Does Map Navigator have any unpatched vulnerabilities?

No. All known vulnerabilities in Map Navigator have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Map Navigator compatible with WordPress 3.2.1?

According to WordPress.org data, Map Navigator 1.1.0 has been tested up to WordPress 3.2.1. Check the plugin's changelog for the latest compatibility information.

How often is Map Navigator updated?

Map Navigator was last updated on Jan 23, 2012. Frequent updates are generally a positive security signal.

What is Map Navigator's security score?

Map Navigator has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Map Navigator Security & Risk Analysis

wordpress.org/plugins/mapnavigator

Create Posts for Map Navigation for a geographical taxonomy using MapPress Google Maps in WordPress.

10 active installs v1.1.0 PHP + WP 2.0.2+ Updated Jan 23, 2012

batchcsvexcelimportspreadsheet

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Map Navigator Safe to Use in 2026?

Generally Safe

Score 85/100

Map Navigator has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 14yr ago

Risk Assessment

The mapnavigator plugin version 1.1.0 exhibits a concerning security posture due to significant vulnerabilities identified in the static analysis. A major red flag is the presence of three AJAX handlers that lack authentication checks, creating a substantial attack surface. Furthermore, the taint analysis revealed three high-severity flows with unsanitized paths, indicating potential for attackers to inject malicious data. The plugin also heavily relies on dangerous functions like `unserialize` and `create_function`, which are often associated with security risks if not handled with extreme care. The output escaping is also alarmingly poor, with only 5% of outputs properly escaped, increasing the risk of cross-site scripting (XSS) vulnerabilities.

While the plugin has no recorded CVEs, this historical absence of public vulnerabilities should not be interpreted as a sign of robust security, especially given the critical findings in the static analysis. The low percentage of prepared SQL statements (81%) also presents a risk of SQL injection, although less severe than the other identified issues. The lack of nonce checks on AJAX endpoints is another critical oversight. The plugin's strength lies in its clean vulnerability history and absence of bundled libraries, but these are overshadowed by the severe security flaws present in its current version.

Key Concerns

AJAX handlers without auth checks
High severity unsanitized taint flows
Use of dangerous functions (unserialize, create_function)
Low percentage of properly escaped output
Low percentage of prepared SQL statements
No nonce checks on AJAX

Vulnerabilities

None known

Map Navigator Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Map Navigator Code Analysis

Dangerous Functions

Raw SQL Queries

38 prepared

Unescaped Output

181

10 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$mapdata = unserialize($mapdata);mappress-google-maps-for-wordpress\mappress.php:117

unserialize$poidata = unserialize($poidata);mappress-google-maps-for-wordpress\mappress.php:121

unserialize$mapdata = unserialize($mapdata);mappress-google-maps-for-wordpress\mappress.php:383

unserialize$poidata = unserialize($poidata);mappress-google-maps-for-wordpress\mappress.php:385

unserialize$map = unserialize($result->obj);mappress-google-maps-for-wordpress\mappress_api.php:279

unserialize$map = unserialize($result->obj);mappress-google-maps-for-wordpress\mappress_api.php:300

create_functionadd_action('widgets_init', create_function('', 'return register_widget("Mappress_Widget");'));mappress-google-maps-for-wordpress\mappress_pro.php:8

unserialize$map = unserialize($result->obj);remap_pois.php:82

SQL Query Safety

81% prepared47 total queries

Output Escaping

5% escaped191 total outputs

Data Flows

5 unsanitized

Data Flow Analysis

5 flows5 with unsanitized paths

post (map-navigator.php:271)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

Map Navigator Attack Surface

Entry Points5

Unprotected3

AJAX Handlers 3

authwp_ajax_mapp_map_savemappress-google-maps-for-wordpress\mappress.php:48

authwp_ajax_mapp_map_deletemappress-google-maps-for-wordpress\mappress.php:49

authwp_ajax_mapp_map_createmappress-google-maps-for-wordpress\mappress.php:50

Shortcodes 2

[mappress] mappress-google-maps-for-wordpress\mappress.php:44

[mashup] mappress-google-maps-for-wordpress\mappress_pro.php:11

WordPress Hooks 95

actionafter_setup_themefunctions.php:9

actionadmin_initfunctions.php:498

actionadmin_initfunctions.php:499

actionadmin_menufunctions.php:501

actionadmin_menufunctions.php:502

actionsave_postfunctions.php:504

actionpublish_postfunctions.php:505

actiontemplate_redirectfunctions.php:507

actioninitfunctions.php:509

actioninitfunctions.php:510

actioninitfunctions.php:511

actionwp_enqueue_scriptsfunctions.php:513

actionwp_enqueue_scriptsfunctions.php:514

actionwp_enqueue_scriptsfunctions.php:516

actionwp_headfunctions.php:518

actionwp_headfunctions.php:519

actionwp_headfunctions.php:520

actionwp_footerfunctions.php:523

actionupdated_optionfunctions.php:526

actionupdated_optionfunctions.php:527

actionbefore_signup_formfunctions.php:530

actionafter_signup_formfunctions.php:531

actioncustom_header_optionsfunctions.php:534

filterquery_varsfunctions.php:537

filterget_pagesfunctions.php:538

filterpage_linkfunctions.php:539

filterwp_list_pagesfunctions.php:540

filterwp_list_pagesfunctions.php:541

filterwp_list_categoriesfunctions.php:542

filterwp_list_bookmarksfunctions.php:543

filterextra_theme_headersfunctions.php:545

filterthe_content_more_linkfunctions.php:547

filterthe_contentfunctions.php:548

filtercomment_reply_linkfunctions.php:550

filterget_comments_numberfunctions.php:551

filterget_comments_pagenum_linkfunctions.php:552

filteruser_contactmethodsfunctions.php:554

filterexcerpt_morefunctions.php:556

filterwidget_textfunctions.php:558

filterstyle_loader_tagfunctions.php:560

filterstyle_loader_tagfunctions.php:561

filterpost_classfunctions.php:563

filterbp_field_css_classesfunctions.php:566

actionsuffusion_document_headerfunctions.php:576

actionsuffusion_document_headerfunctions.php:577

actionsuffusion_document_headerfunctions.php:578

actionsuffusion_document_headerfunctions.php:579

actionsuffusion_document_headerfunctions.php:580

actionsuffusion_before_begin_wrapperfunctions.php:582

actionsuffusion_after_begin_wrapperfunctions.php:584

actionsuffusion_after_begin_wrapperfunctions.php:585

actionsuffusion_page_headerfunctions.php:587

actionsuffusion_page_headerfunctions.php:588

actionsuffusion_before_begin_contentfunctions.php:590

actionsuffusion_before_begin_contentfunctions.php:591

actionsuffusion_after_begin_contentfunctions.php:592

actionsuffusion_contentfunctions.php:594

actionsuffusion_after_begin_postfunctions.php:596

actionsuffusion_after_begin_postfunctions.php:597

actionsuffusion_after_contentfunctions.php:599

actionsuffusion_before_end_postfunctions.php:601

actionsuffusion_before_end_postfunctions.php:602

actionsuffusion_before_end_contentfunctions.php:604

actionsuffusion_before_end_containerfunctions.php:607

actionsuffusion_before_end_containerfunctions.php:608

actionsuffusion_after_end_containerfunctions.php:610

actionsuffusion_page_footerfunctions.php:612

actionsuffusion_document_footerfunctions.php:614

filtersuffusion_can_display_attachmentfunctions.php:617

filtersuffusion_left_sidebar_countfunctions.php:618

filtersuffusion_right_sidebar_countfunctions.php:619

filtersuffusion_after_comment_formfunctions.php:621

actionadmin_menumap-navigator.php:822

actioninitmap-navigator.php:823

actioninitmappress-google-maps-for-wordpress\mappress.php:40

actionadmin_initmappress-google-maps-for-wordpress\mappress.php:41

actionadmin_menumappress-google-maps-for-wordpress\mappress.php:43

actionadmin_noticesmappress-google-maps-for-wordpress\mappress.php:45

actiondeleted_postmappress-google-maps-for-wordpress\mappress.php:53

actionrss2_nsmappress-google-maps-for-wordpress\mappress.php:57

actionatom_nsmappress-google-maps-for-wordpress\mappress.php:58

actionrdf_nsmappress-google-maps-for-wordpress\mappress.php:59

actionrdf_itemmappress-google-maps-for-wordpress\mappress.php:60

actionrss_itemmappress-google-maps-for-wordpress\mappress.php:61

actionrss2_itemmappress-google-maps-for-wordpress\mappress.php:62

actionatom_entrymappress-google-maps-for-wordpress\mappress.php:63

filterthe_contentmappress-google-maps-for-wordpress\mappress.php:67

filtermapp_directions_htmlmappress-google-maps-for-wordpress\mappress.php:68

actionwidgets_initmappress-google-maps-for-wordpress\mappress_pro.php:8

actionsave_postmappress-google-maps-for-wordpress\mappress_pro.php:17

actionsave_postmappress-google-maps-for-wordpress\mappress_pro.php:19

actionadded_post_metamappress-google-maps-for-wordpress\mappress_pro.php:22

actionupdated_post_metamappress-google-maps-for-wordpress\mappress_pro.php:23

actiondeleted_post_metamappress-google-maps-for-wordpress\mappress_pro.php:24

actioninittheme.functions.php:5

Maintenance & Trust

Map Navigator Maintenance & Trust

Maintenance Signals

WordPress version tested3.2.1

Last updatedJan 23, 2012

PHP min version

Downloads14K

Community Trust

Rating20/100

Number of ratings1

Active installs10

Alternatives

Map Navigator Alternatives

CSV Importer Improved

csv-importer-improved

Import posts from CSV files into WordPress.

100 1 unpatched

CSV Importer

csv-importer

100

Import posts from CSV files into WordPress.

4K 1 CVE

Post Importer for Excel

post-importer-for-excel

100

Effortlessly create hundreds of WordPress posts in minutes by uploading a CSV or Excel file.

0 No CVEs

TablePress – Tables in WordPress made easy

tablepress

Embed beautiful, accessible, and interactive tables into your WordPress website’s posts and pages, without having to write code!

700K 9 CVEs

Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light

excel-like-price-change-for-woocommerce-and-wp-e-commerce-light

Spreadsheet Price Changer for WooCommerce and WP E-commerce - Light

500 5 unpatched

Developer Profile

Map Navigator Developer Profile

rothmaniac

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Map Navigator

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/mapnavigator/css/mapnavigator.css/wp-content/plugins/mapnavigator/js/mapnavigator.js

Script Paths

/wp-content/plugins/mapnavigator/js/mapnavigator.js

Version Parameters

mapnavigator/css/mapnavigator.css?ver=mapnavigator/js/mapnavigator.js?ver=

HTML / DOM Fingerprints

Data Attributes

name="nav_importer_organization_name"name="nav_importer_organization_image"name="nav_importer_organization_web_link"name="map_icon"

FAQ