
Welcome Greetings based on Time Security & Risk Analysis
wordpress.org/plugins/welcome-clockShow a welcome message to visitors based on time
Is Welcome Greetings based on Time Safe to Use in 2026?
Generally Safe
Score 100/100Welcome Greetings based on Time has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "welcome-clock" v1.0 plugin exhibits a generally good security posture based on the provided static analysis and vulnerability history. The absence of dangerous functions, raw SQL queries, file operations, and external HTTP requests is a significant strength. The fact that there are no known CVEs and no reported vulnerabilities in its history also suggests a well-maintained or less complex plugin, reducing the risk of known exploits. However, there are areas for improvement. The plugin lacks nonce checks, which are crucial for preventing Cross-Site Request Forgery (CSRF) attacks, especially given the presence of a shortcode which can be an entry point for user interaction. Additionally, only 50% of output is properly escaped, leaving a potential for Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is displayed without adequate sanitization. While the attack surface is currently small and unprotected entry points are zero, the reliance on shortcodes without nonce checks or robust capability checks presents a latent risk. The taint analysis showing zero flows is positive, but this might be due to the limited complexity or scope of the analysis performed.
Key Concerns
- Missing nonce checks
- Partial output escaping
- No capability checks
Welcome Greetings based on Time Security Vulnerabilities
Welcome Greetings based on Time Release Timeline
Welcome Greetings based on Time Code Analysis
Output Escaping
Welcome Greetings based on Time Attack Surface
Shortcodes 1
WordPress Hooks 2
Maintenance & Trust
Welcome Greetings based on Time Maintenance & Trust
Maintenance Signals
Community Trust
Welcome Greetings based on Time Alternatives
WelcomeWP
welcomewp
A simple and easy way to create a welcome message on a WordPress website.
What Would Seth Godin Do
what-would-seth-godin-do
Displays a custom welcome message to new visitors and a different message to return visitors using a simple cookie.
Greet Bubble — Video Welcome
greet-bubble
Create engaging video welcome bubbles to greet visitors, boost interaction, and make your WordPress site more memorable.
WC Welcome Message
wc-welcome-message
Display a personalized message to greet your WooCommerce store guests and returning customers.
IP2Location Hello Greeting
ip2location-hello-greeting
IP2Location Hello Greeting plugin displays the Hello greeting message in visitor's native language based on visitor's origin country.
Welcome Greetings based on Time Developer Profile
17 plugins · 2K total installs
How We Detect Welcome Greetings based on Time
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/welcome-clock/welcome-clock.phpHTML / DOM Fingerprints
welcomeclocktawhidurrahmandear<center>
<div class="welcomeclocktawhidurrahmandear">
<script language="Javascript">
day = new Date()
hr = day.getHours()
if (hr < "5") {
document.write("Good night.")
}
else if (hr < "9") {
document.write("Good morning.")
}
else if (hr < "15") {
document.write("Have a nice day.")
}
else if (hr < "18") {
document.write("Good afternoon.")
}
else if (hr < "22") {
document.write("Good evening.")
}
else if (hr < "24") {
document.write("Good night.")
}
</script>
</div>
</center>