Title: Malware Last modified: January 17, 2025 --- # Malware * Resolved [consc197](https://wordpress.org/support/users/consc197/) * (@consc197) * [1 year, 4 months ago](https://wordpress.org/support/topic/malware-167/) * Hello, * I’ve been trying to troubleshoot an issue where there appears to be a javascript infection only within the WP Google Maps plugin but this occurs even on a newly downloaded/installed latest version on just the specific site. * Wordfence, Imunify, WP scan don’t locate any malware but its impossible as each time I visit admin.php?page=wp-google-maps-menu&action=edit&map_id=1 a bunch of popups appear among multiple PC’s (so its not a PC infection) but only on the edit map pages. * Maybe you have some pointers as to where I can look for the malware within the plugin structure? maybe some setting that the malware could be residing in? Viewing 2 replies - 1 through 2 (of 2 total) * Plugin Author [DylanAuty](https://wordpress.org/support/users/dylanauty/) * (@dylanauty) * [1 year, 4 months ago](https://wordpress.org/support/topic/malware-167/#post-18253016) * Hi [@consc197](https://wordpress.org/support/users/consc197/), * Thank you for reaching out, I do appreciate your time. * We don’t currently have any known issues logged that would allow something like this to occur. However, some time ago we did have a vulnerability present in the core code which allowed a redirect (or alternative script) to be stored to our marker data. * Our team worked quickly to resolve the issue, and we released a series of additional updates after this to automatically clean up any data that might have been exposed. For reference, I am linking a few threads related to this below: - [https://wordpress.org/support/topic/exploit-in-wp-go-maps/](https://wordpress.org/support/topic/exploit-in-wp-go-maps/) - [https://wordpress.org/support/topic/plugin-was-compromised-2/](https://wordpress.org/support/topic/plugin-was-compromised-2/) * Although those updates did resolve issues on the large majority of sites, it is possible that some sites may not have cleaned up correctly. * Based on what you have described, I do suspect this is the case here. The best way forward is to check the main marker data (found within wp_wpgmza table in most installations) for any script tags, as these should not be present. * If you are open to it, please consider reaching out to us [on our website](https://www.wpgmaps.com/contact-us/) and I’d be happy to work closely with you to get to the bottom of this as soon as possible. * Plugin Author [DylanAuty](https://wordpress.org/support/users/dylanauty/) * (@dylanauty) * [1 year, 4 months ago](https://wordpress.org/support/topic/malware-167/#post-18262597) * Hi [@consc197](https://wordpress.org/support/users/consc197/), Just a quick check- in to see if you have had a moment to look at my last response? * We are eager to assist you with this further [via our website](https://www.wpgmaps.com/contact-us/), if you have not gotten in touch with us yet. Viewing 2 replies - 1 through 2 (of 2 total) The topic ‘Malware’ is closed to new replies. * ![](https://ps.w.org/wp-google-maps/assets/icon-256x256.png?rev=3058363) * [WP Go Maps - Google Maps, OpenStreetMap, Leaflet Map](https://wordpress.org/plugins/wp-google-maps/) * [Frequently Asked Questions](https://wordpress.org/plugins/wp-google-maps/#faq) * [Support Threads](https://wordpress.org/support/plugin/wp-google-maps/) * [Active Topics](https://wordpress.org/support/plugin/wp-google-maps/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/wp-google-maps/unresolved/) * [Reviews](https://wordpress.org/support/plugin/wp-google-maps/reviews/) * 3 replies * 2 participants * Last reply from: [DylanAuty](https://wordpress.org/support/users/dylanauty/) * Last activity: [1 year, 4 months ago](https://wordpress.org/support/topic/malware-167/#post-18262597) * Status: resolved