Nearby Map by Wabeo Security & Risk Analysis
wordpress.org/plugins/nearby-mapAllow you to insert a map to show activities, places and services around a given geographical point.
Is Nearby Map by Wabeo Safe to Use in 2026?
Generally Safe
Score 85/100Nearby Map by Wabeo has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The 'nearby-map' plugin version 0.9.3 exhibits a mixed security posture. While it demonstrates good practices in certain areas, such as the absence of dangerous functions, 100% use of prepared statements for SQL queries, and no recorded vulnerabilities, there are significant concerns that warrant attention. The presence of two AJAX handlers without authentication checks presents a direct attack vector for unauthorized actions. Furthermore, the taint analysis indicates that all three analyzed flows involve unsanitized paths, which could lead to vulnerabilities if those paths were to interact with user-supplied input. The relatively low percentage of properly escaped output (53%) also raises concerns about potential cross-site scripting (XSS) vulnerabilities.
Despite the clean vulnerability history, the static analysis reveals potential weaknesses that could be exploited in the future. The lack of capability checks and the presence of unsanitized paths in taint flows are particularly worrying. The plugin's strengths lie in its secure SQL handling and lack of historical vulnerabilities. However, the unprotected AJAX endpoints and the taint analysis results suggest a need for immediate review and remediation to prevent potential security incidents. The current version has a considerable attack surface that is not adequately secured, demanding a cautious approach to its deployment.
Key Concerns
- AJAX handlers without auth checks
- Unsanitized paths in taint flows
- Low percentage of properly escaped output
- No capability checks
Nearby Map by Wabeo Security Vulnerabilities
Nearby Map by Wabeo Code Analysis
Output Escaping
Data Flow Analysis
Nearby Map by Wabeo Attack Surface
AJAX Handlers 2
Shortcodes 2
WordPress Hooks 7
Maintenance & Trust
Nearby Map by Wabeo Maintenance & Trust
Maintenance Signals
Community Trust
Nearby Map by Wabeo Alternatives
Leaflet Map
leaflet-map
Interactive maps and markers on your posts and pages with simple shortcodes.
MapPress Maps for WordPress
mappress-google-maps-for-wordpress
MapPress is the easiest way to add unlimited interactive Google and Leaflet maps to WordPress.
Open User Map
open-user-map
Engage your visitors with an interactive map – let them add markers instantly or create a custom map showcasing your favorite spots.
Ultimate Maps by Supsystic
ultimate-maps-by-supsystic
Ultimate Maps by Supsystic is the best Google Maps alternative. It includes OpenStreetMap (OSM), Bing Maps, MapBox and Thunderforest maps services
ACF OpenStreetMap Field
acf-openstreetmap-field
A configurable OpenStreetMap Field for ACF.
Nearby Map by Wabeo Developer Profile
8 plugins · 9K total installs
How We Detect Nearby Map by Wabeo
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/nearby-map/leaflet/leaflet-src.js/wp-content/plugins/nearby-map/leaflet/AnimatedMarker.min.js/wp-content/plugins/nearby-map/j/leaflet-script.js/wp-content/plugins/nearby-map/leaflet/leaflet.css/wp-content/plugins/nearby-map/maps.css/wp-content/plugins/nearby-map/leaflet/leaflet.ie.css/wp-content/plugins/nearby-map/j/leaflet-script.jsnearby-map/leaflet/leaflet-src.js?ver=nearby-map/leaflet/AnimatedMarker.min.js?ver=nearby-map/j/leaflet-script.js?ver=nearby-map/leaflet/leaflet.css?ver=nearby-map/maps.css?ver=nearby-map/leaflet/leaflet.ie.css?ver=HTML / DOM Fingerprints
<!--[if lte IE 8]><![endif]-->nbm_addressnbm_coords-noncew_degresw_minutesw_secondesn_degres+13 moreNBM_PLUGIN_URL