Find Us At Security & Risk Analysis
wordpress.org/plugins/findusatQuickly display a map of the locations that your product is in or were your stores are located.
Is Find Us At Safe to Use in 2026?
Generally Safe
Score 85/100Find Us At has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "findusat" plugin v1.2.1 exhibits a mixed security posture. On the positive side, it has no recorded vulnerabilities (CVEs) and its SQL queries are all properly prepared, indicating good practices in database interaction. Furthermore, it doesn't make external HTTP requests, which mitigates risks associated with remote code execution or data exfiltration through external services.
However, significant security concerns arise from its attack surface. With 3 out of 5 entry points lacking authentication checks (AJAX handlers), there's a high risk of unauthorized actions or information disclosure. The plugin also has a low rate of proper output escaping (42%), suggesting potential for cross-site scripting (XSS) vulnerabilities where user-supplied data might be rendered directly in the browser without proper sanitization. The absence of nonce checks on its AJAX handlers further exacerbates these risks by allowing for cross-site request forgery (CSRF) attacks.
While the plugin has a clean vulnerability history, this cannot be relied upon to guarantee future security. The presence of critical weaknesses like unprotected AJAX endpoints and insufficient output escaping means the plugin is susceptible to exploitation even without prior recorded vulnerabilities. The overall assessment leans towards a moderate to high risk due to the exploitable attack surface and potential for XSS, despite the absence of known CVEs and secure SQL practices.
Key Concerns
- Unprotected AJAX handlers
- Insufficient output escaping
- Missing nonce checks on AJAX
- Large attack surface without auth
Find Us At Security Vulnerabilities
Find Us At Release Timeline
Find Us At Code Analysis
Output Escaping
Find Us At Attack Surface
AJAX Handlers 3
Shortcodes 2
WordPress Hooks 7
Maintenance & Trust
Find Us At Maintenance & Trust
Maintenance Signals
Community Trust
Find Us At Alternatives
States, Cities, and Places for WooCommerce
states-cities-and-places-for-woocommerce
WordPress plugin that shows dropdowns for State and City Select for WooCommerce.
GEO my WP
geo-my-wp
Advanced geolocation, mapping, and proximity search plugin. Geotag post types and BuddyPress members, and create advanced proximity search forms.
Stock Locations for WooCommerce
stock-locations-for-woocommerce
This plugin will help you to manage WooCommerce Products stocks through locations.
Store Locator for WordPress📍
storelocator
Create a store locator for your website in minutes. Add all the store locations in google sheets and embed map on your website.
Socius Marketing Page Taxonomy
socius-marketing-page-taxonomy
Adds 2 custom taxonomies (categories & areas served) to Pages for easy, dynamic archive listing.
Find Us At Developer Profile
2 plugins · 0 total installs
How We Detect Find Us At
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/findusat/assets/css/findusat.css/wp-content/plugins/findusat/assets/css/admin_findusat.csshttps://maps.googleapis.com/maps/api/js?key=/wp-content/plugins/findusat/assets/js/findusat.js/wp-content/plugins/findusat/assets/js/admin_findusat.jsfindusat.css?ver=admin_findusat.css?ver=findusat.js?ver=admin_findusat.js?ver=HTML / DOM Fingerprints
address_line_1address_line_2submit_addressfindusat_map<!-- generate coordinates -->name="address_line_1"name="address_line_2"class="submit_address"id="x_coordinate"id="y_coordinate"id="mapsLink"+1 morefua_coords/wp-json/wp/v2/location<div id="findusat_map"<ul id="findusat_locations">