WP-Safety

Lieu.city – easily include the vr experience in your website Security & Risk Analysis

wordpress.org/plugins/lieu-city

The official LIEU.city plugin for WordPress

0 active installs v1.0.0 PHP 7.0+ WP 5.0+ Updated Dec 5, 2023
artartistexhibitionlieuvr
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Lieu.city – easily include the vr experience in your website Safe to Use in 2026?

Generally Safe

Score 85/100

Lieu.city – easily include the vr experience in your website has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago
Risk Assessment

The "lieu-city" plugin v1.0.0 exhibits a generally positive security posture based on the provided static analysis. The absence of known CVEs and unpatched vulnerabilities in its history is a strong indicator of good development practices or a lack of historical scrutiny. The attack surface is minimal, with only one shortcode identified and no unprotected entry points. Crucially, there are no critical or high severity taint flows, and all SQL queries are properly prepared. However, there are areas for improvement. Half of the output operations are not properly escaped, posing a potential risk of cross-site scripting (XSS) vulnerabilities if the data being output is user-controlled. Additionally, the plugin lacks nonce checks and capability checks, which are fundamental security mechanisms in WordPress that help prevent unauthorized actions and CSRF attacks, especially if the shortcode or any future functionalities were to process sensitive data or perform actions. The single external HTTP request also warrants attention, as its purpose and the sanitization of its target and parameters are not detailed here, but it represents an external dependency that could be a vector if not handled securely.

Key Concerns

  • Unescaped output identified
  • Missing nonce checks
  • Missing capability checks
Vulnerabilities
None known

Lieu.city – easily include the vr experience in your website Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Lieu.city – easily include the vr experience in your website Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
2
2 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
1
Bundled Libraries
0

Output Escaping

50% escaped4 total outputs
Attack Surface

Lieu.city – easily include the vr experience in your website Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[lieucity] inc\config-form.php:53
WordPress Hooks 2
actionadmin_menuinc\config-form.php:50
actionadmin_enqueue_scriptsinc\config-form.php:52
Maintenance & Trust

Lieu.city – easily include the vr experience in your website Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8
Last updatedDec 5, 2023
PHP min version7.0
Downloads3K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Lieu.city – easily include the vr experience in your website Alternatives

Bulk Images to Posts

Bulk Images to Posts

bulk-images-to-posts

A
85

Bulk upload images to automatically create posts / custom posts with featured images.

1K No CVEs
Musician's Pack for Elementor – Music Website Widgets & Templates

Musician's Pack for Elementor – Music Website Widgets & Templates

music-pack-for-elementor

B
79

Create stunning music websites with Musician's Pack for Elementor! Powerful widgets & ready-made templates for musicians, bands, DJs, and producers.

400 1 unpatched
Gigs Calendar

Gigs Calendar

gigs-calendar

A
85

Manage and display a calendar of your gigs/shows/performances.

200 No CVEs
Beatport Discography shortcode

Beatport Discography shortcode

beatport-discography-shortcode

A
85

Wordpress plugin that adds a shortcode on posts or pages to read the artist discography using the Beatport API.

80 No CVEs
ISTK Add-On

ISTK Add-On

istk-add-on

A
85

This plugin adds features for theme "ISTK Portfolio".

80 No CVEs
Developer Profile

Lieu.city – easily include the vr experience in your website Developer Profile

lieucity

1 plugin · 0 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Lieu.city – easily include the vr experience in your website

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/lieu-city/js/login.js/wp-content/plugins/lieu-city/css/login.css/wp-content/plugins/lieu-city/node_modules/shufflejs/dist/shuffle.min.js/wp-content/plugins/lieu-city/node_modules/jquery-nice-select/js/jquery.nice-select.min.js/wp-content/plugins/lieu-city/node_modules/jquery-nice-select/css/nice-select.css/wp-content/plugins/lieu-city/js/exhibition-list.js/wp-content/plugins/lieu-city/css/exhibition-list.css/wp-content/plugins/lieu-city/node_modules/bootstrap/dist/js/bootstrap.bundle.min.js+5 more
Script Paths
/wp-content/plugins/lieu-city/js/login.js/wp-content/plugins/lieu-city/node_modules/shufflejs/dist/shuffle.min.js/wp-content/plugins/lieu-city/node_modules/jquery-nice-select/js/jquery.nice-select.min.js/wp-content/plugins/lieu-city/js/exhibition-list.js/wp-content/plugins/lieu-city/node_modules/bootstrap/dist/js/bootstrap.bundle.min.js

HTML / DOM Fingerprints

CSS Classes
lieu-logolieu__button
JS Globals
lieu_options
Shortcode Output
<div class="alignleft" style="margin-block-start: 0;margin-block-end: 0; width: 100%; height:100vh"><iframe src="https://vr.lieu.city/vr_anon.php?exhibition=
FAQ

Frequently Asked Questions about Lieu.city – easily include the vr experience in your website