Does Show IP address have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Show IP address compatible with WordPress 6.8.5?

According to WordPress.org data, Show IP address 1.8 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Show IP address compatible with PHP 5.6+?

Show IP address requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Show IP address updated?

Show IP address was last updated on Aug 8, 2025. Frequent updates are generally a positive security signal.

What is Show IP address's security score?

Show IP address has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Show IP address Security & Risk Analysis

wordpress.org/plugins/show-ip-address

A simple plugin to show your visitor’s IP address on pages, posts, widgets, and the admin dashboard. Lightweight and easy to use.

1K active installs v1.8 PHP 5.6+ WP 3.6+ Updated Aug 8, 2025

display-ipip-addressip-user-toolsshow-ipuser-ip

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Show IP address Safe to Use in 2026?

Generally Safe

Score 100/100

Show IP address has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9mo ago

Risk Assessment

The "show-ip-address" v1.8 plugin exhibits a generally positive security posture, with no known vulnerabilities or critical code signals. The static analysis reveals good practices like the absence of dangerous functions, file operations, and external HTTP requests. Importantly, all SQL queries are prepared, and the majority of output is properly escaped, mitigating common web application risks. The limited attack surface, consisting solely of shortcodes, further contributes to its security. However, a notable concern is the complete lack of nonce checks and capability checks across all entry points. This means that any user, even unauthenticated ones, could potentially trigger the functionality of the shortcodes. While the plugin currently has no recorded vulnerabilities, this lack of proper authorization and input validation presents a potential weakness that could be exploited if a vulnerability were to be introduced in the future or if the plugin's functionality were to change in a way that interacts with sensitive data or actions. Overall, the plugin is relatively secure due to its limited scope and good handling of database and output operations, but the absence of authorization checks is a significant area for improvement.

Key Concerns

Missing nonce checks on all entry points
Missing capability checks on all entry points
Unescaped output on 1 out of 8 outputs

Vulnerabilities

None known

Show IP address Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Show IP address Release Timeline

v1.8Current

v1.7

v1.6

v1.5

v1.4

v1.3

v1.2

v1.1

v1.0

Code Analysis

Analyzed Mar 16, 2026

Show IP address Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

6 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

75% escaped8 total outputs

Attack Surface

Show IP address Attack Surface

Entry Points4

Unprotected0

Shortcodes 4

[show_ip] show-ip-address.php:105

[show_ip_hostname] show-ip-address.php:115

[show_ip_useragent] show-ip-address.php:121

[show_ip_referrer] show-ip-address.php:127

WordPress Hooks 3

actionwp_enqueue_scriptsshow-ip-address.php:27

actionadmin_menushow-ip-address.php:30

actionwp_dashboard_setupshow-ip-address.php:74

Maintenance & Trust

Show IP address Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedAug 8, 2025

PHP min version5.6

Downloads23K

Community Trust

Rating100/100

Number of ratings5

Active installs1K

Alternatives

Show IP address Alternatives

User IP and Location

user-ip-and-location

100

Want to show your website visitors their IP address, location, and other cool details? This plugin makes it super easy! Now works perfectly with cachi …

3K 1 CVE

User Allowed IP Addresses

user-allowed-ip-addresses

Simple plugin that gives the ability to restrict login access to specific IP addresses for specific users. Option to Auto Login user based on IP.

30 No CVEs

User IP Info

user-ip-information

User IP Information - It display the User current IP address with country information like country name, region, city, country code, continent, sub co …

20 No CVEs

Full Detail From Email

full-detail-from-email

Using the Full Detail From Email with just an emai address you get all required and available information about subscriber.

0 No CVEs

Gryphon Verified Client IP

gryphon-verified-client-ip

100

Determines the true client IP by verifying Forwarded and similar headers, traversing only trusted proxy hops.

0 No CVEs

Developer Profile

Show IP address Developer Profile

Keith Griffiths

1 plugin · 1K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Show IP address

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/show-ip-address/css/style-show-ip-address.css

HTML / DOM Fingerprints

CSS Classes

box-ip

Shortcode Output

[show_ip][show_ip_hostname][show_ip_useragent][show_ip_referrer]

FAQ