u002Fcode>, \u003Ccode>wp-admin\u002Fadmin-post.php\u003C\u002Fcode> will be validated by means of a country code based on IP address. It allows you to configure either whitelist or blacklist to \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FISO_3166-1_alpha-2#Officially_assigned_code_elements\" title=\"ISO 3166-1 alpha-2 - Wikipedia\" rel=\"nofollow ugc\">specify the countires\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FClassless_Inter-Domain_Routing\" title=\"Classless Inter-Domain Routing - Wikipedia\" rel=\"nofollow ugc\">CIDR notation\u003C\u002Fa> for a range of IP addresses and \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FAutonomous_system_(Internet)\" title=\"Autonomous system (Internet) - Wikipedia\" rel=\"nofollow ugc\">AS number\u003C\u002Fa> for a group of IP networks.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Guard against login attempts:\u003C\u002Fstrong>\u003Cbr \u002F>\nIn order to prevent hacking through the login form and XML-RPC by brute-force and the reverse-brute-force attacks, the number of login attempts will be limited per IP address even from the permitted countries.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Minimize server load against brute-force attacks:\u003C\u002Fstrong>\u003Cbr \u002F>\nYou can configure this plugin as a \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FMust_Use_Plugins\" title=\"Must Use Plugins « WordPress Codex\" rel=\"nofollow ugc\">Must Use Plugins\u003C\u002Fa> so that this plugin can be loaded prior to regular plugins. It can massively \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002Fvalidation-timing\u002F\" title=\"Validation timing | IP Location Block\" rel=\"nofollow ugc\">reduce the load on server\u003C\u002Fa>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Prevent malicious down\u002Fuploading:\u003C\u002Fstrong>\u003Cbr \u002F>\nA malicious request such as exposing \u003Ccode>wp-config.php\u003C\u002Fcode> or uploading malwares via vulnerable plugins\u002Fthemes can be blocked.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Block badly-behaved bots and crawlers:\u003C\u002Fstrong>\u003Cbr \u002F>\nA simple logic may help to reduce the number of rogue bots and crawlers scraping your site.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Support of BuddyPress and bbPress:\u003C\u002Fstrong>\u003Cbr \u002F>\nYou can configure this plugin so that a registered user can login as a membership from anywhere, while a request such as a new user registration, lost password, creating a new topic and subscribing comment can be blocked by country. It is suitable for \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbuddypress\u002F\" title=\"BuddyPress — WordPress Plugins\" rel=\"ugc\">BuddyPress\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbbpress\u002F\" title=\"WordPress › bbPress « WordPress Plugins\" rel=\"ugc\">bbPress\u003C\u002Fa> to help reducing spams.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Referrer suppressor for external links:\u003C\u002Fstrong>\u003Cbr \u002F>\nWhen you click an external hyperlink on admin screens, http referrer will be eliminated to hide a footprint of your site.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Multiple source of IP Geolocation databases:\u003C\u002Fstrong>\u003Cbr \u002F>\nBesides the \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002Fnative-geo-location-provider\u002F?utm_source=plugin&utm_medium=wporgpage&utm_campaign=readme\" rel=\"nofollow ugc\">Native Geo-Location provider\u003C\u002Fa>, this plugin supports \u003Ca href=\"https:\u002F\u002Fwww.maxmind.com\" title=\"MaxMind - IP Geolocation and Online Fraud Prevention\" rel=\"nofollow ugc\">MaxMind GeoLite2 free databases\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwww.ip2location.com\u002F\" title=\"IP Address Geolocation to Identify Website Visitor's Geographical Location\" rel=\"nofollow ugc\">IP2Location LITE databases\u003C\u002Fa>. Also free Geolocation REST APIs and whois information can be available for audit purposes.\u003Cbr \u002F>\nFather more, \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcloudflare-cloudfront-api-class-library\u002F\" title=\"CloudFlare & CloudFront API class library | IP Location Block\" rel=\"nofollow ugc\">dedicated API class libraries\u003C\u002Fa> can be installed for CloudFlare and CloudFront as a reverse proxy service.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Customizing response:\u003C\u002Fstrong>\u003Cbr \u002F>\nHTTP response code can be selectable as \u003Ccode>403 Forbidden\u003C\u002Fcode> to deny access pages, \u003Ccode>404 Not Found\u003C\u002Fcode> to hide pages or even \u003Ccode>200 OK\u003C\u002Fcode> to redirect to the top page.\u003Cbr \u002F>\nYou can also have a human friendly page (like \u003Ccode>404.php\u003C\u002Fcode>) in your parent\u002Fchild theme template directory to fit your site design.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Validation logs:\u003C\u002Fstrong>\u003Cbr \u002F>\nValidation logs for useful information to audit attack patterns can be manageable.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Cooperation with full spec security plugin:\u003C\u002Fstrong>\u003Cbr \u002F>\nThis plugin is lite enough to be able to cooperate with other full spec security plugin such as \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwordfence\u002F\" title=\"Wordfence Security — WordPress Plugins\" rel=\"ugc\">Wordfence Security\u003C\u002Fa>. See \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002Fpage-speed-performance\u002F\" title=\"Page speed performance | IP Location Block\" rel=\"nofollow ugc\">this report\u003C\u002Fa> about page speed performance.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Extendability:\u003C\u002Fstrong>\u003Cbr \u002F>\nYou can customize the behavior of this plugin via \u003Ccode>add_filter()\u003C\u002Fcode> with \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002F\" title=\"Codex | IP Location Block\" rel=\"nofollow ugc\">pre-defined filter hook\u003C\u002Fa>. See various use cases in \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002Fexample-use-cases-for-the-developer-hooks\u002F\" rel=\"nofollow ugc\">samples.php\u003C\u002Fa> bundled within this package.\u003Cbr \u002F>\nYou can also get the extension \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fddur\u002FWordPress-IP-Geo-Allow\" title=\"GitHub - ddur\u002FWordPress-IP-Geo-Allow: WordPress Plugin Exension for WordPress-IP-Geo-Block Plugin\" rel=\"nofollow ugc\">IP Geo Allow\u003C\u002Fa> by \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fddur\" title=\"ddur (Dragan) - GitHub\" rel=\"nofollow ugc\">Dragan\u003C\u002Fa>. It makes admin screens strictly private with more flexible way than specifying IP addresses.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Self blocking prevention and easy rescue:\u003C\u002Fstrong>\u003Cbr \u002F>\nWebsite owners do not prefer themselves to be blocked. This plugin prevents such a sad thing unless you force it. And futhermore, if such a situation occurs, you can \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002Fwhat-should-i-do-when-im-locked-out\u002F\" title=\"What should I do when I'm locked out? | IP Location Block\" rel=\"nofollow ugc\">rescue yourself\u003C\u002Fa> easily.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Clean uninstallation:\u003C\u002Fstrong>\u003Cbr \u002F>\nNothing is left in your precious mySQL database after uninstallation. So you can feel free to install and activate to make a trial of this plugin’s functionality.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Documentation\u003C\u002Fh4>\n\u003Cp>Documentation and more information can always be found on our \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002F\" title=\"IP Location Block\" rel=\"nofollow ugc\">plugin website\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Attribution\u003C\u002Fh4>\n\u003Cp>This package includes GeoLite2 library distributed by MaxMind, available from \u003Ca href=\"https:\u002F\u002Fwww.maxmind.com\" title=\"MaxMind - IP Geolocation and Online Fraud Prevention\" rel=\"nofollow ugc\">MaxMind\u003C\u002Fa>, and also includes IP2Location open source libraries available from \u003Ca href=\"https:\u002F\u002Fwww.ip2location.com\" title=\"IP Address Geolocation to Identify Website Visitor's Geographical Location\" rel=\"nofollow ugc\">IP2Location\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Also thanks for providing the following services and REST APIs for free.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fgeoiplookup.net\u002F\" title=\"What Is My IP Address | GeoIP Lookup\" rel=\"nofollow ugc\">http:\u002F\u002Fgeoiplookup.net\u002F\u003C\u002Fa> (IPv4, IPv6 \u002F free)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fipinfo.io\u002F\" title=\"IP Address API and Data Solutions\" rel=\"nofollow ugc\">https:\u002F\u002Fipinfo.io\u002F\u003C\u002Fa> (IPv4, IPv6 \u002F free)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fipapi.com\u002F\" title=\"ipapi - IP Address Lookup and Geolocation API\" rel=\"nofollow ugc\">https:\u002F\u002Fipapi.com\u002F\u003C\u002Fa> (IPv4, IPv6 \u002F free, need API key)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fipstack.com\u002F\" title=\"ipstack - Free IP Geolocation API\" rel=\"nofollow ugc\">https:\u002F\u002Fipstack.com\u002F\u003C\u002Fa> (IPv4, IPv6 \u002F free, need API key)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fipinfodb.com\u002F\" title=\"Free IP Geolocation Tools and API| IPInfoDB\" rel=\"nofollow ugc\">https:\u002F\u002Fipinfodb.com\u002F\u003C\u002Fa> (IPv4, IPv6 \u002F free, need API key)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Development\u003C\u002Fh4>\n\u003Cp>Development of this plugin happens at \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fgdarko\u002Fip-location-block\" title=\"gdarko\u002Fip-location-block - GitHub\" rel=\"nofollow ugc\">IP Location Block – GitHub\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>All contributions will always be welcome.\u003C\u002Fp>\n\u003Ch4>Known issues\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>From \u003Ca href=\"https:\u002F\u002Fmake.wordpress.org\u002Fcore\u002F2016\u002F03\u002F09\u002Fcomment-changes-in-wordpress-4-5\u002F\" title=\"Comment Changes in WordPress 4.5 – Make WordPress Core\" rel=\"nofollow ugc\">WordPress 4.5\u003C\u002Fa>, \u003Ccode>rel=nofollow\u003C\u002Fcode> had no longer be attached to the links in \u003Ccode>comment_content\u003C\u002Fcode>. This change prevents to block “\u003Ca href=\"https:\u002F\u002Fwww.owasp.org\u002Findex.php\u002FServer_Side_Request_Forgery\" title=\"Server Side Request Forgery - OWASP\" rel=\"nofollow ugc\">Server Side Request Forgeries\u003C\u002Fa>” (not Cross Site but a malicious internal link in the comment field).\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fapps.wordpress.com\u002Fmobile\u002F\" title=\"WordPress.com Apps - Mobile Apps\" rel=\"nofollow ugc\">WordPress.com Mobile App\u003C\u002Fa> can’t execute image uploading because of its own authentication system via XMLRPC.\u003C\u002Fli>\n\u003C\u002Ful>\n","Easily block visitors by country, state or ISP provider. Also, protects your site from spam, login attempts, malicious access & more.",10000,192738,92,33,"2026-03-13T00:57:00.000Z","7.0","3.7","",[20,21,22,23,24],"block","country","geolocation","ip-address","ip-geo-block","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fip-location-block\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fip-location-block.1.3.8.zip",100,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"darkog",4,10200,89,30,86,"2026-04-04T05:24:48.055Z",[41,67,90,110,128],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":51,"num_ratings":52,"last_updated":53,"tested_up_to":54,"requires_at_least":55,"requires_php":56,"tags":57,"homepage":62,"download_link":63,"security_score":64,"vuln_count":65,"unpatched_count":28,"last_vuln_date":66,"fetched_at":30},"ip2location-country-blocker","IP2Location Country Blocker","2.41.2","IP2Location","https:\u002F\u002Fprofiles.wordpress.org\u002Fip2location\u002F","\u003Cp>\u003Cem>This plugin will NOT work if any cache plugin is enabled.\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>This plugin enables user to block unwanted traffic from accessing your frontend (blog pages) or backend (admin area) by countries or proxy servers. It helps to reduce spam and unwanted sign ups easily by preventing unwanted visitors from browsing a particular page or entire website.\u003C\u002Fp>\n\u003Cp>Key Features\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Allow you to block the access from multiple countries.\u003C\u002Fli>\n\u003Cli>Allow you to block the access by country grouping, such as EU, APAC, and so on.\u003C\u002Fli>\n\u003Cli>Allow you to block the access from anonymous proxies.\u003C\u002Fli>\n\u003Cli>Allow you to block the access by IP ranges.\u003C\u002Fli>\n\u003Cli>Allow you to whitelist the crawler, for example, Google, Bing, Yandex, and so on, to index your pages (SEO friendly).\u003C\u002Fli>\n\u003Cli>Supports IPv4 and IPv6\u003C\u002Fli>\n\u003Cli>Default to 403 error (Permission Denied) display\u003C\u002Fli>\n\u003Cli>Allow you to customize your own 403 page.\u003C\u002Fli>\n\u003Cli>Send you an email notification if some one is trying to access your admin area.\u003C\u002Fli>\n\u003Cli>Provide you statistical report of traffics blocked.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin supports both IP2Location BIN data and web service for IP geolocation lookup. If you would like to use the IP2Location geolocation BIN data, you can easily download and update the BIN data via the plugin settings page. Alternatively, you can also download and update the BIN data file manually using the below links:\u003C\u002Fp>\n\u003Cp>IP Geolocation file download:\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Flite.ip2location.com\" title=\"IP2Location LITE database\" rel=\"nofollow ugc\">IP2Location & IP2Proxy LITE database (Free)\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fip2location.com\" title=\"IP2Location commercial database\" rel=\"nofollow ugc\">IP2Location & IP2Proxy Commercial database (Comprehensive)\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>To use the IP2Location IP geolocation web service (REST API) for geolocation, you’ll need to register an account at \u003Ca href=\"https:\u002F\u002Fwww.ip2location.io\" title=\"IP2Location.io IP Geolocation API\" rel=\"nofollow ugc\">IP2Location.io IP Geolocation API\u003C\u002Fa>. A free plan is available.\u003C\u002Fp>\n\u003Ch4>More Information\u003C\u002Fh4>\n\u003Cp>Please visit us at \u003Ca href=\"https:\u002F\u002Fwww.ip2location.com\" title=\"https:\u002F\u002Fwww.ip2location.com\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.ip2location.com\u003C\u002Fa>\u003C\u002Fp>\n","Blocks unwanted visitors from accessing your frontend (blog pages) or backend (admin area) by countries or proxy servers.",30000,1626215,84,124,"2025-12-03T07:19:00.000Z","6.9.4","4.6","7.4",[58,59,23,60,61],"block-country","block-proxy","ip2location","redirection","https:\u002F\u002Fip2location.com\u002Fresources\u002Fwordpress-ip2location-country-blocker","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fip2location-country-blocker.2.41.2.zip",93,9,"2025-02-21 19:56:54",{"slug":68,"name":69,"version":70,"author":71,"author_profile":72,"description":73,"short_description":74,"active_installs":75,"downloaded":76,"rating":51,"num_ratings":65,"last_updated":77,"tested_up_to":78,"requires_at_least":79,"requires_php":80,"tags":81,"homepage":86,"download_link":87,"security_score":27,"vuln_count":88,"unpatched_count":28,"last_vuln_date":89,"fetched_at":30},"user-ip-and-location","User IP and Location","4.0.2","Sunny Kumar","https:\u002F\u002Fprofiles.wordpress.org\u002Ftheguidex\u002F","\u003Cp>Looking to display your website visitor’s IP address, location, browser details, and other information on your WordPress site? Then “User IP and Location” plugin is exactly what you need!\u003C\u002Fp>\n\u003Cp>This plugin is very simple to set up and use. Just install it, and you can start showing visitor information anywhere on your website using easy shortcodes. You can put these shortcodes in your posts, pages, sidebar, footer – anywhere you want!\u003C\u002Fp>\n\u003Cp>The best part? We use the reliable and free \u003Ca href=\"http:\u002F\u002Fip-api.com\" title=\"IP-API\" rel=\"friend nofollow ugc\">IP-API\u003C\u002Fa> service to get all the location data, so the information is always accurate and up-to-date.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>New in Version 4.x.x – Works with Caching Plugins!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Are you using WP-Rocket, W3 Total Cache, or any other caching plugin? No problem at all! We’ve completely rebuilt the plugin to work perfectly with all caching plugins. Your visitors will always see their own correct information, not some cached data from another visitor.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Advanced Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Multi-Language Support\u003C\u002Fstrong> – Get location names in 8 different languages (English, German, Spanish, Portuguese, French, Japanese, Chinese, Russian)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PRO API Key Support\u003C\u002Fstrong> – Use your premium IP-API key for higher limits and HTTPS security\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Caching System\u003C\u002Fstrong> – Built-in server-side caching with customizable expiration times (1 hour to 1 week)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Conditional Content\u003C\u002Fstrong> – Show different content to visitors from specific countries, regions, or cities\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Developer Tools\u003C\u002Fstrong> – PHP functions and REST API endpoints for custom development\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable Output\u003C\u002Fstrong> – Change “Yes\u002FNo” text to any language or format you prefer\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Here are all the shortcodes you can use:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[userip_location type=\"ip\"] - Shows visitor's IP address\n[userip_location type=\"continent\"] - Shows continent name\n[userip_location type=\"country\"] - Shows country name\n[userip_location type=\"countrycode\"] - Shows country code (like IN, US, UK)\n[userip_location type=\"region\"] - Shows region code\n[userip_location type=\"regionname\"] - Shows region\u002Fstate name\n[userip_location type=\"city\"] - Shows city name\n[userip_location type=\"zip\"] - **NEW!** Shows ZIP\u002Fpostal code\n[userip_location type=\"lat\"] - Shows latitude\n[userip_location type=\"lon\"] - Shows longitude\n[userip_location type=\"timezone\"] - Shows timezone\n[userip_location type=\"currency\"] - Shows local currency\n[userip_location type=\"isp\"] - Shows internet provider name\n[userip_location type=\"mobile\"] - Shows if visitor is on mobile network\n[userip_location type=\"proxy\"] - Shows if visitor is using proxy\n[userip_location type=\"hosting\"] - Shows if IP is from hosting provider\n[userip_location type=\"browser\"] - Shows browser name\n[userip_location type=\"os\"] - Shows operating system\n[userip_location type=\"flag\" height=\"auto\" width=\"50px\" vertical_align=\"middle\"] - Shows country flag\n[userip_localtime] - **NEW!** Shows visitor's current local time\n[userip_localdate] - **NEW!** Shows visitor's current local date\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Smart Conditional Content:\u003C\u002Fstrong>\u003Cbr \u002F>\nShow different content to visitors from different places! Perfect for targeted marketing, regional offers, or localized messages.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[userip_conditional country=\"US,IN\"]Content for US and India visitors only[\u002Fuserip_conditional]\n[userip_conditional country_not=\"CN,RU\"]Content for everyone except China and Russia[\u002Fuserip_conditional]\n[userip_conditional region=\"CA,TX\"]Special offers for California and Texas![\u002Fuserip_conditional]\n[userip_conditional city=\"Mumbai,Delhi\"]Mumbai and Delhi exclusive deals[\u002Fuserip_conditional]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>About the Flag Shortcode:\u003C\u002Fstrong>\u003Cbr \u002F>\nWhen using the flag shortcode, you can control its size and position. The \u003Ccode>height\u003C\u002Fcode>, \u003Ccode>width\u003C\u002Fcode>, and \u003Ccode>vertical_align\u003C\u002Fcode> options are all optional. By default, height is auto, width is 50px, and it aligns in the middle. You can change these as per your needs.\u003C\u002Fp>\n\u003Ch4>Why Choose User IP and Location Plugin?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Super Easy Setup\u003C\u002Fstrong> – Just install and activate, that’s it!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Works with All Caching Plugins\u003C\u002Fstrong> – WP-Rocket, W3 Total Cache, you name it!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fast Loading\u003C\u002Fstrong> – Uses modern AJAX technology so it doesn’t slow down your site\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lots of Information\u003C\u002Fstrong> – IP, country, city, flag, browser, OS, ISP, and much more\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multi-Language Support\u003C\u002Fstrong> – Location names in 8 different languages\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PRO API Support\u003C\u002Fstrong> – Use premium IP-API keys for higher limits and HTTPS\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Caching\u003C\u002Fstrong> – Server-side caching with customizable expiration (1 hour to 1 week)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>New Features\u003C\u002Fstrong> – ZIP code and local time shortcodes added\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Content\u003C\u002Fstrong> – Show different content to visitors from different countries, regions, or cities\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Always Updated\u003C\u002Fstrong> – Uses reliable IP-API service for accurate data\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Developer Friendly\u003C\u002Fstrong> – Includes PHP functions and REST API for custom development\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable\u003C\u002Fstrong> – Change output text, caching settings, and more from admin panel\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Perfect for bloggers, businesses, and developers who want to personalize their website based on visitor location!\u003C\u002Fp>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>This awesome plugin is created by the talented team at \u003Ca href=\"https:\u002F\u002Fheyserp.com\" title=\"HeySERP\" rel=\"friend nofollow ugc\"> HeySERP \u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Want to learn more about WordPress? Check out our website \u003Ca href=\"https:\u002F\u002Ftheguidex.com\u002F\" title=\"TheGuideX\" rel=\"friend nofollow ugc\"> TheGuideX \u003C\u002Fa> where we share helpful tutorials on:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fthewpx.com\u002Fget-ip-address-and-location-in-wordpress\u002F\" title=\"How to Get the IP Address and Location of Users in WordPress\" rel=\"friend nofollow ugc\">How to Get User IP and Location in WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftheguidex.com\u002Fcommon-wordpress-errors\u002F\" title=\"Common WordPress Errors & Solutions\" rel=\"friend nofollow ugc\">Common WordPress Errors & How to Fix Them\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftheguidex.com\u002Fgoogle-adsense-plugins-for-wordpress\u002F\" title=\"Best WordPress Ads Manager Plugins\" rel=\"friend nofollow ugc\">Best WordPress Ad Management Plugins\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>…and many more helpful \u003Ca href=\"https:\u002F\u002Ftheguidex.com\u002Fcategory\u002Fwordpress\u002F\" title=\"WordPress Tutorials\" rel=\"friend nofollow ugc\">WordPress tutorials\u003C\u002Fa> in simple language!\u003C\u002Fp>\n","Want to show your website visitors their IP address, location, and other cool details? This plugin makes it super easy! Now works perfectly with cachi &hellip;",3000,37818,"2025-07-15T07:41:00.000Z","6.8.5","5.0","7.2",[82,22,83,84,85],"country-code","region","user-ip-address","user-location","https:\u002F\u002Ftheguidex.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-ip-and-location.zip",1,"2023-04-28 00:00:00",{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":98,"downloaded":99,"rating":27,"num_ratings":100,"last_updated":101,"tested_up_to":54,"requires_at_least":79,"requires_php":80,"tags":102,"homepage":106,"download_link":107,"security_score":108,"vuln_count":88,"unpatched_count":28,"last_vuln_date":109,"fetched_at":30},"advanced-country-blocker","Advanced Country Blocker","2.3.2","brstefanovic","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrstefanovic\u002F","\u003Cp>\u003Cstrong>Advanced Country Blocker\u003C\u002Fstrong> helps you secure your WordPress site by restricting access based on the visitor’s geolocation (country) or IP address. Upon activation, the plugin detects the activating admin’s country and automatically sets that as the only allowed country. All other visitors from different countries are blocked, unless they use a secret key parameter to temporarily whitelist their IP. Country detection uses the privacy-friendly ip-api.com service by default but can be switched to a fully offline MaxMind GeoLite2 (or compatible) database file once you configure a local copy.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatically allows the admin’s country\u003C\u002Fstrong> on plugin activation.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Flexible IP-to-country lookups\u003C\u002Fstrong> – start with the built-in ip-api.com integration and optionally switch to an offline MaxMind GeoLite2 Country (or compatible) \u003Ccode>.mmdb\u003C\u002Fcode> database file.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Allowlist or blacklist mode\u003C\u002Fstrong> – choose whether the country list acts as an allowlist or blocklist without re-entering countries.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Temporary access\u003C\u002Fstrong> via a customizable secret URL parameter (e.g., \u003Ccode>?MySecretKey=1\u003C\u002Fcode>).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>CAPTCHA Challenge\u003C\u002Fstrong> – allow blocked visitors to solve a CAPTCHA to gain temporary access (supports Google reCAPTCHA v2\u002Fv3, hCaptcha, Cloudflare Turnstile).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-Time Activity Monitor\u003C\u002Fstrong> – live dashboard showing active visitors, recent blocks, and traffic statistics.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Analytics Dashboard\u003C\u002Fstrong> – comprehensive charts and statistics about blocked attempts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Manual blacklisting and safelisting of IPs\u003C\u002Fstrong> for added security and to accommodate uptime monitors.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Optional email alerts\u003C\u002Fstrong> when new visitors are blocked.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin bypass\u003C\u002Fstrong> so logged-in admins can always access the site (toggleable in the code).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Detailed logging\u003C\u002Fstrong> of blocked attempts in a custom database table, displayed in the WP admin.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom response controls\u003C\u002Fstrong> – personalise the block page title\u002Fmessage, choose the HTTP status (403, 410, 451) or redirect to any URL.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic log cleanup\u003C\u002Fstrong> with configurable retention plus a one-click “Clear Logs” button.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Use the plugin settings page (\u003Cstrong>Country Blocker\u003C\u002Fstrong> menu in WP admin) to configure the list of allowed countries, blacklisted countries, blacklisted IPs, and whether email alerts are enabled.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is open-sourced software licensed under the \u003Ca href=\"https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-3.0.html\" rel=\"nofollow ugc\">GPLv3 or later\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>By default this plugin contacts the ip-api.com geolocation service to detect visitor countries. You can disable all external lookups by switching the IP lookup method to the local MaxMind database in the settings.\u003C\u002Fp>\n","An advanced security plugin that blocks website visitors by country, with additional features like blacklisting, logging blocked attempts, admin bypas &hellip;",2000,11570,6,"2026-02-06T09:04:00.000Z",[103,21,22,104,105],"blocking","ip-blocking","security","https:\u002F\u002Fsparkcan.com\u002Facb.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-country-blocker.2.3.2.zip",99,"2026-02-06 20:24:09",{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":118,"downloaded":119,"rating":27,"num_ratings":88,"last_updated":120,"tested_up_to":78,"requires_at_least":79,"requires_php":80,"tags":121,"homepage":126,"download_link":127,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"geo-blocker","Geo Blocker – Control Site Access by Region and IP","1.0.0","Mohamed Shili","https:\u002F\u002Fprofiles.wordpress.org\u002Fmedshi8\u002F","\u003Cp>🔐 Block or allow visitors by country. Track access attempts. View analytics. Stay in control — effortlessly.\u003C\u002Fp>\n\u003Ch3>🧠 Description\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Geo Blocker\u003C\u002Fstrong> gives you full control over who can access your WordPress site — based on visitor country and IP. Whether you’re protecting content, reducing attack surface, or managing regional access, this plugin does it with precision and clarity.\u003C\u002Fp>\n\u003Cp>🎯 Designed for performance, security, and ease of use.\u003Cbr \u002F>\n📊 Built-in analytics and access logs.\u003Cbr \u002F>\n🧭 Never get locked out — admin-safe bypass included.\u003C\u002Fp>\n\u003Ch3>🚀 Features\u003C\u002Fh3>\n\u003Ch3>✅ Access Control That Makes Sense\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Block Selected Countries\u003C\u002Fstrong> – deny access to specific regions  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Allow Selected Countries\u003C\u002Fstrong> – restrict site only to approved countries  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🧩 Smart Blocking Actions\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>📜 Show custom message  \u003C\u002Fli>\n\u003Cli>🔁 Redirect to a URL  \u003C\u002Fli>\n\u003Cli>🚫 Send HTTP 403 Forbidden response  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🌐 Visual Country Selector\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Flag icons & search bar for quick targeting  \u003C\u002Fli>\n\u003Cli>Filter by continent (Africa, Asia, Europe, etc.)  \u003C\u002Fli>\n\u003Cli>One-click select\u002Fdeselect all  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📈 Analytics Dashboard\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Summary cards: total visits, blocks, IPs  \u003C\u002Fli>\n\u003Cli>Hourly charts for real-time insights  \u003C\u002Fli>\n\u003Cli>Filter by date range & data type (accesses, unique IPs, etc.)  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📋 Detailed Logs\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>See IP, country, URL, status, user agent  \u003C\u002Fli>\n\u003Cli>Filters out common junk (favicon, robots.txt)  \u003C\u002Fli>\n\u003Cli>Admin visits are auto-ignored to reduce noise  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🛠️ Admin-Proof Bypass URL\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Special URL with bypass parameter to access login anytime  \u003C\u002Fli>\n\u003Cli>Prevents accidental lockouts  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔄 Data Export & Log Management\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Export logs in CSV or JSON  \u003C\u002Fli>\n\u003Cli>Clear logs with a single click  \u003C\u002Fli>\n\u003Cli>Sort & search logs in the UI\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🌐 External Services\u003C\u002Fh3>\n\u003Cp>This plugin uses a third-party API to determine the visitor’s country based on their IP address.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service used:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fipwho.is\" rel=\"nofollow ugc\">IPWho.is\u003C\u002Fa>  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Purpose:\u003C\u002Fstrong> To perform IP geolocation and detect the country of each visitor, allowing the plugin to block or allow access accordingly.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data sent:\u003C\u002Fstrong> The visitor’s IP address is sent to the IPWho.is API on page load when geo-blocking is active.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Service:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fipwhois.io\u002Fterms\" rel=\"nofollow ugc\">https:\u002F\u002Fipwhois.io\u002Fterms\u003C\u002Fa>  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Policy:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fipwhois.io\u002Fprivacy\" rel=\"nofollow ugc\">https:\u002F\u002Fipwhois.io\u002Fprivacy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🖥️ Screenshots\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>📊 Dashboard Overview\u003C\u002Fstrong> – See country blocks, allowed hits & total attempts   \u003C\u002Fli>\n\u003Cli>\u003Cstrong>🔧 Blocking Rules\u003C\u002Fstrong> – Choose block mode, action type, and targets. Enable or disable countries visually\u003C\u002Fli>\n\u003Cli>\u003Cstrong>📉 Analytics Graphs\u003C\u002Fstrong> – View access by time, state, and IP 5. \u003Cstrong>📑 Logs Table\u003C\u002Fstrong> – Deep insights with full logs of visitor attempts. Export CSV\u002FJSON logs with one click\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>📦 Installation\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Upload the plugin folder to \u003Ccode>\u002Fwp-content\u002Fplugins\u002Fgeo-blocker\u003C\u002Fcode>  \u003C\u002Fli>\n\u003Cli>Activate via \u003Cstrong>Plugins \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Installed Plugins\u003C\u002Fstrong>  \u003C\u002Fli>\n\u003Cli>Go to \u003Cstrong>Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Geo Blocker\u003C\u002Fstrong>  \u003C\u002Fli>\n\u003Cli>Enable Geo Blocking using the toggle  \u003C\u002Fli>\n\u003Cli>Choose between \u003Cstrong>block\u003C\u002Fstrong> or \u003Cstrong>allow\u003C\u002Fstrong> mode  \u003C\u002Fli>\n\u003Cli>Select countries using the visual interface  \u003C\u002Fli>\n\u003Cli>Pick your blocking action (message, redirect, or 403)  \u003C\u002Fli>\n\u003Cli>Save settings — done!\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>❓ Frequently Asked Questions\u003C\u002Fh3>\n\u003Ch3>How does Geo Blocker detect country?\u003C\u002Fh3>\n\u003Cp>It uses the reliable \u003Cstrong>IpWhoIs API\u003C\u002Fstrong> to fetch country data based on the visitor’s IP.\u003C\u002Fp>\n\u003Ch3>Will it slow down my site?\u003C\u002Fh3>\n\u003Cp>Nope. It’s optimized with \u003Cstrong>transient caching\u003C\u002Fstrong> and smart triggers — no unnecessary lookups.\u003C\u002Fp>\n\u003Ch3>Can I lock myself out?\u003C\u002Fh3>\n\u003Cp>No. There’s a \u003Cstrong>login bypass URL\u003C\u002Fstrong> generated for administrators — shown right on the dashboard.\u003C\u002Fp>\n\u003Ch3>Can I block specific pages?\u003C\u002Fh3>\n\u003Cp>Not yet — current version works site-wide. Per-page rules may come in a future update.\u003C\u002Fp>\n\u003Ch3>Can I export visitor logs?\u003C\u002Fh3>\n\u003Cp>Yes. Logs can be exported in \u003Cstrong>CSV or JSON\u003C\u002Fstrong> format directly from the Logs tab.\u003C\u002Fp>\n\u003Ch3>Does it work with caching plugins?\u003C\u002Fh3>\n\u003Cp>Yes, but you may need to \u003Cstrong>exclude the plugin’s logic\u003C\u002Fstrong> from caching. Dynamic geo checks should not be cached.\u003C\u002Fp>\n\u003Ch3>🗂️ Changelog\u003C\u002Fh3>\n\u003Ch4>1.0.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>🎉 Initial release with all core features\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🛡️ Additional Notes\u003C\u002Fh3>\n\u003Ch3>Emergency Bypass\u003C\u002Fh3>\n\u003Cp>Every admin gets a custom bypass link to avoid accidental lockouts. It’s always visible in the dashboard.\u003C\u002Fp>\n\u003Ch3>Blocking Actions\u003C\u002Fh3>\n\u003Cp>Choose the experience blocked users receive:\u003Cbr \u002F>\n– Custom message\u003Cbr \u002F>\n– Redirect to another URL\u003Cbr \u002F>\n– Send 403 Forbidden header\u003C\u002Fp>\n\u003Ch3>Logs & Privacy\u003C\u002Fh3>\n\u003Cp>Logs are stored locally in your WordPress database. The plugin sends only the visitor’s IP to IPWho.is — no personally identifiable information is shared or stored externally.\u003C\u002Fp>\n\u003Ch3>💡 Enjoying Geo Blocker? Try Our Other Free Plugins\u003C\u002Fh3>\n\u003Cp>Looking for even more control and peace of mind? Check out our other tools:\u003C\u002Fp>\n\u003Cp>🔕 \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnotification-blocker\u002F\" rel=\"ugc\">Notification Blocker\u003C\u002Fa>\u003C\u002Fstrong> – Hide annoying plugin notices from your dashboard without hacking core files.\u003C\u002Fp>\n\u003Cp>🛡️ \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffortress-login-pro\u002F\" rel=\"ugc\">Fortress Login Pro\u003C\u002Fa>\u003C\u002Fstrong> – Obscure your login page, add brute-force protection, and block unauthorized access attempts with ease.\u003C\u002Fp>\n\u003Cp>If you like Geo Blocker, you’ll probably find these just as helpful. Try them out!\u003C\u002Fp>\n","🔐 Block or allow visitors by country. Track access attempts. View analytics. Stay in control — effortlessly.",700,1677,"2025-05-18T22:09:00.000Z",[122,123,124,22,125],"access-control","country-restriction","geo-blocking","ip-blocker","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgeo-blocker\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgeo-blocker.1.0.0.zip",{"slug":58,"name":129,"version":130,"author":131,"author_profile":132,"description":133,"short_description":134,"active_installs":135,"downloaded":136,"rating":137,"num_ratings":100,"last_updated":138,"tested_up_to":139,"requires_at_least":140,"requires_php":18,"tags":141,"homepage":144,"download_link":145,"security_score":146,"vuln_count":88,"unpatched_count":88,"last_vuln_date":147,"fetched_at":30},"Block Country","1.0","nitinmaurya12","https:\u002F\u002Fprofiles.wordpress.org\u002Fnitinmaurya12\u002F","\u003Cp>Set country and IP to block your website. You can also set IP address to unblock for any special IP Address.\u003C\u002Fp>\n","Set country and IP to block your website. You can also set IP address to unblock for any special IP Address.",70,5721,60,"2013-12-10T22:05:00.000Z","3.6.1","3.2",[58,142,143],"block-ip-address","unblock-any-ip-address","http:\u002F\u002Fnitinmaurya.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblock-country.zip",63,"2025-10-13 00:00:00",{"attackSurface":149,"codeSignals":372,"taintFlows":632,"riskAssessment":782,"analyzedAt":797},{"hooks":150,"ajaxHandlers":364,"restRoutes":369,"shortcodes":370,"cronEvents":371,"entryPointCount":88,"unprotectedCount":88},[151,157,163,167,171,175,180,184,187,191,194,198,200,204,208,211,215,218,221,224,227,231,235,240,244,247,250,253,256,259,262,265,268,271,275,278,282,285,288,291,294,297,301,306,310,313,317,321,325,327,329,332,336,339,342,345,348,352,355,357,358,361],{"type":152,"name":153,"callback":154,"file":155,"line":156},"action","init","admin_init","admin\\class-ip-location-block-admin.php",43,{"type":158,"name":159,"callback":160,"priority":161,"file":155,"line":162},"filter","wp_redirect","add_redirect_nonce",10,49,{"type":152,"name":164,"callback":165,"file":155,"line":166},"admin_menu","setup_admin_page",194,{"type":152,"name":168,"callback":169,"file":155,"line":170},"admin_post_ip_location_block","admin_ajax_callback",195,{"type":158,"name":172,"callback":173,"priority":161,"file":155,"line":174},"wp_prepare_revision_for_js","add_revision_nonce",197,{"type":152,"name":176,"callback":177,"priority":178,"file":155,"line":179},"admin_enqueue_scripts","enqueue_admin_assets",15,198,{"type":158,"name":181,"callback":182,"priority":161,"file":155,"line":183},"ip-location-block-bypass-admins","verify_request",201,{"type":152,"name":185,"callback":165,"file":155,"line":186},"network_admin_menu",206,{"type":152,"name":188,"callback":189,"priority":161,"file":155,"line":190},"wpmu_new_blog","create_blog",207,{"type":152,"name":192,"callback":192,"priority":161,"file":155,"line":193},"delete_blog",208,{"type":158,"name":195,"callback":196,"file":155,"line":197},"admin_body_class","add_webview_class",219,{"type":158,"name":195,"callback":196,"file":155,"line":199},222,{"type":158,"name":201,"callback":202,"file":155,"line":203},"google-charts","google_charts_cn",405,{"type":158,"name":205,"callback":206,"priority":161,"file":155,"line":207},"plugin_row_meta","add_plugin_meta_links",968,{"type":152,"name":176,"callback":209,"priority":28,"file":155,"line":210},"enqueue_nonce",973,{"type":152,"name":212,"callback":213,"file":155,"line":214},"admin_notices","show_admin_notices",976,{"type":152,"name":216,"callback":213,"file":155,"line":217},"network_admin_notices",977,{"type":152,"name":212,"callback":219,"file":155,"line":220},"show_intro_notice",979,{"type":152,"name":212,"callback":222,"file":155,"line":223},"show_api_key_upgrade_notice",981,{"type":152,"name":212,"callback":225,"file":155,"line":226},"show_cache_compat_notice",983,{"type":152,"name":228,"callback":229,"priority":161,"file":155,"line":230},"ip-location-block-settings-updated","start_update_db",1722,{"type":152,"name":232,"callback":233,"file":234,"line":51},"shutdown","deactivate_plugin","classes\\class-ip-location-block-actv.php",{"type":158,"name":236,"callback":237,"file":238,"line":239},"ip-location-block-ip-addr","extract_ip","classes\\class-ip-location-block-cron.php",76,{"type":152,"name":153,"callback":241,"file":242,"line":243},"validate_direct","classes\\class-ip-location-block.php",118,{"type":152,"name":154,"callback":245,"file":242,"line":246},"validate_admin",121,{"type":152,"name":153,"callback":248,"file":242,"line":249},"anonymous",126,{"type":152,"name":153,"callback":251,"file":242,"line":252},"validate_comment",131,{"type":152,"name":153,"callback":254,"file":242,"line":255},"validate_public",136,{"type":152,"name":257,"callback":251,"file":242,"line":258},"pre_comment_on_post",149,{"type":152,"name":260,"callback":251,"file":242,"line":261},"pre_trackback_post",153,{"type":158,"name":263,"callback":251,"file":242,"line":264},"preprocess_comment",157,{"type":152,"name":266,"callback":251,"file":242,"line":267},"bbp_post_request_bbp-new-topic",163,{"type":152,"name":269,"callback":251,"file":242,"line":270},"bbp_post_request_bbp-new-reply",164,{"type":158,"name":272,"callback":273,"file":242,"line":274},"bbp_current_user_can_access_create_topic_form","validate_front",165,{"type":158,"name":276,"callback":273,"file":242,"line":277},"bbp_current_user_can_access_create_reply_form",169,{"type":152,"name":279,"callback":280,"file":242,"line":281},"login_init","validate_login",177,{"type":152,"name":283,"callback":280,"file":242,"line":284},"bp_core_screen_signup",181,{"type":152,"name":286,"callback":280,"file":242,"line":287},"bp_signup_pre_validate",182,{"type":152,"name":289,"callback":209,"file":242,"line":290},"wp_enqueue_scripts",193,{"type":158,"name":159,"callback":292,"priority":293,"file":242,"line":174},"logout_redirect",20,{"type":158,"name":295,"callback":296,"file":242,"line":179},"http_request_args","request_nonce",{"type":158,"name":298,"callback":299,"file":242,"line":300},"document_title_parts","change_title",736,{"type":158,"name":302,"callback":303,"priority":304,"file":242,"line":305},"ip-location-block-xmlrpc","close_xmlrpc",3,892,{"type":158,"name":307,"callback":308,"file":242,"line":309},"xmlrpc_login_error","auth_fail",895,{"type":152,"name":311,"callback":308,"file":242,"line":312},"wp_login_failed",948,{"type":158,"name":314,"callback":315,"priority":161,"file":242,"line":316},"site_url","filter_login_url",957,{"type":158,"name":318,"callback":319,"priority":34,"file":242,"line":320},"ip-location-block-admin","check_nonce",1030,{"type":158,"name":318,"callback":322,"priority":323,"file":242,"line":324},"check_signature",5,1039,{"type":158,"name":318,"callback":319,"priority":34,"file":242,"line":326},1077,{"type":158,"name":318,"callback":322,"priority":323,"file":242,"line":328},1083,{"type":152,"name":330,"callback":254,"file":242,"line":331},"wp",1416,{"type":158,"name":333,"callback":334,"priority":161,"file":242,"line":335},"ip-location-block-public","check_page",1422,{"type":158,"name":333,"callback":337,"priority":65,"file":242,"line":338},"check_ua",1426,{"type":158,"name":333,"callback":340,"priority":65,"file":242,"line":341},"check_behavior",1429,{"type":158,"name":236,"callback":343,"priority":293,"file":242,"line":344},"get_proxy_ip",1432,{"type":152,"name":212,"callback":346,"file":347,"line":14},"closure","ip-location-block.php",{"type":152,"name":349,"callback":350,"priority":161,"file":347,"line":351},"upgrader_process_complete","ip_location_block_upgrader_process_complete",103,{"type":152,"name":353,"callback":354,"file":347,"line":243},"plugins_loaded","ip_location_block_update",{"type":152,"name":353,"callback":356,"file":347,"line":52},"get_instance",{"type":152,"name":353,"callback":356,"file":347,"line":255},{"type":152,"name":212,"callback":346,"file":359,"line":360},"wp-content\\mu-plugins\\ip-location-block-mu.php",34,{"type":152,"name":212,"callback":362,"file":359,"line":363},"ip_location_block_mu_notice",73,[365],{"action":366,"nopriv":367,"callback":169,"hasNonce":367,"hasCapCheck":367,"file":155,"line":368},"ip_location_block",false,196,[],[],[],{"dangerousFunctions":373,"sqlUsage":397,"outputEscaping":452,"fileOperations":626,"externalRequests":34,"nonceChecks":88,"capabilityChecks":627,"bundledLibraries":628},[374,378,383,387,389,391,393],{"fn":375,"file":155,"line":376,"context":377},"assert",324,"defined( 'IP_LOCATION_BLOCK_DEBUG' ) and IP_LOCATION_BLOCK_DEBUG and assert( is_main_site(), 'Not ma",{"fn":379,"file":380,"line":381,"context":382},"unserialize","classes\\class-ip-location-block-logs.php",284,"return empty( $data ) ? self::$default : unserialize( $data[0]['data'] ) + self::$default;",{"fn":379,"file":384,"line":385,"context":386},"includes\\Net\\DNS2\\Cache\\File.php",81,"$decoded = unserialize($data);",{"fn":379,"file":384,"line":388,"context":386},173,{"fn":379,"file":390,"line":243,"context":386},"includes\\Net\\DNS2\\Cache\\Shm.php",{"fn":379,"file":390,"line":392,"context":386},216,{"fn":379,"file":394,"line":395,"context":396},"includes\\Net\\DNS2\\Cache.php",82,"return unserialize($this->cache_data[$key]['object']);",{"prepared":398,"raw":399,"locations":400},54,23,[401,404,407,409,412,414,415,416,419,422,425,427,429,431,433,435,437,439,441,444,446,448,449],{"file":155,"line":402,"context":403},1916,"$wpdb->get_col() with variable interpolation",{"file":405,"line":406,"context":403},"admin\\includes\\class-admin-ajax.php",406,{"file":405,"line":408,"context":403},453,{"file":410,"line":411,"context":403},"admin\\includes\\tab-settings.php",1465,{"file":234,"line":413,"context":403},61,{"file":234,"line":13,"context":403},{"file":238,"line":261,"context":403},{"file":380,"line":417,"context":418},214,"$wpdb->query() with variable interpolation",{"file":380,"line":420,"context":421},228,"$wpdb->get_var() with variable interpolation",{"file":380,"line":423,"context":424},234,"$wpdb->get_results() with variable interpolation",{"file":380,"line":426,"context":418},263,{"file":380,"line":428,"context":424},282,{"file":380,"line":430,"context":421},730,{"file":380,"line":432,"context":418},866,{"file":380,"line":434,"context":421},1173,{"file":380,"line":436,"context":418},1177,{"file":380,"line":438,"context":421},1188,{"file":380,"line":440,"context":421},1386,{"file":442,"line":443,"context":418},"classes\\class-ip-location-block-opts.php",280,{"file":442,"line":445,"context":418},281,{"file":442,"line":447,"context":418},283,{"file":442,"line":381,"context":418},{"file":450,"line":451,"context":403},"uninstall.php",48,{"escaped":274,"rawEcho":453,"locations":454},101,[455,457,458,460,462,464,465,467,469,470,472,474,476,478,480,482,483,484,486,488,490,492,494,496,498,500,502,504,506,508,509,510,512,513,514,515,517,518,519,521,522,524,526,527,528,529,531,532,534,536,538,540,542,544,545,547,548,550,551,553,554,556,558,560,562,564,566,569,571,574,576,578,580,582,584,585,586,587,588,590,591,593,594,595,597,598,599,601,602,603,605,606,609,611,613,615,617,619,621,623,625],{"file":155,"line":239,"context":456},"raw output",{"file":155,"line":255,"context":456},{"file":155,"line":459,"context":456},577,{"file":155,"line":461,"context":456},579,{"file":155,"line":463,"context":456},1022,{"file":155,"line":463,"context":456},{"file":155,"line":466,"context":456},1105,{"file":155,"line":468,"context":456},1111,{"file":155,"line":468,"context":456},{"file":155,"line":471,"context":456},1130,{"file":155,"line":473,"context":456},1131,{"file":155,"line":475,"context":456},1154,{"file":155,"line":477,"context":456},1155,{"file":155,"line":479,"context":456},1156,{"file":155,"line":481,"context":456},1159,{"file":155,"line":481,"context":456},{"file":155,"line":481,"context":456},{"file":155,"line":485,"context":456},1193,{"file":155,"line":487,"context":456},1252,{"file":155,"line":489,"context":456},1268,{"file":155,"line":491,"context":456},1271,{"file":155,"line":493,"context":456},1272,{"file":155,"line":495,"context":456},1273,{"file":155,"line":497,"context":456},1274,{"file":155,"line":499,"context":456},1278,{"file":155,"line":501,"context":456},1279,{"file":155,"line":503,"context":456},1280,{"file":155,"line":505,"context":456},1281,{"file":155,"line":507,"context":456},1298,{"file":155,"line":507,"context":456},{"file":155,"line":507,"context":456},{"file":155,"line":511,"context":456},1299,{"file":155,"line":511,"context":456},{"file":155,"line":511,"context":456},{"file":155,"line":511,"context":456},{"file":155,"line":516,"context":456},1302,{"file":155,"line":516,"context":456},{"file":155,"line":516,"context":456},{"file":155,"line":520,"context":456},1304,{"file":155,"line":520,"context":456},{"file":155,"line":523,"context":456},1306,{"file":155,"line":525,"context":456},1316,{"file":155,"line":525,"context":456},{"file":155,"line":525,"context":456},{"file":155,"line":525,"context":456},{"file":155,"line":530,"context":456},1320,{"file":155,"line":530,"context":456},{"file":155,"line":533,"context":456},1324,{"file":155,"line":535,"context":456},1337,{"file":155,"line":537,"context":456},1339,{"file":155,"line":539,"context":456},1341,{"file":155,"line":541,"context":456},1349,{"file":155,"line":543,"context":456},1362,{"file":155,"line":543,"context":456},{"file":155,"line":546,"context":456},1363,{"file":155,"line":546,"context":456},{"file":155,"line":549,"context":456},1372,{"file":155,"line":549,"context":456},{"file":155,"line":552,"context":456},1373,{"file":155,"line":552,"context":456},{"file":155,"line":555,"context":456},1383,{"file":155,"line":557,"context":456},1390,{"file":155,"line":559,"context":456},1395,{"file":405,"line":561,"context":456},166,{"file":405,"line":563,"context":456},348,{"file":405,"line":565,"context":456},563,{"file":567,"line":568,"context":456},"admin\\includes\\status.php",45,{"file":567,"line":570,"context":456},154,{"file":572,"line":573,"context":456},"admin\\includes\\tab-accesslog.php",232,{"file":572,"line":575,"context":456},233,{"file":577,"line":252,"context":456},"admin\\includes\\tab-network.php",{"file":577,"line":579,"context":456},132,{"file":577,"line":581,"context":456},156,{"file":577,"line":583,"context":456},159,{"file":577,"line":583,"context":456},{"file":577,"line":583,"context":456},{"file":577,"line":583,"context":456},{"file":577,"line":583,"context":456},{"file":577,"line":589,"context":456},174,{"file":577,"line":589,"context":456},{"file":577,"line":592,"context":456},180,{"file":577,"line":592,"context":456},{"file":577,"line":592,"context":456},{"file":577,"line":596,"context":456},184,{"file":577,"line":596,"context":456},{"file":577,"line":596,"context":456},{"file":410,"line":600,"context":456},1658,{"file":410,"line":600,"context":456},{"file":410,"line":600,"context":456},{"file":410,"line":604,"context":456},1669,{"file":410,"line":119,"context":456},{"file":607,"line":608,"context":456},"admin\\includes\\tab-statistics.php",363,{"file":607,"line":610,"context":456},384,{"file":607,"line":612,"context":456},427,{"file":607,"line":614,"context":456},428,{"file":607,"line":616,"context":456},437,{"file":607,"line":618,"context":456},438,{"file":607,"line":620,"context":456},447,{"file":607,"line":622,"context":456},448,{"file":242,"line":624,"context":456},419,{"file":359,"line":385,"context":456},32,11,[629],{"name":630,"version":29,"knownCves":631},"DataTables",[],[633,651,661,680,697,707,720,729,742,753,763],{"entryPoint":634,"graph":635,"unsanitizedCount":88,"severity":650},"export_logs (admin\\includes\\class-admin-ajax.php:128)",{"nodes":636,"edges":648},[637,642],{"id":638,"type":639,"label":640,"file":405,"line":641},"n0","source","$_SERVER",130,{"id":643,"type":644,"label":645,"file":405,"line":646,"wp_function":647},"n1","sink","header() [Header Injection]",161,"header",[649],{"from":638,"to":643,"sanitized":367},"medium",{"entryPoint":652,"graph":653,"unsanitizedCount":88,"severity":650},"export_cache (admin\\includes\\class-admin-ajax.php:305)",{"nodes":654,"edges":659},[655,657],{"id":638,"type":639,"label":640,"file":405,"line":656},307,{"id":643,"type":644,"label":645,"file":405,"line":658,"wp_function":647},343,[660],{"from":638,"to":643,"sanitized":367},{"entryPoint":662,"graph":663,"unsanitizedCount":679,"severity":650},"validate_settings (admin\\includes\\class-admin-ajax.php:523)",{"nodes":664,"edges":676},[665,668,670,672],{"id":638,"type":639,"label":666,"file":405,"line":667},"$_POST",531,{"id":643,"type":644,"label":645,"file":405,"line":669,"wp_function":647},562,{"id":671,"type":639,"label":666,"file":405,"line":667},"n2",{"id":673,"type":644,"label":674,"file":405,"line":565,"wp_function":675},"n3","echo() [XSS]","echo",[677,678],{"from":638,"to":643,"sanitized":367},{"from":671,"to":673,"sanitized":367},2,{"entryPoint":681,"graph":682,"unsanitizedCount":34,"severity":650},"\u003Cclass-admin-ajax> (admin\\includes\\class-admin-ajax.php:0)",{"nodes":683,"edges":693},[684,686,687,688,689,691],{"id":638,"type":639,"label":685,"file":405,"line":641},"$_SERVER (x2)",{"id":643,"type":644,"label":645,"file":405,"line":646,"wp_function":647},{"id":671,"type":639,"label":666,"file":405,"line":667},{"id":673,"type":644,"label":645,"file":405,"line":669,"wp_function":647},{"id":690,"type":639,"label":666,"file":405,"line":667},"n4",{"id":692,"type":644,"label":674,"file":405,"line":565,"wp_function":675},"n5",[694,695,696],{"from":638,"to":643,"sanitized":367},{"from":671,"to":673,"sanitized":367},{"from":690,"to":692,"sanitized":367},{"entryPoint":698,"graph":699,"unsanitizedCount":304,"severity":650},"render_network (admin\\includes\\tab-network.php:121)",{"nodes":700,"edges":705},[701,704],{"id":638,"type":639,"label":702,"file":577,"line":703},"$_REQUEST (x3)",137,{"id":643,"type":644,"label":674,"file":577,"line":581,"wp_function":675},[706],{"from":638,"to":643,"sanitized":367},{"entryPoint":708,"graph":709,"unsanitizedCount":88,"severity":650},"backup_logs (classes\\class-ip-location-block-logs.php:555)",{"nodes":710,"edges":718},[711,714],{"id":638,"type":639,"label":712,"file":380,"line":713},"$_SERVER['REQUEST_TIME']",560,{"id":643,"type":644,"label":715,"file":380,"line":716,"wp_function":717},"file_put_contents() [File Write]",557,"file_put_contents",[719],{"from":638,"to":643,"sanitized":367},{"entryPoint":721,"graph":722,"unsanitizedCount":304,"severity":728},"\u003Ctab-network> (admin\\includes\\tab-network.php:0)",{"nodes":723,"edges":726},[724,725],{"id":638,"type":639,"label":702,"file":577,"line":703},{"id":643,"type":644,"label":674,"file":577,"line":581,"wp_function":675},[727],{"from":638,"to":643,"sanitized":367},"low",{"entryPoint":730,"graph":731,"unsanitizedCount":679,"severity":741},"record_logs (classes\\class-ip-location-block-logs.php:695)",{"nodes":732,"edges":739},[733,735],{"id":638,"type":639,"label":685,"file":380,"line":734},753,{"id":643,"type":644,"label":736,"file":380,"line":737,"wp_function":738},"query() [SQLi]",766,"query",[740],{"from":638,"to":643,"sanitized":367},"high",{"entryPoint":743,"graph":744,"unsanitizedCount":679,"severity":741},"get_recent_logs (classes\\class-ip-location-block-logs.php:1030)",{"nodes":745,"edges":751},[746,747],{"id":638,"type":639,"label":685,"file":380,"line":324},{"id":643,"type":644,"label":748,"file":380,"line":749,"wp_function":750},"get_results() [SQLi]",1040,"get_results",[752],{"from":638,"to":643,"sanitized":367},{"entryPoint":754,"graph":755,"unsanitizedCount":88,"severity":741},"delete_expired (classes\\class-ip-location-block-logs.php:1414)",{"nodes":756,"edges":761},[757,759],{"id":638,"type":639,"label":640,"file":380,"line":758},1419,{"id":643,"type":644,"label":736,"file":380,"line":760,"wp_function":738},1420,[762],{"from":638,"to":643,"sanitized":367},{"entryPoint":764,"graph":765,"unsanitizedCount":781,"severity":741},"\u003Cclass-ip-location-block-logs> (classes\\class-ip-location-block-logs.php:0)",{"nodes":766,"edges":777},[767,768,769,771,772,775],{"id":638,"type":639,"label":712,"file":380,"line":713},{"id":643,"type":644,"label":715,"file":380,"line":716,"wp_function":717},{"id":671,"type":639,"label":770,"file":380,"line":734},"$_SERVER (x8)",{"id":673,"type":644,"label":736,"file":380,"line":737,"wp_function":738},{"id":690,"type":639,"label":773,"file":380,"line":774},"$_SERVER (x10)",772,{"id":692,"type":644,"label":748,"file":380,"line":776,"wp_function":750},912,[778,779,780],{"from":638,"to":643,"sanitized":367},{"from":671,"to":673,"sanitized":367},{"from":690,"to":692,"sanitized":367},19,{"summary":783,"deductions":784},"The \"ip-location-block\" v1.3.8 plugin exhibits a mixed security posture. While it has a clean vulnerability history with no recorded CVEs, its static analysis reveals several areas of concern that detract from its overall security. The presence of an unprotected AJAX handler is a significant weakness, presenting a direct entry point for potential attackers without any authorization checks. Furthermore, the taint analysis indicates 11 flows with unsanitized paths, with 4 classified as high severity, suggesting a risk of data being processed without proper sanitization, which could lead to various injection vulnerabilities if these flows are exploited. The use of dangerous functions like 'assert' and 'unserialize' also raises red flags, as these functions can be exploited if user-supplied data is passed to them without strict validation.  While the plugin demonstrates some good practices like using prepared statements for a majority of its SQL queries and has a good number of output escaping routines, the critical issues identified in the attack surface and taint analysis outweigh these positives, indicating a moderate to high risk for users.",[785,787,790,793,795],{"reason":786,"points":161},"Unprotected AJAX handler",{"reason":788,"points":789},"High severity unsanitized taint flows (4)",12,{"reason":791,"points":792},"Use of dangerous functions (assert, unserialize)",8,{"reason":794,"points":178},"Unsanitized paths in all taint flows (11)",{"reason":796,"points":323},"Low percentage of properly escaped output","2026-03-16T17:38:41.541Z",{"wat":799,"direct":812},{"assetPaths":800,"generatorPatterns":805,"scriptPaths":806,"versionParams":807},[801,802,803,804],"\u002Fwp-content\u002Fplugins\u002Fip-location-block\u002Fcss\u002Fip-location-block.css","\u002Fwp-content\u002Fplugins\u002Fip-location-block\u002Fjs\u002Fip-location-block.js","\u002Fwp-content\u002Fplugins\u002Fip-location-block\u002Fcss\u002Fip-location-block-admin.css","\u002Fwp-content\u002Fplugins\u002Fip-location-block\u002Fjs\u002Fip-location-block-admin.js",[],[],[808,809,810,811],"ip-location-block\u002Fcss\u002Fip-location-block.css?ver=","ip-location-block\u002Fjs\u002Fip-location-block.js?ver=","ip-location-block\u002Fcss\u002Fip-location-block-admin.css?ver=","ip-location-block\u002Fjs\u002Fip-location-block-admin.js?ver=",{"cssClasses":813,"htmlComments":817,"htmlAttributes":819,"restEndpoints":821,"jsGlobals":822,"shortcodeOutput":825},[814,815,816],"ip-location-block-form-field","ip-location-block-log-table","ip-location-block-country-flag",[818],"\u003C!-- ADD `\u002F` TO THE TOP OR END OF THIS LINE TO ACTIVATE THE FOLLOWINGS --",[820],"data-ip-location-block-country",[],[823,824],"ip_location_block_admin_options","ip_location_block_admin_settings",[]]