Does amCharts: Charts and Maps have any unpatched vulnerabilities?

No. All known vulnerabilities in amCharts: Charts and Maps have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is amCharts: Charts and Maps compatible with WordPress 6.6.5?

According to WordPress.org data, amCharts: Charts and Maps 1.4.5 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

How often is amCharts: Charts and Maps updated?

amCharts: Charts and Maps was last updated on Sep 11, 2024. Frequent updates are generally a positive security signal.

What is amCharts: Charts and Maps's security score?

amCharts: Charts and Maps has a WP-Safety security score of 91/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

amCharts: Charts and Maps Security & Risk Analysis

wordpress.org/plugins/amcharts-charts-and-maps

Allows to easily add interactive charts and maps using amCharts libraries.

2K active installs v1.4.5 PHP + WP 3.5+ Updated Sep 11, 2024

amchartsammapchartsjavascript-chartsmaps

A · Safe

CVEs total2

Unpatched0

Last CVESep 11, 2024

Download

Safety Verdict

Is amCharts: Charts and Maps Safe to Use in 2026?

Generally Safe

Score 91/100

amCharts: Charts and Maps has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Sep 11, 2024Updated 1yr ago

Risk Assessment

The "amcharts-charts-and-maps" plugin version 1.4.5 presents a mixed security posture. While it demonstrates good practices such as using prepared statements for all SQL queries and a reasonable number of capability checks, there are notable areas of concern. The presence of two AJAX handlers without authentication checks creates a significant attack surface, potentially allowing unauthorized actions. Furthermore, the taint analysis identified a flow with an unsanitized path, which, while not rated as critical or high, warrants attention as it indicates a potential for input manipulation. The plugin's vulnerability history, with two medium severity Cross-Site Scripting (XSS) vulnerabilities, the most recent being in September 2024, suggests a pattern of input sanitization issues that have been addressed but indicate an ongoing risk if not meticulously maintained. The proper escaping of outputs is also only at 61%, which is a weakness that could contribute to XSS vulnerabilities.

Key Concerns

Unprotected AJAX handlers
Flow with unsanitized path
Medium severity CVEs in history
Output escaping only 61%

Vulnerabilities

amCharts: Charts and Maps Security Vulnerabilities

CVEs by Year

1 CVE in 2022

2022

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2024-8622medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

amCharts: Charts and Maps <= 1.4.4 - Reflected Cross-Site Scripting via Cross-Site Request Forgery

Sep 11, 2024 Patched in 1.4.5 (1d)

CVE-2022-36405medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

amCharts: Charts and Maps <= 1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

Aug 9, 2022 Patched in 1.5 (532d)

Code Analysis

Analyzed Mar 16, 2026

amCharts: Charts and Maps Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

51 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

61% escaped83 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

6 flows1 with unsanitized paths

amcharts_resources_box (includes\editing.php:50)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

amCharts: Charts and Maps Attack Surface

Entry Points3

Unprotected2

AJAX Handlers 2

authwp_ajax_amcharts_get_postsincludes\editing.php:424

authwp_ajax_amcharts_find_meincludes\settings.php:537

Shortcodes 1

[amcharts] includes\setup.php:100

WordPress Hooks 18

actionadd_meta_boxesincludes\editing.php:6

actionsave_postincludes\editing.php:221

filtermanage_posts_columnsincludes\editing.php:248

filtermanage_posts_custom_columnincludes\editing.php:256

actioninitincludes\editing.php:269

filtermce_external_pluginsincludes\editing.php:273

filtermce_buttonsincludes\editing.php:274

actionadmin_headincludes\editing.php:292

actionadmin_footerincludes\editing.php:311

actionadmin_menuincludes\settings.php:6

actioninitincludes\setup.php:6

actionplugins_loadedincludes\setup.php:58

actioninitincludes\setup.php:194

actionwp_footerincludes\setup.php:269

filtertemplate_includeincludes\setup.php:284

actionadmin_initincludes\setup.php:301

filteroembed_fetch_urlincludes\setup.php:337

actionplugins_loadedincludes\setup.php:348

Maintenance & Trust

amCharts: Charts and Maps Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedSep 11, 2024

PHP min version

Downloads104K

Community Trust

Rating100/100

Number of ratings29

Active installs2K

Alternatives

amCharts: Charts and Maps Alternatives

Blazing Charts

blazing-charts

A plugin to easily allow you to add interactive charts and maps by using a collection of Charting libraries.

200 No CVEs

WP Go Maps (formerly WP Google Maps)

wp-google-maps

The easiest to use Google maps plugin! Create a custom Google map, map block, store locator or map widget with high quality markers containing categor …

300K 22 CVEs

Hotjar

hotjar

The fast & visual way to understand your users.

80K 1 CVE

iframe

[iframe src="http://www.youtube.com/embed/7_nAZQt9qu0" width="100%" height="500"] shortcode

70K 6 CVEs

WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters

wp-google-map-plugin

WordPress map plugin for Google Maps, OpenStreetMap & Mapbox with store locator, filterable listings & custom markers.

60K 20 CVEs

Developer Profile

amCharts: Charts and Maps Developer Profile

martynasma

1 plugin · 2K total installs

trust score

Avg Security Score

91/100

Avg Patch Time

267 days

View full developer profile

Detection Fingerprints

How We Detect amCharts: Charts and Maps

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/amcharts-charts-and-maps/css/amcharts-admin.css/wp-content/plugins/amcharts-charts-and-maps/css/amcharts-editor.css/wp-content/plugins/amcharts-charts-and-maps/js/amcharts-editor.js/wp-content/plugins/amcharts-charts-and-maps/js/amcharts-script.js/wp-content/plugins/amcharts-charts-and-maps/js/amcharts-utils.js

HTML / DOM Fingerprints

CSS Classes

amcharts-resource-groupamcharts-resourcesamcharts-select-resourceamcharts-add-resourcecode-htmlcode-javascriptamcharts-chart-type-defaultamcharts-apply-default+3 more

Data Attributes

data-amcharts-chart-type-defaultdata-amcharts-apply-defaultdata-amcharts-preview

JS Globals

amcharts_settingsamcharts_preview_url

Shortcode Output

[amcharts id="chart-1"]

FAQ