[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f1hWmSBXrZPPt2Km4VkHq3stPUjmlmkP01FTvG06Fi_Y":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":136,"fingerprints":270},"gps-2-photos","GPS 2 Photos","1.0.0","Pawel","https:\u002F\u002Fprofiles.wordpress.org\u002Fpablo2\u002F","\u003Cp>GPS 2 Photos lets you view, add, or edit EXIF GPS coordinates for JPEG and WebP images in the WordPress Media Library and galleries powered by NextGEN, Envira, FooGallery, or Modula.\u003Cbr \u002F>\nIt displays existing GPS data as editable fields (Media Library only) or provides a button to add or update coordinates. Clicking the button opens a map interface where you can set a location by simply clicking on the map, searching for a place, or typing it in manually.\u003C\u002Fp>\n\u003Cp>This plugin extends the functionality of the Geo 2 Maps add-on for NextGEN Gallery, which displays maps with photos, galleries, or albums using EXIF GPS data.\u003C\u002Fp>\n\u003Cp>The plugin is using Microsoft Azure Maps and requires a free Azure Maps API Key to function as described below.\u003Cbr \u002F>\nTo amend EXIF GPS coordinates, use the PHP Exif Library (PEL) by Martin Geisler. (Copyright (C) 2004–2006 Martin Geisler. Licensed under the GNU GPL. \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FFileEye\u002Fpel\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002FFileEye\u002Fpel\u003C\u002Fa> )\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>WordPress Media Library & NextGEN Gallery Integration:\u003C\u002Fstrong> Works seamlessly inside the standard Media Library and also adds an “Add\u002FAmend GPS” option to images in the NextGEN Gallery management page.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Gallery Support:\u003C\u002Fstrong> Integrates with popular gallery plugins, including NextGEN Gallery, Envira Gallery, FooGallery, and Modula.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>View GPS Data:\u003C\u002Fstrong> See a map with a pin for any image that has GPS coordinates in its EXIF data for JPEG photos and EXIF\u002FXMP for WebP images.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Edit & Add GPS Data:\u003C\u002Fstrong> Easily add or change an image’s location by dragging the pin or clicking anywhere on the map.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Interactive Map Modal:\u003C\u002Fstrong> A clean and simple map interface with a location search bar opens in a modal window.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Backup & Restore:\u003C\u002Fstrong> The plugin automatically backs up original GPS data, allowing you to restore it with a single click.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Azure Maps Integration:\u003C\u002Fstrong> Utilizes the powerful and reliable Azure Maps for displaying map tiles.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin relies on Microsoft Azure Maps to display interactive map in the WordPress admin area and obtain GPS coordinates.\u003Cbr \u002F>\nIt’s using additional modules to enable search for location functionality (geocoding), browser‑based geolocation and Fullscreen option.\u003C\u002Fp>\n\u003Ch3>What data is sent and when\u003C\u002Fh3>\n\u003Cp>Plugin sends sample geolocation query to the Azure REST server to validate the API Key.\u003Cbr \u002F>\nWhen the map loads or when the user interacts with it, the browser sends requests to Azure Maps servers. These requests may include:\u003Cbr \u002F>\n* Search queries entered by the user or location coordinates\u003Cbr \u002F>\n* Standard HTTP request data (e.g., IP address, browser type, OS)\u003Cbr \u002F>\n* Map tile requests triggered by zooming or panning\u003C\u002Fp>\n\u003Cp>If the user chooses to use the map’s “Locate Me” button, their location is only shared if they explicitly grant permission in their browser.\u003C\u002Fp>\n\u003Ch3>API key and account requirement\u003C\u002Fh3>\n\u003Cp>To use this plugin, the site owner must create a free Azure Maps account and generate an API key.\u003Cbr \u002F>\nAzure Maps offers a \u003Cstrong>free tier\u003C\u002Fstrong> with generous limits that typical individual or small‑site usage is very unlikely to exceed.\u003C\u002Fp>\n\u003Ch3>Legal documentation\u003C\u002Fh3>\n\u003Cp>Azure Maps is provided by Microsoft. Relevant policies:\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fazure.microsoft.com\u002Fsupport\u002Flegal\u002F\" rel=\"nofollow ugc\">Terms of Use\u003C\u002Fa>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fprivacy.microsoft.com\u002Fprivacystatement\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fazure.microsoft.com\u002Fen-gb\u002Fpricing\u002Fpurchase-options\u002Fazure-account?icid=azurefreeaccount\" rel=\"nofollow ugc\">Azure free account creation\u003C\u002Fa>\u003C\u002Fp>\n","View, add, and edit EXIF GPS coordinates for your photos by selecting a location on a map, searching for it or typing in the coordinates.",0,196,"2026-03-02T14:08:00.000Z","6.9.4","5.0","7.2.0",[18,19,20,21,22],"coordinates","gps","location","map","photo","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgps-2-photos\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgps-2-photos.1.0.0.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":25,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"pablo2",2,90,30,94,"2026-04-04T06:53:22.629Z",[37,58,75,96,116],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":56,"download_link":57,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"geolocation","Geolocation","1.9.7","Chris","https:\u002F\u002Fprofiles.wordpress.org\u002Ffrsh\u002F","\u003Cp>The Geolocation plugin allows WordPress users to geotag their posts using the Edit Post page.\u003C\u002Fp>\n\u003Cp>Previously, in all WordPress mobile applications such as WordPress for iPhone\u002FiPad, WordPress for Android this was directly available by activating the gps functionality. Unfortunately, the WP-application developers decided to deactivate the feature of storing GPS data in the app but I am hoping for its return.\u003C\u002Fp>\n\u003Cp>The automated way to obtain geoinformation is possible by adding a photo as featured image to your post. If you have a featured image attached to you post, its gps coordinates are taken into concideration if there is no geo-information provided already. If you use an iPhone, make sure that you take your photos in jpg. Otherwise the GPS information is stripped from the HEIC when exporting to JPG and uploading. Furthermore, when using the WP app, make sure you have enabled to keep all metadata in the files that are uploade. Otherwise, the app will remove also the GPS information.\u003C\u002Fp>\n\u003Cp>Once there is geoinformation added to any of your posts, visitors see a short description of the address either before, after, or at a custom location within the post. Here, you have three options as shown below: plain, link or static information.\u003Cbr \u002F>\nWhen “link” is chosen, hovering over the address reveals a map that displays the post’s exact location.\u003Cbr \u002F>\nIf one would only like to show a textual version without accessing any external services or without showing a map when visitors see a post, one can enable a “plain” mode to prevent external access except for authors to set a particular location.\u003Cbr \u002F>\nFurthermore, there is an option to statically show the map whenever there is geoinformation available. (see below for examples)\u003C\u002Fp>\n\u003Cp>You can chose between two map providers: Google Maps and Open Streetmaps.  If you use Open Streetmaps as mapprovider in combination with the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fosm-tiles-proxy\u002F\" title=\"proxy plugin for OSM\" rel=\"ugc\">proxy plugin for OSM\u003C\u002Fa>, the tiles are delivered from the local proxy so that the visitors cannot be tracked from a third party. If no proxy is installed or Google Maps is used as the provider, this is not feasable, i.e., the tiles are pulled directly from the map service to your visitor’s browser.\u003C\u002Fp>\n\u003Cp>Furthermore, there is the option to use the tag [geolocation] also on a page in order to provide a map with multiple entries (e.g. from a journey) on one map altogether. The set of shown locations can be filtered per page, by placing a user defined field called “category” and give it the name (not the slag!) of the category to be shown. This way, you can also hide the location information per post (by chosing the “code option” without using it) and only show an overview map if needed. If the page is not restricted by any of the categories, all locations are shown that were tagged “public” and have the switch set to “enabled”. (see example below)\u003C\u002Fp>\n\u003Cp>By default, this plugin uses Open-Streetmap but as an alternative (and backwards-compatibility) google maps can also be used. However, one needs to have a Goole Maps API key to use this plugin with google maps. You may obtain a key via google cloud plattform. Make sure, you have activated “Maps JavaScript API” as well as “Geocoding API”.\u003C\u002Fp>\n\u003Cp>If you struggle while installing it or have feature requests, please feel free to drop a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fgeolocation\u002F\" title=\"support request\" rel=\"ugc\">support request\u003C\u002Fa> anytime. I am more than happy to help you. Also if you would want to give a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fgeolocation\u002Freviews\u002F\" title=\"review\" rel=\"ugc\">review\u003C\u002Fa> if you are happy with the plugin, I would appreciate the feedback.\u003C\u002Fp>\n","Lightweight display the location information of your post in a map (GDPR comliant). Ideal for travelbloggers or anyone who would like to show the loca &hellip;",500,41633,78,11,"2025-05-24T19:44:00.000Z","6.8.5","6.0","7.3",[19,54,20,21,55],"journey","travel","https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fgeolocation\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgeolocation.1.9.7.zip",{"slug":59,"name":60,"version":61,"author":7,"author_profile":8,"description":62,"short_description":63,"active_installs":32,"downloaded":64,"rating":65,"num_ratings":66,"last_updated":67,"tested_up_to":14,"requires_at_least":68,"requires_php":16,"tags":69,"homepage":73,"download_link":74,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"nextgen-gallery-geo","Geo2 Maps Add-on for NextGEN Gallery","2.1.6","\u003Cp>!!! Please notice that “Ratings” do not represent the current plugin version quality – which was updated and corrected. Please check by yourself and leave feedback.\u003C\u002Fp>\n\u003Cp>NGG Geo2 Maps Add-on is a flexible extension plugin for free or Pro NextGEN Gallery (tested up to version 4.0.4), displaying maps with your photos, galleries or albums located using EXIF GPS data or geocoding.\u003C\u002Fp>\n\u003Cp>The goal of this plugin is to add to WordPress similar geolocation functionality as other web-based self-hosted photo manager apps have like Gallery 3, Piwigo, PhotoPrism or LibrePhotos.\u003C\u002Fp>\n\u003Cp>The plugin is using Microsoft Azure Maps and requires free Azure Maps API Key to function.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Maps with geo-located photos – Create maps with your photos, using their GPS data.\u003C\u002Fli>\n\u003Cli>Support for JPEG and WebP images, with fast, native metadata reading.\u003C\u002Fli>\n\u003Cli>Support for different representation of photos on a map: 7 Azure maps Pushpins, Thumbnails (round, rectangular)\u003C\u002Fli>\n\u003Cli>Preview photos by clicking on a Pushpins\u002FThumbnails in an Infobox or one of 3 Lightboxes (Fancybox, Slimbox 2 or Fancybox 3)\u003C\u002Fli>\n\u003Cli>Customise Lightboxes: colours and controls\u003C\u002Fli>\n\u003Cli>Fancybox 3 Bottom Caption Panel with additional image EXIF and GPS info\u003C\u002Fli>\n\u003Cli>Route mode with GPX, GML, KMZ, KML, GeoRSS, GeoJSON, spatial CSV support: displays your travel route together with photos or any other data\u003C\u002Fli>\n\u003Cli>Worldmap mode: shows all or specific photos, galleries and albums on an overview map, open or preview galleries (via Ajax)\u003C\u002Fli>\n\u003Cli>Include your maps by using Shortcodes\u003C\u002Fli>\n\u003Cli>Include maps automatically in every post with a NextGEN gallery\u003C\u002Fli>\n\u003Cli>Open maps on requests (via Ajax)\u003C\u002Fli>\n\u003Cli>Create maps with specific photos only\u003C\u002Fli>\n\u003Cli>Create multiple maps on one page\u003C\u002Fli>\n\u003Cli>Enlarge maps to full screen\u003C\u002Fli>\n\u003Cli>Mini Map module\u003C\u002Fli>\n\u003Cli>Different visual styles for maps\u003C\u002Fli>\n\u003Cli>Itemized options panel: configure many available options\u003C\u002Fli>\n\u003Cli>Language support: users can create translations (English, Polish included)\u003C\u002Fli>\n\u003Cli>Geolocation of galleries and albums in the Worldmap mode using Title\u003C\u002Fli>\n\u003C\u002Ful>\n","NGG Geo2 Maps Add-on displays maps with photos, galleries, or albums using EXIF GPS data or geocoding. Requires NextGEN Gallery.",25008,66,12,"2026-02-10T22:00:00.000Z","3.0.1",[70,19,21,71,72],"gallery","nextgen","photos","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnextgen-gallery-geo\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnextgen-gallery-geo.2.1.6.zip",{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":83,"downloaded":84,"rating":25,"num_ratings":85,"last_updated":86,"tested_up_to":87,"requires_at_least":88,"requires_php":89,"tags":90,"homepage":93,"download_link":94,"security_score":95,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"google-maps-photo-gallery","Google Maps Photo Gallery","1.3","sysbird","https:\u002F\u002Fprofiles.wordpress.org\u002Fsysbird\u002F","\u003Cp>The shortcode for gallery on Google Maps with geotagged photos.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbirdsite.jp\u002F2007\u002F09\u002F21\u002F20070921-hakodate\u002F\" rel=\"nofollow ugc\">Demo\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsysbird\u002Fgooglemaps-photo-gallery\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fsysbird.jp\u002Fwptips\u002Fgooglemaps-photo-gallery\u002F\" rel=\"nofollow ugc\">Description in Japanese\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>The plugin displays a gallery on Google Maps with geotagged photos that has been uploaded to post.\u003C\u002Fli>\n\u003Cli>When clicked the photo on the gallery, zoom in image with lightbox.\u003C\u002Fli>\n\u003Cli>It’s compatible with responsive web design.\u003C\u002Fli>\n\u003Cli>Based on \u003Ca href=\"https:\u002F\u002Fdevelopers.google.com\u002Fmaps\u002Fdocumentation\u002Fjavascript\u002F\" rel=\"nofollow ugc\">Google Maps JavaScript API v3\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ffancyapps.com\u002Ffancybox\u002F3\u002F\" rel=\"nofollow ugc\">fancyBox3\u003C\u002Fa> the jQuery plugin is Licensed GPLv3 for open source use.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fidangero.us\u002Fswiper\u002F\" rel=\"nofollow ugc\">Swiper\u003C\u002Fa>  the jQuery plugin is under the MIT License.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Upload geotagged photos in post.\u003C\u002Fli>\n\u003Cli>Please write shortcode [googlemaps-photo-gallery] in the content.\u003C\u002Fli>\n\u003Cli>You can set center photo, zoom size and height of Google Maps as the initial display.\u003Cbr \u002F>\nexample. [googlemaps-photo-gallery center=”5″ zoom=”16″ height=”750″]\u003Cbr \u002F>\ncenter: menu order of photo(default:the last photo)\u003Cbr \u002F>\nzoom: Google Maps zooming parameter(0-18 default:15)\u003Cbr \u002F>\nheight: Google Maps height(px)(default:500)\u003C\u002Fli>\n\u003C\u002Fol>\n","The shortcode for gallery on Google Maps with geotagged photos.",80,6087,6,"2019-06-29T07:52:00.000Z","5.2.24","4.0","",[70,91,19,22,92],"google-maps","shortcode","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgoogle-maps-photo-gallery\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgoogle-maps-photo-gallery.zip",85,{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":11,"num_ratings":11,"last_updated":106,"tested_up_to":107,"requires_at_least":108,"requires_php":89,"tags":109,"homepage":114,"download_link":115,"security_score":95,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"smartphone-location-lookup","Smartphone Location Lookup","1.0.1","rgubby","https:\u002F\u002Fprofiles.wordpress.org\u002Frgubby\u002F","\u003Cp>This plugin takes advantage of new GPS capabilities inside of the browser on your mobile phone.\u003C\u002Fp>\n\u003Cp>If you’ve added the Smartphone Location Lookup widget to your page and if you have an iPhone, or something new like an HTC Dream, every time you refresh your site on your phone, you’ll update a map in the sidebar telling your stalkers\u002Freaders where you are.\u003C\u002Fp>\n\u003Cp>You can choose from either Google Maps, or Bing Maps to display where you are and have all the choices that these two map providers offer (marker labels, etc).\u003C\u002Fp>\n\u003Cp>You can update your location manually from the Widget too if your phone doesn’t support GPS, just expand the widget and amend your latitude\u002Flongitude.\u003C\u002Fp>\n\u003Cp>In addition, most web browsers now have the same GPS capabilities, so if you allow Firefox\u002FChrome\u002Fetc to record your current location, it’ll update the map.\u003C\u002Fp>\n","This plugins displays a location based map on your sidebar. It tells visitors to your blog exactly where YOU are!",10,2776,"2010-12-19T18:25:00.000Z","3.0.5","3.0",[91,110,111,112,113],"gps-lookup","location-lookup","mobile-gps-capabilities","smartphone","http:\u002F\u002Fredyellow.co.uk\u002Fplugins\u002Fsmartphone-location-lookup\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsmartphone-location-lookup.1.0.1.zip",{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":11,"downloaded":124,"rating":11,"num_ratings":11,"last_updated":89,"tested_up_to":14,"requires_at_least":125,"requires_php":126,"tags":127,"homepage":133,"download_link":134,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":135},"photo-map-embed","Photo Map Embed","0.4.4","ahninternational","https:\u002F\u002Fprofiles.wordpress.org\u002Fahninternational\u002F","\u003Cp>\u003Cstrong>Photo Map Embed\u003C\u002Fstrong> lets you convert photo GPS (EXIF) data into an interactive map that you can embed anywhere in WordPress — using a \u003Cstrong>Gutenberg block\u003C\u002Fstrong> or a \u003Cstrong>shortcode\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>Upload one or more photos containing GPS coordinates, and the plugin (or the free builder at \u003Ca href=\"https:\u002F\u002Fphotomapembed.com\" rel=\"nofollow ugc\">photomapembed.com\u003C\u002Fa>) instantly generates a shareable map with markers for each location. The embedded maps are lightweight, privacy-friendly, and work seamlessly on both desktop and mobile.\u003C\u002Fp>\n\u003Cp>Free embeds include a small “Powered by Photo Map Embed” credit link.\u003C\u002Fp>\n\u003Ch3>✨ Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Converts photo EXIF GPS to shareable Leaflet maps  \u003C\u002Fli>\n\u003Cli>Interactive map preview in Gutenberg  \u003C\u002Fli>\n\u003Cli>Copy-paste embed or use shortcode  \u003C\u002Fli>\n\u003Cli>Customizable style (\u003Ccode>street\u003C\u002Fcode>, \u003Ccode>satellite\u003C\u002Fcode>, etc.)  \u003C\u002Fli>\n\u003Cli>Lightweight and privacy-friendly  \u003C\u002Fli>\n\u003Cli>Works with images from iPhone, Android, or DSLR (with GPS)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For bulk upload and free online builder, visit \u003Ca href=\"https:\u002F\u002Fphotomapembed.com\" rel=\"nofollow ugc\">photomapembed.com\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>Photo Map Embed does not collect or store user data. The optional builder (photomapembed.com) uses privacy-friendly analytics via Umami.\u003C\u002Fp>\n","Short Description: Turn EXIF GPS into an interactive map. Gutenberg block and shortcode. Edit pin titles; embed in seconds. No image uploads.",223,"5.8","7.4",[128,129,130,131,132],"exif-gps","gutenberg-block","leaflet","maps","photo-embed","https:\u002F\u002Fphotomapembed.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fphoto-map-embed.0.4.4.zip","2026-03-15T10:48:56.248Z",{"attackSurface":137,"codeSignals":194,"taintFlows":219,"riskAssessment":262,"analyzedAt":269},{"hooks":138,"ajaxHandlers":172,"restRoutes":190,"shortcodes":191,"cronEvents":192,"entryPointCount":193,"unprotectedCount":193},[139,145,149,153,158,162,167],{"type":140,"name":141,"callback":142,"file":143,"line":144},"action","admin_init","gps2photos_options_init","administration.php",20,{"type":140,"name":146,"callback":147,"file":143,"line":148},"admin_enqueue_scripts","gps2photos_plugin_admin_scripts",75,{"type":140,"name":150,"callback":151,"file":143,"line":152},"admin_footer","gps2photos_add_hidden_modal",172,{"type":154,"name":155,"callback":156,"priority":104,"file":143,"line":157},"filter","ngg_manage_images_row_actions","gps2photos_add_nextgen_action_callback",266,{"type":140,"name":159,"callback":160,"file":143,"line":161},"admin_notices","gps2photos_admin_notices",304,{"type":140,"name":163,"callback":164,"priority":165,"file":143,"line":166},"admin_menu","gps2photos_add_page",99,330,{"type":154,"name":168,"callback":169,"priority":104,"file":170,"line":171},"attachment_fields_to_edit","gps2photos_add_attachment_fields_to_edit","functions.php",32,[173,178,182,186],{"action":174,"nopriv":175,"callback":176,"hasNonce":175,"hasCapCheck":175,"file":143,"line":177},"gps2photos_get_azure_maps_api_key",false,"gps2photos_get_azure_maps_api_key_callback",56,{"action":179,"nopriv":175,"callback":180,"hasNonce":175,"hasCapCheck":175,"file":143,"line":181},"gps2photos_save_coordinates","gps2photos_save_coordinates_callback",57,{"action":183,"nopriv":175,"callback":184,"hasNonce":175,"hasCapCheck":175,"file":143,"line":185},"gps2photos_restore_from_backup","gps2photos_restore_from_backup_callback",58,{"action":187,"nopriv":175,"callback":188,"hasNonce":175,"hasCapCheck":175,"file":143,"line":189},"gps2photos_get_coordinates","gps2photos_get_coordinates_callback",59,[],[],[],4,{"dangerousFunctions":195,"sqlUsage":196,"outputEscaping":202,"fileOperations":66,"externalRequests":197,"nonceChecks":193,"capabilityChecks":217,"bundledLibraries":218},[],{"prepared":31,"raw":197,"locations":198},1,[199],{"file":170,"line":200,"context":201},1606,"$wpdb->query() with variable interpolation",{"escaped":203,"rawEcho":204,"locations":205},71,5,[206,209,211,213,215],{"file":143,"line":207,"context":208},72,"raw output",{"file":143,"line":210,"context":208},316,{"file":143,"line":212,"context":208},321,{"file":143,"line":214,"context":208},386,{"file":143,"line":216,"context":208},397,3,[],[220],{"entryPoint":221,"graph":222,"unsanitizedCount":31,"severity":261},"\u003Cfunctions> (functions.php:0)",{"nodes":223,"edges":254},[224,229,235,239,243,246,249,252],{"id":225,"type":226,"label":227,"file":170,"line":228},"n0","source","$_POST (x2)",408,{"id":230,"type":231,"label":232,"file":170,"line":233,"wp_function":234},"n1","sink","fopen() [File Access]",846,"fopen",{"id":236,"type":226,"label":237,"file":170,"line":238},"n2","$_POST",350,{"id":240,"type":241,"label":242,"file":170,"line":238},"n3","transform","→ gps2photos_get_webp_backup_coordinates()",{"id":244,"type":231,"label":232,"file":170,"line":245,"wp_function":234},"n4",1317,{"id":247,"type":226,"label":237,"file":170,"line":248},"n5",777,{"id":250,"type":241,"label":251,"file":170,"line":248},"n6","→ gps2photos_get_webp_gps()",{"id":253,"type":231,"label":232,"file":170,"line":233,"wp_function":234},"n7",[255,257,258,259,260],{"from":225,"to":230,"sanitized":256},true,{"from":236,"to":240,"sanitized":175},{"from":240,"to":244,"sanitized":175},{"from":247,"to":250,"sanitized":175},{"from":250,"to":253,"sanitized":175},"medium",{"summary":263,"deductions":264},"The \"gps-2-photos\" plugin v1.0.0 exhibits a concerning security posture due to a significant number of unprotected AJAX handlers. While the static analysis shows no dangerous functions, a low rate of unescaped output, and a healthy percentage of SQL queries using prepared statements, the absence of authentication checks on all identified AJAX entry points is a major vulnerability. This means that any unauthenticated user could potentially trigger these AJAX actions, leading to unintended consequences or exploitation.\n\nThe taint analysis did reveal one flow with unsanitized paths, but it was not categorized as critical or high severity. This suggests a potential for path traversal or similar vulnerabilities, though its impact may be limited. The plugin's vulnerability history is clean, with no known CVEs. This is a positive indicator, but it doesn't negate the immediate risks presented by the unprotected entry points. The lack of past vulnerabilities could be due to the plugin's age, obscurity, or simply good luck.\n\nIn conclusion, while the \"gps-2-photos\" plugin has some good practices, particularly in its handling of SQL and output escaping, the unprotected AJAX handlers present a critical security weakness. The single unsanitized path flow adds another layer of concern. Given the high number of unprotected entry points, immediate attention is required to implement proper authentication and authorization checks on these AJAX handlers to mitigate the risk of unauthorized access and potential exploitation.",[265,267],{"reason":266,"points":104},"AJAX handlers without auth checks",{"reason":268,"points":204},"Flows with unsanitized paths","2026-03-17T06:17:21.911Z",{"wat":271,"direct":280},{"assetPaths":272,"generatorPatterns":275,"scriptPaths":276,"versionParams":277},[273,274],"\u002Fwp-content\u002Fplugins\u002Fgps-2-photos\u002Fassets\u002Fcss\u002Fstyles.css","\u002Fwp-content\u002Fplugins\u002Fgps-2-photos\u002Fassets\u002Fjs\u002Fscripts.js",[],[274],[278,279],"gps-2-photos\u002Fassets\u002Fcss\u002Fstyles.css?ver=","gps-2-photos\u002Fassets\u002Fjs\u002Fscripts.js?ver=",{"cssClasses":281,"htmlComments":283,"htmlAttributes":287,"restEndpoints":295,"jsGlobals":298,"shortcodeOutput":300},[282],"gps2photos_map_container",[284,285,286],"\u003C!-- GPS 2 Photos - map start -->","\u003C!-- GPS 2 Photos - map end -->","\u003C!-- GPS 2 Photos - Add GPS to Media -->",[288,289,290,291,292,293,294],"data-map-provider","data-azure-key","data-pin-icon-type","data-pin-color","data-pin-secondary-color","data-search-pin-color","data-search-pin-icon-type",[296,297],"\u002Fwp-json\u002Fgps-2-photos\u002Fv1\u002Fget-coordinates","\u002Fwp-json\u002Fgps-2-photos\u002Fv1\u002Fsave-coordinates",[299],"gps2photos_options",[301],"[gps_photos_map]"]