Does Tiles Proxy for OpenStreetMap have any unpatched vulnerabilities?

No. All known vulnerabilities in Tiles Proxy for OpenStreetMap have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Tiles Proxy for OpenStreetMap compatible with WordPress 6.4.8?

According to WordPress.org data, Tiles Proxy for OpenStreetMap 2.3.2 has been tested up to WordPress 6.4.8. Check the plugin's changelog for the latest compatibility information.

Is Tiles Proxy for OpenStreetMap compatible with PHP 7.3+?

Tiles Proxy for OpenStreetMap requires PHP 7.3 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Tiles Proxy for OpenStreetMap updated?

Tiles Proxy for OpenStreetMap was last updated on Nov 29, 2023. Frequent updates are generally a positive security signal.

What is Tiles Proxy for OpenStreetMap's security score?

Tiles Proxy for OpenStreetMap has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Tiles Proxy for OpenStreetMap Security & Risk Analysis

wordpress.org/plugins/osm-tiles-proxy

Tiles Proxy for OpenStreetMap provides a basic proxy, which allows other OpenStreetMap plugins to load map tiles from your server instead from OpenStr …

200 active installs v2.3.2 PHP 7.3+ WP 6.0+ Updated Nov 29, 2023

embedgdpropenstreetmapproxy

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Tiles Proxy for OpenStreetMap Safe to Use in 2026?

Generally Safe

Score 85/100

Tiles Proxy for OpenStreetMap has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago

Risk Assessment

The "osm-tiles-proxy" plugin v2.3.2 exhibits a mixed security posture. On the positive side, it demonstrates good practices in avoiding dangerous functions, utilizing prepared statements for all SQL queries, and having no recorded vulnerability history. The absence of taint analysis issues and only one external HTTP request are also favorable. However, significant concerns arise from its attack surface. With one unprotected REST API route and zero capability checks, this presents a clear entry point for unauthorized actions. Furthermore, the low percentage of properly escaped output suggests potential for cross-site scripting vulnerabilities, especially when dealing with data that might be reflected in user interfaces.

Key Concerns

Unprotected REST API route
Zero capability checks
Low output escaping percentage

Vulnerabilities

None known

Tiles Proxy for OpenStreetMap Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Tiles Proxy for OpenStreetMap Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

20% escaped5 total outputs

Attack Surface

1 unprotected

Tiles Proxy for OpenStreetMap Attack Surface

Entry Points1

Unprotected1

REST API Routes 1

GET/wp-json/osm-tiles-proxy/v1/tiles/(?P<s>\w+)/(?P<z>\d+)/(?P<x>\d+)/(?P<y>\d+).pngincludes\osm-tiles-proxy.class.php:47

WordPress Hooks 18

actionrest_api_initincludes\osm-tiles-proxy.class.php:23

actiontemplate_redirectincludes\osm-tiles-proxy.class.php:24

actionwpfc_delete_cacheincludes\osm-tiles-proxy.class.php:26

actionafter_rocket_clean_domainincludes\osm-tiles-proxy.class.php:27

filterosm_tiles_proxy_get_proxy_urlincludes\osm-tiles-proxy.class.php:29

filterosm_tiles_proxy_get_proxy_rest_urlincludes\osm-tiles-proxy.class.php:30

filterosm_tiles_proxy_get_leaflet_js_urlincludes\osm-tiles-proxy.class.php:31

filterosm_tiles_proxy_get_leaflet_css_urlincludes\osm-tiles-proxy.class.php:32

filterosm_tiles_proxy_disable_clear_cacheincludes\osm-tiles-proxy.class.php:34

filterplugin_row_metaincludes\osm-tiles-proxy.class.php:37

actioncustomize_registerincludes\osm-tiles-proxy.customizer-class.php:8

actionleaflet_map_loadedincludes\osm-tiles-proxy.customizer-class.php:9

filterdefault_option_leaflet_map_tile_urlincludes\plugin.leaflet-map.php:10

filterdefault_option_leaflet_js_urlincludes\plugin.leaflet-map.php:14

filterdefault_option_leaflet_css_urlincludes\plugin.leaflet-map.php:18

filterdefault_option_leaflet_map_tile_url_subdomainsincludes\plugin.leaflet-map.php:22

filterdefault_option_leaflet_default_attributionincludes\plugin.leaflet-map.php:26

actionwp_enqueue_scriptsosm-tiles-proxy.php:29

Maintenance & Trust

Tiles Proxy for OpenStreetMap Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8

Last updatedNov 29, 2023

PHP min version7.3

Downloads5K

Community Trust

Rating0/100

Number of ratings0

Active installs200

Alternatives

Tiles Proxy for OpenStreetMap Alternatives

Embed Google Fonts

embed-google-fonts

Embed Google Fonts tries to automatically replace registered Google Fonts from themes and plugin with local versions, directly loaded from your own se …

6K 1 CVE

oEmbed Manager

oembed-manager

100

Manage oEmbed capabilities of your website and take a new step in the GDPR compliance of your embedded content.

200 No CVEs

Embed Consent

embed-consent

100

Replaces embed blocks with a confirmation to ask for consent before loading third-party resources.

10 No CVEs

Lazy Load for YouTube – GDPR Friendly YouTube Embed Block by DBlocks

dblocks-youtube-lazyload

100

GDPR friendly lazy load YouTube block that only loads the video player when visitors click play. Boost page speed by replacing heavy YouTube embeds wi …

0 No CVEs

GDPR-Extensions-com – Youtube 2xClick Solution

gdpr-extensions-com-youtube-2clicksolution

100

Short Description: The GDPR YouTube 2xClick Solution lets you embed YouTube videos while protecting user privacy through consent-based loading.

0 No CVEs

Developer Profile

Tiles Proxy for OpenStreetMap Developer Profile

Adrian

2 plugins · 6K total installs

trust score

Avg Security Score

88/100

Avg Patch Time

669 days

View full developer profile

Detection Fingerprints

How We Detect Tiles Proxy for OpenStreetMap

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/osm-tiles-proxy/assets/customizer-preview.js

Script Paths