WP-Safety

ERE Download Document Security & Risk Analysis

wordpress.org/plugins/ere-download-document

ERE Download Document use for collect name and email of customer before download attachment.

200 active installs v1.0.1 PHP 7.2+ WP 5.0+ Updated Jul 15, 2021
agencyagentessential-real-estatepropertyreal-estate
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is ERE Download Document Safe to Use in 2026?

Generally Safe

Score 85/100

ERE Download Document has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago
Risk Assessment

The ere-download-document v1.0.1 plugin exhibits a generally good security posture, with several positive indicators. The absence of known CVEs and a strong adherence to secure coding practices like output escaping and the use of prepared statements for SQL queries are commendable. The static analysis also reveals a good practice of implementing nonce checks for its AJAX handlers, and there are no reported vulnerabilities in its history. However, a critical area of concern identified by the taint analysis is a flow with an unsanitized path, which could potentially be exploited if a malicious actor can influence the input leading to this flow.

While the plugin's attack surface is limited and all identified entry points have some form of authentication, the presence of a single high-severity taint flow with an unsanitized path warrants attention. This indicates a potential weakness that, while not yet exploited or publicly known, requires mitigation. The vulnerability history being clean is a positive sign, suggesting a responsible development team or a lack of historical security issues. Overall, the plugin is well-secured in many aspects, but the identified taint flow represents a significant, albeit singular, security risk that should be addressed.

Key Concerns

  • High severity taint flow with unsanitized path
Vulnerabilities
None known

ERE Download Document Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

ERE Download Document Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
2 prepared
Unescaped Output
1
47 escaped
Nonce Checks
4
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

jQuery

SQL Query Safety

67% prepared3 total queries

Output Escaping

98% escaped48 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

3 flows1 with unsanitized paths
save_settings (inc\admin.class.php:65)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

ERE Download Document Attack Surface

Entry Points4
Unprotected0

AJAX Handlers 4

noprivwp_ajax_ered_download_documentinc\ajax.class.php:23
authwp_ajax_ered_download_documentinc\ajax.class.php:24
authwp_ajax_ered_change_emailinc\ajax.class.php:27
authwp_ajax_ered_delete_emailinc\ajax.class.php:28
WordPress Hooks 8
actionplugins_loadedere-download-document.php:45
actionadmin_menuinc\admin.class.php:22
actionwp_loadedinc\admin.class.php:23
actioninitinc\assets.class.php:22
actionwp_enqueue_scriptsinc\assets.class.php:23
actionadmin_enqueue_scriptsinc\assets.class.php:24
actioninitinc\database.class.php:20
actionwp_footerinc\functions.php:2
Maintenance & Trust

ERE Download Document Maintenance & Trust

Maintenance Signals

WordPress version tested5.7.15
Last updatedJul 15, 2021
PHP min version7.2
Downloads9K

Community Trust

Rating0/100
Number of ratings0
Active installs200
Alternatives

ERE Download Document Alternatives

ERE Colors – Essential Real Estate Add-On

ERE Colors – Essential Real Estate Add-On

ere-colors

A
92

ERE Colors - Essential Real Estate Add-On is the most efficient way to re-color your real estate website. It provides 3 color pickers: Accent Color, C …

1K No CVEs
ERE Recently Viewed – Essential Real Estate Add-On

ERE Recently Viewed – Essential Real Estate Add-On

ere-recently-viewed

A
90

ERE Recently Viewed - Essential Real Estate Add-On shows properties viewed by a visitor as a responsive sidebar widget or in post/page using shortcode

1K 1 CVE
ERE Similar Properties – Essential Real Estate Add-On

ERE Similar Properties – Essential Real Estate Add-On

ere-similar-properties

A
92

ERE Similar Properties displays a list of properties that are similar or related to the current property listing

1K No CVEs
Essential Real Estate

Essential Real Estate

essential-real-estate

F
17

Completely plugins Real Estate. Management system which allows you to own and maintain a real estate marketplace, intro website.

8K 3 unpatched
Property Hive

Property Hive

propertyhive

B
82

Building a property website? Property Hive has everything you need to get started, and so much more.

3K 18 CVEs
Developer Profile

ERE Download Document Developer Profile

g5theme

8 plugins · 19K total installs

64
trust score
Avg Security Score
79/100
Avg Patch Time
157 days
View full developer profile
Detection Fingerprints

How We Detect ERE Download Document

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/ere-download-document/assets/css/ered.css/wp-content/plugins/ere-download-document/assets/js/ered.js/wp-content/plugins/ere-download-document/assets/css/ered-admin.css/wp-content/plugins/ere-download-document/assets/js/ered-admin.js
Version Parameters
ere-download-document/assets/css/ered.css?ver=ere-download-document/assets/js/ered.js?ver=ere-download-document/assets/css/ered-admin.css?ver=ere-download-document/assets/js/ered-admin.js?ver=

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about ERE Download Document