
Smart Google Map Security & Risk Analysis
wordpress.org/plugins/smart-google-mapThis is a simple and smart Google Map plugin.
Is Smart Google Map Safe to Use in 2026?
Generally Safe
Score 85/100Smart Google Map has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "smart-google-map" plugin version 1.5 exhibits a generally strong security posture based on the provided static analysis. The absence of known vulnerabilities (CVEs) and the plugin's vulnerability history, which shows no recorded issues, are positive indicators. Furthermore, the code analysis reveals good security practices such as 100% of SQL queries using prepared statements and the presence of nonce and capability checks. The attack surface is minimal, with only one shortcode identified and no unprotected entry points found in AJAX handlers or REST API routes. External HTTP requests and file operations are also absent, further reducing potential risks.
However, a notable concern lies in the output escaping. With 60% of outputs properly escaped, there is a 40% chance that some data might be rendered without sufficient sanitization. This could potentially lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is not handled carefully in the unescaped outputs. The static analysis did not reveal any critical or high severity taint flows, which is reassuring, but the moderate level of output escaping warrants attention as a potential weak point. The lack of bundled libraries is also a positive, as it avoids the risks associated with outdated or vulnerable third-party code.
In conclusion, "smart-google-map" v1.5 appears to be a relatively secure plugin, benefiting from a small attack surface and adherence to several key security practices. The absence of historical vulnerabilities is a significant strength. The primary area for improvement and potential risk is the incomplete output escaping, which could be exploited for XSS attacks. Mitigation of this specific issue would further solidify its security standing.
Key Concerns
- Outputs not properly escaped (40%)
Smart Google Map Security Vulnerabilities
Smart Google Map Release Timeline
Smart Google Map Code Analysis
Output Escaping
Smart Google Map Attack Surface
Shortcodes 1
WordPress Hooks 5
Maintenance & Trust
Smart Google Map Maintenance & Trust
Maintenance Signals
Community Trust
Smart Google Map Alternatives
WP Go Maps (formerly WP Google Maps)
wp-google-maps
The easiest to use Google maps plugin! Create a custom Google map, map block, store locator or map widget with high quality markers containing categor …
iframe
iframe
[iframe src="http://www.youtube.com/embed/7_nAZQt9qu0" width="100%" height="500"] shortcode
WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters
wp-google-map-plugin
WordPress map plugin for Google Maps, OpenStreetMap & Mapbox with store locator, filterable listings & custom markers.
WP Store Locator
wp-store-locator
An easy to use location management system that enables users to search for nearby physical stores.
API KEY for Google Maps
api-key-for-google-maps
Retroactively add Google Maps API KEY to any theme or plugin.
Smart Google Map Developer Profile
4 plugins · 100 total installs
How We Detect Smart Google Map
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/smart-google-map/inc/sgm-custom-post.php/wp-content/plugins/smart-google-map/inc/sgm-meta-box.php/wp-content/plugins/smart-google-map/inc/sgm-settings-page.php/wp-content/plugins/smart-google-map/inc/sgm-shortcode.phpHTML / DOM Fingerprints
sgm-map-wrappersgm-mapsgm-linkssgm-itemsgm-iw-containersgm-iw-titlesgm-iw-contentdata-cat-slugsgm_mapsgm_markerssgm_infoWindowsgm_boundssgm_data<div class="sgm-map-wrapper"><div id="sgm-map" class="sgm-map"></div><div class="sgm-links"><button class="sgm-item" data-cat-slug="