WP-Safety

IP2CurrencyConverter Security & Risk Analysis

wordpress.org/plugins/ip2currency-converter

Add this widget at your sidebar to display a currency converter.

10 active installs v1.1.0 PHP + WP 2.0.0+ Updated Jul 18, 2025
currency-convertercurrency-exchangeexchange-converterexchange-rateip2currency
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is IP2CurrencyConverter Safe to Use in 2026?

Generally Safe

Score 100/100

IP2CurrencyConverter has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago
Risk Assessment

The "ip2currency-converter" plugin v1.1.0 demonstrates a generally good security posture based on the static analysis provided. It boasts a very small attack surface with only one AJAX handler, and critically, this handler is protected by a nonce check. The absence of shortcodes, REST API routes, cron events, file operations, and external HTTP requests further minimizes potential avenues for attack. Furthermore, all SQL queries are prepared, and there are no recorded vulnerabilities, which is a strong indicator of responsible development practices. The lack of taint analysis results also suggests no critical vulnerabilities were detected in that area.

However, a significant concern lies in the output escaping. With 6 total outputs and only 17% properly escaped, there is a high likelihood of Cross-Site Scripting (XSS) vulnerabilities. The presence of nonce checks without corresponding capability checks on the single entry point is also a minor weakness, as it relies solely on nonce validation for authorization which might not be sufficient in all contexts. While the vulnerability history is clean, the poor output escaping represents a tangible risk that should be addressed to ensure a more robust security profile.

Key Concerns

  • Low output escaping percentage
  • Nonce check without capability check
Vulnerabilities
None known

IP2CurrencyConverter Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

IP2CurrencyConverter Release Timeline

v1.1.0Current
v1.0.12
v1.0.11
v1.0.10
v1.0.9
v1.0.8
v1.0.7
v1.0.6
v1.0.5
v1.0.4
v1.0.2
v1.0.1
Code Analysis
Analyzed Mar 16, 2026

IP2CurrencyConverter Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
5
1 escaped
Nonce Checks
2
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

17% escaped6 total outputs
Attack Surface

IP2CurrencyConverter Attack Surface

Entry Points1
Unprotected0

AJAX Handlers 1

authwp_ajax_ip2currency_converter_submit_feedbackIP2CurrencyConverter.php:15
WordPress Hooks 5
actionwidgets_initIP2CurrencyConverter.php:11
actionadmin_menuIP2CurrencyConverter.php:12
actionadmin_headIP2CurrencyConverter.php:13
actionadmin_enqueue_scriptsIP2CurrencyConverter.php:14
actionadmin_footer_textIP2CurrencyConverter.php:16
Maintenance & Trust

IP2CurrencyConverter Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedJul 18, 2025
PHP min version
Downloads5K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

IP2CurrencyConverter Alternatives

Exchange Rates

Exchange Rates

exchange-rates

A
98

Currency Converter & Exchange Rates Widgets, easy-to-use, with beautiful UI. 🔑 No API key needed, ❤️‍ plug and play.

900 2 CVEs
Cryptocurrency Converter

Cryptocurrency Converter

cryptocurrency-converter

A
85

This plugin allows to add shortcode on your WordPress site and convert over 1,400 crypto currencies. [Cryptocurrency_Converter title="Your Title& …

10 No CVEs
FX Currency Converter

FX Currency Converter

fx-currency-converter

A
99

Easy-to-use, free currency converter. 🔑 No API key needed. ❤️ Install and enjoy.

10 1 CVE
CurrencyRate.Today – Currency Blocks and Widgets

CurrencyRate.Today – Currency Blocks and Widgets

currencyrate-today-currency-blocks

A
100

Free: ✨ 5 beautiful currency blocks — 📈 live rates, converter, ticker, card, price badge. 173 currencies, 🔌 15 sources, custom rates. No API key.

0 No CVEs
Currency Exchange Rates Widget

Currency Exchange Rates Widget

exchangerate-api

A
85

The Currency Exchange Rates Widget is a powerful and easy-to-use plugin that allows you to display real-time currency exchange rates on your WordPress …

0 No CVEs
Developer Profile

IP2CurrencyConverter Developer Profile

IP2Location

10 plugins · 39K total installs

78
trust score
Avg Security Score
99/100
Avg Patch Time
265 days
View full developer profile
Detection Fingerprints

How We Detect IP2CurrencyConverter

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/ip2currency-converter/js/farbtastic.js/wp-content/plugins/ip2currency-converter/js/ip2currency-converter.js
Script Paths
http://www.ip2currency.com/widget?size=http://www.ip2currency.com/widget?size=1http://www.ip2currency.com/widget?size=2

HTML / DOM Fingerprints

CSS Classes
color-picker
HTML Comments
<!-- document.write('<iframe id="ip2currencyconverter-frame" src="http://www.ip2currency.com/widget?size=' . $options['size'] . '&skin=' . $options['skin'] . '&key=' . $options['key'] . '&bgColor=' . $options['bgColor'] . '&borderColor=' . $options['borderColor'] . '&fontColor=' . $options['fontColor'] . '" frameborder="0" scrolling="no" style="' . (($options['size'] == 1) ? 'width:210px;height:338px' : 'width:406px;height:232px') . ';"></iframe>'); //-->
Data Attributes
id="ip2currencyconverter-frame"id="form-ip2currency"id="ip2currencyconverter-key"id="ip2currencyconverter-size1"id="ip2currencyconverter-size2"id="ip2currencyconverter-skin"+4 more
Shortcode Output
<iframe id="ip2currencyconverter-frame" src="http://www.ip2currency.com/widget?size=width:210px;height:338pxwidth:406px;height:232px
FAQ

Frequently Asked Questions about IP2CurrencyConverter