Does My Maps have any unpatched vulnerabilities?

No. All known vulnerabilities in My Maps have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is My Maps compatible with WordPress 6.9.4?

According to WordPress.org data, My Maps 1.1.3 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is My Maps updated?

My Maps was last updated on Dec 27, 2025. Frequent updates are generally a positive security signal.

What is My Maps's security score?

My Maps has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

My Maps Security & Risk Analysis

wordpress.org/plugins/my-maps

My Maps is a simple and lightweight WordPress plugin that allows you to easily embed Google Maps on your site using shortcodes.

10 active installs v1.1.3 PHP + WP 4.0.0+ Updated Dec 27, 2025

embedgoogle-mapslocationmapshortcode

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is My Maps Safe to Use in 2026?

Generally Safe

Score 100/100

My Maps has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

The "my-maps" plugin v1.1.3 exhibits a generally positive security posture based on the provided static analysis. A significant strength is the absence of any critical or high-severity vulnerabilities identified through taint analysis, and no known CVEs are recorded, suggesting a mature and well-maintained codebase. The plugin also avoids dangerous functions and file operations, and does not make external HTTP requests, all of which reduce potential attack vectors. The presence of nonce checks and a moderate percentage of SQL queries using prepared statements are also good indicators. However, there are areas for improvement. The lack of capability checks on any entry points, combined with the presence of two shortcodes, represents a potential weakness. While no unescaped outputs were flagged as critical or high, over half of the outputs are not properly escaped, which could lead to XSS vulnerabilities in certain scenarios. The moderate rate of prepared statement usage for SQL queries means some queries might be susceptible to SQL injection if input is not adequately sanitized elsewhere.

Key Concerns

No capability checks on entry points
Over 45% of output not properly escaped
Less than 100% SQL prepared statements

Vulnerabilities

None known

My Maps Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

My Maps Code Analysis

Dangerous Functions

Raw SQL Queries

8 prepared

Unescaped Output

23 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

57% prepared14 total queries

Output Escaping

53% escaped43 total outputs

Attack Surface

My Maps Attack Surface

Entry Points2

Unprotected0

Shortcodes 2

[my-map] app\index_init.php:15

[my-map] includes\class-shortcode.php:24

WordPress Hooks 13

actionplugins_loadedactions.php:17

actionplugins_loadedactions.php:18

actionplugins_loadedactions.php:19

actionplugins_loadedactions.php:20

actionplugins_loadedactions.php:21

actionadmin_enqueue_scriptsapp\admin_init.php:13

actionadmin_menuincludes\class-admin-menu.php:24

filterset-screen-optionincludes\class-admin-menu.php:25

actionadmin_initincludes\class-admin-menu.php:26

actionadmin_enqueue_scriptsincludes\class-assets.php:24

filterscript_loader_tagincludes\class-assets.php:25

actionadmin_noticesincludes\class-dependency.php:24

actionadmin_noticesincludes\class-flash.php:22

Maintenance & Trust

My Maps Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 27, 2025

PHP min version

Downloads5K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

My Maps Alternatives

Wp Maps

wp-maps

Integrate Google Maps easily in your site, no coding required. Use custom icons and colors for each location or route. Show unlimited maps.

30 No CVEs

Pazzey's Store Locator

pazzeys-store-locator

100

Store Locator Plugin that lets you embed a Google Maps powered store locator.

10 No CVEs

iframe

[iframe src="http://www.youtube.com/embed/7_nAZQt9qu0" width="100%" height="500"] shortcode

70K 6 CVEs

Easy Google Maps

google-maps-easy

Google Maps with markers, locations and clusterization, KML layers and filters. Custom Google map markers with text, images, videos, links.

20K 7 CVEs

Store Locator WordPress

agile-store-locator

Agile Store Locator is a premium store finder plugin designed to offer you immediate access to all the best stores in your local area.

10K 8 CVEs

Developer Profile

My Maps Developer Profile

Pavel

8 plugins · 30 total installs

trust score

Avg Security Score

98/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect My Maps

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/my-maps/assets/admin/image/style.css/wp-content/plugins/my-maps/assets/admin/javascript/script.js/wp-content/plugins/my-maps/assets/css/admin-style.css/wp-content/plugins/my-maps/assets/javascript/admin-javascript.js

Script Paths

https://maps.googleapis.com/maps/api/js?v=3.exp&sensor=false&libraries=placeshttps://api-maps.yandex.ru/2.1/?lang=ru_RUhttps://maps.googleapis.com/maps/api/js?key=https://maps.googleapis.com/maps/api/js?key=

Version Parameters

my-maps/assets/css/admin-style.css?ver=my-maps/assets/javascript/admin-javascript.js?ver=

HTML / DOM Fingerprints

Data Attributes

data-map-id

JS Globals

Plance_Registry

FAQ