WP-Safety

Local Geo Search Security & Risk Analysis

wordpress.org/plugins/local-geo-search

Local Geo Search creates hundreds of location specific pages on your site to target your services in your geographic market.

50 active installs v2.0.3 PHP + WP 3.0.1+ Updated Nov 10, 2023
geographic-marketinggeolocationmarketingseo
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Local Geo Search Safe to Use in 2026?

Generally Safe

Score 85/100

Local Geo Search has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago
Risk Assessment

The local-geo-search plugin v2.0.3 exhibits a mixed security posture. While it demonstrates good practices in areas like prepared SQL statements and a lack of known vulnerabilities, significant concerns arise from its attack surface and lack of authentication checks.

The static analysis reveals a single AJAX handler, which crucially lacks any authentication or authorization checks. This presents a direct entry point for unauthenticated attackers to potentially interact with plugin functionality. Furthermore, a considerable portion (40%) of output escaping is not properly implemented, which could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is involved in these unescaped outputs. The absence of nonce checks on AJAX handlers exacerbates this risk by allowing unverified requests.

The plugin's vulnerability history is clean, with no recorded CVEs. This is a positive indicator, suggesting that past issues, if any, have been addressed or that the codebase has been relatively robust. However, the current static analysis findings, particularly the unprotected AJAX handler and incomplete output escaping, introduce new potential vulnerabilities that warrant immediate attention. The lack of taint analysis flows reported is also a point of note; while this could mean no critical issues were found, it might also indicate that the analysis itself was limited in scope.

Key Concerns

  • Unprotected AJAX handler
  • Insufficient output escaping (40%)
  • Missing nonce checks on AJAX
Vulnerabilities
None known

Local Geo Search Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Local Geo Search Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
4
6 escaped
Nonce Checks
0
Capability Checks
0
File Operations
9
External Requests
2
Bundled Libraries
0

Output Escaping

60% escaped10 total outputs
Attack Surface
1 unprotected

Local Geo Search Attack Surface

Entry Points1
Unprotected1

AJAX Handlers 1

authwp_ajax_lgs_clear_cacheadmin\admin.geoseo.php:24
WordPress Hooks 16
actionadmin_menuadmin\admin.geoseo.php:16
actionadmin_initadmin\admin.geoseo.php:17
actionadmin_noticesadmin\admin.geoseo.php:18
actionadmin_enqueue_scriptsadmin\admin.geoseo.php:22
actionparse_requestclasses\class.virtualpage.php:54
actiontemplate_redirectclasses\class.virtualpage.php:91
filterthe_postsclasses\class.virtualpage.php:94
filterget_post_metadataclasses\class.virtualpage.php:97
filtercomments_templateclasses\class.virtualpage.php:102
filterpre_get_document_titleclasses\class.virtualpage.php:184
actioninitgeoseo.php:47
filterwpseo_sitemap_page_contentgeoseo.php:51
filterwpseo_canonicalgeoseo.php:52
filteraioseo_sitemap_additional_pagesgeoseo.php:54
filteroption_aioseop_optionsgeoseo.php:55
filteraioseo_canonical_urlgeoseo.php:56
Maintenance & Trust

Local Geo Search Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8
Last updatedNov 10, 2023
PHP min version
Downloads7K

Community Trust

Rating100/100
Number of ratings2
Active installs50
Alternatives

Local Geo Search Alternatives

Semrush SEO Writing Assistant

Semrush SEO Writing Assistant

semrush-seo-writing-assistant

A
100

The Semrush SEO Writing Assistant provides instant recommendations for content optimization based on the best-performing articles in Google's top 10.

10K No CVEs
Semrush Content Toolkit

Semrush Content Toolkit

semrush-contentshake

A
99

Create SEO-friendly content that brings traffic.

2K 1 CVE
Agent Image News

Agent Image News

agent-image-news

A
85

Get the latest real estate Internet marketing news, website advice and tech tips from Agent Image.

1K No CVEs
Geo Controller

Geo Controller

cf-geoplugin

C
67

Enhance your WordPress site with Geo Controller – a comprehensive plugin offering advanced location-based features and personalized content delivery.

1K 1 unpatched
Koala AI

Koala AI

koala-ai

A
100

Koala AI offers a platform of tools for SEOs and content creators.

1K No CVEs
Developer Profile

Local Geo Search Developer Profile

Andrew Sauder

1 plugin · 50 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Local Geo Search

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/local-geo-search/css/lgs-styles.css/wp-content/plugins/local-geo-search/js/lgs-admin.js/wp-content/plugins/local-geo-search/js/lgs-frontend.js
Script Paths
/wp-content/plugins/local-geo-search/js/lgs-admin.js/wp-content/plugins/local-geo-search/js/lgs-frontend.js
Version Parameters
local-geo-search/css/lgs-styles.css?ver=local-geo-search/js/lgs-admin.js?ver=local-geo-search/js/lgs-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
lgs-clear-cache
Data Attributes
data-lgs-slugdata-lgs-ajax-url
JS Globals
lgs_ajax_object
FAQ

Frequently Asked Questions about Local Geo Search