Does Visit Notifications have any unpatched vulnerabilities?

No. All known vulnerabilities in Visit Notifications have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Visit Notifications compatible with WordPress 6.4.8?

According to WordPress.org data, Visit Notifications 3.1.0 has been tested up to WordPress 6.4.8. Check the plugin's changelog for the latest compatibility information.

Is Visit Notifications compatible with PHP 7.4+?

Visit Notifications requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Visit Notifications updated?

Visit Notifications was last updated on Nov 6, 2023. Frequent updates are generally a positive security signal.

What is Visit Notifications's security score?

Visit Notifications has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Visit Notifications Security & Risk Analysis

wordpress.org/plugins/visit-notifications

Quickly receive email notifications when a visitor looks at a page or a quick summary of who visited a page.

10 active installs v3.1.0 PHP 7.4+ WP 5.2+ Updated Nov 6, 2023

notificationpostreadreceiptvisit

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Visit Notifications Safe to Use in 2026?

Generally Safe

Score 85/100

Visit Notifications has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago

Risk Assessment

The plugin "visit-notifications" v3.1.0 exhibits a generally strong security posture based on the provided static analysis. The absence of any reported CVEs and a clean vulnerability history are positive indicators. However, several areas warrant attention. The code analysis reveals a concerning 4% of output is not properly escaped, which could lead to cross-site scripting (XSS) vulnerabilities if an attacker can control the unsanitized output. Furthermore, two taint flows with unsanitized paths, although not flagged as critical or high severity, represent potential avenues for data manipulation or injection attacks. The presence of a single external HTTP request also introduces a minor risk if the target endpoint is compromised or malicious. The plugin's lack of explicit capability checks on entry points is a notable omission, which could become a problem if vulnerabilities are introduced in the future. Despite these concerns, the extensive use of prepared statements for SQL queries and the complete absence of direct SQL queries without preparation are excellent practices.

Key Concerns

Unescaped output detected
Taint flows with unsanitized paths
External HTTP request detected
Missing capability checks on entry points

Vulnerabilities

None known

Visit Notifications Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Visit Notifications Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

131 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

Output Escaping

96% escaped137 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths

record_visit (visit-notifications.php:356)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Visit Notifications Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 14

filteracf/load_field/name=vn_enable_notificationssrc\ACF\Fields\AllPostOptions.php:89

filteracf/load_field/name=vn_logged_insrc\ACF\Fields\AllPostOptions.php:90

actioninitsrc\Migrator\DataMigrator.php:18

actioninitsrc\Settings.php:60

actionadmin_initsrc\Settings.php:63

actionadmin_menusrc\Settings.php:66

actionadmin_noticesvisit-notifications.php:30

actioninitvisit-notifications.php:128

actioninitvisit-notifications.php:129

actionadmin_initvisit-notifications.php:130

filteracf/settings/urlvisit-notifications.php:145

filteracf/settings/show_adminvisit-notifications.php:150

actionwpvisit-notifications.php:165

actionplugins_loadedvisit-notifications.php:803

Maintenance & Trust

Visit Notifications Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8

Last updatedNov 6, 2023

PHP min version7.4

Downloads2K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

Visit Notifications Alternatives

Favicon Notifications

favicon-notifications

Animate your favicon with animated notification badge.

10 No CVEs

MailPoet – Newsletters, Email Marketing, and Automation

mailpoet

Send beautiful newsletters from WordPress. Collect subscribers with signup forms, automate your emails for WooCommerce, blog post notifications & more

500K 3 CVEs

Email Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress

email-subscribers

Add subscription forms on the website and send newsletters & automatically send post notification about new blog posts once it gets published.

60K 42 CVEs

ActiveCampaign Postmark for WordPress

postmark-approved-wordpress-plugin

The officially-supported ActiveCampaign Postmark plugin for Wordpress.

50K No CVEs

Reading Time WP

reading-time-wp

Reading Time WP creates an estimated reading time of your posts that is inserted above the content or by using a shortcode.

30K No CVEs

Developer Profile

Visit Notifications Developer Profile

wphelpdeskuk

4 plugins · 540 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Visit Notifications

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/visit-notifications/assets/css/visit-notifications.css/wp-content/plugins/visit-notifications/assets/js/visit-notifications.js

Script Paths

/wp-content/plugins/visit-notifications/assets/js/visit-notifications.js

Version Parameters

visit-notifications/assets/css/visit-notifications.css?ver=visit-notifications/assets/js/visit-notifications.js?ver=

HTML / DOM Fingerprints

JS Globals

VisitNotifications

FAQ