As written in the changelog of v2.4, my plugin was audited by the City of Vienna and a few days later used on http://www.charta.wien.gv.at/ – an official Viennese site monitoring e-participation projects. During this security audit, several security issues were fixed.
I didn´t disclose the details of these bugs (you can although reconstruct them through github), but now I noticed, that Secunia published an advisory confirming the fix of these security issues. A few hours later, I received an Google alert from a Hacking archive, giving instructions on how to exploit those security issues which were fixed with v2.4.
So if you still use Leaflet Maps Marker with a version smaller than 2.4, I strongly advise you to update the plugin immediately.
Security was a big concern for me from the beginning of the development of this plugin. I tried to include every WordPress security best practices I read about – from nounces for forms, prepared statements or input/output validations. Nethertheless – security is a process and I will try to further improve the quality of the plugin, so that it is not only easy but also safe to use.
Any feedback is welcome!