Does TZ Google Map have any unpatched vulnerabilities?

No. All known vulnerabilities in TZ Google Map have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is TZ Google Map compatible with WordPress 4.2.39?

According to WordPress.org data, TZ Google Map 1.0.0 has been tested up to WordPress 4.2.39. Check the plugin's changelog for the latest compatibility information.

How often is TZ Google Map updated?

TZ Google Map was last updated on Jun 9, 2015. Frequent updates are generally a positive security signal.

What is TZ Google Map's security score?

TZ Google Map has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

TZ Google Map Security & Risk Analysis

wordpress.org/plugins/tz-google-map

Display one or more Address on Google map with your icon or your image. All control Google map and display Address when click to icon, image.

10 active installs v1.0.0 PHP + WP 3.0.1+ Updated Jun 9, 2015

color-mapgooglemapwidget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is TZ Google Map Safe to Use in 2026?

Generally Safe

Score 85/100

TZ Google Map has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago

Risk Assessment

The tz-google-map plugin v1.0.0 presents a significant security risk primarily due to an unprotected AJAX handler. While the plugin demonstrates good practices by avoiding dangerous functions, raw SQL queries, file operations, and external HTTP requests, the presence of a single, unauthenticated entry point is a major concern. This unprotected AJAX handler could potentially be leveraged by an attacker to perform unauthorized actions or inject malicious data. The taint analysis also revealed flows with unsanitized paths, though these did not reach a critical or high severity according to the provided data. The plugin's vulnerability history is clean, with no known CVEs, which suggests a potentially low complexity or limited exposure in the past. However, the lack of historical vulnerabilities does not negate the immediate risks identified in the static analysis. The plugin's strengths lie in its clean code regarding SQL and output handling, but its weakness is a critical gap in its authentication for its sole entry point.

Key Concerns

Unprotected AJAX handler
Flows with unsanitized paths (low severity)
Low output escaping (54%)
Missing nonce checks on AJAX
Missing capability checks on AJAX

Vulnerabilities

None known

TZ Google Map Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

TZ Google Map Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

75 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

54% escaped138 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

add_tzgooglemap (widget.php:426)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

TZ Google Map Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_add_tzgooglemapwidget.php:38

WordPress Hooks 4

actionplugins_loadedindex.php:46

actionwidgets_initindex.php:55

actionload-widgets.phpwidget.php:33

actionadmin_enqueue_scriptswidget.php:39

Maintenance & Trust

TZ Google Map Maintenance & Trust

Maintenance Signals

WordPress version tested4.2.39

Last updatedJun 9, 2015

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

TZ Google Map Alternatives

Classic Widgets

classic-widgets

100

Enables the previous "classic" widgets settings screens in Appearance - Widgets and the Customizer. Disables the block editor from managing widgets.

2.0M No CVEs

ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor

elementskit-lite

Join millions who empower their websites with ElementsKit Elementor Addons. Get templates, & 100+ widgets like header-footer, mega menu, custom widget

2.0M 22 CVEs

Essential Addons for Elementor – Popular Elementor Templates & Widgets

essential-addons-for-elementor-lite

Elementor addon offering 110+ widgets and templates — Elementor Gallery, Slider, Form, Post Grid, Menu, Accordion, WooCommerce & more.

2.0M 56 CVEs

Ultimate Addons for Elementor

header-footer-elementor

Powerful Elementor addon with advanced Elementor widgets, templates, WooCommerce widgets & Header-Footer builder to build professional websites fa …

2.0M 12 CVEs

Smash Balloon Social Photo Feed – Easy Social Feeds Plugin

instagram-feed

Formerly "Instagram Feed". Display clean, customizable, and responsive Instagram feeds from multiple accounts. Supports Instagram oEmbeds.

1.0M 4 CVEs

Developer Profile

TZ Google Map Developer Profile

tuyennv

7 plugins · 1K total installs

trust score

Avg Security Score

82/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect TZ Google Map

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/tz-google-map/css/widget.css

Script Paths

/wp-content/plugins/tz-google-map/js/tz_googlemap.js

Version Parameters

tz-googlemap/css/widget.css?ver=tz-googlemap.js?ver=

HTML / DOM Fingerprints

CSS Classes

widget_tzgooglemaptz-google-map-wrappermap

Data Attributes

id="tz-google-map"

JS Globals

tzgooglemap_arraylocationsaddress_center

FAQ