Find Us Security & Risk Analysis
wordpress.org/plugins/find-usThis plugin displays a map on your website and allows your visitors to find their way to your location.
Is Find Us Safe to Use in 2026?
Generally Safe
Score 100/100Find Us has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "find-us" plugin v1.7 demonstrates a mixed security posture. On one hand, it has no recorded vulnerabilities, a clean history with no known CVEs, and avoids dangerous functions, file operations, external requests, and bundled libraries. This suggests a generally cautious development approach.
However, the static analysis reveals significant concerns, particularly in output escaping and taint analysis. A concerning 0% of outputs are properly escaped, meaning user-supplied data displayed on the frontend could be vulnerable to cross-site scripting (XSS) attacks. Furthermore, all four analyzed taint flows show unsanitized paths, indicating a risk of sensitive data being mishandled or exposed. The lack of any capability or nonce checks, while the attack surface appears minimal (0 entry points), is also a potential weakness if the plugin's functionality were to be expanded or if certain entry points were overlooked.
While the absence of known vulnerabilities is positive, the critical findings in output escaping and taint analysis present a tangible risk. The plugin's developers need to address the unescaped outputs and unsanitized taint flows to mitigate potential XSS and data exposure vulnerabilities.
Key Concerns
- All outputs are unescaped
- All taint flows have unsanitized paths
- No nonce checks
- No capability checks
Find Us Security Vulnerabilities
Find Us Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
Find Us Attack Surface
WordPress Hooks 10
Maintenance & Trust
Find Us Maintenance & Trust
Maintenance Signals
Community Trust
Find Us Alternatives
WP Go Maps (formerly WP Google Maps)
wp-google-maps
The easiest to use Google maps plugin! Create a custom Google map, map block, store locator or map widget with high quality markers containing categor …
iframe
iframe
[iframe src="http://www.youtube.com/embed/7_nAZQt9qu0" width="100%" height="500"] shortcode
WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters
wp-google-map-plugin
WordPress map plugin for Google Maps, OpenStreetMap & Mapbox with store locator, filterable listings & custom markers.
WP Store Locator
wp-store-locator
An easy to use location management system that enables users to search for nearby physical stores.
API KEY for Google Maps
api-key-for-google-maps
Retroactively add Google Maps API KEY to any theme or plugin.
Find Us Developer Profile
9 plugins · 180 total installs
How We Detect Find Us
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/find-us/css/map.css/wp-content/plugins/find-us/js/map.js/wp-content/plugins/find-us/js/map.jsfind-us/css/map.css?ver=find-us/js/map.js?ver=HTML / DOM Fingerprints
dprx_find_us_map_boxdprx_find_us_map_formid="dprx_find_us_map_box"id="dprx_find_us_map_form"id="dprx_form_location"id="dprx_form_setlocation"window.dprx_find_us_map[findusmap<?php
if (empty($endlocation)) { $endlocation = get_option("dprx_find_us_location"); }
$GLOBALS['dprx_find_us_map']->addaddress("" . $endlocation . "");
if (empty($width)) { $width = get_option("dprx_find_us_width"); }
$GLOBALS['dprx_find_us_map']->mapWidth = $width;
if (empty($height)) { $height = get_option("dprx_find_us_height"); }
$GLOBALS['dprx_find_us_map']->mapHeight = $height;
if (empty($ctype)) { $ctype = get_option("dprx_find_us_ctype"); }
$GLOBALS['dprx_find_us_map']->controlType = $ctype;
if (empty($mtypes)) { $mtypes = get_option("dprx_find_us_mtypes"); }
if($mtypes == 1) {
$GLOBALS['dprx_find_us_map']->showType = true;
} else {
$GLOBALS['dprx_find_us_map']->showType = false;
}
if (!empty($_REQUEST['dprx_find_us_location_start'])) {
$GLOBALS['dprx_find_us_map']->addAddress($_REQUEST['dprx_find_us_location_start']);
$lat = $GLOBALS['dprx_find_us_map']->dprx_find_us_lat(1);
$lon = $GLOBALS['dprx_find_us_map']->dprx_find_us_lon(1);
if (!empty($lat)) {
$GLOBALS['dprx_find_us_map']->centerMap($lat,$lon);
}
}
if (count($GLOBALS['dprx_find_us_map']->validPoints) > 0) {
$GLOBALS['dprx_find_us_map']->showMap();
} else {
_e('No valid points found. Please try again', 'dprx_find_us');
}