Does WP Store Locator – Extenders have any unpatched vulnerabilities?

No. All known vulnerabilities in WP Store Locator – Extenders have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Store Locator – Extenders compatible with WordPress 6.7.5?

According to WordPress.org data, WP Store Locator – Extenders 1.4.2 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

How often is WP Store Locator – Extenders updated?

WP Store Locator – Extenders was last updated on Unknown. Frequent updates are generally a positive security signal.

What is WP Store Locator – Extenders's security score?

WP Store Locator – Extenders has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Store Locator – Extenders Security & Risk Analysis

wordpress.org/plugins/wp-store-locator-extenders

Adds features like managing location based events, social media information and locations managed by other logged in users to WP Store Locator.

10 active installs v1.4.2 PHP + WP 5.9+ Updated Unknown

eventsextenderssocial-mediauser-managed-locations

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WP Store Locator – Extenders Safe to Use in 2026?

Generally Safe

Score 100/100

WP Store Locator – Extenders has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The "wp-store-locator-extenders" v1.4.2 plugin exhibits a generally strong security posture based on the provided static analysis. The complete absence of any entry points like AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the potential attack surface. Furthermore, the plugin demonstrates good practices by using capability checks for its operations. The limited number of file operations and external HTTP requests also contribute to a reduced risk profile.

However, a significant concern arises from the SQL queries: there are two total, and 100% of them are not using prepared statements. This indicates a high risk of SQL injection vulnerabilities, as user-supplied data is likely being directly incorporated into database queries without proper sanitization. While the taint analysis shows no critical or high severity flows and there are no known CVEs, the unpatched SQL queries represent a substantial, unaddressed risk.

In conclusion, while the plugin has strengths in its limited attack surface and use of capability checks, the unpatched SQL queries are a critical weakness. The lack of historical vulnerabilities is positive, but it doesn't mitigate the immediate risk posed by the insecure SQL practices. Addressing the SQL query security is paramount to improving the plugin's overall security.

Key Concerns

Raw SQL queries without prepared statements

Vulnerabilities

None known

WP Store Locator – Extenders Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WP Store Locator – Extenders Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

33 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius1.0

SQL Query Safety

0% prepared2 total queries

Output Escaping

87% escaped38 total outputs

Attack Surface

WP Store Locator – Extenders Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 38

actionadmin_initinclude\admin\class-WPSL_EXT_Admin.php:64

actionadmin_initinclude\admin\class-WPSL_EXT_Admin.php:65

actionadmin_menuinclude\admin\class-WPSL_EXT_Admin.php:66

actionadmin_enqueue_scriptsinclude\admin\class-WPSL_EXT_Admin.php:67

filterwpsl_post_type_argsinclude\admin\class-WPSL_EXT_Admin.php:68

filterparse_queryinclude\admin\class-WPSL_EXT_Admin.php:69

actionwp_insert_postinclude\admin\class-WPSL_EXT_Admin.php:70

actioninitinclude\class-WPSL_Extenders.php:52

actionall_admin_noticesinclude\class-WPSL_Extenders.php:66

actionall_admin_noticesinclude\class-WPSL_Extenders.php:70

actioninitinclude\class-WPSL_Extenders.php:76

actionwp_enqueue_scriptsinclude\class-WPSL_Extenders.php:77

filterthe_contentinclude\class-WPSL_Extenders.php:126

filterwpsl_templatesinclude\class-WPSL_Extenders.php:128

filterwp_print_stylesinclude\usermanaged\class-WPSL_EXT_UserManaged.php:43

actionshow_user_profileinclude\usermanaged\class-WPSL_EXT_UserManaged.php:46

actionedit_user_profileinclude\usermanaged\class-WPSL_EXT_UserManaged.php:47

actionuser_registerinclude\usermanaged\class-WPSL_EXT_UserManaged.php:50

filteruser_row_actionsinclude\usermanaged\class-WPSL_EXT_UserManaged.php:52

filterbulk_actions-usersinclude\usermanaged\class-WPSL_EXT_UserManaged.php:53

filtermanage_users_columnsinclude\usermanaged\class-WPSL_EXT_UserManaged.php:55

actionmanage_users_custom_columninclude\usermanaged\class-WPSL_EXT_UserManaged.php:56

filterwpsl_store_metainclude\usermanaged\class-WPSL_EXT_UserManaged.php:58

filterwpsl_store_header_templateinclude\usermanaged\class-WPSL_EXT_UserManaged.php:59

filterwpsl_infobox_settingsinclude\usermanaged\class-WPSL_EXT_UserManaged.php:60

filterwpsl_js_settingsinclude\usermanaged\class-WPSL_EXT_UserManaged.php:61

actionadmin_initinclude\wpsl-extenders-upgrade.php:2

filterconnect_urlwp-store-locator-extenders.php:152

filterafter_skip_urlwp-store-locator-extenders.php:153

filterafter_connect_urlwp-store-locator-extenders.php:154

filterafter_pending_connect_urlwp-store-locator-extenders.php:155

filterpricing_urlwp-store-locator-extenders.php:156

actionplugins_loadedwp-store-locator-extenders.php:180

actionadmin_initwp-store-locator-extenders.php:201

actionuser_admin_menuwp-store-locator-extenders.php:202

actionadmin_menuwp-store-locator-extenders.php:204

actionafter_uninstallwp-store-locator-extenders.php:221

actiondmp_addpanelwp-store-locator-extenders.php:259

Maintenance & Trust

WP Store Locator – Extenders Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedUnknown

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

WP Store Locator – Extenders Alternatives

Store Locator Plus® | Extenders

slp-extenders

Adds power user features like managing location based events, social media information and locations managed by other logged in users to Store Locator …

0 No CVEs

The Events Calendar

the-events-calendar

The Events Calendar: #1 calendar plugin for WordPress. Create/manage events (virtual too!) on your site with the free plugin.

700K 25 CVEs

AddToAny Share Buttons

add-to-any

Share buttons for WordPress including the AddToAny button, Facebook, Bluesky, Mastodon, WhatsApp, Pinterest, Reddit, many more, and follow icons too.

300K 3 CVEs

Astra Widgets

astra-widgets

Quickest solution to add widgets like Address, Social Profiles and List icons on a website built with Astra.

200K 3 CVEs

LatePoint – Calendar Booking Plugin for Appointments and Events

latepoint

Optimize your appointment scheduling with our plugin. Sync calendars, automate reminders, and keep your bookings organized.

100K 2 unpatched

Developer Profile

WP Store Locator – Extenders Developer Profile

DeBAAT

7 plugins · 6K total installs

trust score

Avg Security Score

86/100

Avg Patch Time

5 days

View full developer profile

Detection Fingerprints

How We Detect WP Store Locator – Extenders

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-store-locator-extenders/assets/css/wpsl-extenders-admin.css/wp-content/plugins/wp-store-locator-extenders/assets/js/wpsl-extenders-admin.js/wp-content/plugins/wp-store-locator-extenders/assets/css/wpsl-extenders-frontend.css/wp-content/plugins/wp-store-locator-extenders/assets/js/wpsl-extenders-frontend.js/wp-content/plugins/wp-store-locator-extenders/freemius/start.php

Script Paths

/wp-content/plugins/wp-store-locator-extenders/assets/js/wpsl-extenders-admin.js/wp-content/plugins/wp-store-locator-extenders/assets/js/wpsl-extenders-frontend.js/wp-content/plugins/wp-store-locator-extenders/freemius/start.php

Version Parameters

wp-store-locator-extenders/assets/css/wpsl-extenders-admin.css?ver=wp-store-locator-extenders/assets/js/wpsl-extenders-admin.js?ver=wp-store-locator-extenders/assets/css/wpsl-extenders-frontend.css?ver=wp-store-locator-extenders/assets/js/wpsl-extenders-frontend.js?ver=wp-store-locator-extenders/freemius/start.php?ver=

HTML / DOM Fingerprints

CSS Classes

wpsl-ext-admin-wrapwpsl-ext-frontend-wrap

HTML Comments

DO NOT REMOVE THIS IF, IT IS ESSENTIAL FOR THE `function_exists` CALL ABOVE TO PROPERLY WORK.

Data Attributes

data-wpsl-ext-iddata-wpsl-ext-slug

JS Globals

wpsl_extendersWPSL_EXT_FREEMIUS_IDWPSL_EXT_SHORT_SLUGWPSL_EXT_PREMIUM_SLUGWPSL_EXT_CLASS_PREFIXWPSL_EXT_ADMIN_PAGE_SLUG+18 more

FAQ