[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f7w-a9tT1SeSTIXSP-SO3nj_QUWYODBXGC3nNEOo6mII":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":60,"crawl_stats":37,"alternatives":65,"analysis":167,"fingerprints":669},"shmapper-by-teplitsa","ShMapper by Teplitsa","1.5.1","Denis Cherniatev","https:\u002F\u002Fprofiles.wordpress.org\u002Fdenischerniatev\u002F","\u003Cp>The shMapper plugin allows you to create simple crowdsourcing maps on OpenStreetMap with an option of feedback messages form. This plugin gives you an alternative to current online map services such as Yandex.Maps, Google Maps etc which don’t provide the option for users to add new objects.\u003C\u002Fp>\n\u003Cp>Most of the code written by Gennadiy Glazunov aka \u003Ca href=\"http:\u002F\u002Fgenagl.ru\" rel=\"nofollow ugc\">Genagl\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Core features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Configure and display maps with markers on pages.\u003C\u002Fli>\n\u003Cli>Display maps using shortcodes.\u003C\u002Fli>\n\u003Cli>Receive new map markers via feedback form.\u003C\u002Fli>\n\u003Cli>Pre or post-moderation of new markers.\u003C\u002Fli>\n\u003Cli>reCaptcha form protection.\u003C\u002Fli>\n\u003Cli>Custom markers icons.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>PHP at least 5.6 is required for plugin to work correctly.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Help the project\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>We will be very grateful if you will help us to make ShMapper better.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>You can add a bugreport or a feature request on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FTeplitsa\u002Fshmapper\u002Fissues\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Send us your pull request to share a code impovement.\u003C\u002Fli>\n\u003Cli>You can make a new plugin translation for your language or send us a fixes for an existing translation, if needed.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you have a questions for the plugin work in any aspect, please address our support service on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FTeplitsa\u002Fshmapper\u002Fissues\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n","shMapper is a plugin, that allows you to create simple crowdsourcing maps based on OpenStreetMap and Yandex.Maps.",100,7394,5,"2025-01-14T10:19:00.000Z","6.7.5","5.0","7.4",[19,20,21,22,23],"crowdsourcing","map","openstreetmap","osm","yandex-map","http:\u002F\u002Fgenagl.ru\u002F?p=652","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshmapper-by-teplitsa.zip",91,2,0,"2025-01-24 00:00:00","2026-03-15T15:16:48.613Z",[32,46],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":6,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":13},"CVE-2025-24674","shmapper-by-teplitsa-authenticated-editor-stored-cross-site-scripting","ShMapper by Teplitsa \u003C= 1.5.0 - Authenticated (Editor+) Stored Cross-Site Scripting","The ShMapper by Teplitsa plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",null,"\u003C=1.5.0","medium",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-01-28 18:53:25",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Faee1d4ea-a740-4015-9167-200ed1e2564c?source=api-prod",{"id":47,"url_slug":48,"title":49,"description":50,"plugin_slug":4,"theme_slug":37,"affected_versions":51,"patched_in_version":52,"severity":39,"cvss_score":53,"cvss_vector":54,"vuln_type":42,"published_date":55,"updated_date":56,"references":57,"days_to_patch":59},"CVE-2024-12518","shmapper-by-teplitsa-authenticated-contributor-stored-cross-site-scripting","shMapper by Teplitsa \u003C= 1.4.18 - Authenticated (Contributor+) Stored Cross-Site Scripting","The ShMapper by Teplitsa plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shmMap' shortcode in all versions up to, and including, 1.4.18 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=1.4.18","1.5.0",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2024-12-23 00:00:00","2024-12-24 04:22:44",[58],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F18e2a443-381c-46cd-85c7-20716f4e59c1?source=api-prod",1,{"slug":61,"display_name":7,"profile_url":8,"plugin_count":59,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":62,"trust_score":63,"computed_at":64},"denischerniatev",3,94,"2026-04-04T15:35:52.570Z",[66,89,109,126,144],{"slug":22,"name":67,"version":68,"author":69,"author_profile":70,"description":71,"short_description":72,"active_installs":73,"downloaded":74,"rating":75,"num_ratings":76,"last_updated":77,"tested_up_to":78,"requires_at_least":79,"requires_php":80,"tags":81,"homepage":85,"download_link":86,"security_score":75,"vuln_count":87,"unpatched_count":28,"last_vuln_date":88,"fetched_at":30},"OSM – OpenStreetMap","6.1.15","MiKa","https:\u002F\u002Fprofiles.wordpress.org\u002Fphotoweblog\u002F","\u003Cp>Add a map with marker in less than 100 sec:\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FGDoiXO1SfJ0?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>If you want to get detailed information about the OSM-plugin visit these pages:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Homepage: \u003Ca href=\"https:\u002F\u002Fwp-osm-plugin.hyumika.com\u002F\" title=\"OSM-plugin\" rel=\"nofollow ugc\">WP-OSM-Plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Forum: \u003Ca href=\"https:\u002F\u002Fwp-osm-plugin.hyumika.com\u002Fsurvey\u002F\" title=\"OSM-plugin feedback \u002F feature request EN|DE\" rel=\"nofollow ugc\">EN|DE\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Twitter: \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fwp_osm_plugin\" title=\"@WP_OSM_Plugin\" rel=\"nofollow ugc\">@WP_OSM_Plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Features of the WP-OSM-plugin:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>OpenStreetMap, HOT, OpenSeaMap, OpenTopoMap, BaseMap (AT), Stamen in posts\u002Fpages\u003C\u002Fli>\n\u003Cli>Integration in post \u002F page \u002F widget\u003C\u002Fli>\n\u003Cli>HTML Popup Marker\u003C\u002Fli>\n\u003Cli>GPX and KML (incl. upload in Mediathek)\u003C\u002Fli>\n\u003Cli>Map with geo-tagged posts\u002Fpages as linked marker\u003C\u002Fli>\n\u003Cli>Map with autogenerated track by geo-tagged posts \u002F pages\u003C\u002Fli>\n\u003Cli>html-meta tags for geo-tagged posts\u002Fpages\u003C\u002Fli>\n\u003Cli>uses OpenLayers Library\u003C\u002Fli>\n\u003Cli>SSL connection (https)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Languages – thanks to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Deutsch\u003C\u002Fli>\n\u003Cli>Japanese [by Sykane]\u003C\u002Fli>\n\u003Cli>French [by Tounoki and Marc]\u003C\u002Fli>\n\u003Cli>Russian [by Вячеслав Стренадко\u002FVyacheslav Strenadko]\u003C\u002Fli>\n\u003Cli>Italian [by Andrea Giacomelli]\u003C\u002Fli>\n\u003Cli>Spanish [by Colegota]\u003C\u002Fli>\n\u003Cli>Romanian [by Sorin Pop]\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Swedish [by Olle Zettergren]\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fopenlayers.org\" rel=\"nofollow ugc\">OpenLayers\u003C\u002Fa>: Open Source JavaScript, released under the 2-clause BSD\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>!! IMPORTANT !!\u003Cbr \u002F>\nThe WordPress Plugin Review Team required us to provide opt-in feature to display attribution since it is part of \u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Fplugins\u002Fwordpress-org\u002Fdetailed-plugin-guidelines\u002F#10-plugins-may-not-embed-external-links-or-credits-on-the-public-site-without-explicitly-asking-the-user%e2%80%99s-permission\" rel=\"nofollow ugc\">WordPress Plugin Guidelines\u003C\u002Fa>. So you have to enable the checkbox “Display attribution (credit) in the map.” at the WP OSM Plugin Shortcode generater or add the attribution manually to your map. Otherwise it may violate the map or data license, eg \u003Ca href=\"https:\u002F\u002Fwww.openstreetmap.org\u002Fcopyright\" rel=\"nofollow ugc\">OpenStreetMap\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>This plugin enables GPX and KML upload!\u003C\u002Fp>\n\u003Cp>Licenses of the maps:\u003Cbr \u002F>\n* OpenStreetMap: \u003Ca href=\"https:\u002F\u002Fwww.openstreetmap.org\u002Fcopyright\" rel=\"nofollow ugc\">OpenStreetMap License\u003C\u002Fa>\u003Cbr \u002F>\n* OpenTopoMap: \u003Ca href=\"https:\u002F\u002Fopentopomap.org\u002Fabout\" rel=\"nofollow ugc\">OpenTopoMap License\u003C\u002Fa>\u003Cbr \u002F>\n* Stamen Maps: \u003Ca href=\"http:\u002F\u002Fmaps.stamen.com\" rel=\"nofollow ugc\">Stamen License\u003C\u002Fa>\u003Cbr \u002F>\n* BaseMap:  \u003Ca href=\"http:\u002F\u002Fbasemap.at\" rel=\"nofollow ugc\">BaseMap License\u003C\u002Fa>\u003Cbr \u002F>\n* Thunderforest (API key): \u003Ca href=\"http:\u002F\u002Fwww.thunderforest.com\u002Fterms\u002F\" rel=\"nofollow ugc\">Thunderforest License\u003C\u002Fa>\u003Cbr \u002F>\n* Others: Depends on the map you are including – check it before including it!\u003C\u002Fp>\n","Customize maps in your post, pages and widgets. GPX, KML and more. The easy way to map!",10000,645442,92,135,"2026-03-01T08:27:00.000Z","6.9.4","3.0","5.3",[82,83,84,21,22],"gpx","kml","openseamap","https:\u002F\u002Fwp-osm-plugin.hyumika.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fosm.6.1.15.zip",7,"2025-03-31 00:00:00",{"slug":90,"name":91,"version":92,"author":93,"author_profile":94,"description":95,"short_description":96,"active_installs":97,"downloaded":98,"rating":99,"num_ratings":100,"last_updated":101,"tested_up_to":78,"requires_at_least":102,"requires_php":103,"tags":104,"homepage":103,"download_link":107,"security_score":11,"vuln_count":59,"unpatched_count":28,"last_vuln_date":108,"fetched_at":30},"wp-open-street-map","WP Open Street Map","1.35","manu225","https:\u002F\u002Fprofiles.wordpress.org\u002Fmanu225\u002F","\u003Cp>Create easily maps with OpenStreetMap. \u003Ca href=\"https:\u002F\u002Fwww.info-d-74.com\u002Fen\u002Fwp-openstreetmap-demos-2\u002F\" rel=\"nofollow ugc\">Here some examples\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>A Pro version with more options is available: \u003Ca href=\"https:\u002F\u002Fwww.info-d-74.com\u002Fen\u002Fproduit\u002Fwp-openstreetmap-pro-plugin-wordpress\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.info-d-74.com\u002Fen\u002Fproduit\u002Fwp-openstreetmap-pro-plugin-wordpress\u002F\u003C\u002Fa>\u003C\u002Fp>\n","Create easily maps with OpenStreetMap",3000,40554,76,9,"2026-03-11T12:55:00.000Z","3.5","",[20,105,106,21,22],"open-street-map","openstreet","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-open-street-map.1.35.zip","2023-10-12 00:00:00",{"slug":110,"name":111,"version":112,"author":113,"author_profile":114,"description":115,"short_description":116,"active_installs":117,"downloaded":118,"rating":28,"num_ratings":28,"last_updated":119,"tested_up_to":120,"requires_at_least":103,"requires_php":103,"tags":121,"homepage":123,"download_link":124,"security_score":125,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"acf-openstreetmap-field-block","ACF OpenStreetMap Field into a Block","1.0","julianoe","https:\u002F\u002Fprofiles.wordpress.org\u002Fjulianoe\u002F","\u003Cp>Very simple plugin to add Acf Block support for the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Facf-openstreetmap-field\u002F\" rel=\"ugc\">ACF OpenStreetMap Field\u003C\u002Fa> from Jörn Lund.\u003Cbr \u002F>\nThis plugin obviously will only work if you install Advanced Custom Field and ACF OpenStreetMap Field.\u003C\u002Fp>\n\u003Cp>The plugin will create an ACF group field with one OpenStreetMap field configured with default parameters.\u003Cbr \u002F>\nYou can always override this ACF Group field by creating your own group field titled “ACF OSM BLOCK” and defining its location to be the “ACF OpenStreetMap Block”.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Plugin working with \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fpodpirate\u002F\" rel=\"nofollow ugc\">podpirate\u003C\u002Fa> aka Jörn Lund’s plugin\u003Cbr \u002F>\nPhoto by \u003Ca href=\"https:\u002F\u002Fwww.pexels.com\u002F@oidonnyboy\" rel=\"nofollow ugc\">Nick Wehrli\u003C\u002Fa> from pexels.\u003Cbr \u002F>\nIcon “location” by the WordPress Dashicons.\u003C\u002Fp>\n","Very simple plugin that adds an OpenStreetMap ACF block to the WordPress block editor.",10,1201,"2021-05-07T22:59:00.000Z","5.7.15",[122,21,22],"acf","https:\u002F\u002Fframagit.org\u002Fjulianoe\u002Facf-openstreetmap-field-block","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Facf-openstreetmap-field-block.zip",85,{"slug":127,"name":128,"version":129,"author":130,"author_profile":131,"description":132,"short_description":133,"active_installs":117,"downloaded":134,"rating":135,"num_ratings":27,"last_updated":136,"tested_up_to":137,"requires_at_least":138,"requires_php":103,"tags":139,"homepage":142,"download_link":143,"security_score":125,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"mapbb","MapBBCode for WordPress","0.1","Alexander Sapozhnikov","https:\u002F\u002Fprofiles.wordpress.org\u002Fshoorick\u002F","\u003Cp>This plugin allows to use shortcode \u003Ccode>[map]\u003C\u002Fcode>\u003Cbr \u002F>\n(\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FMapBBCode\u002Fmapbbcode\u002Fblob\u002Fmaster\u002FBBCODE.md\" rel=\"nofollow ugc\">syntax\u003C\u002Fa>)\u003Cbr \u002F>\nwhich transforms to Leaflet based map.\u003C\u002Fp>\n\u003Cp>For more information, check out \u003Ca href=\"http:\u002F\u002Fmapbbcode.org\u002F\" rel=\"nofollow ugc\">MapBBCode.org\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>Add shortcode into you pages:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>[map][\u002Fmap]\u003C\u002Fcode> for default map\u003C\u002Fli>\n\u003Cli>\u003Ccode>[map=Zoom,Latitude,Longitude][\u002Fmap]\u003C\u002Fcode> for map centered at (Latitude, Longitude)\u003C\u002Fli>\n\u003Cli>\u003Ccode>[map]Latitude,Longitude(Text)[\u002Fmap]\u003C\u002Fcode> for map with balloon\u003C\u002Fli>\n\u003Cli>\u003Ccode>[map]Lat1,Lon1; Lat2,Lon2[\u002Fmap]\u003C\u002Fcode> for map with multiple markers\u003C\u002Fli>\n\u003Cli>\u003Ccode>[map]Lat1,Lon1 Lat2,Lon2 Lat3,Lon3(color|Text)[\u002Fmap]\u003C\u002Fcode> for map with polyline or polygon\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>See \u003Ca href=\"http:\u002F\u002Fshoorick.ru\u002Fsoftware\u002Fmapbb-wordpress\u002F\" rel=\"nofollow ugc\">examples\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Caveats\u003C\u002Fh3>\n\u003Cp>Width of all maps are 604 pixels, it is good for Twenty Thirteen theme but\u003Cbr \u002F>\nstill not tested with other themes and may appear ugly.\u003C\u002Fp>\n","MapBB-shortcodes [map] for Leaflet based maps.",1688,80,"2013-11-06T10:43:00.000Z","3.7.41","3.0.1",[20,140,21,22,141],"maps","shortcode","http:\u002F\u002Fshoorick.ru\u002Fsoftware\u002Fmapbb-wordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmapbb.0.1.zip",{"slug":145,"name":146,"version":147,"author":148,"author_profile":149,"description":150,"short_description":151,"active_installs":152,"downloaded":153,"rating":154,"num_ratings":155,"last_updated":156,"tested_up_to":78,"requires_at_least":157,"requires_php":80,"tags":158,"homepage":162,"download_link":163,"security_score":164,"vuln_count":165,"unpatched_count":28,"last_vuln_date":166,"fetched_at":30},"wp-google-map-plugin","WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters","4.9.2","Flipper Code - WordPress Development Company","https:\u002F\u002Fprofiles.wordpress.org\u002Fflippercode\u002F","\u003Cp>\u003Cstrong>WP Maps\u003C\u002Fstrong> is a powerful and user-friendly WordPress map plugin that supports both Google Maps and OpenStreetMap. With just a few clicks, you can create unlimited maps with custom markers, filterable listings, store locators, and dynamic infowindows. Perfect for real estate listings, directories, multi-location businesses, and more.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Unlimited maps and locations\u003C\u002Fli>\n\u003Cli>Store locator with search and filters\u003C\u002Fli>\n\u003Cli>Custom markers, SVG support, and clustering\u003C\u002Fli>\n\u003Cli>Info windows on click or hover\u003C\u002Fli>\n\u003Cli>KML, KMZ, GeoJSON, and layer integration\u003C\u002Fli>\n\u003Cli>OpenStreetMap Maps require no API key; Google Maps support available\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Try It Now\u003C\u002Fh3>\n\u003Cp>Explore the plugin instantly using the WordPress Playground:\u003Cbr \u002F>\n👉 \u003Ca href=\"https:\u002F\u002Fplayground.wordpress.net\u002F?plugin=wp-google-map-plugin\" rel=\"nofollow ugc\">Try WP Maps\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Ch3>🗺️ Map Creation & Display\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Create unlimited maps with shortcode support\u003C\u002Fli>\n\u003Cli>Display maps in posts, pages, widgets\u003C\u002Fli>\n\u003Cli>Auto-center by visitor location or assigned locations\u003C\u002Fli>\n\u003Cli>Show\u002Fhide markers on load\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📌 Marker & Infowindow Controls\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Use custom or pre-built marker icons (SVG supported)\u003C\u002Fli>\n\u003Cli>Infowindows on click or hover\u003C\u002Fli>\n\u003Cli>Bounce\u002Fdrop animation effects\u003C\u002Fli>\n\u003Cli>Center or zoom on marker click\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📋 Listings & Filters\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Show listing below map with search and filters\u003C\u002Fli>\n\u003Cli>Enable category, sort, per-page, and filters\u003C\u002Fli>\n\u003Cli>Customize listing layout\u003C\u002Fli>\n\u003Cli>Show info window when listing title is clicked\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🎨 Design & Themes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Custom map color schema\u003C\u002Fli>\n\u003Cli>Set primary\u002Fsecondary color\u003C\u002Fli>\n\u003Cli>Add custom CSS\u003C\u002Fli>\n\u003Cli>Responsive & mobile-friendly design\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>⚙️ Controls & Settings\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Enable\u002Fdisable zoom, fullscreen, map type, scale, street view\u003C\u002Fli>\n\u003Cli>Enable search box and “locate me” controls\u003C\u002Fli>\n\u003Cli>Limit panning using SW\u002FNE coordinates\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🌐 Map Layers & Data\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>KML\u002FKMZ, Traffic, Transit, Bicycling layers\u003C\u002Fli>\n\u003Cli>GeoJSON support\u003C\u002Fli>\n\u003Cli>Import\u002Fexport settings via JSON\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>💻 Compatibility\u003C\u002Fh3>\n\u003Cp>Works with all major page builders and themes:\u003Cbr \u002F>\n* Elementor, WPBakery, Divi, Gutenberg, Brizy, Beaver Builder\u003Cbr \u002F>\n* Astra, Avada, OceanWP, GeneratePress, Hello Elementor\u003C\u002Fp>\n\u003Cp>Here is a quick highlight on the numerous customizable features offered by the free and pro versions of the \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wpmapspro.com?utm_source=wordpress&utm_medium=liteversion&utm_campaign=freemium&utm_id=freemium\" rel=\"nofollow ugc\">WP MAPS PRO Version\u003C\u002Fa>\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>NO API Key required for OpenStreetMap Maps and API Keys is required for Google Maps.\u003C\u002Fli>\n\u003Cli>Fully GDPR-compliant Google Maps integration for secure and privacy-friendly usage\u003C\u002Fli>\n\u003Cli>Use Google Maps, OpenStreetMap or Mapbox as your map provider. Easy switching between each map provider.\u003C\u002Fli>\n\u003Cli>Show a listing of locations below the map with built-in search and filter controls\u003C\u002Fli>\n\u003Cli>Use SVG as marker icons – choose from pre-built SVGs or upload your own\u003C\u002Fli>\n\u003Cli>Apply multiple Infowindow designs for custom popup layouts\u003C\u002Fli>\n\u003Cli>Create unlimited Google\u002FLeaflet Maps with custom marker icons, categories, and assigned locations\u003C\u002Fli>\n\u003Cli>Add and manage multiple locations with rich content and info windows\u003C\u002Fli>\n\u003Cli>Assign multiple locations to a single map for complex layouts\u003C\u002Fli>\n\u003Cli>Show info windows on click or hover with customizable content\u003C\u002Fli>\n\u003Cli>Display maps on any post, page, or widget using shortcode or sidebar widget\u003C\u002Fli>\n\u003Cli>Define custom center latitude\u002Flongitude for each map\u003C\u002Fli>\n\u003Cli>Auto-center map based on assigned locations\u003C\u002Fli>\n\u003Cli>Categorize locations for filterable maps and better organization\u003C\u002Fli>\n\u003Cli>Choose from over 100+ ready-to-use colorful markers via \u003Ca href=\"https:\u002F\u002Fmapicons.mapsmarker.com\u002F\" rel=\"nofollow ugc\">Map Icons Collection\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Enable marker clustering to handle dense location areas\u003C\u002Fli>\n\u003Cli>Choose from 4 map types: Roadmap, Satellite, Hybrid, and Terrain\u003C\u002Fli>\n\u003Cli>Set custom map height, width, and zoom level easily\u003C\u002Fli>\n\u003Cli>Enable or disable map drag, scroll zoom, and interactivity\u003C\u002Fli>\n\u003Cli>Add layers like Traffic, Transit, Bicycling, and more for enhanced context\u003C\u002Fli>\n\u003Cli>Support for Street View, 45° imagery, and POV controls\u003C\u002Fli>\n\u003Cli>Add visual elements like circles to highlight areas\u003C\u002Fli>\n\u003Cli>Fully responsive maps – looks perfect on desktop, tablet, and mobile\u003C\u002Fli>\n\u003Cli>Cross-browser compatible – tested on IE8+, Chrome, Firefox, Safari\u003C\u002Fli>\n\u003Cli>Multilingual ready – supports WPML and translation plugins\u003C\u002Fli>\n\u003Cli>Works across WordPress Multisite, with network-wide activation support\u003C\u002Fli>\n\u003Cli>Easily style maps using Snazzy Maps\u003C\u002Fli>\n\u003Cli>Built-in search control to locate places directly on the frontend map\u003C\u002Fli>\n\u003Cli>Filter markers on the frontend by category\u003C\u002Fli>\n\u003Cli>Seamless upgrade to Pro – no data loss when switching from free to paid\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🏬 Use Cases – Map Solutions for Every Business\u003C\u002Fh3>\n\u003Cp>WP Maps helps you build advanced location maps for any industry. From store locators to real estate maps, here are popular use cases powered by Google Maps or Leaflet:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>🛍️ Retail Store Locator – Showcase nearby outlets, branches, or chain locations  \u003C\u002Fli>\n\u003Cli>🍽️ Restaurant Locator – Help users find your cafes, diners, or food franchises  \u003C\u002Fli>\n\u003Cli>🏠 Real Estate Property Map – Display properties with filters for listings  \u003C\u002Fli>\n\u003Cli>🏥 Hospital & Clinic Map – Show medical centers, diagnostic labs & walk-ins  \u003C\u002Fli>\n\u003Cli>🏋️ Gym & Fitness Center Locator – Promote local gyms, yoga studios & wellness hubs  \u003C\u002Fli>\n\u003Cli>🛒 Shopping Mall Directory – Build interactive directories with category filters  \u003C\u002Fli>\n\u003Cli>🏨 Hotel & Resort Locator – List resorts, BnBs, and vacation rentals by location  \u003C\u002Fli>\n\u003Cli>🚗 Car Dealership Map – Map showrooms, service centers, and authorized dealers  \u003C\u002Fli>\n\u003Cli>🏦 Bank & ATM Locator – Help customers locate ATMs and branches  \u003C\u002Fli>\n\u003Cli>💊 Pharmacy Finder – Display medical stores and 24\u002F7 pharmacy locations  \u003C\u002Fli>\n\u003Cli>💅 Salon & Spa Locator – Show salons, nail bars, and beauty spas nearby  \u003C\u002Fli>\n\u003Cli>✂️ Barber Shop Locator – Map grooming centers, barbershops, and hair stylists  \u003C\u002Fli>\n\u003Cli>🎓 School & University Maps – Display educational institutions with filters  \u003C\u002Fli>\n\u003Cli>🎤 Event Venue Locator – Help users find event halls, venues, and stadiums  \u003C\u002Fli>\n\u003Cli>🎬 Cinema & Entertainment Map – List theaters, gaming zones, and arcades  \u003C\u002Fli>\n\u003Cli>🖼️ Museum & Art Gallery Locator – Showcase local exhibitions and museums  \u003C\u002Fli>\n\u003Cli>🏛️ Government Office Map – Map municipal offices, courts, or embassies  \u003C\u002Fli>\n\u003Cli>📦 Post Office & Courier Center Locator – Find shipping centers and drop boxes  \u003C\u002Fli>\n\u003Cli>⛪ Religious Center Locator – Show churches, mosques, temples, or community halls  \u003C\u002Fli>\n\u003Cli>📚 Library Map – Display public and academic library locations  \u003C\u002Fli>\n\u003Cli>🐾 Veterinary & Pet Store Map – Highlight vets, clinics, or pet supply stores  \u003C\u002Fli>\n\u003Cli>🔧 Hardware & Home Services Map – Show electricians, repair centers, or hardware stores  \u003C\u002Fli>\n\u003Cli>💼 Co-working Space Locator – Help users find shared office spaces or business hubs  \u003C\u002Fli>\n\u003Cli>🏗️ Construction & Project Map – Showcase new projects or development plots  \u003C\u002Fli>\n\u003Cli>🍷 Wine & Liquor Store Map – Find wine shops and liquor outlets with filters  \u003C\u002Fli>\n\u003Cli>🚴 Outdoor & Sports Store Map – Locate gear shops, bike rental points, etc.  \u003C\u002Fli>\n\u003Cli>🧸 Toy Store Locator – Promote branded or local toy stores  \u003C\u002Fli>\n\u003Cli>🌻 Garden Center & Nursery Map – Help users find garden shops and nurseries  \u003C\u002Fli>\n\u003Cli>📖 Bookstore Locator – Showcase independent and chain bookstores  \u003C\u002Fli>\n\u003Cli>📱 Electronics Store Map – Map mobile, computer, and appliance retailers  \u003C\u002Fli>\n\u003Cli>👗 Clothing Store Locator – Help users find fashion outlets and boutiques  \u003C\u002Fli>\n\u003Cli>🛠️ Service Center Locator – Map repair centers for electronics, cars, or devices  \u003C\u002Fli>\n\u003Cli>⚖️ Legal & Consultancy Locator – List law firms, advisors, and service offices  \u003C\u002Fli>\n\u003Cli>📄 Insurance Office Map – Show agents, offices, and policy assistance centers  \u003C\u002Fli>\n\u003Cli>🚛 Dealer & Warehouse Locator – Display regional warehouses and distributors  \u003C\u002Fli>\n\u003Cli>🍼 Childcare & Preschool Finder – Help parents locate daycares and nurseries  \u003C\u002Fli>\n\u003Cli>🛒 Supermarket & Grocery Store Map – Show supermarkets, mini-markets, or organic stores\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>💡 Whether you’re running a small local shop or a global brand, WP Maps helps you build responsive, searchable, and filterable maps tailored to your business.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>How It Works\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Add your locations from \u003Cstrong>Add Location\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Create a map from \u003Cstrong>Add Map\u003C\u002Fstrong> and assign locations\u003C\u002Fli>\n\u003Cli>Use the shortcode (from \u003Cstrong>Manage Maps\u003C\u002Fstrong>) in posts, pages, or widgets\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cem>Note: Google Maps requires an API key. OpenStreetMap works without a key.\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch3>Important Links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.wpmapspro.com\u002Ftry-now\u002F\" rel=\"nofollow ugc\">Live Demos\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.wpmapspro.com\u002Ftutorials\u002F\" rel=\"nofollow ugc\">Tutorials\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.wpmapspro.com\u002Fmap-hooks\u002F\" rel=\"nofollow ugc\">Hooks & Filters\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fweplugins.com\u002Fsupport\u002F\" rel=\"nofollow ugc\">Support\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","WordPress map plugin for Google Maps, OpenStreetMap & Mapbox with store locator, filterable listings & custom markers.",60000,3554108,86,121,"2026-03-05T13:08:00.000Z","3.4",[159,160,20,21,161],"directory","google-maps","store-locator","https:\u002F\u002Fweplugins.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-google-map-plugin.4.9.2.zip",88,21,"2026-03-22 11:17:17",{"attackSurface":168,"codeSignals":450,"taintFlows":557,"riskAssessment":655,"analyzedAt":668},{"hooks":169,"ajaxHandlers":413,"restRoutes":436,"shortcodes":437,"cronEvents":449,"entryPointCount":187,"unprotectedCount":87},[170,177,183,185,188,191,193,197,200,203,206,210,212,214,216,220,224,228,231,234,238,242,246,249,252,254,256,259,261,264,266,269,271,272,274,278,280,282,284,287,290,293,296,300,303,305,308,310,313,317,320,323,325,326,328,329,330,332,334,336,338,339,341,344,346,348,350,353,356,357,361,365,369,371,376,381,384,389,392,397,400,402,406,409],{"type":171,"name":172,"callback":173,"priority":174,"file":175,"line":176},"filter","admin_footer_text","show_admin_footer_on_default_pages",20,"class\\ShmAdminPage.class.php",13,{"type":178,"name":179,"callback":180,"priority":181,"file":182,"line":100},"action","init","add_class",99,"class\\ShMaperTrack.class.php",{"type":171,"name":184,"callback":184,"priority":117,"file":182,"line":117},"shm_admin_element",{"type":171,"name":186,"callback":186,"file":182,"line":187},"shmapper_get_form_fild_types",11,{"type":171,"name":189,"callback":189,"priority":117,"file":182,"line":190},"shmapper_front_form_element",12,{"type":171,"name":192,"callback":192,"priority":117,"file":182,"line":176},"shmapper_form_after_fields",{"type":171,"name":194,"callback":195,"priority":117,"file":182,"line":196},"smc-post-admin-edit","smc_post_admin_edit",14,{"type":171,"name":198,"callback":198,"priority":117,"file":182,"line":199},"smc_post_fill_views_column",15,{"type":171,"name":201,"callback":201,"priority":117,"file":182,"line":202},"shm_before_insert_request",16,{"type":171,"name":204,"callback":204,"file":182,"line":205},"the_content",17,{"type":178,"name":207,"callback":208,"priority":117,"file":182,"line":209},"before_delete_post","delete_post",18,{"type":178,"name":208,"callback":208,"priority":117,"file":182,"line":211},19,{"type":178,"name":213,"callback":208,"priority":117,"file":182,"line":174},"deleted_post",{"type":178,"name":215,"callback":208,"priority":117,"file":182,"line":165},"after_delete_post",{"type":178,"name":179,"callback":217,"priority":135,"file":218,"line":219},"add_shortcodes","class\\ShMapper.class.php",77,{"type":178,"name":221,"callback":222,"file":218,"line":223},"wp_head","set_styles",78,{"type":171,"name":225,"callback":226,"priority":117,"file":218,"line":227},"smc_add_post_types","init_obj",79,{"type":178,"name":229,"callback":230,"priority":100,"file":218,"line":135},"admin_menu","admin_page_handler",{"type":178,"name":229,"callback":232,"priority":181,"file":218,"line":233},"admin_page_handler2",81,{"type":178,"name":235,"callback":236,"priority":181,"file":218,"line":237},"admin_enqueue_scripts","add_admin_js_script",82,{"type":178,"name":239,"callback":240,"priority":181,"file":218,"line":241},"wp_enqueue_scripts","add_frons_js_script",83,{"type":178,"name":243,"callback":244,"file":218,"line":245},"admin_footer","add_wizzard",84,{"type":178,"name":247,"callback":248,"priority":187,"file":218,"line":125},"wp_before_admin_bar_render","my_admin_bar_render",{"type":178,"name":179,"callback":217,"priority":237,"file":250,"line":251},"class\\ShMapperDrive.class.php",62,{"type":178,"name":239,"callback":240,"priority":181,"file":250,"line":253},63,{"type":178,"name":235,"callback":236,"priority":181,"file":250,"line":255},64,{"type":171,"name":257,"callback":257,"file":250,"line":258},"shmapper_admin",65,{"type":171,"name":225,"callback":226,"priority":199,"file":250,"line":260},66,{"type":178,"name":262,"callback":262,"file":263,"line":196},"shm_ajax_submit","class\\ShMapperDrive_ajax.class.php",{"type":178,"name":179,"callback":180,"priority":196,"file":265,"line":87},"class\\ShMapperPointMessage.class.php",{"type":171,"name":267,"callback":267,"priority":199,"file":265,"line":268},"shmapper_driver_feed_after",8,{"type":178,"name":179,"callback":180,"priority":199,"file":270,"line":190},"class\\ShMapperRequest.class.php",{"type":178,"name":207,"callback":207,"file":270,"line":176},{"type":178,"name":229,"callback":273,"file":270,"line":196},"add_menu_notification",{"type":178,"name":179,"callback":217,"priority":275,"file":276,"line":277},90,"class\\ShMapperTracks.class.php",30,{"type":171,"name":225,"callback":226,"priority":187,"file":276,"line":279},31,{"type":178,"name":239,"callback":240,"priority":181,"file":276,"line":281},32,{"type":178,"name":235,"callback":236,"priority":181,"file":276,"line":283},33,{"type":171,"name":285,"callback":285,"priority":117,"file":276,"line":286},"shm_voc",34,{"type":171,"name":288,"callback":288,"priority":117,"file":276,"line":289},"shm_vocabulary",35,{"type":171,"name":291,"callback":291,"priority":117,"file":276,"line":292},"shm_shortcode_args",36,{"type":171,"name":294,"callback":294,"priority":117,"file":276,"line":295},"shm_after_front_map",37,{"type":171,"name":297,"callback":298,"file":276,"line":299},"upload_mimes","upload_allow_types",39,{"type":171,"name":301,"callback":301,"priority":117,"file":302,"line":87},"shm_ajax_data","class\\ShMapperTracksAjax.class.php",{"type":178,"name":179,"callback":180,"priority":199,"file":304,"line":190},"class\\ShMapperTracksPoint.class.php",{"type":171,"name":306,"callback":306,"file":307,"line":211},"shm_after_request_form","class\\ShMapper_Assistants.class.php",{"type":171,"name":306,"callback":309,"file":307,"line":174},"shm_after_request_form2",{"type":171,"name":311,"callback":312,"file":307,"line":165},"parse_query","ba_admin_posts_filter",{"type":178,"name":314,"callback":315,"file":307,"line":316},"restrict_manage_posts","ba_admin_posts_filter_restrict_manage_posts",22,{"type":178,"name":179,"callback":318,"priority":187,"file":319,"line":190},"register_all","class\\ShMapPointType.class.php",{"type":178,"name":321,"callback":322,"priority":59,"file":319,"line":176},"parent_file","tax_menu_correction",{"type":178,"name":229,"callback":324,"priority":187,"file":319,"line":196},"tax_add_admin_menus",{"type":178,"name":207,"callback":207,"file":319,"line":165},{"type":178,"name":179,"callback":318,"priority":187,"file":327,"line":187},"class\\ShMapTrackType.class.php",{"type":178,"name":321,"callback":322,"priority":59,"file":327,"line":190},{"type":178,"name":229,"callback":324,"priority":187,"file":327,"line":176},{"type":178,"name":179,"callback":180,"priority":196,"file":331,"line":281},"class\\ShmMap.class.php",{"type":178,"name":229,"callback":333,"priority":187,"file":331,"line":283},"my_form_fields",{"type":178,"name":229,"callback":335,"priority":187,"file":331,"line":286},"shortcode_fields",{"type":178,"name":229,"callback":337,"priority":187,"file":331,"line":289},"admin_redirect",{"type":171,"name":204,"callback":204,"file":331,"line":292},{"type":171,"name":340,"callback":340,"priority":117,"file":331,"line":295},"post_row_actions",{"type":178,"name":342,"callback":342,"priority":117,"file":331,"line":343},"smc_before_doubled_post",38,{"type":178,"name":345,"callback":345,"priority":117,"file":331,"line":299},"smc_after_doubled_post",{"type":178,"name":179,"callback":180,"priority":196,"file":347,"line":176},"class\\ShmPoint.class.php",{"type":178,"name":229,"callback":349,"priority":174,"file":347,"line":196},"owner_fields",{"type":178,"name":351,"callback":352,"priority":27,"file":347,"line":202},"bulk_edit_custom_box","my_bulk_edit_custom_box",{"type":178,"name":354,"callback":355,"file":347,"line":205},"shmapper_bulk_before","save_bulk_edit_point",{"type":171,"name":204,"callback":204,"file":347,"line":209},{"type":171,"name":358,"callback":359,"priority":117,"file":360,"line":196},"smc_add_option","init_options","class\\SMC_Object_type.php",{"type":178,"name":229,"callback":362,"file":363,"line":364},"my_extra_fields","class\\SMC_Post.php",364,{"type":171,"name":366,"callback":367,"file":363,"line":368},"pre_get_posts","add_column_views_request",371,{"type":178,"name":351,"callback":352,"priority":27,"file":363,"line":370},377,{"type":178,"name":372,"callback":373,"file":374,"line":375},"enqueue_block_editor_assets","shm_enqueue_block_editor_assets","inc\\editor\\blocks-assets.php",47,{"type":171,"name":377,"callback":378,"file":379,"line":380},"block_categories_all","shm_block_categories_all","inc\\editor\\blocks-category.php",25,{"type":178,"name":179,"callback":382,"file":383,"line":117},"shm_register_gutenberg_blocks","inc\\editor\\blocks.php",{"type":171,"name":385,"callback":386,"priority":117,"file":387,"line":388},"use_block_editor_for_post_type","shmapper_disable_gutenberg","inc\\shm-functions.php",127,{"type":171,"name":297,"callback":390,"file":387,"line":391},"shm_upload_mimes",137,{"type":171,"name":393,"callback":394,"priority":117,"file":395,"line":396},"load_textdomain_mofile","shm_load_textdomain_mofile","shmapper.php",75,{"type":178,"name":179,"callback":398,"priority":59,"file":395,"line":399},"init_shmapper",117,{"type":178,"name":179,"callback":401,"priority":27,"file":395,"line":388},"init_shmapper_drive",{"type":178,"name":179,"callback":403,"priority":59,"file":404,"line":405},"init_shmapperTracks","shmapperTracks.plugin.php",40,{"type":178,"name":179,"callback":407,"file":408,"line":196},"redirect_login_page","widget\\ShMap.widget.php",{"type":178,"name":410,"callback":411,"file":408,"line":412},"widgets_init","register_widget_shmloc_navi",101,[414,421,423,426,429,430,432],{"action":415,"nopriv":416,"callback":417,"hasNonce":418,"hasCapCheck":418,"file":419,"line":420},"myajax",true,"ajax_submit",false,"class\\ShMapper_ajax.class.php",26,{"action":415,"nopriv":418,"callback":417,"hasNonce":418,"hasCapCheck":418,"file":419,"line":422},27,{"action":424,"nopriv":418,"callback":417,"hasNonce":418,"hasCapCheck":418,"file":419,"line":425},"myajax-admin",28,{"action":427,"nopriv":416,"callback":428,"hasNonce":418,"hasCapCheck":418,"file":419,"line":277},"shm_set_req","shm_ajax3_submit",{"action":427,"nopriv":418,"callback":428,"hasNonce":418,"hasCapCheck":418,"file":419,"line":279},{"action":431,"nopriv":418,"callback":428,"hasNonce":418,"hasCapCheck":418,"file":419,"line":281},"shm_set_req-admin",{"action":433,"nopriv":418,"callback":434,"hasNonce":418,"hasCapCheck":418,"file":363,"line":435},"save_bulk_edit","save_bulk_edit_book",379,[],[438,441,444,447],{"tag":439,"callback":439,"file":218,"line":440},"shmMap",222,{"tag":442,"callback":442,"file":250,"line":443},"shmMapFeed",72,{"tag":445,"callback":445,"file":276,"line":446},"shmMapTrack",44,{"tag":439,"callback":439,"file":448,"line":117},"shortcode\\shm_shortcodes.php",[],{"dangerousFunctions":451,"sqlUsage":452,"outputEscaping":471,"fileOperations":87,"externalRequests":28,"nonceChecks":27,"capabilityChecks":62,"bundledLibraries":556},[],{"prepared":196,"raw":87,"locations":453},[454,456,459,462,464,467,469],{"file":218,"line":176,"context":455},"$wpdb->query() with variable interpolation",{"file":331,"line":457,"context":458},789,"$wpdb->get_col() with variable interpolation",{"file":331,"line":460,"context":461},950,"$wpdb->get_var() with variable interpolation",{"file":331,"line":463,"context":461},955,{"file":360,"line":465,"context":466},338,"$wpdb->get_row() with variable interpolation",{"file":360,"line":468,"context":466},342,{"file":470,"line":202,"context":458},"unistall.php",{"escaped":472,"rawEcho":473,"locations":474},309,42,[475,478,480,482,483,485,487,489,491,493,495,497,499,501,503,505,507,509,511,513,515,517,518,520,522,524,526,528,530,532,534,536,538,540,542,544,546,548,550,552,554,555],{"file":218,"line":476,"context":477},534,"raw output",{"file":218,"line":479,"context":477},903,{"file":263,"line":481,"context":477},126,{"file":265,"line":75,"context":477},{"file":270,"line":484,"context":477},89,{"file":270,"line":486,"context":477},97,{"file":270,"line":488,"context":477},113,{"file":270,"line":490,"context":477},116,{"file":419,"line":492,"context":477},520,{"file":307,"line":494,"context":477},45,{"file":319,"line":496,"context":477},125,{"file":319,"line":498,"context":477},133,{"file":319,"line":500,"context":477},139,{"file":319,"line":502,"context":477},145,{"file":319,"line":504,"context":477},149,{"file":319,"line":506,"context":477},172,{"file":319,"line":508,"context":477},184,{"file":319,"line":510,"context":477},194,{"file":319,"line":512,"context":477},204,{"file":319,"line":514,"context":477},209,{"file":327,"line":516,"context":477},108,{"file":327,"line":490,"context":477},{"file":327,"line":519,"context":477},138,{"file":327,"line":521,"context":477},150,{"file":331,"line":523,"context":477},175,{"file":331,"line":525,"context":477},198,{"file":331,"line":527,"context":477},493,{"file":347,"line":529,"context":477},143,{"file":347,"line":531,"context":477},189,{"file":347,"line":533,"context":477},266,{"file":347,"line":535,"context":477},273,{"file":347,"line":537,"context":477},279,{"file":347,"line":539,"context":477},300,{"file":347,"line":541,"context":477},539,{"file":363,"line":543,"context":477},439,{"file":363,"line":545,"context":477},588,{"file":363,"line":547,"context":477},593,{"file":363,"line":549,"context":477},604,{"file":363,"line":551,"context":477},690,{"file":363,"line":553,"context":477},744,{"file":408,"line":405,"context":477},{"file":408,"line":99,"context":477},[],[558,575,583,596,607,615,624,632,642],{"entryPoint":559,"graph":560,"unsanitizedCount":59,"severity":39},"shm_before_insert_request (class\\ShMaperTrack.class.php:466)",{"nodes":561,"edges":573},[562,567],{"id":563,"type":564,"label":565,"file":182,"line":566},"n0","source","$_FILES",506,{"id":568,"type":569,"label":570,"file":182,"line":571,"wp_function":572},"n1","sink","file_get_contents() [SSRF\u002FLFI]",519,"file_get_contents",[574],{"from":563,"to":568,"sanitized":418},{"entryPoint":576,"graph":577,"unsanitizedCount":59,"severity":39},"\u003CShMaperTrack.class> (class\\ShMaperTrack.class.php:0)",{"nodes":578,"edges":581},[579,580],{"id":563,"type":564,"label":565,"file":182,"line":566},{"id":568,"type":569,"label":570,"file":182,"line":571,"wp_function":572},[582],{"from":563,"to":568,"sanitized":418},{"entryPoint":584,"graph":585,"unsanitizedCount":59,"severity":39},"my_bulk_action_admin_notice (class\\SMC_Post.php:560)",{"nodes":586,"edges":594},[587,590],{"id":563,"type":564,"label":588,"file":363,"line":589},"$_GET",563,{"id":568,"type":569,"label":591,"file":363,"line":592,"wp_function":593},"echo() [XSS]",565,"echo",[595],{"from":563,"to":568,"sanitized":418},{"entryPoint":597,"graph":598,"unsanitizedCount":28,"severity":606},"myajax_submit (class\\ShMapper_ajax.class.php:128)",{"nodes":599,"edges":604},[600,603],{"id":563,"type":564,"label":601,"file":419,"line":602},"$_POST",140,{"id":568,"type":569,"label":591,"file":419,"line":492,"wp_function":593},[605],{"from":563,"to":568,"sanitized":416},"low",{"entryPoint":608,"graph":609,"unsanitizedCount":28,"severity":606},"\u003CShMapper_ajax.class> (class\\ShMapper_ajax.class.php:0)",{"nodes":610,"edges":613},[611,612],{"id":563,"type":564,"label":601,"file":419,"line":602},{"id":568,"type":569,"label":591,"file":419,"line":492,"wp_function":593},[614],{"from":563,"to":568,"sanitized":416},{"entryPoint":616,"graph":617,"unsanitizedCount":28,"severity":606},"save_bulk_edit_point (class\\ShmPoint.class.php:550)",{"nodes":618,"edges":622},[619,620],{"id":563,"type":564,"label":601,"file":347,"line":589},{"id":568,"type":569,"label":591,"file":347,"line":621,"wp_function":593},564,[623],{"from":563,"to":568,"sanitized":416},{"entryPoint":625,"graph":626,"unsanitizedCount":28,"severity":606},"\u003CShmPoint.class> (class\\ShmPoint.class.php:0)",{"nodes":627,"edges":630},[628,629],{"id":563,"type":564,"label":601,"file":347,"line":589},{"id":568,"type":569,"label":591,"file":347,"line":621,"wp_function":593},[631],{"from":563,"to":568,"sanitized":416},{"entryPoint":633,"graph":634,"unsanitizedCount":28,"severity":606},"save_bulk_edit_book (class\\SMC_Post.php:638)",{"nodes":635,"edges":640},[636,638],{"id":563,"type":564,"label":601,"file":363,"line":637},670,{"id":568,"type":569,"label":591,"file":363,"line":639,"wp_function":593},671,[641],{"from":563,"to":568,"sanitized":416},{"entryPoint":643,"graph":644,"unsanitizedCount":28,"severity":606},"\u003CSMC_Post> (class\\SMC_Post.php:0)",{"nodes":645,"edges":652},[646,647,648,650],{"id":563,"type":564,"label":588,"file":363,"line":589},{"id":568,"type":569,"label":591,"file":363,"line":592,"wp_function":593},{"id":649,"type":564,"label":601,"file":363,"line":637},"n2",{"id":651,"type":569,"label":591,"file":363,"line":639,"wp_function":593},"n3",[653,654],{"from":563,"to":568,"sanitized":416},{"from":649,"to":651,"sanitized":416},{"summary":656,"deductions":657},"The \"shmapper-by-teplitsa\" plugin v1.5.1 presents a mixed security posture. While it demonstrates good practices in using prepared statements for a majority of its SQL queries and properly escaping most output, significant concerns arise from its attack surface. A substantial portion of its entry points, specifically 7 out of 11, lack authentication checks, making them vulnerable to unauthorized access and manipulation. Furthermore, the presence of 3 flows with unsanitized paths, although not classified as critical or high severity by the taint analysis, warrants attention as it suggests potential avenues for input injection vulnerabilities.\n\nThe plugin's vulnerability history is a notable weakness. With 2 known medium severity CVEs, both instances of Cross-site Scripting (XSS), it indicates a recurring pattern of input sanitization issues. The fact that the last vulnerability was recorded in early 2025, even though the current version might be older, suggests that past vulnerabilities may not have been adequately addressed or that the underlying code structure remains susceptible. The absence of unpatched vulnerabilities is a positive sign, but the history itself points to a need for more robust security development practices.\n\nIn conclusion, \"shmapper-by-teplitsa\" v1.5.1 has strengths in its SQL and output handling but suffers from critical weaknesses in its attack surface and a concerning history of XSS vulnerabilities. The unprotected AJAX handlers and unsanitized paths are immediate risks that require mitigation. The recurring XSS vulnerabilities, even if currently patched, highlight an ongoing risk that could resurface with future code changes. A proactive approach to hardening the input validation and authorization mechanisms is recommended.",[658,660,662,664,666],{"reason":659,"points":174},"AJAX handlers without auth checks",{"reason":661,"points":199},"Flows with unsanitized paths",{"reason":663,"points":174},"Medium severity CVEs (XSS)",{"reason":665,"points":13},"Low number of nonce checks",{"reason":667,"points":13},"Low number of capability checks","2026-03-16T20:37:04.204Z",{"wat":670,"direct":689},{"assetPaths":671,"generatorPatterns":679,"scriptPaths":680,"versionParams":681},[672,673,674,675,676,677,678],"\u002Fwp-content\u002Fplugins\u002Fshmapper-by-teplitsa\u002Fcss\u002Fshmapper.css","\u002Fwp-content\u002Fplugins\u002Fshmapper-by-teplitsa\u002Fjs\u002Fshmapper.js","\u002Fwp-content\u002Fplugins\u002Fshmapper-by-teplitsa\u002Fjs\u002Fshmapper.map.js","\u002Fwp-content\u002Fplugins\u002Fshmapper-by-teplitsa\u002Fjs\u002Fshmapper.admin.js","\u002Fwp-content\u002Fplugins\u002Fshmapper-by-teplitsa\u002Fcss\u002Fshm.css","\u002Fwp-content\u002Fplugins\u002Fshmapper-by-teplitsa\u002Fcss\u002Fshm.map.css","\u002Fwp-content\u002Fplugins\u002Fshmapper-by-teplitsa\u002Fcss\u002Fshm.admin.css",[],[673,674,675],[682,683,684,685,686,687,688],"shmapper-by-teplitsa\u002Fcss\u002Fshmapper.css?ver=","shmapper-by-teplitsa\u002Fjs\u002Fshmapper.js?ver=","shmapper-by-teplitsa\u002Fjs\u002Fshmapper.map.js?ver=","shmapper-by-teplitsa\u002Fjs\u002Fshmapper.admin.js?ver=","shmapper-by-teplitsa\u002Fcss\u002Fshm.css?ver=","shmapper-by-teplitsa\u002Fcss\u002Fshm.map.css?ver=","shmapper-by-teplitsa\u002Fcss\u002Fshm.admin.css?ver=",{"cssClasses":690,"htmlComments":697,"htmlAttributes":698,"restEndpoints":702,"jsGlobals":703,"shortcodeOutput":705},[691,692,693,694,695,696],"shm-map-wrapper","shm-point-map","shmapper-request-form","shmapper-request-form-submit","shm_map_container","shm-admin-page-wrapper",[],[699,700,701],"data-shm-map-id","data-shm-point-id","data-shmapper-request-form-id",[],[704],"shmapper_ajax_object",[706,707],"[shm_map]","[shm_request]"]