WP-Safety

All-Inclusive Vacation Rental Calculator Security & Risk Analysis

wordpress.org/plugins/all-inclusive-vacation-rental-calculator

Plugin is a comprehensive utility for admin to define all costs and fees on per property basis. Users benefit from knowing total out-of-pocket cost.

10 active installs v1.0 PHP + WP 3.3+ Updated Unknown
hotel-stay-calculatorrental-coststaystay-costvacation-rental
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is All-Inclusive Vacation Rental Calculator Safe to Use in 2026?

Generally Safe

Score 100/100

All-Inclusive Vacation Rental Calculator has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The "all-inclusive-vacation-rental-calculator" plugin v1.0 presents a mixed security posture. While it shows a strong adherence to secure coding practices with a high percentage of properly escaped outputs and prepared SQL statements, there are significant concerns regarding its attack surface and data handling. The presence of multiple unprotected AJAX handlers is a major red flag, as these can be entry points for attackers. Furthermore, the taint analysis revealing four high-severity flows with unsanitized paths indicates a potential for serious security vulnerabilities, even if no specific CVEs have been recorded yet. The lack of recorded vulnerabilities in its history is a positive sign, suggesting that the developers may have been fortunate or that previous versions were not widely targeted or thoroughly audited. However, this history should not breed complacency given the current findings.

Key Concerns

  • Unprotected AJAX handlers
  • High severity taint flows without sanitization
  • Use of create_function
  • Lack of capability checks
Vulnerabilities
None known

All-Inclusive Vacation Rental Calculator Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

All-Inclusive Vacation Rental Calculator Release Timeline

No version history available.
Code Analysis
Analyzed Mar 16, 2026

All-Inclusive Vacation Rental Calculator Code Analysis

Dangerous Functions
1
Raw SQL Queries
2
10 prepared
Unescaped Output
7
77 escaped
Nonce Checks
2
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Dangerous Functions Found

create_functionadd_action( 'plugins_loaded', create_function( '', '$ppcde_admin_side = new ppcde_plugin_admin;' ) )ppcde_admin.php:561

SQL Query Safety

83% prepared12 total queries

Output Escaping

92% escaped84 total outputs
Data Flows
4 unsanitized

Data Flow Analysis

5 flows4 with unsanitized paths
<ppcde_admin> (ppcde_admin.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
3 unprotected

All-Inclusive Vacation Rental Calculator Attack Surface

Entry Points4
Unprotected3

AJAX Handlers 3

authwp_ajax_getspecificrecordppcde_settings.php:81
noprivwp_ajax_getspecificrecordppcde_settings.php:82
authwp_ajax_ppcode_locationdatappcde_settings.php:83

Shortcodes 1

[pp-code-vacation] ppcde_main.php:5
WordPress Hooks 9
actioninitppcde_admin.php:191
actioninitppcde_admin.php:192
actionadmin_initppcde_admin.php:193
actionadmin_initppcde_admin.php:194
actionadmin_initppcde_admin.php:195
actionadmin_menuppcde_admin.php:196
actionplugins_loadedppcde_admin.php:561
actioninitppcde_main.php:2
actionwp_enqueue_scriptsppcde_settings.php:26
Maintenance & Trust

All-Inclusive Vacation Rental Calculator Maintenance & Trust

Maintenance Signals

WordPress version tested4.8.28
Last updatedUnknown
PHP min version
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

All-Inclusive Vacation Rental Calculator Alternatives

Booking Engine by Lodgify

Booking Engine by Lodgify

lodgify-booking-engine

A
92

Easy to use booking engine for your vacation rental website. List your rentals on your site and save on commissions (from big OTA's).

700 No CVEs
OwnerRez

OwnerRez

ownerrez

A
98

The official WordPress plugin for the OwnerRez API.

700 2 CVEs
Vacation Rental Calendar

Vacation Rental Calendar

vr-calendar

A
85

An availability calendar for vacation rentals driven from any calendar that exports iCal (HomeAway, VRBO, Flipkey, AirBnB etc.).

70 No CVEs
Hotels & Airbnbs Map

Hotels & Airbnbs Map

hotels-airbnb-map

A
85

Show the best places to stay near your event

50 No CVEs
bbPress Support Forum Checked by Default

bbPress Support Forum Checked by Default

bbpress-support-forum-checked-by-default

A
85

Checks the "This is a support topic" checkbox by default on bbpress support forums.

10 No CVEs
Developer Profile

All-Inclusive Vacation Rental Calculator Developer Profile

Qasim Jan

3 plugins · 30 total installs

87
trust score
Avg Security Score
90/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect All-Inclusive Vacation Rental Calculator

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/all-inclusive-vacation-rental-calculator/css/ppcde_style.css/wp-content/plugins/all-inclusive-vacation-rental-calculator/css/bootstrap.min.css/wp-content/plugins/all-inclusive-vacation-rental-calculator/js/ppcde_script.js/wp-content/plugins/all-inclusive-vacation-rental-calculator/js/bootstrap.min.js
Version Parameters
all-inclusive-vacation-rental-calculator/css/ppcde_style.css?ver=all-inclusive-vacation-rental-calculator/css/bootstrap.min.css?ver=all-inclusive-vacation-rental-calculator/js/ppcde_script.js?ver=all-inclusive-vacation-rental-calculator/js/bootstrap.min.js?ver=

HTML / DOM Fingerprints

JS Globals
ppcde_ajax_object
REST Endpoints
/wp-json/ppcde/v1/location-data
Shortcode Output
[pp-code-vacation]
FAQ

Frequently Asked Questions about All-Inclusive Vacation Rental Calculator