Does IP2Map have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is IP2Map compatible with WordPress 6.9.4?

According to WordPress.org data, IP2Map 1.1.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is IP2Map updated?

IP2Map was last updated on Dec 3, 2025. Frequent updates are generally a positive security signal.

What is IP2Map's security score?

IP2Map has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

IP2Map Security & Risk Analysis

wordpress.org/plugins/ip2map

Widget to track visitors’ geo locations and aggregate them on a graphical world map display.

10 active installs v1.1.1 PHP + WP 2.0.0+ Updated Dec 3, 2025

citycountrygeogeolocationip

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is IP2Map Safe to Use in 2026?

Generally Safe

Score 100/100

IP2Map has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago

Risk Assessment

The ip2map v1.1.1 plugin exhibits a generally strong security posture based on the static analysis and vulnerability history provided. The plugin effectively utilizes prepared statements for all its SQL queries and implements nonce and capability checks for its single AJAX entry point, demonstrating good security practices. The absence of known vulnerabilities (CVEs) and a clean taint analysis further bolster this assessment. However, a minor concern arises from the single external HTTP request, which, while not inherently a vulnerability, represents a potential attack vector if not handled securely on the server-side. The 80% output escaping rate, while good, leaves room for improvement as it implies some output might not be properly sanitized, potentially leading to XSS vulnerabilities in those specific instances.

Key Concerns

External HTTP requests present a potential risk
20% of outputs are not properly escaped

Vulnerabilities

None known

IP2Map Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

IP2Map Release Timeline

v1.1.1Current

v1.1.0

v1.0.18

v1.0.17

v1.0.16

v1.0.15

v1.0.14

v1.0.13

v1.0.12

v1.0.11

v1.0.10

v1.0.9

v1.0.8

v1.0.5

v1.0.4

v1.0.3

Code Analysis

Analyzed Apr 16, 2026

IP2Map Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

12 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

80% escaped15 total outputs

Attack Surface

IP2Map Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_ip2map_submit_feedbackIP2Map.php:31

WordPress Hooks 3

actionwidgets_initIP2Map.php:24

actionadmin_enqueue_scriptsIP2Map.php:29

actionadmin_footerIP2Map.php:30

Maintenance & Trust

IP2Map Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 3, 2025

PHP min version

Downloads9K

Community Trust

Rating20/100

Number of ratings2

Active installs10

Alternatives

IP2Map Alternatives

Geo Targetly Geo Block

geo-targetly-geo-block

100

Block users from your website based on their location using Geo Targetly’s API.

20 No CVEs

Geo Targetly Geo Location

geo-targetly-geo-location

100

Get visitor country, state, city, latitude and longitude using our IP geolocation API. Customize your website with location-based personalization.

10 No CVEs

IPLocationTools

iplocationtools-real-time-visitor-widget

100

Widget to display visitors’ geolocation information, such as country, region and city, in real-time.

10 No CVEs

IP Location Block

ip-location-block

100

Easily block visitors by country, state or ISP provider. Also, protects your site from spam, login attempts, malicious access & more.

10K No CVEs

User IP and Location

user-ip-and-location

100

Want to show your website visitors their IP address, location, and other cool details? This plugin makes it super easy! Now works perfectly with cachi …

3K 1 CVE

Developer Profile

IP2Map Developer Profile

IP2Location

10 plugins · 39K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

265 days

View full developer profile

Detection Fingerprints

How We Detect IP2Map

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ip2map/assets/js/feedback.js

Script Paths

/wp-content/plugins/ip2map/assets/js/feedback.js

HTML / DOM Fingerprints

CSS Classes

hidden

Data Attributes

id="ip2map-feedback-modal"name="ip2map-feedback"id="ip2map-feedback-other"data-ajax-urldata-nonce

JS Globals

ip2map_ajax

REST Endpoints

/wp-json/ip2map/v1/feedback

Shortcode Output

<img src="https://www.ip2map.com/ip2map.gif" border="0" width="100" height="50" alt="IP2Map" />

FAQ