How to verify the integrity of a plugin package


User guides


Installation and setup

We add a hash value processed on each plugin package file to add a way to check that the content is transferred OK and has not been damaged during the download process.

In addition if you did not obtain the Maps Marker Pro plugin package directly from you can verify that no files have been edited and e.g. malware has been added.

If you are unfamiliar with verifying file hashes, the easiest way to verify the integrity of the plugin package is to proceed as follows:

  1. Open
  2. Upload the plugin package ( you want to verify:
  3. As next steps, a SHA-256-checksum gets generated and in addition the package also gets scanned for known viruses (useful if you retrieved the package from another source than
  4. open the file with all SHA-256 hash values for all plugin packages and compare the hash value in that file with the hash value generated by virustotal. If the values are different, do not install the package and re-download the original package from instead.

In order to add another security layer, we additionally signed the file with all SHA-256 hashes with our PGP-release-key (for the unlikely case that the hash file on got compromised). To verify the digital signature of the file, please proceed as follows:

  1. Download our PGP Public Key from and add the certificate to your keystore
  2. Download the signature file from
  3. Use the signature file to verify the file with all hashes from

Please note that there are different tools available for executing that signature verification, for Windows I recommend the freeware tool – a good overview of other plattforms and tools can be found at

Updated on 29 May 2022