[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fd37Vn7BjPKPQr3tSZ-VwaCmFO2__1TjzRoXkTbYyziI":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":38,"analysis":140,"fingerprints":243},"integration-between-leaflet-map-and-civicrm","Integration between Leaflet Map and CiviCRM","1.0.8","Jaap Jansma","https:\u002F\u002Fprofiles.wordpress.org\u002Fjaapjansma\u002F","\u003Cp>Provides an integration between CiviCRM api and the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fleaflet-map\u002F\" rel=\"ugc\">leaflet map\u003C\u002Fa>. Meaning you can create maps from CiviCRM Data.\u003Cbr \u002F>\nYou can use this plugin with \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fconnector-civicrm-mcrestface\u002F\" rel=\"ugc\">Connector to CiviCRM with CiviMcRestFace plugin\u003C\u002Fa>\u003Cbr \u002F>\nwhich gives you the ability to connect to an CiviCRM installation on a different server.\u003C\u002Fp>\n\u003Cp>You can use the short code as follows:\u003C\u002Fp>\n\u003Cp>[leaflet-civicrm-api entity=.. action=… lng_property=’longitude’ lat_property=’latitude’ profile=local tooltip_text=’Name: {display_name}’ …]\u003Cbr \u002F>\n    \u003Cstrong>{display_name}\u003C\u002Fstrong>\u003Cbr \u002F>\n  [\u002Fleaflet-civicrm-api]\u003C\u002Fp>\n\u003Cp>Add the short code \u003Ccode>[leaflet-map]\u003C\u002Fcode> to show the map.\u003Cbr \u002F>\nSee https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fleaflet-map\u002F on how you can configure the \u003Ccode>[leaflet-map]\u003C\u002Fcode> short code.\u003C\u002Fp>\n\u003Cp>For more documentation see: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FCiviMRF\u002Fintegration-civicrm-leaflet\u002Fblob\u002Fmain\u002FREADME.md\" rel=\"nofollow ugc\">README.md\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Funded by\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.civicoop.org\" rel=\"nofollow ugc\">CiviCooP\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fciviservice.de\u002F\" rel=\"nofollow ugc\">Civiservice.de GmbH\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.soziokultur.de\u002F\" rel=\"nofollow ugc\">Bundesverband Soziokultur e.V.\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Provides an integration between CiviCRM api and the leaflet map. Meaning you can create maps from CiviCRM Data. You can use this plugin with Connector &hellip;",10,3562,0,"2022-05-30T12:47:00.000Z","6.0.11","5.2","7.2",[19,20,21,22,23],"api","civicrm","leaflet","leaflet-map","map","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fintegration-between-leaflet-map-and-civicrm.1.0.8.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"jaapjansma",6,540,91,62,82,"2026-04-05T02:08:26.049Z",[39,60,80,96,119],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":16,"requires_php":53,"tags":54,"homepage":58,"download_link":59,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"bs-maps-google-map-and-leaflet-map-for-elementor-and-wpbakery","BS Maps – Google Map and Leaflet Map  for Elementor and WPBackery","1.2.0","Balcomsoft","https:\u002F\u002Fprofiles.wordpress.org\u002Fbalcomsoft100\u002F","\u003Cp>The Plugin enables addons for Elementor and WPBackery Page Builder for enhancing their functionality to display Google Map and Leaflet Maps Widget.\u003Cbr \u002F>\nThis guide provides instructions for installation. It is recommended you read it thoroughly to fully leverage the “BS Maps – Google Map and Leaflet Map WordPress Plugin for Elementor and WPBackery” plugin’s capabilities.\u003Cbr \u002F>\nIf you need any help or support please contact us through Support Email: info@balcomsoft.com\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fbs-gmaps-pro-google-map-widget-for-elementor\u002F43291332\" rel=\"nofollow ugc\">Get BS GMaps PRO – Google Map Widget for Elementor\u003C\u002Fa>\u003C\u002Fstrong>\u003Cbr \u002F>\nBS GMaps PRO – Google Map Widget for Elementor has advanced settings and features:\u003Cbr \u002F>\nFeatures:\u003Cbr \u002F>\n– Custom Markers: The ability to add multiple markers to the map, each with their own custom icon, size, longitude, latitude, location name, and description fields.\u003Cbr \u002F>\n– Map Center: The ability to set the center point of the map, which determines the area of the map that is initially visible.\u003Cbr \u002F>\n– Map Settings: The ability to customize various settings related to the map, such as the type of map (road, satellite, etc.), the zoom level, and whether to display labels for points of interest.\u003Cbr \u002F>\n– Map Styles: The ability to change the appearance of the map, such as the colors and styles of roads, buildings, and other features.\u003Cbr \u002F>\n– Map controls: The ability to enable or disable map controls like zoom and map type controls, and street view controls.\u003Cbr \u002F>\n– Hiding controls: The ability to hide logos, copyright, terms and other controls, giving you more control over the map’s appearance.\u003Cbr \u002F>\n– Easy to use interface: User-friendly interface that makes it easy to customize your maps and add markers.\u003Cbr \u002F>\n– Marker clusters: This is the element that groups multiple markers together in a single cluster.\u003Cbr \u002F>\n– It is translatable\u003C\u002Fp>\n","The easiest to use Google maps and Leaflet maps addons for Elementor and Wp Backery! Create a custom Google map and Leaflet maps with Elementor and Wp &hellip;",70,2103,100,1,"2023-04-30T09:18:00.000Z","6.2.9","5.6",[55,22,23,56,57],"google-maps","maps","openstreet","https:\u002F\u002Fbsmaps.balcomsoft.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbs-maps-google-map-and-leaflet-map-for-elementor-and-wpbakery.1.2.0.zip",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":13,"downloaded":68,"rating":13,"num_ratings":13,"last_updated":69,"tested_up_to":70,"requires_at_least":53,"requires_php":71,"tags":72,"homepage":78,"download_link":79,"security_score":49,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"category-maps","Category Maps","1.4.3","wpwoodo","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpwoodo\u002F","\u003Cp>Category Maps is a powerful and easy-to-use maps plugin that let’s you create very nice and completely customizable maps based on any (custom) post type – fully compliant with legal data protection rules.\u003C\u002Fp>\n\u003Cp>Create high quality category maps based on any (custom) post type that stores location data in its meta information. Location data can be added easily through the plugin. Just select a (custom) post type and the related taxonomy. The plugin will automatically create markers based on the location data of the related posts. Location data may consist of latitude \u002F longitude pairs or addresses (depending on the post type definitions). An open source geocoder will resolve addresses or determine them from the given geo-coordinates.\u003C\u002Fp>\n\u003Cp>The integrated easy-to-use shortcode generator will help you to configure your maps settings. It lets you customize the appearance of the maps and decide if you want to have an additional category overview beneath the map.\u003C\u002Fp>\n\u003Cp>Putting the resulting shortcode on any page or post will display a pretty nice category map to your site visitors. Allow your visitors to pick what they want to see by filtering markers based on their category.\u003C\u002Fp>\n\u003Cp>Since this plugin works completely with OSM \u002F leaflet no maps API key is needed. Furthermore, it’s fully compliant with legal obligations for data protection – no personal data will be passed on.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Use Cases\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Local businesses: Show your branches with categories such as “Sales”, ‘Service’ or “Partners”.\u003C\u002Fli>\n\u003Cli>Travel blogs: Showcase travel destinations with filters for “Beaches”, ‘Museums’ or “Adventure”.\u003C\u002Fli>\n\u003Cli>E-commerce: Visualize delivery areas or pick-up stations for your customers.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Map Data and GeoCoding\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin uses Leaflet as map tile service. Leaflet (https:\u002F\u002Fleafletjs.com\u002F) is a JavaScript library used to build web mapping applications. It allows developers without a GIS background to display tiled web maps hosted on a public server, with optional tiled overlays.\u003C\u002Fp>\n\u003Cp>Furthermore, this plugin uses the Nominatim geocoding API of OpenStreetMap (https:\u002F\u002Fnominatim.org\u002F). Use of all OSMF provided services is subject to the OpenStreetMap Foundation privacy policy (https:\u002F\u002Fosmfoundation.org\u002Fwiki\u002FPrivacy_Policy). Use of any OSM’s Nominatim service is further governed by the OSMF Terms of Use (https:\u002F\u002Fosmfoundation.org\u002Fwiki\u002FTerms_of_Use).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>PRO Version\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you’re interested in enhancing your plugin instance, you can purchase a PRO version at https:\u002F\u002Fwpwoodo.com\u002F.\u003C\u002Fp>\n\u003Cp>With the PRO version of the plugin you can colorize your categories (markers), add individual and independent markers apart from the category markers, choose more than just one map layer or even add individual map tile layers. For more information take a look at https:\u002F\u002Fleaflet-extras.github.io\u002Fleaflet-providers\u002Fpreview\u002F where you can find a large number of map title providers that can be integrated with this plugin.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Powerful and easy-to-use maps plugin\u003C\u002Fli>\n\u003Cli>Completely customizable maps for your posts and pages\u003C\u002Fli>\n\u003Cli>Works with any (custom) post type that stores location data in its metas\u003C\u002Fli>\n\u003Cli>Location related meta data can easily be added through the plugin\u003C\u002Fli>\n\u003Cli>OpenSource geocoder included – no API key needed!\u003C\u002Fli>\n\u003Cli>Easy-to-use shortcode generator with a familiar interface\u003C\u002Fli>\n\u003Cli>Category list beneath the map (optional)\u003C\u002Fli>\n\u003Cli>Fully compliant with legal data protection rules\u003C\u002Fli>\n\u003Cli>Different map layers available (PRO)\u003C\u002Fli>\n\u003Cli>Add an individual map tile layer (PRO)\u003C\u002Fli>\n\u003Cli>Customizable category colors (PRO)\u003C\u002Fli>\n\u003Cli>Add category independent markers to your map (PRO)\u003C\u002Fli>\n\u003C\u002Ful>\n","Creates nice filterable maps based on (custom) post types storing location data.",407,"2025-09-18T09:23:00.000Z","6.8.5","7.0",[73,74,75,76,77],"category-filter","custom-maps","geolocation","leaflet-maps","map-shortcode","https:\u002F\u002Fcategorymaps.wpwoodo.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcategory-maps.1.4.3.zip",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":13,"downloaded":88,"rating":13,"num_ratings":13,"last_updated":24,"tested_up_to":52,"requires_at_least":89,"requires_php":90,"tags":91,"homepage":93,"download_link":94,"security_score":49,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":95},"rock-maps-for-divi","Rock Maps for Divi","1.0.1","Renzo Castillo","https:\u002F\u002Fprofiles.wordpress.org\u002Frenzocastillo\u002F","\u003Cp>Divi Rock Maps is a powerful Divi plugin that allows you to create custom maps with multiple markers and custom popups.\u003C\u002Fp>\n","Divi Rock Maps is a powerful Divi plugin that allows you to create custom maps with multiple markers and custom popups.",665,"5.5","7.4",[92,22,56],"google-map","https:\u002F\u002Fwww.elegantthemes.com\u002Fmarketplace\u002Fdivi-rock-maps\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frock-maps-for-divi.1.0.1.zip","2026-03-15T10:48:56.248Z",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":106,"num_ratings":107,"last_updated":108,"tested_up_to":109,"requires_at_least":110,"requires_php":53,"tags":111,"homepage":116,"download_link":117,"security_score":49,"vuln_count":50,"unpatched_count":13,"last_vuln_date":118,"fetched_at":28},"api-key-for-google-maps","API KEY for Google Maps","1.2.14","Stiofan","https:\u002F\u002Fprofiles.wordpress.org\u002Fstiofansisland\u002F","\u003Cp>Retroactively add Google Maps API KEY to any theme or plugin.\u003C\u002Fp>\n\u003Cp>Simply activate, go to Settings>Google API KEY and enter your key.\u003Cbr \u002F>\nThe plugin will then attempt to add this key to all the places it is needed on the front of your website.\u003Cbr \u002F>\nNOTE: this will only work if the Google API has been added as per WordPress standards)\u003C\u002Fp>\n\u003Cp>Since January 2023 Google Maps JavaScript API requires callback parameter. This plugin also fixes JavaScript Error: \u003Ca href=\"https:\u002F\u002Fdevelopers.google.com\u002Fmaps\u002Fdocumentation\u002Fjavascript\u002Furl-params#required_parameters\" rel=\"nofollow ugc\">Loading the Google Maps JavaScript API without a callback is not supported\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>The plugin was created by the GeoDirectory team: \u003Ca href=\"https:\u002F\u002Fwpgeodirectory.com\" rel=\"nofollow ugc\">https:\u002F\u002Fwpgeodirectory.com\u003C\u002Fa>\u003C\u002Fp>\n","Retroactively add Google Maps API KEY to any theme or plugin.",40000,808416,98,55,"2025-12-03T14:16:00.000Z","6.9.4","5.0",[55,112,113,114,115],"google-maps-api-callback","google-maps-api-key","google-maps-callback","google-maps-key","https:\u002F\u002Fwpgeodirectory.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fapi-key-for-google-maps.1.2.14.zip","2022-06-08 10:50:00",{"slug":22,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":126,"downloaded":127,"rating":106,"num_ratings":128,"last_updated":129,"tested_up_to":109,"requires_at_least":130,"requires_php":24,"tags":131,"homepage":135,"download_link":136,"security_score":137,"vuln_count":138,"unpatched_count":13,"last_vuln_date":139,"fetched_at":28},"Leaflet Map","3.4.3","bozdoz","https:\u002F\u002Fprofiles.wordpress.org\u002Fbozdoz\u002F","\u003Cp>Add a map generated with \u003Ca href=\"http:\u002F\u002Fleafletjs.com\u002F\" rel=\"nofollow ugc\">LeafletJS\u003C\u002Fa>: an open-source JavaScript library for mobile-friendly interactive maps. Map tiles are provided by default through \u003Ca href=\"http:\u002F\u002Fwww.openstreetmap.org\u002F\" rel=\"nofollow ugc\">OpenStreetMap\u003C\u002Fa>, or \u003Ca href=\"https:\u002F\u002Fwww.mapquest.ca\u002F\" rel=\"nofollow ugc\">MapQuest\u003C\u002Fa> (with an app key).  Can be set per map with shortcode attributes or through the dashboard settings.\u003C\u002Fp>\n\u003Ch4>Maps\u003C\u002Fh4>\n\u003Cp>Simply create a \u003Cstrong>map\u003C\u002Fstrong> with:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[leaflet-map]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Lookup an address with:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[leaflet-map address=\"chicago\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Know the latitude and longitude of a location? Use them (and a zoom level) with:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[leaflet-map lat=44.67 lng=-63.61 zoom=5]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Add a \u003Cstrong>marker\u003C\u002Fstrong> under your map shortcode, like so:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[leaflet-map]\n[leaflet-marker]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Want more? Make more (and fit the map to contain all of them):\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[leaflet-map fitbounds]\n[leaflet-marker address=\"tokyo\"]\n[leaflet-marker address=\"oslo\"]\n[leaflet-marker address=\"cairo\"]\n[leaflet-marker address=\"toronto\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>You can even add \u003Cstrong>popups\u003C\u002Fstrong> (to any shape) with their names:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[leaflet-map fitbounds]\n[leaflet-marker address=\"tokyo\"]Tokyo[\u002Fleaflet-marker]\n[leaflet-marker address=\"oslo\"]Oslo[\u002Fleaflet-marker]\n...\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Add a link to the popup messages the same way you would add any other link with the WordPress editor.\u003C\u002Fp>\n\u003Ch4>Other Shapes, GeoJSON, and KML\u003C\u002Fh4>\n\u003Cp>Add a line to the map by adding \u003Ccode>[leaflet-line]\u003C\u002Fcode>. You can specify the postions with a list separated by semi-colon \u003Ccode>;\u003C\u002Fcode> or bar \u003Ccode>|\u003C\u002Fcode> using lat\u002Flng: \u003Ccode>[leaflet-line latlngs=\"41, 29; 44, 18\"]\u003C\u002Fcode> or addresses: \u003Ccode>[leaflet-line addresses=\"Istanbul; Sarajevo\"]\u003C\u002Fcode>, or x\u002Fy coordinates for image maps.\u003C\u002Fp>\n\u003Cp>Add a circle to the map by adding \u003Ccode>[leaflet-circle]\u003C\u002Fcode>. You can specify the position using \u003Ccode>lat\u003C\u002Fcode> and \u003Ccode>lng\u003C\u002Fcode> and the radius in meters using \u003Ccode>radius\u003C\u002Fcode>. You can also customize the style using \u003Ca href=\"https:\u002F\u002Fleafletjs.com\u002Freference.html#path-option\" rel=\"nofollow ugc\">Leaflet’s Path options\u003C\u002Fa>. Example: \u003Ccode>[leaflet-circle message=\"max distance\" lng=5.117909610271454 lat=52.097914814706094 radius=17500 color=\"#0DC143\" fillOpacity=0.1]\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cp>Or you can add a geojson shape via a url (make sure you are allowed to access it if it’s not hosted on your own server): \u003Ccode>[leaflet-geojson src=\"https:\u002F\u002Fexample.com\u002Fpath\u002Fto.geojson\"]\u003C\u002Fcode>.  Add custom popups with field names; try out the default src file and fields like so:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[leaflet-map fitbounds]\n[leaflet-geojson]{name}[\u002Fleaflet-geojson]\n\n\nname is a property on that GeoJSON, and it can be accessed with curly brackets and the property name.\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Image Maps\u003C\u002Fh4>\n\u003Cp>Alternatively, you could use a plain image for visitors to zoom and pan around with \u003Ccode>[leaflet-image src=\"path\u002Fto\u002Fimage\u002Ffile.jpg\"]\u003C\u002Fcode>.  See screenshots 3 – 5 for help setting that up.\u003C\u002Fp>\n\u003Ch4>More\u003C\u002Fh4>\n\u003Cp>Check out other examples on the Shortcode Helper page in the Leaflet Map admin section.\u003C\u002Fp>\n\u003Cp>Check out the \u003Cstrong>source code\u003C\u002Fstrong> and \u003Cstrong>more\u003C\u002Fstrong> details on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbozdoz\u002Fwp-plugin-leaflet-map\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>!\u003C\u002Fp>\n","Interactive maps and markers on your posts and pages with simple shortcodes.",30000,502403,58,"2026-01-16T05:05:00.000Z","4.6",[132,21,23,133,134],"interactive","mapquest","openstreetmap","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fleaflet-map\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fleaflet-map.3.4.3.zip",99,3,"2023-09-20 00:00:00",{"attackSurface":141,"codeSignals":178,"taintFlows":194,"riskAssessment":228,"analyzedAt":242},{"hooks":142,"ajaxHandlers":158,"restRoutes":166,"shortcodes":167,"cronEvents":175,"entryPointCount":176,"unprotectedCount":177},[143,149,153],{"type":144,"name":145,"callback":146,"file":147,"line":148},"action","init","closure","integration-civicrm-leaflet.php",32,{"type":144,"name":150,"callback":151,"file":147,"line":152},"wp_enqueue_scripts","integration_civicrm_leaflet_enqueue_scripts",43,{"type":154,"name":155,"callback":146,"priority":11,"file":156,"line":157},"filter","integration_civicrm_leaflet_alter_filter_fields","integration_civicrm_leaflet.api.php",21,[159,163],{"action":160,"nopriv":161,"callback":160,"hasNonce":161,"hasCapCheck":161,"file":147,"line":162},"integration_civicrm_leaflet_data",false,39,{"action":160,"nopriv":164,"callback":160,"hasNonce":161,"hasCapCheck":161,"file":147,"line":165},true,40,[],[168,172],{"tag":169,"callback":170,"file":147,"line":171},"leaflet-civicrm-api","shortcode",37,{"tag":173,"callback":170,"file":147,"line":174},"leaflet-civicrm-api-combined-filter-button",38,[],4,2,{"dangerousFunctions":179,"sqlUsage":180,"outputEscaping":182,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":193},[],{"prepared":13,"raw":13,"locations":181},[],{"escaped":183,"rawEcho":138,"locations":184},132,[185,188,191],{"file":147,"line":186,"context":187},94,"raw output",{"file":189,"line":190,"context":187},"shortcodes\\class.civicrm-api-shortcode.php",205,{"file":189,"line":192,"context":187},287,[],[195,218],{"entryPoint":196,"graph":197,"unsanitizedCount":138,"severity":217},"integration_civicrm_leaflet_data (integration-civicrm-leaflet.php:54)",{"nodes":198,"edges":214},[199,204,208],{"id":200,"type":201,"label":202,"file":147,"line":203},"n0","source","$_POST (x3)",65,{"id":205,"type":206,"label":207,"file":147,"line":203},"n1","transform","→ integration_civicrm_leaflet_api()",{"id":209,"type":210,"label":211,"file":147,"line":212,"wp_function":213},"n2","sink","call_user_func() [RCE]",142,"call_user_func",[215,216],{"from":200,"to":205,"sanitized":161},{"from":205,"to":209,"sanitized":161},"high",{"entryPoint":219,"graph":220,"unsanitizedCount":138,"severity":217},"\u003Cintegration-civicrm-leaflet> (integration-civicrm-leaflet.php:0)",{"nodes":221,"edges":225},[222,223,224],{"id":200,"type":201,"label":202,"file":147,"line":203},{"id":205,"type":206,"label":207,"file":147,"line":203},{"id":209,"type":210,"label":211,"file":147,"line":212,"wp_function":213},[226,227],{"from":200,"to":205,"sanitized":161},{"from":205,"to":209,"sanitized":161},{"summary":229,"deductions":230},"The \"integration-between-leaflet-map-and-civicrm\" plugin exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices regarding database interactions, with 100% of SQL queries utilizing prepared statements and a high percentage of output being properly escaped, indicating an effort to prevent common web vulnerabilities like SQL injection and XSS. The absence of file operations and external HTTP requests further reduces the attack surface in those areas.\n\nHowever, significant concerns arise from the analysis of entry points and taint flows. Two AJAX handlers are present, and critically, neither has authentication checks, creating a direct path for unauthenticated attackers to interact with the plugin's functionality. The taint analysis reveals two flows with unsanitized paths, both flagged as high severity. This strongly suggests that user-supplied input is not being adequately validated or sanitized before being used in sensitive operations, potentially leading to vulnerabilities like Cross-Site Scripting (XSS) or even Remote Code Execution (RCE) depending on the specific context of these tainted flows. The lack of nonce checks and capability checks on these AJAX handlers exacerbates this risk.\n\nThe vulnerability history is currently clean, with no recorded CVEs. While this is a positive indicator, it should not be interpreted as a guarantee of future security. The presence of high-severity taint flows, coupled with unprotected entry points, represents a substantial risk that could lead to exploitable vulnerabilities. The plugin's strengths lie in its database and output handling, but the lack of authentication on AJAX handlers and the identified unsanitized taint flows are critical weaknesses that need immediate attention.",[231,233,236,239],{"reason":232,"points":11},"AJAX handlers without authentication",{"reason":234,"points":235},"High severity taint flows",12,{"reason":237,"points":238},"Missing nonce checks on AJAX",7,{"reason":240,"points":241},"Missing capability checks",5,"2026-03-16T23:46:57.851Z",{"wat":244,"direct":254},{"assetPaths":245,"generatorPatterns":251,"scriptPaths":252,"versionParams":253},[246,247,248,249,250],"\u002Fwp-content\u002Fplugins\u002Fintegration-between-leaflet-map-and-civicrm\u002Fpackages\u002FLeaflet.markercluster-1.4.1\u002Fdist\u002FMarkerCluster.Default.css","\u002Fwp-content\u002Fplugins\u002Fintegration-between-leaflet-map-and-civicrm\u002Fpackages\u002FLeaflet.markercluster-1.4.1\u002Fdist\u002FMarkerCluster.css","\u002Fwp-content\u002Fplugins\u002Fintegration-between-leaflet-map-and-civicrm\u002Fintegration_civicrm_leaflet.css","\u002Fwp-content\u002Fplugins\u002Fintegration-between-leaflet-map-and-civicrm\u002Fpackages\u002FLeaflet.markercluster-1.4.1\u002Fdist\u002Fleaflet.markercluster.js","\u002Fwp-content\u002Fplugins\u002Fintegration-between-leaflet-map-and-civicrm\u002Fintegration_civicrm_leaflet.js",[],[250],[],{"cssClasses":255,"htmlComments":256,"htmlAttributes":257,"restEndpoints":258,"jsGlobals":260,"shortcodeOutput":261},[],[],[],[259],"\u002Fwp-json\u002Fintegration_civicrm_leaflet_data",[],[262,263],"[leaflet-civicrm-api]","[leaflet-civicrm-api-combined-filter-button]"]