Does MapTip have any unpatched vulnerabilities?

No. All known vulnerabilities in MapTip have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is MapTip compatible with WordPress 4.0.38?

According to WordPress.org data, MapTip 1.0 has been tested up to WordPress 4.0.38. Check the plugin's changelog for the latest compatibility information.

How often is MapTip updated?

MapTip was last updated on Nov 4, 2016. Frequent updates are generally a positive security signal.

What is MapTip's security score?

MapTip has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

MapTip Security & Risk Analysis

wordpress.org/plugins/maptip

MapTip is a jquery tooltip plugin. It is used to display map of a city or place, when mouse is hovered over the city name. It very easy to use.

10 active installs v1.0 PHP + WP 3.0+ Updated Nov 4, 2016

content-tooltipimage-tooltipjquery-tooltip-wordpress-plugintooltipwordpress-tooltip-plugin

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is MapTip Safe to Use in 2026?

Generally Safe

Score 85/100

MapTip has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago

Risk Assessment

The "maptip" v1.0 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by having a very small attack surface with only one shortcode and no AJAX handlers, REST API routes, or cron events exposed. Crucially, all SQL queries are prepared, and there are no indications of dangerous functions, file operations, or external HTTP requests, which are significant strengths. The absence of any recorded vulnerabilities or CVEs in its history further suggests a generally secure development history.

However, a major concern arises from the complete lack of output escaping. With 16 total outputs analyzed and 0% properly escaped, this plugin is highly vulnerable to Cross-Site Scripting (XSS) attacks. Any dynamic content displayed by the plugin, especially if it originates from user input (though the static analysis doesn't explicitly show tainted flows, the lack of escaping makes this a strong possibility), could be exploited to inject malicious scripts. Furthermore, the absence of nonce and capability checks for its entry point (the shortcode) means that any logged-in user could potentially trigger its functionality, which, combined with the XSS vulnerability, creates a significant risk. While the taint analysis shows no critical or high severity flows, this is likely due to the limited scope of the analysis and the absence of any evident user input handling in the analyzed code snippets.

Key Concerns

All outputs are unescaped
Missing nonce checks on shortcode
Missing capability checks on shortcode

Vulnerabilities

None known

MapTip Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

MapTip Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped16 total outputs

Attack Surface

MapTip Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[MapTip] MapTip.php:108

WordPress Hooks 1

actionwp_enqueue_scriptsMapTip.php:117

Maintenance & Trust

MapTip Maintenance & Trust

Maintenance Signals

WordPress version tested4.0.38

Last updatedNov 4, 2016

PHP min version

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

MapTip Alternatives

Tooltipster

tooltipster

Tooltipster is a jquery tooltip plugin. you can use it very easy . you can add custom image , text , title.

100 No CVEs

Gravity Booster – Styles & Layouts for Gravity Forms

styles-and-layouts-for-gravity-forms

100

Gravity Booster - Styles and Layouts for Gravity Forms plugin lets you design and style Gravity Forms without CSS coding. You can also use it for addi …

40K No CVEs

Easy Footnotes

easy-footnotes

100

Easy Footnotes lets you quickly and easily add footnotes throughout your WordPress posts using a simple shortcode in the text editor.

8K No CVEs

CM Tooltip Glossary

enhanced-tooltipglossary

Transform jargon into engaging content that boosts SEO, drives engagement, improves conversions, with automatic links and tooltips.

8K 7 CVEs

Tooltips for WordPress

wordpress-tooltips

Add custom tooltip automatically for post's content/title/tag/excerpt/gallery/menu, easily add image / video / audio / social/link tooltips

5K 1 unpatched

Developer Profile

MapTip Developer Profile

aviket

2 plugins · 40 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect MapTip

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/maptip/css/tooltipster.css/wp-content/plugins/maptip/js/jquery.tooltipster.min.js/wp-content/plugins/maptip/js/tooltipster_active.js

Script Paths

/wp-content/plugins/maptip/js/jquery.tooltipster.min.js/wp-content/plugins/maptip/js/tooltipster_active.js

Version Parameters

maptip/css/tooltipster.css?ver=maptip/js/jquery.tooltipster.min.js?ver=maptip/js/tooltipster_active.js?ver=

HTML / DOM Fingerprints

CSS Classes

tooltipstertooltipster_content

Data Attributes

data-tooltipster-initial-titledata-tooltipster-contentdata-tooltipster-animationdata-tooltipster-positiondata-tooltipster-themedata-tooltipster-touchdevices+2 more

JS Globals

tooltipster_active

Shortcode Output

<div class="tooltipster" title=""><span class="tooltipster_content"><strong><b></b>

FAQ