Does Mapple have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Mapple compatible with WordPress 4.9.29?

According to WordPress.org data, Mapple 1.5.2 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

Is Mapple compatible with PHP 7.0+?

Mapple requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Mapple updated?

Mapple was last updated on Oct 19, 2018. Frequent updates are generally a positive security signal.

What is Mapple's security score?

Mapple has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Mapple Security & Risk Analysis

wordpress.org/plugins/mapple

To show a google map with the locations of your clients. You can output additionally a sorted listing table of all your clients. Just with shortcodes.

0 active installs v1.5.2 PHP 7.0+ WP 4.7+ Updated Oct 19, 2018

client-cptgoogle-mapsno-jqueryno-styleshortcode

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Mapple Safe to Use in 2026?

Generally Safe

Score 85/100

Mapple has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago

Risk Assessment

The "mapple" plugin v1.5.2 exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The absence of any recorded vulnerabilities, CVEs, or critical taint flows is a significant positive indicator. Furthermore, the code demonstrates good practices in several areas: all SQL queries are prepared, and nonce and capability checks are present. The limited attack surface, with no unprotected AJAX handlers or REST API routes, is also commendable.

However, there are areas for improvement. A notable concern is the output escaping, where 19% of outputs are not properly escaped. This could potentially lead to cross-site scripting (XSS) vulnerabilities if the unescaped data is user-controlled or originates from an untrusted source. While the static analysis did not reveal any specific taint flows related to this, it remains a potential risk that should be addressed. The plugin also lacks external HTTP requests and file operations, which are generally good security practices by limiting potential attack vectors. Overall, "mapple" v1.5.2 appears to be a relatively secure plugin, but addressing the unescaped output is crucial for a robust security profile.

Key Concerns

Unescaped output detected

Vulnerabilities

None known

Mapple Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Mapple Release Timeline

v1.5.2Current

v1.5.1

v1.5.0

v1.4.1

v1.4.0

v1.3.0

v1.2.0

v1.1.0

v1.0.0

Code Analysis

Analyzed Apr 16, 2026

Mapple Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

129 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

81% escaped160 total outputs

Attack Surface

Mapple Attack Surface

Entry Points2

Unprotected0

Shortcodes 2

[mapple_map] public/class-mapple-public.php:200

[mapple_clients] public/class-mapple-public.php:201

WordPress Hooks 20

actionplugins_loadedincludes/class-mapple.php:178

actionadmin_enqueue_scriptsincludes/class-mapple.php:193

actioninitincludes/class-mapple.php:195

actionadmin_menuincludes/class-mapple.php:196

actionadmin_initincludes/class-mapple.php:197

actionadmin_initincludes/class-mapple.php:198

actionadmin_initincludes/class-mapple.php:199

actionwp_enqueue_scriptsincludes/class-mapple.php:214

actionwp_enqueue_scriptsincludes/class-mapple.php:215

actioninitincludes/class-mapple.php:216

actionmapple_mapincludes/class-mapple.php:225

actionmapple_clientsincludes/class-mapple.php:226

actionmapple-before-loopincludes/class-mapple.php:240

actionmapple-before-loopincludes/class-mapple.php:241

actionmapple-loop-contentincludes/class-mapple.php:242

actionmapple-after-loopincludes/class-mapple.php:243

actionadd_meta_boxesincludes/class-mapple.php:256

actionadd_meta_boxes_clientsincludes/class-mapple.php:257

actionsave_post_clientsincludes/class-mapple.php:258

actionrest_prepare_clientsincludes/class-mapple.php:259

Maintenance & Trust

Mapple Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedOct 19, 2018

PHP min version7.0

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Mapple Alternatives

Simple Map

simple-map

Easy way to embed google map(s).

10K No CVEs

Simple Shortcode for Google Maps

simple-google-maps-short-code

A simple shortcode for embedding Google Maps in any WordPress post, page or widget.

4K 1 CVE

Vanilla Adaptive Maps

vanilla-adaptive-maps

Map any address with a shortcode. Mobile users get a static map; desktop users will see a google map.

100 No CVEs

Google Maps Photo Gallery

google-maps-photo-gallery

The shortcode for gallery on Google Maps with geotagged photos.

80 No CVEs

Map pins

map-pins

Add custom markers on an embedded Google Map. Includes full search-ability, my-location via GPS, a list of nearby locations, and business hours.

30 No CVEs

Developer Profile

Mapple Developer Profile

andrekelling

1 plugin · 0 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Mapple

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/mapple/js/media-uploader.js/wp-content/plugins/mapple/js/mapple-public.js

Script Paths

/wp-content/plugins/mapple/js/media-uploader.js/wp-content/plugins/mapple/js/mapple-public.js

Version Parameters

mapple/js/media-uploader.js?ver=mapple/js/mapple-public.js?ver=

HTML / DOM Fingerprints

JS Globals

mapple_params

REST Endpoints

/wp-json/mapple/v1/locations

Shortcode Output

[mapple-locations][mapple-listing]

FAQ