Does Sardinia POI – Sardinia points of interest for WordPress have any unpatched vulnerabilities?

No. All known vulnerabilities in Sardinia POI – Sardinia points of interest for WordPress have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Sardinia POI – Sardinia points of interest for WordPress compatible with WordPress 6.9.4?

According to WordPress.org data, Sardinia POI – Sardinia points of interest for WordPress 1.9.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Sardinia POI – Sardinia points of interest for WordPress compatible with PHP 7.2.5+?

Sardinia POI – Sardinia points of interest for WordPress requires PHP 7.2.5 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

Sardinia POI – Sardinia points of interest for WordPress Security & Risk Analysis

wordpress.org/plugins/sardinia-poi

Sardinian points of interest in your WordPress site

10 active installs v1.9.1 PHP 7.2.5+ WP 5.0+ Updated Dec 3, 2025

datasetmapspoints-of-interestsardiniashortcode

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Sardinia POI – Sardinia points of interest for WordPress Safe to Use in 2026?

Generally Safe

Score 100/100

Sardinia POI – Sardinia points of interest for WordPress has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The "sardinia-poi" v1.9.1 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by avoiding dangerous functions, exclusively using prepared statements for SQL queries, and handling most output with proper escaping. The absence of known CVEs and a clean vulnerability history is also a significant strength, suggesting a generally secure development approach.

However, there are notable areas of concern. The plugin has a small attack surface with one unprotected AJAX handler. This handler lacks nonce and capability checks, making it a potential entry point for unauthenticated attackers to trigger actions within the plugin. While static analysis and taint analysis did not reveal any critical or high-severity issues like unsanitized paths or raw SQL, the presence of an unprotected AJAX endpoint is a tangible risk that could be exploited in conjunction with other vulnerabilities or through social engineering.

In conclusion, "sardinia-poi" v1.9.1 is relatively secure due to its adherence to secure coding practices in critical areas like SQL and output escaping, and its lack of a vulnerability history. Nevertheless, the unprotected AJAX handler presents a clear and actionable security weakness that warrants immediate attention to prevent potential unauthorized access or actions.

Key Concerns

Unprotected AJAX handler
Missing nonce checks on AJAX
Missing capability checks on AJAX
Low percentage of proper output escaping (80%)

Vulnerabilities

None known

Sardinia POI – Sardinia points of interest for WordPress Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Sardinia POI – Sardinia points of interest for WordPress Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

8 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

80% escaped10 total outputs

Attack Surface

1 unprotected

Sardinia POI – Sardinia points of interest for WordPress Attack Surface

Entry Points2

Unprotected1

AJAX Handlers 1

authwp_ajax_sardinia_poi_dismiss_noticeclass\sardinia-poi-notice-class.php:7

Shortcodes 1

[sardinia_poi_city] class\sardinia-poi-class.php:20

WordPress Hooks 3

actionadmin_menuclass\sardinia-poi-class.php:18

actionadmin_initclass\sardinia-poi-class.php:19

actionadmin_noticesclass\sardinia-poi-notice-class.php:6

Maintenance & Trust

Sardinia POI – Sardinia points of interest for WordPress Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 3, 2025

PHP min version7.2.5

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Sardinia POI – Sardinia points of interest for WordPress Alternatives

Simple Map

simple-map

Easy way to embed google map(s).

10K No CVEs

Simple Shortcode for Google Maps

simple-google-maps-short-code

A simple shortcode for embedding Google Maps in any WordPress post, page or widget.

4K 1 CVE

Vanilla Adaptive Maps

vanilla-adaptive-maps

Map any address with a shortcode. Mobile users get a static map; desktop users will see a google map.

100 No CVEs

Google Maps Photo Gallery

google-maps-photo-gallery

The shortcode for gallery on Google Maps with geotagged photos.

80 No CVEs

TechGasp Maps Master

google-maps-master

TechGasp Maps Master is the professional wordpress plugin to display map locations with Google Maps V3.

40 No CVEs

Developer Profile

Sardinia POI – Sardinia points of interest for WordPress Developer Profile

Matteo Enna

14 plugins · 850 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

11 days

View full developer profile

Detection Fingerprints

How We Detect Sardinia POI – Sardinia points of interest for WordPress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

sardinia-poi-notice

Shortcode Output

<ul><li>

FAQ