Does WP Geoloc have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Geoloc compatible with WordPress 4.4.34?

According to WordPress.org data, WP Geoloc 1.0.2 has been tested up to WordPress 4.4.34. Check the plugin's changelog for the latest compatibility information.

How often is WP Geoloc updated?

WP Geoloc was last updated on Jan 29, 2016. Frequent updates are generally a positive security signal.

What is WP Geoloc's security score?

WP Geoloc has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Geoloc Security & Risk Analysis

wordpress.org/plugins/wp-geoloc

Search for posts around a location with a specific distance.

10 active installs v1.0.2 PHP + WP 3.8+ Updated Jan 29, 2016

geogeolocationgeotaglocationradius

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WP Geoloc Safe to Use in 2026?

Generally Safe

Score 85/100

WP Geoloc has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago

Risk Assessment

The "wp-geoloc" v1.0.2 plugin demonstrates a generally good security posture based on the provided static analysis. The absence of AJAX handlers, REST API routes, cron events, and file operations, combined with a limited attack surface (one shortcode), significantly reduces the potential for external exploitation. The code also shows some good practices like a reasonable percentage of SQL queries using prepared statements and several capability checks. However, a notable concern is the complete lack of nonce checks, which is a critical security measure for preventing Cross-Site Request Forgery (CSRF) attacks, especially when user-initiated actions occur. The taint analysis reporting zero flows with unsanitized paths and the clean vulnerability history (zero CVEs) are positive indicators, suggesting the plugin has historically been maintained with security in mind or has not been a significant target. Despite these strengths, the missing nonce checks represent a potential weakness that could be exploited.

Key Concerns

Missing nonce checks

Vulnerabilities

None known

WP Geoloc Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

WP Geoloc Release Timeline

No version history available.

Code Analysis

Analyzed Mar 16, 2026

WP Geoloc Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

39 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

67% prepared6 total queries

Output Escaping

68% escaped57 total outputs

Attack Surface

WP Geoloc Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[wpgeoloc] includes\shortcode-search.php:8

WordPress Hooks 20

actionadmin_head-post-new.phpincludes\functions.php:21

actionadmin_head-post.phpincludes\functions.php:22

actionadmin_menuincludes\functions.php:48

actionsave_postincludes\functions.php:74

filtersc_geodatastore_meta_keysincludes\functions.php:118

actionpre_get_postsincludes\functions.php:125

actionwp_enqueue_scriptsincludes\functions.php:159

actionsc_geodatastore_reindexincludes\geo-data-store.php:35

actionadded_post_metaincludes\geo-data-store.php:38

actionupdated_post_metaincludes\geo-data-store.php:39

actionupdated_postmetaincludes\geo-data-store.php:40

actiondeleted_post_metaincludes\geo-data-store.php:43

actiondeleted_postmetaincludes\geo-data-store.php:44

filtersc_geodatastore_meta_keysincludes\geo-data-store.php:47

filterplugin_action_linksincludes\geo-data-store.php:57

actioninitincludes\geo-data-store.php:58

actionadmin_menuincludes\settings.php:22

actionadmin_initincludes\settings.php:28

actionwidgets_initincludes\widget-search.php:8

actionplugins_loadedwp-geoloc.php:48

Maintenance & Trust

WP Geoloc Maintenance & Trust

Maintenance Signals

WordPress version tested4.4.34

Last updatedJan 29, 2016

PHP min version

Downloads2K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

WP Geoloc Alternatives

OSM Categories

osm-categories

OpenStreetMap plugin to embed a map with markers to articles from different categories in different map layers.

20 No CVEs

Twitchers

twitchers

Twitcher allows people who visit your web site to post wildlife sightings and display them on a Google map. The plug-in only offers a front end google …

10 No CVEs

SlimStat Analytics

wp-slimstat

The leading web analytics plugin for WordPress

80K 24 CVEs

Geolocation IP Detection

geoip-detect

Provides geographic information detected by an IP adress.

20K 1 CVE

Price Based on Country for WooCommerce

woocommerce-product-price-based-on-countries

100

Product Pricing and Currency based on Shopper's Country for WooCommerce with multi-currency support and geolocation to boost international sales.

20K No CVEs

Developer Profile

WP Geoloc Developer Profile

Nicolas Blois

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WP Geoloc

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

fielderror

Data Attributes

id="geolocation_nonce"id="locationField"id="autocomplete_message"id="autocomplete"id="formatted_address"id="latitude"+1 more

JS Globals

initAutocompleteautocompletefillInAddress

FAQ