Does WP Cloudflare GeoIP Redirect have any unpatched vulnerabilities?

No. All known vulnerabilities in WP Cloudflare GeoIP Redirect have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Cloudflare GeoIP Redirect compatible with WordPress 5.7.15?

According to WordPress.org data, WP Cloudflare GeoIP Redirect 1.4 has been tested up to WordPress 5.7.15. Check the plugin's changelog for the latest compatibility information.

Is WP Cloudflare GeoIP Redirect compatible with PHP 5.2.4+?

WP Cloudflare GeoIP Redirect requires PHP 5.2.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is WP Cloudflare GeoIP Redirect updated?

WP Cloudflare GeoIP Redirect was last updated on Apr 22, 2021. Frequent updates are generally a positive security signal.

What is WP Cloudflare GeoIP Redirect's security score?

WP Cloudflare GeoIP Redirect has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Cloudflare GeoIP Redirect Security & Risk Analysis

wordpress.org/plugins/wp-cloudflare-geoip-redirect

Easily setup redirect for visitors/users from selected countries to specific URL utilizing Cloudflare IP Geolocation.

100 active installs v1.4 PHP 5.2.4+ WP 4.6+ Updated Apr 22, 2021

cloudflaregeoipgeolocationredirect

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WP Cloudflare GeoIP Redirect Safe to Use in 2026?

Generally Safe

Score 85/100

WP Cloudflare GeoIP Redirect has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The "wp-cloudflare-geoip-redirect" plugin v1.4 demonstrates a generally good security posture based on the provided static analysis. It has a limited attack surface with only two AJAX entry points, and importantly, none of these are exposed without authentication checks. The code also adheres to secure coding practices by exclusively using prepared statements for all SQL queries, which prevents SQL injection vulnerabilities. Furthermore, the plugin includes nonce checks and capability checks, reinforcing its security mechanisms.

Key Concerns

Unsanitized paths in taint analysis
Output escaping below 100%

Vulnerabilities

None known

WP Cloudflare GeoIP Redirect Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WP Cloudflare GeoIP Redirect Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

123 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

75% escaped165 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

wp_cloudflareRedirect (cf-redirect.php:41)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

WP Cloudflare GeoIP Redirect Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 2

authwp_ajax_cmb2_oembed_handlercmb2\includes\CMB2_Ajax.php:51

noprivwp_ajax_cmb2_oembed_handlercmb2\includes\CMB2_Ajax.php:52

WordPress Hooks 44

actionafter_setup_themecf-redirect.php:34

actioninitcf-redirect.php:120

filterwp_redirect_statuscf-redirect.php:134

filterwp_prepare_attachment_for_jscmb2\includes\CMB2.php:1549

actionadmin_enqueue_scriptscmb2\includes\CMB2.php:1567

actioncmb2_save_options-page_fieldscmb2\includes\CMB2_Ajax.php:54

filterget_post_metadatacmb2\includes\CMB2_Ajax.php:147

filterupdate_post_metadatacmb2\includes\CMB2_Ajax.php:150

filtercmb2_show_oncmb2\includes\CMB2_Hookup.php:79

actionedit_form_topcmb2\includes\CMB2_Hookup.php:115

actionedit_form_before_permalinkcmb2\includes\CMB2_Hookup.php:119

actionedit_form_after_titlecmb2\includes\CMB2_Hookup.php:123

actionedit_form_after_editorcmb2\includes\CMB2_Hookup.php:127

actionadd_meta_boxescmb2\includes\CMB2_Hookup.php:131

actionadd_meta_boxescmb2\includes\CMB2_Hookup.php:134

actionadd_attachmentcmb2\includes\CMB2_Hookup.php:135

actionedit_attachmentcmb2\includes\CMB2_Hookup.php:136

actionsave_postcmb2\includes\CMB2_Hookup.php:137

actionpre_get_postscmb2\includes\CMB2_Hookup.php:144

actionadd_meta_boxes_commentcmb2\includes\CMB2_Hookup.php:152

actionedit_commentcmb2\includes\CMB2_Hookup.php:153

filtermanage_edit-comments_columnscmb2\includes\CMB2_Hookup.php:156

actionmanage_comments_custom_columncmb2\includes\CMB2_Hookup.php:157

filtermanage_edit-comments_sortable_columnscmb2\includes\CMB2_Hookup.php:158

actionpre_get_postscmb2\includes\CMB2_Hookup.php:159

actionshow_user_profilecmb2\includes\CMB2_Hookup.php:168

actionedit_user_profilecmb2\includes\CMB2_Hookup.php:169

actionuser_new_formcmb2\includes\CMB2_Hookup.php:170

actionpersonal_options_updatecmb2\includes\CMB2_Hookup.php:172

actionedit_user_profile_updatecmb2\includes\CMB2_Hookup.php:173

actionuser_registercmb2\includes\CMB2_Hookup.php:174

filtermanage_users_columnscmb2\includes\CMB2_Hookup.php:177

filtermanage_users_custom_columncmb2\includes\CMB2_Hookup.php:178

filtermanage_users_sortable_columnscmb2\includes\CMB2_Hookup.php:179

actionpre_get_postscmb2\includes\CMB2_Hookup.php:180

actionpre_get_postscmb2\includes\CMB2_Hookup.php:226

actioncreated_termcmb2\includes\CMB2_Hookup.php:230

actionedited_termscmb2\includes\CMB2_Hookup.php:231

actiondelete_termcmb2\includes\CMB2_Hookup.php:232

actioncmb2_do_oembedcmb2\includes\helper-functions.php:131

filteris_protected_metacmb2\includes\rest-api\CMB2_REST.php:144

actioninitcmb2\init.php:77

actionadmin_enqueue_scriptsoptions.php:9

actioncmb2_admin_initoptions.php:23

Maintenance & Trust

WP Cloudflare GeoIP Redirect Maintenance & Trust

Maintenance Signals

WordPress version tested5.7.15

Last updatedApr 22, 2021

PHP min version5.2.4

Downloads6K

Community Trust

Rating86/100

Number of ratings6

Active installs100

Alternatives

WP Cloudflare GeoIP Redirect Alternatives

If-So Geolocation

if-so-geolocation

100

All-in-one geolocation. Personalized content, geolocation Dynamic Keyword Insertion shortcodes, Rediects, and more. No coding required!

1K No CVEs

Flexible SSL for CloudFlare

cloudflare-flexible-ssl

100

Fix For Redirect Loops on WordPress with CloudFlare's Flexible/Universal SSL.

100K No CVEs

Geolocation IP Detection

geoip-detect

Provides geographic information detected by an IP adress.

20K 1 CVE

DoLogin Security

dologin

Easy Login. 2FA login. Passwordless login. Cloudflare Turnstile reCAPTCHA. GeoLocation (Continent/Country/City)/IP range to limit login attempts.

7K 4 CVEs

Cloudflare SSL by Weslink

ctw-ssl-for-cloudflare

Plugin to enable CloudFlare Flexible SSL for Wordpress and to prevent the Redirect Loop

3K No CVEs

Developer Profile

WP Cloudflare GeoIP Redirect Developer Profile

webinvaders

1 plugin · 100 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WP Cloudflare GeoIP Redirect

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-cloudflare-geoip-redirect/assets/css/backend.css/wp-content/plugins/wp-cloudflare-geoip-redirect/assets/js/backend.js

Script Paths

/wp-content/plugins/wp-cloudflare-geoip-redirect/assets/js/backend.js

Version Parameters

/wp-content/plugins/wp-cloudflare-geoip-redirect/assets/css/backend.css?ver=/wp-content/plugins/wp-cloudflare-geoip-redirect/assets/js/backend.js?ver=

HTML / DOM Fingerprints

CSS Classes

wpcfredirect

FAQ