Does Show Visitor IP have any unpatched vulnerabilities?

No. All known vulnerabilities in Show Visitor IP have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Show Visitor IP compatible with WordPress 6.8.5?

According to WordPress.org data, Show Visitor IP 5.2 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is Show Visitor IP updated?

Show Visitor IP was last updated on Nov 20, 2025. Frequent updates are generally a positive security signal.

What is Show Visitor IP's security score?

Show Visitor IP has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Show Visitor IP Security & Risk Analysis

wordpress.org/plugins/show-visitor-ip

Show Visitor IP - Simply display visitor IP Address & visitor another location info using by IP on post or page, anywhere using shortcode.

300 active installs v5.2 PHP + WP 3.0+ Updated Nov 20, 2025

country-codeip-addresslatlongregion

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Show Visitor IP Safe to Use in 2026?

Generally Safe

Score 100/100

Show Visitor IP has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The 'show-visitor-ip' plugin v5.2 presents a generally good security posture based on the provided static analysis. The absence of dangerous functions, reliance on prepared statements for all SQL queries, and proper output escaping are strong indicators of secure coding practices. The plugin also has no known vulnerabilities, which is highly positive and suggests a history of responsible development and maintenance.

However, there are a few areas that warrant attention. The presence of two flows with unsanitized paths in the taint analysis, despite not being classified as critical or high severity, indicates a potential for unexpected behavior or information leakage if these paths are ever exposed to user input. While the attack surface is small and currently reported as unprotected entry points being zero, the existence of external HTTP requests without any mention of authentication or validation is a concern. This external request could be a vector for various attacks if not handled securely.

In conclusion, the plugin demonstrates a commitment to core security principles. The lack of known vulnerabilities and well-handled SQL/output are significant strengths. The primary weaknesses lie in the unsanitized paths and the unvalidated external HTTP request, which, although not leading to critical vulnerabilities in this analysis, represent potential areas for future improvement and diligent monitoring.

Key Concerns

Flows with unsanitized paths
External HTTP request without auth checks

Vulnerabilities

None known

Show Visitor IP Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Show Visitor IP Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

showVisitorLocationByIp (show-visitor-ip.php:23)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Show Visitor IP Attack Surface

Entry Points2

Unprotected0

Shortcodes 2

[show_ip] show-visitor-ip.php:21

[svip_location] show-visitor-ip.php:68

Maintenance & Trust

Show Visitor IP Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedNov 20, 2025

PHP min version

Downloads9K

Community Trust

Rating76/100

Number of ratings6

Active installs300

Alternatives

Show Visitor IP Alternatives

User IP and Location

user-ip-and-location

100

Want to show your website visitors their IP address, location, and other cool details? This plugin makes it super easy! Now works perfectly with cachi …

3K 1 CVE

Show IP Info

show-ip-info

Show IP Info - Simply displays visitor IP Address & country info, like Language & Currencies.

10 No CVEs

Address Geocoder

address-geocoder

Add location coordinates to your post types.

500 No CVEs

User Location and IP

user-location-and-ip

100

User Location and IP is a free shortcode based Wordpress plugin that displays real-time information about your users, including their IP address, loca …

400 1 CVE

Simple Fields Map extension

simple-fields-map-extension

Extension to Simple Fields that adds a field type for selecting a location on a Google Map.

100 No CVEs

Developer Profile

Show Visitor IP Developer Profile

Vikas Sharma

6 plugins · 3K total installs

trust score

Avg Security Score

94/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Show Visitor IP

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Shortcode Output

[show_ip][svip_location][svip_location type="countryCode"][svip_location type="region"]

FAQ