WP-Safety

VenoMaps – OpenStreetMap & Privacy-Friendly Geo Maps Security & Risk Analysis

wordpress.org/plugins/venomaps

Create beautiful, searchable maps with custom markers and routes. The simple, private alternative to Google Maps.

400 active installs v2.1.2 PHP 7.3+ WP 4.0+ Updated Mar 4, 2026
mapsprivacyroutessearchstore-locator
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is VenoMaps – OpenStreetMap & Privacy-Friendly Geo Maps Safe to Use in 2026?

Generally Safe

Score 100/100

VenoMaps – OpenStreetMap & Privacy-Friendly Geo Maps has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "venomaps" plugin v2.1.2 exhibits a strong security posture based on the provided static analysis. The plugin demonstrates good security practices with a high percentage of properly escaped output, a significant number of nonce checks, and capability checks in place for its entry points. Furthermore, the complete absence of dangerous functions and the consistent use of prepared statements for all SQL queries are significant strengths, indicating a robust defense against common injection vulnerabilities.

The static analysis reveals a small attack surface consisting of AJAX handlers and shortcodes, with no unauthenticated entry points identified. The taint analysis reporting zero flows with unsanitized paths further reinforces the plugin's security. The vulnerability history is also clear, with no known CVEs, patched or unpatched, suggesting a history of secure development or diligent security patching by the developers.

While the plugin demonstrates excellent security practices and a clean vulnerability history, the presence of file operations and external HTTP requests, though single instances, warrant careful monitoring. The current data does not indicate any immediate high-risk vulnerabilities, making "venomaps" v2.1.2 appear to be a relatively secure option. However, continued vigilance and regular updates are always recommended for any plugin.

Key Concerns

  • Single file operation detected
  • Single external HTTP request detected
Vulnerabilities
None known

VenoMaps – OpenStreetMap & Privacy-Friendly Geo Maps Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

VenoMaps – OpenStreetMap & Privacy-Friendly Geo Maps Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
3
184 escaped
Nonce Checks
5
Capability Checks
3
File Operations
1
External Requests
1
Bundled Libraries
0

Output Escaping

98% escaped187 total outputs
Attack Surface

VenoMaps – OpenStreetMap & Privacy-Friendly Geo Maps Attack Surface

Entry Points3
Unprotected0

AJAX Handlers 2

authwp_ajax_vmap_set_csvinclude\class-venomaps-plugin.php:278
authwp_ajax_vmap_fetch_osrm_routesinclude\class-venomaps-plugin.php:288

Shortcodes 1

[venomap] include\class-venomaps-plugin.php:290
WordPress Hooks 16
actionadmin_enqueue_scriptsinclude\class-venomaps-edit.php:31
actionadd_meta_boxesinclude\class-venomaps-edit.php:32
actionsave_postinclude\class-venomaps-edit.php:33
actionadmin_menuinclude\class-venomaps-options.php:49
actionadmin_initinclude\class-venomaps-options.php:50
actionadmin_enqueue_scriptsinclude\class-venomaps-options.php:51
actionplugins_loadedinclude\class-venomaps-plugin.php:268
actionwp_enqueue_scriptsinclude\class-venomaps-plugin.php:269
actioninitinclude\class-venomaps-plugin.php:272
actioninitinclude\class-venomaps-plugin.php:275
actionenqueue_block_editor_assetsinclude\class-venomaps-plugin.php:276
filterpost_row_actionsinclude\class-venomaps-plugin.php:279
actionadmin_action_vmaps_duplicate_post_as_draftinclude\class-venomaps-plugin.php:280
actionadmin_noticesinclude\class-venomaps-plugin.php:281
actionadmin_initinclude\class-venomaps-plugin.php:283
actionadmin_noticesinclude\class-venomaps-plugin.php:284
Maintenance & Trust

VenoMaps – OpenStreetMap & Privacy-Friendly Geo Maps Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 4, 2026
PHP min version7.3
Downloads10K

Community Trust

Rating84/100
Number of ratings5
Active installs400
Alternatives

VenoMaps – OpenStreetMap & Privacy-Friendly Geo Maps Alternatives

PTI Store Locator

PTI Store Locator

pti-store-locator

A
100

Display multiple store or branch locations on Google Maps with search, filters, and customizable info windows.

0 No CVEs
WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters

WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters

wp-google-map-plugin

A
88

WordPress map plugin for Google Maps, OpenStreetMap & Mapbox with store locator, filterable listings & custom markers.

60K 20 CVEs
WP Store Locator

WP Store Locator

wp-store-locator

A
98

An easy to use location management system that enables users to search for nearby physical stores.

50K 1 CVE
MapPress Maps for WordPress

MapPress Maps for WordPress

mappress-google-maps-for-wordpress

A
94

MapPress is the easiest way to add unlimited interactive Google and Leaflet maps to WordPress.

30K 14 CVEs
Store Locator WordPress

Store Locator WordPress

agile-store-locator

A
89

Agile Store Locator is a premium store finder plugin designed to offer you immediate access to all the best stores in your local area.

10K 8 CVEs
Developer Profile

VenoMaps – OpenStreetMap & Privacy-Friendly Geo Maps Developer Profile

Nicola Franchini

3 plugins · 510 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect VenoMaps – OpenStreetMap & Privacy-Friendly Geo Maps

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about VenoMaps – OpenStreetMap & Privacy-Friendly Geo Maps