Does SimpleMaps have any unpatched vulnerabilities?

No. All known vulnerabilities in SimpleMaps have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is SimpleMaps compatible with WordPress 6.8.5?

According to WordPress.org data, SimpleMaps 0.99.3 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is SimpleMaps updated?

SimpleMaps was last updated on Aug 4, 2025. Frequent updates are generally a positive security signal.

What is SimpleMaps's security score?

SimpleMaps has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

SimpleMaps Security & Risk Analysis

wordpress.org/plugins/interactive-maps

Easily add an interactive map of the world, US, or many other countries to your WordPress site.

600 active installs v0.99.3 PHP + WP 2.5+ Updated Aug 4, 2025

clickable-mapinteractive-mapsimplemapsus-mapworld-map

A · Safe

CVEs total1

Unpatched0

Last CVEApr 17, 2025

Plugin page Download

Safety Verdict

Is SimpleMaps Safe to Use in 2026?

Generally Safe

Score 99/100

SimpleMaps has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Apr 17, 2025Updated 8mo ago

Risk Assessment

The "interactive-maps" plugin v0.99.3 exhibits a generally good security posture based on the provided static analysis. The code demonstrates strong adherence to secure coding practices, with a high percentage of properly escaped outputs, 100% of SQL queries using prepared statements, and a significant number of nonce and capability checks. There are no identified critical or high severity taint flows, and the plugin's attack surface appears well-controlled, with no unprotected entry points found in this analysis. However, the plugin's vulnerability history is a notable concern. A past medium-severity vulnerability, specifically Cross-Site Request Forgery (CSRF), was recorded. While currently unpatched, this indicates a recurring area of weakness. The fact that the last vulnerability was in the future (2025) is unusual and could indicate a data anomaly or a placeholder for future patching. Overall, while the current code seems robust, the historical presence of CSRF vulnerabilities warrants continued vigilance and proactive security auditing.

Key Concerns

Past medium severity vulnerability (CSRF)

Vulnerabilities

SimpleMaps Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-39424medium · 4.3Cross-Site Request Forgery (CSRF)

Simple Maps <= 0.98 - Cross-Site Request Forgery

Apr 17, 2025 Patched in 0.99 (35d)

Code Analysis

Analyzed Mar 16, 2026

SimpleMaps Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

58 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

97% escaped60 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

processMapDataUpload (includes\class-map-form.php:135)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

SimpleMaps Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[simplemaps] interactive-maps.php:139

WordPress Hooks 9

filterupload_mimesinteractive-maps.php:23

filterwp_check_filetype_and_extinteractive-maps.php:29

actionadmin_menuinteractive-maps.php:40

actionadmin_enqueue_scriptsinteractive-maps.php:55

actionadmin_post_simplemaps_delete_mapinteractive-maps.php:67

actionadmin_post_simplemaps_create_mapinteractive-maps.php:90

actionadmin_post_simplemaps_replace_mapinteractive-maps.php:117

actioninitinteractive-maps.php:208

actioninitinteractive-maps.php:223

Maintenance & Trust

SimpleMaps Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedAug 4, 2025

PHP min version

Downloads37K

Community Trust

Rating96/100

Number of ratings10

Active installs600

Alternatives

SimpleMaps Alternatives

HTML5 Maps

html5-maps

Nice looking interactive responsive and mobile-friendly HTML5 Maps incl. US, World and more, with an option to customize view and behavior of the maps

5K 2 CVEs