WP-Safety

Easy Listings Slider Security & Risk Analysis

wordpress.org/plugins/easy-listings-slider

Easy to use and advanced slider extension for Easy Property Listings Wordpress plugin.

40 active installs v1.0.1 PHP + WP 3.9+ Updated Jan 21, 2017
easy-property-listingseasy-property-listings-extensioneasy-property-listings-extensionseasy-property-listings-sliderepl
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Easy Listings Slider Safe to Use in 2026?

Generally Safe

Score 85/100

Easy Listings Slider has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago
Risk Assessment

The "easy-listings-slider" v1.0.1 plugin presents a mixed security posture. On the positive side, it demonstrates good practices in its handling of SQL queries, exclusively using prepared statements, and shows a substantial amount of output escaping, indicating awareness of common web vulnerabilities. The absence of recorded vulnerabilities and CVEs is also a strong indicator of a generally secure codebase or diligent maintenance in the past. However, there are significant concerns regarding its attack surface. With two AJAX handlers, and notably, both of them lacking authentication checks, there's a clear entry point for unauthenticated users to potentially interact with sensitive functionality. The presence of file operations and external HTTP requests, while not inherently insecure, warrant careful review in conjunction with the unprotected AJAX endpoints. The lack of taint analysis results (0 flows analyzed) is not necessarily a weakness of the plugin itself but rather a limitation of the static analysis performed, meaning potential taint flows may have been missed. The plugin's strengths lie in its database and output handling, but the unprotected AJAX handlers represent a critical area of risk.

Key Concerns

  • Unprotected AJAX handlers
  • Low output escaping percentage
  • File operations present
  • External HTTP requests present
Vulnerabilities
None known

Easy Listings Slider Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Easy Listings Slider Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
2 prepared
Unescaped Output
117
297 escaped
Nonce Checks
2
Capability Checks
4
File Operations
1
External Requests
2
Bundled Libraries
0

SQL Query Safety

100% prepared2 total queries

Output Escaping

72% escaped414 total outputs
Attack Surface
2 unprotected

Easy Listings Slider Attack Surface

Entry Points3
Unprotected2

AJAX Handlers 2

authwp_ajax_send_subscribe_emailadmin\class-els-admin-welcome.php:43
authwp_ajax_load_listings_listadmin\metaboxes\class-els-meta-box-slider-slides.php:22

Shortcodes 1

[els_slider] public\class-els-public.php:112
WordPress Hooks 32
actionadmin_initadmin\class-els-admin-editor.php:25
actionadmin_enqueue_scriptsadmin\class-els-admin-editor.php:26
filtermce_buttonsadmin\class-els-admin-editor.php:40
filtermce_external_pluginsadmin\class-els-admin-editor.php:41
actionadmin_menuadmin\class-els-admin-menu.php:48
actionadd_meta_boxesadmin\class-els-admin-meta-boxes.php:42
actionsave_postadmin\class-els-admin-meta-boxes.php:43
actionadmin_noticesadmin\class-els-admin-notices.php:25
actionadmin_noticesadmin\class-els-admin-notices.php:26
actionadmin_initadmin\class-els-admin-notices.php:28
actioninitadmin\class-els-admin-post-types.php:25
filtermanage_edit-els_slider_columnsadmin\class-els-admin-post-types.php:28
actionmanage_els_slider_posts_custom_columnadmin\class-els-admin-post-types.php:29
actionadmin_menuadmin\class-els-admin-slider-preview.php:26
actionadmin_menuadmin\class-els-admin-welcome.php:41
actionadmin_initadmin\class-els-admin-welcome.php:42
actionadmin_enqueue_scriptsadmin\class-els-admin.php:130
actionadmin_enqueue_scriptsadmin\class-els-admin.php:131
filterplugin_row_metaadmin\class-els-admin.php:133
filteradmin_footer_textadmin\class-els-admin.php:135
actionadmin_initadmin\menus\class-els-admin-settings-menu.php:27
actionels_save_listing_metaadmin\metaboxes\class-els-meta-box-listing-gallery.php:18
actionels_save_listing_metaadmin\metaboxes\class-els-meta-box-slider-captions.php:26
filterthe_editor_contentadmin\metaboxes\class-els-meta-box-slider-captions.php:55
actionels_save_listing_metaadmin\metaboxes\class-els-meta-box-slider-data.php:26
actionels_save_listing_metaadmin\metaboxes\class-els-meta-box-slider-slides.php:20
actionplugins_loadedeasy-listings-slider.php:81
actionplugins_loadedincludes\class-easy-listings-slider.php:206
actionadmin_noticesincludes\class-epl-extension-activation.php:61
actionepl_property_gallerypublic\class-els-public-single-slider.php:38
actionwp_enqueue_scriptspublic\class-els-public.php:105
actionwp_enqueue_scriptspublic\class-els-public.php:106
Maintenance & Trust

Easy Listings Slider Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.32
Last updatedJan 21, 2017
PHP min version
Downloads3K

Community Trust

Rating20/100
Number of ratings1
Active installs40
Alternatives

Easy Listings Slider Alternatives

Easy Listings Map

Easy Listings Map

easy-listings-map

A
85

Easy to use and advanced map extension for Easy Property Listings Wordpress plugin.

100 No CVEs
Better Search Replace

Better Search Replace

better-search-replace

A
98

A simple plugin to update URLs or other text in a database.

1.0M 2 CVEs
Enable Media Replace

Enable Media Replace

enable-media-replace

A
92

Easily replace any attached image/file by simply uploading a new file in the Media Library edit view - a real time saver!

600K 7 CVEs
Search & Replace

Search & Replace

search-and-replace

A
87

Search & Replace data in your database with WordPress admin, replace domains/URLs of your WordPress installation.

100K 2 CVEs
Search Regex

Search Regex

search-regex

A
100

Search Regex adds a powerful set of search and replace functions to WordPress posts, pages, custom post types, and other data.

100K No CVEs
Developer Profile

Easy Listings Slider Developer Profile

Taher Atashbar

2 plugins · 140 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Easy Listings Slider

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/easy-listings-slider/css/els-admin-notices.css/wp-content/plugins/easy-listings-slider/css/els-public.css/wp-content/plugins/easy-listings-slider/js/els-public.js/wp-content/plugins/easy-listings-slider/js/els-admin.js/wp-content/plugins/easy-listings-slider/js/els-public.min.js/wp-content/plugins/easy-listings-slider/js/els-admin.min.js/wp-content/plugins/easy-listings-slider/css/els-admin-notices.min.css
Script Paths
/wp-content/plugins/easy-listings-slider/js/els-public.js/wp-content/plugins/easy-listings-slider/js/els-admin.js/wp-content/plugins/easy-listings-slider/js/els-public.min.js/wp-content/plugins/easy-listings-slider/js/els-admin.min.js
Version Parameters
easy-listings-slider/css/els-admin-notices.css?ver=easy-listings-slider/css/els-public.css?ver=easy-listings-slider/js/els-public.js?ver=easy-listings-slider/js/els-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
els-slider-wrapperasn-advertiseasn-adv-logoasn-adv-titleasn-adv-body
HTML Comments
<!-- If this file is called directly, abort. --><!-- The code that runs during plugin activation. --><!-- The code that runs during plugin deactivation. --><!-- The core plugin class that is used to define internationalization, -->+21 more
Data Attributes
data-utm_sourcedata-utm_medium
JS Globals
ELS_PublicELS_Admin
FAQ

Frequently Asked Questions about Easy Listings Slider