jClocksGMT World Clocks Security & Risk Analysis
wordpress.org/plugins/jclocksgmt-wpjQuery based analog and digital world clocks for Wordpress.
Is jClocksGMT World Clocks Safe to Use in 2026?
Generally Safe
Score 85/100jClocksGMT World Clocks has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The jclocksgmt-wp plugin, version 1.0.2, exhibits a generally strong security posture based on the provided static analysis. The plugin demonstrates excellent adherence to secure coding practices by utilizing prepared statements for all SQL queries and ensuring all output is properly escaped. Furthermore, the absence of file operations, external HTTP requests, and dangerous functions significantly reduces the potential for common web vulnerabilities. The plugin also scores well by not bundling any external libraries, which can often be a source of outdated or vulnerable code.
However, there are some areas that warrant caution. The static analysis reveals no explicit capability checks or nonce checks. While the attack surface is minimal (consisting of a single shortcode), the absence of these checks could, in theory, allow unauthorized users to interact with the shortcode's functionality if it were to expose sensitive operations. This is particularly concerning given the total lack of any recorded vulnerability history, which could suggest a lack of thorough security testing or an incomplete picture of potential weaknesses.
In conclusion, jclocksgmt-wp appears to be built with good fundamental security principles, especially regarding data handling. The lack of known vulnerabilities is a positive indicator. Nevertheless, the absence of authorization checks (capability and nonce) on its sole entry point, the shortcode, represents a potential weakness that could be exploited if the shortcode's functionality were to have any security implications. Developers should consider implementing appropriate authorization checks to further harden the plugin.
Key Concerns
- Missing capability checks
- Missing nonce checks
jClocksGMT World Clocks Security Vulnerabilities
jClocksGMT World Clocks Code Analysis
jClocksGMT World Clocks Attack Surface
Shortcodes 1
WordPress Hooks 1
Maintenance & Trust
jClocksGMT World Clocks Maintenance & Trust
Maintenance Signals
Community Trust
jClocksGMT World Clocks Alternatives
World Clock
flash-world-clock
World clock showing the local time at six major cities round the world. The plugin provides a choice of analog and digital clocks, colors and sizes.
Simple Digital Clock 🕒
simple-digital-clock
It is 🪄 a magical and easy-to-use digital clock with a beautiful UI, supporting multiple languages, locales, dates, captions, and time zones.
IP2Location World Clock
ip2location-world-clock
Simple world clock widget to display analog or digital clock for multiple time zone on your site. Supported local time, visitor's time and custom …
World Clocks
world-clocks
Enable world clocks for the sites with different timezones, with a custom block for the WordPress block editor (Gutenberg).
Analog Clock display Widget
analog-clock-display-widget
This is a analog clock plugin. It's use for preview analog clock in widget area.
jClocksGMT World Clocks Developer Profile
1 plugin · 100 total installs
How We Detect jClocksGMT World Clocks
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/jclocksgmt-wp/css/jClocksGMT.css/wp-content/plugins/jclocksgmt-wp/js/jquery.rotate.js/wp-content/plugins/jclocksgmt-wp/js/jClocksGMT.jsjs/jquery.rotate.jsjs/jClocksGMT.jsjclocksgmt-wp/css/jClocksGMT.css?ver=jclocksgmt-wp/js/jquery.rotate.js?ver=jclocksgmt-wp/js/jClocksGMT.js?ver=HTML / DOM Fingerprints
jclockgmt<div id="clock_</div><script>jQuery(document).ready(function(){jQuery("#clock_