[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fF-HnPuHK_1HPk9vS3FC0XN17K3BvDTby_5-Aoadoesg":3,"$f2Ggunv1fImHSWmm8JqtE559TlaKQCmwHbrWSr2F2Irk":122,"$fbVb5EiwybAPJ5-NBIdaPhilrETa-Bmp3Ts8H8IdfzG4":127},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":22,"download_link":23,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"discovery_status":28,"vulnerabilities":29,"developer":30,"crawl_stats":26,"alternatives":37,"analysis":63,"fingerprints":103},"simply-map-me","Simply Map Me","1.0","Faizan Ali","https:\u002F\u002Fprofiles.wordpress.org\u002Ffaizan1041\u002F","\u003Cp>Avoid going on Google Maps each time and copying the embed code from there. Just wrap your location within [map] and [\u002Fmap] and see your map anywhere on WordPress. Also supports width and height.\u003C\u002Fp>\n","Avoid going on Google Maps each time and copying the embed code from there. Just wrap your location within [map] and [\u002Fmap] and see your map anywhere  …",10,1748,100,1,"2014-02-02T07:28:00.000Z","3.7.41","3.0.1","",[20,4,21],"google-maps-plugin","wordpress-simple-maps","http:\u002F\u002Ffaizan-ali.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimply-map-me.1.0.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":24,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"faizan1041",2,20,30,84,"2026-05-19T21:58:24.051Z",[38],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":59,"download_link":60,"security_score":61,"vuln_count":14,"unpatched_count":25,"last_vuln_date":62,"fetched_at":27},"simple-google-maps-short-code","Simple Shortcode for Google Maps","1.8.2","fullworks","https:\u002F\u002Fprofiles.wordpress.org\u002Ffullworks\u002F","\u003Cp>Simple to use, yet powerful, Google Maps plugin! Reviews say this is “Best Google Map Shortcode plugin”.\u003C\u002Fp>\n\u003Cp>Put a Google map on your WordPress posts and pages simply and easily with a shortcode. Straight forward and easy to use! Ideal for contact page maps, maps showing delivery areas and many other uses!\u003C\u002Fp>\n\u003Cp>This plugin will enable a simple shortcode that you can use for embedding Google Maps in any WordPress post or page. The shortcode uses the \u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Fplugins\u002Fhttp-api\u002F\" rel=\"nofollow ugc\">WordPress HTTPS API\u003C\u002Fa> and the \u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Fapis\u002Fhandbook\u002Ftransients\u002F\" rel=\"nofollow ugc\">Transients API\u003C\u002Fa> for delivering cached Google maps with little to no impact on your site’s performance.\u003C\u002Fp>\n\u003Cp>Maps are displayed with the [pw_map] shortcode:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[pw_map address=\"New York City\" key=\"YOUR Map JS API KEY\" geokey=\"YOUR Geo API KEY\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Google now requires that new accounts use an API key. You can register a free API key \u003Ca href=\"https:\u002F\u002Fdevelopers.google.com\u002Fmaps\u002Fdocumentation\u002Fjavascript\u002Fget-api-key#get-an-api-key\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>You can have multiple map pins, simply add multiple addresses separated by semi-colon \u003Ccode>;\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[pw_map address=\"Statue of Liberty National Monument NYC;Empire State Building, New York, NY, USA\" key=\"YOUR Map JS API KEY\" geokey=\"YOUR Geo API KEY\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>All Shortcode Options\u003C\u002Fh3>\n\u003Cp>Mandatory\u003C\u002Fp>\n\u003Cli>address  – Description: The address you want pinned – Allowed values: any address that Google can find, multi addresses separated by ;\u003C\u002Fli>\n\u003Cli>key – Description: Your Google Maps API Key – Allowed values: valid key\u003C\u002Fli>\n\u003Cli>geokey – Description: Your Google Geocoding API Key – Allowed values: valid key\u003C\u002Fli>\n\u003Cp>Why two key? You should restrict your API keys to avoid abuse. You need to use the geokey to allow the geocoding to work, enabled on the GeoCoding API, restricted to your server IP, and key\u003Cbr \u002F>\nenabled on the Maps JavaScript API restricted to your website domain(s).\u003C\u002Fp>\n\u003Cp>Optional ( with default values)\u003C\u002Fp>\n\u003Cli>width – Description: sets the map width – Default: 100% – Allowed values: size in % or px\u003C\u002Fli>\n\u003Cli>height – Description: sets the map height – Default: 400px – Allowed values: size in % or px\u003C\u002Fli>\n\u003Cli>enablescrollwheel – Description: zooming on the map using a mouse scroll wheel  – Default: true – Allowed values: true or false\u003C\u002Fli>\n\u003Cli>zoom – Description: The initial Map zoom level – Default: 15 – Allowed values: Valid zoom values are numbers from zero up to the supported maximum zoom level\u003C\u002Fli>\n\u003Cli>disablecontrols – Description: Enables\u002Fdisables all default UI buttons. May be overridden individually. Does not disable the keyboard controls – Default: false – Allowed values: true or false\u003C\u002Fli>\n\u003Cli>force – Description: disable caching of geocoding, only use this on test   – Default: false – Allowed values: true or false\u003C\u002Fli>\n\u003Cli>zoomcontrol – Description: display the Zoom +\u002F- buttons  – Default: true – Allowed values: true or false\u003C\u002Fli>\n\u003Cli>nozoom – Description: fixes the zoom level by seeting min and max to the starting zoom  – Default: false – Allowed values: true or false\u003C\u002Fli>\n\u003Cp>\u003C\u002Fp>\n\u003Cli>gesturehandling – Description: This setting controls how the amp handles gestures on the map. – Default: auto – Allowed values:\u003C\u002Fli>\n\u003Cul>\n\u003Cli>“cooperative”: Scroll events and one-finger touch gestures scroll the page, and do not zoom or pan the map. Two-finger touch gestures pan and zoom the map. Scroll events with a ctrl key or ⌘ key pressed zoom the map. In this mode the map cooperates with the page.\u003C\u002Fli>\n\u003Cli>“greedy”: All touch gestures and scroll events pan or zoom the map.\u003C\u002Fli>\n\u003Cli>“none”: The map cannot be panned or zoomed by user gestures.\u003C\u002Fli>\n\u003Cli>“auto”: Gesture handling is either cooperative or greedy, depending on whether the page is scrollable or in an iframe.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cli>maptypeid – Description: Determines the initial map display type – Default: roadmap – Allowed values:\u003C\u002Fli>\n\u003Cul>\n\u003Cli>“roadmap”: This map type displays a normal street map.\u003C\u002Fli>\n\u003Cli>“satellite”: This map type displays satellite images.\u003C\u002Fli>\n\u003Cli>“hybrid”: This map type displays a transparent layer of major streets on satellite images.\u003C\u002Fli>\n\u003Cli>“terrain”: This map type displays maps with physical features such as terrain and vegetation.\u003C\u002Fli>\n\u003C\u002Ful>\n","A simple shortcode for embedding Google Maps in any WordPress post, page or widget.",4000,169995,92,46,"2025-03-25T22:35:00.000Z","6.7.5","4.6","7.4",[55,56,20,57,58],"gmaps","google-maps","google-maps-shortcode","maps","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsimple-google-maps-short-code\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-google-maps-short-code.1.8.2.zip",91,"2024-11-07 17:29:10",{"attackSurface":64,"codeSignals":80,"taintFlows":90,"riskAssessment":91,"analyzedAt":102},{"hooks":65,"ajaxHandlers":72,"restRoutes":73,"shortcodes":74,"cronEvents":79,"entryPointCount":14,"unprotectedCount":25},[66],{"type":67,"name":68,"callback":69,"file":70,"line":71},"action","admin_menu","register_map_page","simply-map-me.php",76,[],[],[75],{"tag":76,"callback":77,"file":70,"line":78},"map","simply_map_me",44,[],{"dangerousFunctions":81,"sqlUsage":82,"outputEscaping":84,"fileOperations":25,"externalRequests":25,"nonceChecks":25,"capabilityChecks":25,"bundledLibraries":89},[],{"prepared":25,"raw":25,"locations":83},[],{"escaped":25,"rawEcho":14,"locations":85},[86],{"file":70,"line":87,"context":88},54,"raw output",[],[],{"summary":92,"deductions":93},"The 'simply-map-me' v1.0 plugin presents a generally positive security posture, with no known vulnerabilities or critical code signals identified in the static analysis. The absence of dangerous functions, raw SQL queries, file operations, external HTTP requests, and the use of prepared statements for all SQL queries are strong indicators of secure coding practices. The plugin also has a small attack surface, with only one entry point (a shortcode) and no AJAX handlers or REST API routes that could be exploited without authentication.\n\nHowever, a significant concern arises from the complete lack of output escaping. This means that any data displayed to users via the shortcode, if it originates from user input or an untrusted source, could be vulnerable to cross-site scripting (XSS) attacks. The lack of nonce checks and capability checks, while not directly exploitable due to the limited attack surface, represents a missed opportunity to implement robust access control and further harden the plugin against potential future introductions of more complex functionality. The absence of taint analysis results is neutral; it suggests no flows were found, but the analysis might not have been comprehensive or the code structure didn't lend itself to taint detection in this specific run.\n\nOverall, the plugin's vulnerability history being clear is a strong positive. The primary weakness lies in the unescaped output, which is a common and potentially severe vulnerability. While the plugin is currently safe due to its limited functionality and attack surface, the lack of output escaping is a critical area for improvement to ensure long-term security.",[94,97,100],{"reason":95,"points":96},"Unescaped output identified",8,{"reason":98,"points":99},"Missing nonce checks",3,{"reason":101,"points":99},"Missing capability checks","2026-03-17T00:24:22.901Z",{"wat":104,"direct":109},{"assetPaths":105,"generatorPatterns":106,"scriptPaths":107,"versionParams":108},[],[],[],[],{"cssClasses":110,"htmlComments":111,"htmlAttributes":112,"restEndpoints":113,"jsGlobals":114,"shortcodeOutput":115},[],[],[],[],[],[116,117,118,119,120,121],"\u003Cstrong>","\u003Cp>\u003Ciframe width="," height="," frameborder='0' scrolling='no' marginheight='0' marginwidth='0' src='https:\u002F\u002Fmaps.google.com\u002Fmaps?oe=utf-8&channel=fflb&q=","&ie=UTF8&hq=&hnear=","&output=embed'>\u003C\u002Fiframe>\u003C\u002Fp>",{"error":123,"url":124,"statusCode":125,"statusMessage":126,"message":126},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fsimply-map-me\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":14,"versions":128},[129],{"version":6,"download_url":23,"svn_tag_url":130,"released_at":26,"has_diff":131,"diff_files_changed":132,"diff_lines":26,"trac_diff_url":26,"vulnerabilities":133,"is_current":123},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsimply-map-me\u002Ftags\u002F1.0\u002F",false,[],[]]