Does EasyMap have any unpatched vulnerabilities?

No. All known vulnerabilities in EasyMap have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is EasyMap compatible with WordPress 6.9.4?

According to WordPress.org data, EasyMap 1.1.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is EasyMap compatible with PHP 7.4+?

EasyMap requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is EasyMap updated?

EasyMap was last updated on Dec 9, 2025. Frequent updates are generally a positive security signal.

What is EasyMap's security score?

EasyMap has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

EasyMap Security & Risk Analysis

wordpress.org/plugins/easymap

Maps plugin for WordPress with support for Google Maps. Tested with WordPress 5.5+ and PHP 7.4+

10 active installs v1.1.2 PHP 7.4+ WP 5.4.0+ Updated Dec 9, 2025

geolocationgooglemap

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is EasyMap Safe to Use in 2026?

Generally Safe

Score 100/100

EasyMap has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

The easymap plugin v1.1.2 exhibits a mixed security posture. On the positive side, there are no known CVEs, indicating a good track record for security. The absence of critical or high severity taint flows and the presence of nonce and capability checks across most entry points are encouraging signs of secure coding practices. The plugin also appears to be diligent about escaping output and making external HTTP requests, which are important security considerations.

However, there are notable areas for improvement. The most significant concern is the SQL query which is not being prepared. This presents a substantial risk of SQL injection vulnerabilities, especially if the data used in the query originates from user input. Furthermore, the plugin utilizes file operations without clear indications of sanitization in the provided data, which could lead to path traversal vulnerabilities if not handled carefully. While the taint analysis found no critical or high severity issues, the presence of unsanitized paths in two flows suggests a potential for issues that may not have been flagged as critical in this specific analysis but still warrant attention.

In conclusion, easymap v1.1.2 has a generally good foundation with no known historical vulnerabilities and several positive security implementations. However, the lack of prepared statements for its SQL query is a critical oversight that significantly elevates the risk profile. Addressing this, along with ensuring robust sanitization for file operations, is paramount to improving its overall security.

Key Concerns

SQL queries not using prepared statements
Flows with unsanitized paths detected
File operations present without clear sanitization context

Vulnerabilities

None known

EasyMap Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

EasyMap Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

107

156 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared1 total queries

Output Escaping

59% escaped263 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

5 flows2 with unsanitized paths

easymap_admin_import (easymap.php:1372)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

EasyMap Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[easymap_map] easymap.php:2824

WordPress Hooks 13

actionadmin_noticeseasymap.php:177

actionadmin_noticeseasymap.php:231

filterset_url_schemeeasymap.php:2008

actioniniteasymap.php:2887

actionadmin_enqueue_scriptseasymap.php:2891

actionadmin_menueasymap.php:2892

actionadmin_initeasymap.php:2893

actionupdate_optioneasymap.php:2896

actionupdated_optioneasymap.php:2897

actionadmin_headeasymap.php:2903

actionwp_enqueue_scriptseasymap.php:2908

actionwp_loadedeasymap.php:2912

actioniniteasymap.php:2913

Maintenance & Trust

EasyMap Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 9, 2025

PHP min version7.4

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

EasyMap Alternatives

Kikote – Location Picker at Checkout & Google Address AutoFill Plugin for WooCommerce

map-location-picker-at-checkout-for-woocommerce

100

Allow customers to select delivery/pickup spots on Google Maps at Checkout. Create shipping workflows for smooth order handling and better pricing.

1K 1 CVE

Track Geolocation Of Users Using Contact Form 7

track-geolocation-of-users-using-contact-form-7

100

Track Geolocation Of Users Using Contact Form 7 allows you to get geolocation information with their form submission.

800 1 CVE

Checkout Location Picker for WooCommerce

sg-checkout-location-picker

100

Sg WooCommerce Checkout Location Picker helps customers to mark their geo location on google map in WooCommerce checkout page.

300 No CVEs

Simple Fields Map extension

simple-fields-map-extension

Extension to Simple Fields that adds a field type for selecting a location on a Google Map.

100 No CVEs

Quick Maps

quick-maps

100

The easiest Google Maps integration for your Wordpress website [quick-maps]Orlando, Florida[/quick-maps] - No Google API required.

40 No CVEs

Developer Profile

EasyMap Developer Profile

joho68

5 plugins · 190 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect EasyMap

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/easymap/css/easymap.css/wp-content/plugins/easymap/js/easymap.js/wp-content/plugins/easymap/css/admin.css/wp-content/plugins/easymap/js/admin.js/wp-content/plugins/easymap/js/easymap-map-block.js/wp-content/plugins/easymap/js/easymap-map-block.asset.php

Script Paths

/wp-content/plugins/easymap/js/easymap.js/wp-content/plugins/easymap/js/admin.js/wp-content/plugins/easymap/js/easymap-map-block.js

Version Parameters

easymap/css/easymap.css?ver=easymap/js/easymap.js?ver=easymap/css/admin.css?ver=easymap/js/admin.js?ver=easymap/js/easymap-map-block.js?ver=

HTML / DOM Fingerprints

CSS Classes

easymap-content-wrappereasymap-map-containereasymap-location-listeasymap-location-item

HTML Comments

Data Attributes

data-easymap-noncedata-easymap-ajaxurldata-easymap-mapiddata-easymap-latdata-easymap-lngdata-easymap-zoom+1 more

JS Globals

easymap_varseasymap_localize_data

Shortcode Output

[easymap[easymap_location_list

FAQ