Does Estatik Real Estate Plugin have any unpatched vulnerabilities?

Yes — Estatik Real Estate Plugin currently has 2 published unpatched vulnerabilities. We recommend switching to an alternative or applying any available workarounds.

Is Estatik Real Estate Plugin compatible with WordPress 6.9.4?

According to WordPress.org data, Estatik Real Estate Plugin 4.3.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Estatik Real Estate Plugin compatible with PHP 5.6+?

Estatik Real Estate Plugin requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Estatik Real Estate Plugin updated?

Estatik Real Estate Plugin was last updated on Apr 8, 2026. Frequent updates are generally a positive security signal.

What is Estatik Real Estate Plugin's security score?

Estatik Real Estate Plugin has a WP-Safety security score of 31/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Estatik Real Estate Plugin Security & Risk Analysis

wordpress.org/plugins/estatik

You will love its clean design, simple use, and colorful themes. WordPress real estate plugin Estatik is a worthy choice for single agents and portals …

10K active installs v4.3.1 PHP 5.6+ WP 5.4+ Updated Apr 8, 2026

idxlistingsmlsreal-estaterets

D · High Risk

CVEs total7

Unpatched2

Last CVEOct 16, 2025

Plugin page Download

Safety Verdict

Is Estatik Real Estate Plugin Safe to Use in 2026?

High Risk

Score 31/100

Estatik Real Estate Plugin carries significant security risk with 7 known CVEs, 2 still unpatched. Consider switching to a maintained alternative.

7 known CVEs 2 unpatched Last CVE: Oct 16, 2025Updated 1mo ago

Risk Assessment

The Estatik plugin v4.3.0 exhibits a concerning security posture, marked by a significant number of unprotected AJAX handlers and a history of serious vulnerabilities. While the plugin employs nonce checks and capability checks in a reasonable number of instances, the presence of 8 AJAX handlers without authentication is a major red flag, creating a substantial attack surface that could be exploited by unauthenticated users. The static analysis also reveals dangerous functions like `unserialize` and a high percentage of unsanitized taint flows (5 out of 7 analyzed), with 5 identified as high severity, indicating potential for critical exploits such as Remote Code Execution or Cross-Site Scripting. The vulnerability history further amplifies these concerns, with 7 known CVEs including 2 critical and 2 high severity issues, and critically, 2 CVEs that remain unpatched. This pattern suggests a recurring struggle with robust security practices and timely remediation of discovered flaws, making the plugin a high-risk component.

Key Concerns

Unprotected AJAX handlers
High severity unsanitized taint flows
Presence of dangerous functions (unserialize)
Low percentage of properly escaped output
Unpatched critical CVEs
Unpatched high severity CVEs
Vulnerability history of critical/high severity

Vulnerabilities

7 published

Estatik Real Estate Plugin Security Vulnerabilities

CVEs by Year

2 CVEs in 2016

2016

2 CVEs in 2023

2023

1 CVE in 2024

2024

2 CVEs in 2025 · unpatched

2025

Patched Has unpatched

Severity Breakdown

Critical

High

Medium

7 total CVEs

CVE-2025-62963medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Estatik <= 4.1.13 - Authenticated (Contributor+) Stored Cross-Site Scripting

Oct 16, 2025Unpatched

CVE-2025-26905high · 8.8Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

Estatik <= 4.1.9 - Authenticated (Contributor+) Local File Inclusion

Feb 23, 2025Unpatched

CVE-2023-6050medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Estatik Real Estate Plugin <= 4.1.0 - Reflected Cross-Site Scripting

Jan 25, 2024 Patched in 4.1.1 (13d)

CVE-2023-6048medium · 5.4Missing Authorization

Estatik Real Estate Plugin <= 4.1.0 - Missing Authorization to Limited Arbitrary Options Update

Dec 25, 2023 Patched in 4.1.1 (44d)

CVE-2023-6049critical · 9.8Deserialization of Untrusted Data

Estatik Real Estate Plugin <= 4.1.0 - Unauthenticated PHP Object Injection

Dec 25, 2023 Patched in 4.1.1 (44d)

CVE-2016-10959high · 8.8Cross-Site Request Forgery (CSRF)

Estatik <= 2.3.0 - Cross-Site Request Forgery to Arbitrary File Upload

Aug 1, 2016 Patched in 2.3.1 (2731d)

CVE-2016-10958critical · 9.8Unrestricted Upload of File with Dangerous Type

Estatik <= 2.2.5 - Unauthenticated Arbitrary File Upload

Aug 1, 2016 Patched in 2.3.1 (2878d)

Version History

Estatik Real Estate Plugin Release Timeline

v3.11.145 CVEs

CVE-2023-6050 CVE-2023-6048 CVE-2023-6049 +2 more

v3.9.65 CVEs

CVE-2023-6050 CVE-2023-6048 CVE-2023-6049 +2 more

v3.9.15 CVEs

CVE-2023-6050 CVE-2023-6048 CVE-2023-6049 +2 more

v3.9.05 CVEs

CVE-2023-6050 CVE-2023-6048 CVE-2023-6049 +2 more

v3.8.95 CVEs

CVE-2023-6050 CVE-2023-6048 CVE-2023-6049 +2 more

v3.8.85 CVEs

CVE-2023-6050 CVE-2023-6048 CVE-2023-6049 +2 more

v3.8.75 CVEs

CVE-2023-6050 CVE-2023-6048 CVE-2023-6049 +2 more

v3.8.65 CVEs

CVE-2023-6050 CVE-2023-6048 CVE-2023-6049 +2 more

v3.8.55 CVEs

CVE-2023-6050 CVE-2023-6048 CVE-2023-6049 +2 more

v3.8.45 CVEs

CVE-2023-6050 CVE-2023-6048 CVE-2023-6049 +2 more

v3.8.35 CVEs

CVE-2023-6050 CVE-2023-6048 CVE-2023-6049 +2 more

v3.8.25 CVEs

CVE-2023-6050 CVE-2023-6048 CVE-2023-6049 +2 more

v3.8.15 CVEs

CVE-2023-6050 CVE-2023-6048 CVE-2023-6049 +2 more

v3.8.05 CVEs

CVE-2023-6050 CVE-2023-6048 CVE-2023-6049 +2 more

v3.7.25 CVEs

CVE-2023-6050 CVE-2023-6048 CVE-2023-6049 +2 more

v3.7.15 CVEs

CVE-2023-6050 CVE-2023-6048 CVE-2023-6049 +2 more

v3.7.05 CVEs

CVE-2023-6050 CVE-2023-6048 CVE-2023-6049 +2 more

v3.6.65 CVEs

CVE-2023-6050 CVE-2023-6048 CVE-2023-6049 +2 more

v3.6.55 CVEs

CVE-2023-6050 CVE-2023-6048 CVE-2023-6049 +2 more

v3.6.45 CVEs

CVE-2023-6050 CVE-2023-6048 CVE-2023-6049 +2 more

Code Analysis

Analyzed Mar 16, 2026

Estatik Real Estate Plugin Code Analysis

Dangerous Functions

Raw SQL Queries

27 prepared

Unescaped Output

410

217 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize'options' => unserialize( $minor_field->options ),includes\classes\class-plugin-migration.php:268

unserialize$result = unserialize( $_COOKIE[ $this->get_key_name() ], array( 'allowed_classes' => false ) );includes\classes\helpers\class-cookies-container.php:81

unserialize$wishlist = unserialize( $_COOKIE[ $this->get_key_name() ], array( 'allowed_classes' => false ) );includes\classes\wishlist\class-wishlist-cookie.php:47

unserialize$data = unserialize( wp_unslash( $_COOKIE[ $this->get_key_name() ] ), array( 'allowed_classes' => faincludes\classes\wishlist\class-wishlist-cookie.php:63

assertassert( is_array( $array ) );includes\helper-functions.php:2011

Bundled Libraries

Select2

SQL Query Safety

63% prepared43 total queries

Output Escaping

35% escaped627 total outputs

Data Flows · Security

5 unsanitized

Data Flow Analysis

7 flows5 with unsanitized paths

dismiss_notices (includes\classes\class-admin-init.php:20)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

8 unprotected

Estatik Real Estate Plugin Attack Surface

Entry Points44

Unprotected8

AJAX Handlers 44

authwp_ajax_es_save_fieldincludes\ajax.php:3

authwp_ajax_es_get_terms_creatorincludes\ajax.php:26

authwp_ajax_es_get_locationsincludes\ajax.php:64

noprivwp_ajax_es_get_locationsincludes\ajax.php:65

authwp_ajax_es_wishlist_actionincludes\ajax.php:90

noprivwp_ajax_es_wishlist_actionincludes\ajax.php:91

authwp_ajax_es_get_property_itemincludes\ajax.php:136

noprivwp_ajax_es_get_property_itemincludes\ajax.php:137

authwp_ajax_es_search_address_componentsincludes\ajax.php:186

noprivwp_ajax_es_search_address_componentsincludes\ajax.php:187

authwp_ajax_es_save_searchincludes\ajax.php:230

authwp_ajax_es_remove_saved_searchincludes\ajax.php:257

authwp_ajax_get_listingsincludes\ajax.php:298

noprivwp_ajax_get_listingsincludes\ajax.php:299

authwp_ajax_es_dismiss_noticesincludes\classes\class-admin-init.php:17

authwp_ajax_es_framework_attachment_save_captionincludes\classes\framework\ajax.php:3

authwp_ajax_es_framework_upload_fileincludes\classes\framework\ajax.php:32

authwp_ajax_es_terms_creator_add_termincludes\classes\pages\admin\class-data-manager-page.php:17

authwp_ajax_es_data_manager_delete_termsincludes\classes\pages\admin\class-data-manager-page.php:18

authwp_ajax_es_data_manager_get_formincludes\classes\pages\admin\class-data-manager-page.php:19

authwp_ajax_es_data_manager_get_creatorincludes\classes\pages\admin\class-data-manager-page.php:20

authwp_ajax_es_data_manager_get_listincludes\classes\pages\admin\class-data-manager-page.php:21

authwp_ajax_es_data_manager_restore_termincludes\classes\pages\admin\class-data-manager-page.php:22

authwp_ajax_es_fields_builder_get_field_formincludes\classes\pages\admin\class-fields-builder-page.php:16

authwp_ajax_es_fields_builder_get_section_formincludes\classes\pages\admin\class-fields-builder-page.php:17

authwp_ajax_es_fields_builder_save_fieldincludes\classes\pages\admin\class-fields-builder-page.php:19

authwp_ajax_es_fields_builder_save_sectionincludes\classes\pages\admin\class-fields-builder-page.php:20

authwp_ajax_es_fields_builder_delete_fieldincludes\classes\pages\admin\class-fields-builder-page.php:22

authwp_ajax_es_fields_builder_delete_sectionincludes\classes\pages\admin\class-fields-builder-page.php:23

authwp_ajax_es_fields_builder_change_items_orderincludes\classes\pages\admin\class-fields-builder-page.php:25

authwp_ajax_es_fields_builder_get_field_settingsincludes\classes\pages\admin\class-fields-builder-page.php:27

authwp_ajax_es_fields_builder_get_fields_tabincludes\classes\pages\admin\class-fields-builder-page.php:28

authwp_ajax_es_fields_builder_get_sectionsincludes\classes\pages\admin\class-fields-builder-page.php:29

authwp_ajax_es_fields_builder_restore_fieldincludes\classes\pages\admin\class-fields-builder-page.php:30

authwp_ajax_es_fields_builder_restore_sectionincludes\classes\pages\admin\class-fields-builder-page.php:31

authwp_ajax_es_migrationincludes\classes\pages\admin\class-migration-page.php:12

authwp_ajax_es_property_quick_edit_formincludes\classes\pages\admin\class-properties-archive-page.php:27

authwp_ajax_es_property_quick_edit_bulk_formincludes\classes\pages\admin\class-properties-archive-page.php:28

authwp_ajax_es_settings_create_pageincludes\classes\pages\admin\class-settings-page.php:15

authwp_ajax_es_save_settingsincludes\classes\pages\admin\class-settings-page.php:16

authwp_ajax_es_profile_save_infoincludes\classes\pages\front\class-profile-page.php:12

authwp_ajax_es_profile_save_pwdincludes\classes\pages\front\class-profile-page.php:13

authwp_ajax_es_submit_request_formincludes\classes\shortcodes\class-request-form-shortcode.php:231

noprivwp_ajax_es_submit_request_formincludes\classes\shortcodes\class-request-form-shortcode.php:232

WordPress Hooks 141

filterblock_categories_allincludes\classes\blocks\class-block-categories.php:26

actionenqueue_block_editor_assetsincludes\classes\blocks\class-blocks.php:44

actionwp_enqueue_scriptsincludes\classes\blocks\class-blocks.php:45

actionenqueue_block_editor_assetsincludes\classes\blocks\class-blocks.php:48

actionenqueue_block_editor_assetsincludes\classes\blocks\class-blocks.php:49

actioninitincludes\classes\blocks\class-blocks.php:96

actionwpincludes\classes\class-admin-init.php:12

actiones_admin_page_barincludes\classes\class-admin-init.php:13

filtercron_schedulesincludes\classes\class-admin-init.php:14

actiones_remote_admin_noticesincludes\classes\class-admin-init.php:15

actionadmin_noticesincludes\classes\class-admin-init.php:16

actionadmin_menuincludes\classes\class-admin-menu.php:12

actionwp_enqueue_scriptsincludes\classes\class-assets-init.php:14

actionadmin_enqueue_scriptsincludes\classes\class-assets-init.php:15

actionwp_enqueue_scriptsincludes\classes\class-assets-init.php:17

actionadmin_enqueue_scriptsincludes\classes\class-assets-init.php:18

filterscript_loader_srcincludes\classes\class-assets-init.php:20

actioninitincludes\classes\class-auth-init.php:17

actioninitincludes\classes\class-auth-init.php:18

actioninitincludes\classes\class-auth-init.php:19

actioninitincludes\classes\class-auth-init.php:20

actioninitincludes\classes\class-auth-init.php:23

actiones_register_new_buyerincludes\classes\class-auth-init.php:26

filterwp_new_user_notification_email_adminincludes\classes\class-auth-init.php:160

filterwp_new_user_notification_emailincludes\classes\class-auth-init.php:161

filterwp_new_user_notification_emailincludes\classes\class-auth-init.php:162

actionregister_new_userincludes\classes\class-auth-init.php:165

filterwp_password_change_notification_emailincludes\classes\class-auth-init.php:355

actionet_builder_readyincludes\classes\class-divi.php:14

filteret_fb_load_raw_post_contentincludes\classes\class-divi.php:15

actionelementor/controls/registerincludes\classes\class-elementor.php:16

actionelementor/widgets/widgets_registeredincludes\classes\class-elementor.php:17

actionelementor/elements/categories_registeredincludes\classes\class-elementor.php:18

actionelementor/editor/before_enqueue_scriptsincludes\classes\class-elementor.php:19

actionelementor/editor/before_enqueue_scriptsincludes\classes\class-elementor.php:20

actionelementor/editor/before_enqueue_scriptsincludes\classes\class-elementor.php:21

filterelementor/widgets/black_listincludes\classes\class-elementor.php:22

actionelementor/documents/registerincludes\classes\class-elementor.php:23

actionelementor/db/before_saveincludes\classes\class-elementor.php:24

actiones_logoincludes\classes\class-estatik-logo.php:12

actionplugins_loadedincludes\classes\class-estatik.php:23

actioninitincludes\classes\class-migrations.php:21

actionrest_api_initincludes\classes\class-polylang-init.php:12

actionadd_meta_boxesincludes\classes\class-polylang-init.php:13

filterwp_generate_attachment_metadataincludes\classes\class-polylang-init.php:14

actionpll_save_postincludes\classes\class-polylang-init.php:15

actionadmin_noticesincludes\classes\class-polylang-init.php:94

actioninitincludes\classes\class-post-types.php:14

actioninitincludes\classes\class-taxonomies.php:14

filtertemplate_includeincludes\classes\class-template-loader.php:32

filterthe_contentincludes\classes\class-template-loader.php:33

filterpost_thumbnail_htmlincludes\classes\class-template-loader.php:34

actionloop_startincludes\classes\class-template-loader.php:36

actionloop_endincludes\classes\class-template-loader.php:37

actioninitincludes\classes\class-template-loader.php:150

actionadd_meta_boxesincludes\classes\meta-boxes\class-entity-fields-meta-box.php:37

filteradmin_body_classincludes\classes\meta-boxes\class-entity-fields-meta-box.php:46

filterhttp_request_timeoutincludes\classes\pages\admin\class-dashboard-page.php:18

actiones_data_manager_contentincludes\classes\pages\admin\class-data-manager-page.php:16

actioninitincludes\classes\pages\admin\class-demo-page.php:12

actionadmin_enqueue_scriptsincludes\classes\pages\admin\class-entities-archive-page.php:45

actionpre_get_postsincludes\classes\pages\admin\class-entities-archive-page.php:46

actionmanage_posts_extra_tablenavincludes\classes\pages\admin\class-entities-archive-page.php:47

filteradmin_body_classincludes\classes\pages\admin\class-entities-archive-page.php:48

actioninitincludes\classes\pages\admin\class-entities-archive-page.php:56

actiones_fields_builder_fields_tabincludes\classes\pages\admin\class-fields-builder-page.php:14

actiones_fields_builder_field_settingsincludes\classes\pages\admin\class-fields-builder-page.php:33

actiones_fields_builder_section_settingsincludes\classes\pages\admin\class-fields-builder-page.php:34

actionnetwork_admin_noticesincludes\classes\pages\admin\class-properties-archive-page.php:20

actionuser_admin_noticesincludes\classes\pages\admin\class-properties-archive-page.php:21

actionadmin_noticesincludes\classes\pages\admin\class-properties-archive-page.php:22

filterviews_edit-propertiesincludes\classes\pages\admin\class-properties-archive-page.php:25

actionadmin_menuincludes\classes\pages\admin\class-settings-page.php:14

actioninitincludes\classes\shortcodes\class-shortcodes.php:14

actionwidgets_initincludes\classes\widgets\class-widget.php:23

actiones_after_single_contentincludes\entity-functions.php:160

filterthe_excerptincludes\hooks.php:17

actiones_search_render_fieldincludes\hooks.php:277

actionadmin_bar_menuincludes\hooks.php:296

actiones_privacy_policyincludes\hooks.php:361

actiones_recaptchaincludes\hooks.php:445

filteres_settings_get_available_valuesincludes\hooks.php:468

actionwp_footerincludes\hooks.php:478

actionsave_post_pageincludes\hooks.php:497

actionpre_get_avatarincludes\hooks.php:541

filterdisplay_post_statesincludes\hooks.php:566

actiones_after_single_property_contentincludes\hooks.php:585

actiones_after_listingsincludes\hooks.php:599

actiones_after_single_contentincludes\hooks.php:600

actiones_after_authenticationincludes\hooks.php:601

actiones_after_profileincludes\hooks.php:602

actionlogin_enqueue_scriptsincludes\hooks.php:625

filterterm_linkincludes\hooks.php:649

filterrequestincludes\hooks.php:694

filterpost_thumbnail_htmlincludes\hooks.php:709

actionpre_delete_termincludes\hooks.php:732

filteres_property_get_field_valueincludes\hooks.php:752

filteres_property_save_field_valueincludes\hooks.php:778

actiones_property_after_save_fieldsincludes\hooks.php:798

actionsave_post_propertiesincludes\hooks.php:832

filteres_get_the_formatted_fieldincludes\hooks.php:864

actionbefore_delete_postincludes\hooks.php:887

filterpost_classincludes\hooks.php:904

filtersanitize_titleincludes\hooks.php:934

actionactivated_pluginincludes\hooks.php:950

filterwpm_load_configincludes\hooks.php:967

actioninitincludes\hooks.php:980

filteret_builder_third_party_post_typesincludes\hooks.php:991

filteret_get_option_et_divi_divi_thumbnailsincludes\hooks.php:1005

filteres_property_default_fieldsincludes\hooks.php:1037

actiones_activationincludes\hooks.php:1045

filterlostpassword_urlincludes\hooks.php:1059

filterwp_kses_allowed_htmlincludes\hooks.php:1083

filterupload_mimesincludes\hooks.php:1095

filterwp_check_filetype_and_extincludes\hooks.php:1120

actionpmxi_saved_postincludes\hooks.php:1145

actionpmxi_saved_postincludes\hooks.php:1167

actionpmxi_saved_postincludes\hooks.php:1179

actionpmxi_saved_postincludes\hooks.php:1211

actionpre_get_postsincludes\hooks.php:1228

filteres_get_properties_range_fieldsincludes\hooks.php:1249

filterterm_linkincludes\hooks.php:1275

actiones_after_save_propertyincludes\hooks.php:1306

actioninitincludes\hooks.php:1316

actionpre_get_postsincludes\hooks.php:1517

actionwidgets_initincludes\hooks.php:1536

actionwp_headincludes\hooks.php:1596

filteres_get_the_formatted_fieldincludes\hooks.php:1616

actionplugins_loadedincludes\loop-functions.php:326

actionelementor/widget/before_render_contentincludes\loop-functions.php:328

actiones_single_property_sectionincludes\property-functions.php:137

actiones_property_badgesincludes\property-functions.php:149

actiones_property_metaincludes\property-functions.php:161

actiones_property_controlincludes\property-functions.php:183

actiones_single_property_layoutincludes\property-functions.php:198

actiones_sort_dropdownincludes\property-functions.php:226

actiones_layoutsincludes\property-functions.php:239

actiones_before_listingsincludes\property-functions.php:255

actiones_properties_no_found_postsincludes\property-functions.php:883

actiones_property_breadcrumbsincludes\property-functions.php:898

actiones_property_breadcrumbsincludes\property-functions.php:974

Scheduled Events 1

es_remote_admin_notices

Maintenance & Trust

Estatik Real Estate Plugin Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedApr 8, 2026

PHP min version5.6

Downloads377K

Community Trust

Rating90/100

Number of ratings183

Active installs10K

Alternatives

Estatik Real Estate Plugin Alternatives

Diverse Solutions IDX Real Estate Listings & MLS Search

dsidxpress

100

Easily add mobile and SEO-friendly MLS listings to your website to attract & engage visitors, plus lead capture tools to turn them into clients.

1K 1 CVE

SimplyRETS Real Estate IDX

simply-rets

Show your MLS listings on your website, simply! We make it easy add your listings to your website with full control. Contact us to get started today.

300 3 CVEs

My IDX Home Search

my-idx-home-search

Supercharge your real estate website for lead generation with a powerful IDX Home Search made by the creators of the leading MLS search for Facebook.

200 2 CVEs

PeakIDX Real Estate Search & Lead Generation

peakidx-real-estate

100

Best In Class Website IDX - Premiere Search & Lead Generation for Real Estate Professionals

0 No CVEs

Optima Express IDX

optima-express

100

Embed real estate property listings, market reports & MLS data on your WordPress site. Responsive design, great SEO & proven lead capture.

8K 1 CVE

Developer Profile

Estatik Real Estate Plugin Developer Profile

Estatik

2 plugins · 11K total installs

trust score

Avg Security Score

32/100

Avg Patch Time

952 days

View full developer profile

Detection Fingerprints

How We Detect Estatik Real Estate Plugin

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/estatik/admin/css/admin.min.css/wp-content/plugins/estatik/admin/js/admin.min.js/wp-content/plugins/estatik/admin/js/property-metabox.min.js/wp-content/plugins/estatik/admin/css/locations.min.css/wp-content/plugins/estatik/common/select2/select2.full.min.js/wp-content/plugins/estatik/common/select2/select2.min.css/wp-content/plugins/estatik/common/estatik-popup/estatik-popup.css/wp-content/plugins/estatik/public/css/responsive.css+14 more

Script Paths

/wp-content/plugins/estatik/admin/js/admin.min.js/wp-content/plugins/estatik/admin/js/property-metabox.min.js/wp-content/plugins/estatik/common/select2/select2.full.min.js/wp-content/plugins/estatik/public/js/frontend.min.js/wp-content/plugins/estatik/public/js/single-property.min.js/wp-content/plugins/estatik/public/js/listing.min.js+8 more

Version Parameters

estatik/admin/css/admin.min.css?ver=estatik/admin/js/admin.min.js?ver=estatik/admin/js/property-metabox.min.js?ver=estatik/admin/css/locations.min.css?ver=estatik/common/select2/select2.full.min.js?ver=estatik/common/select2/select2.min.css?ver=estatik/common/estatik-popup/estatik-popup.css?ver=estatik/public/css/responsive.css?ver=estatik/public/css/main.min.css?ver=estatik/public/css/colors.css?ver=estatik/public/css/map-styles.css?ver=estatik/public/js/frontend.min.js?ver=estatik/public/js/single-property.min.js?ver=estatik/public/js/listing.min.js?ver=estatik/public/js/property-map.min.js?ver=estatik/public/js/single-property-gallery.min.js?ver=estatik/common/js/magnific-popup/jquery.magnific-popup.min.js?ver=estatik/common/js/slick/slick.min.js?ver=estatik/common/js/jquery.form.min.js?ver=estatik/common/js/jquery.validate.min.js?ver=estatik/common/js/jquery.matchHeight.js?ver=estatik/common/js/masonry.pkgd.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

es-pricees-property-galleryes-listinges-single-propertyes-map-wrapperes-widget-areaes-property-metaes-property-agent+5 more

HTML Comments

Data Attributes

data-plugin-name="Estatik"data-version="4.3.0"data-plugin-path="/wp-content/plugins/estatik/"data-es-currency-symboldata-es-price-formatdata-es-map-type+4 more

JS Globals

Estatikes_varses_form_vars

REST Endpoints

/wp-json/estatik/v1/properties/wp-json/estatik/v1/locations/wp-json/estatik/v1/agents

Shortcode Output

[estatik_property_list][estatik_property_detail][estatik_search_form][estatik_map]

FAQ

Estatik Real Estate Plugin Security & Risk Analysis

Is Estatik Real Estate Plugin Safe to Use in 2026?

High Risk

Key Concerns

Estatik Real Estate Plugin Security Vulnerabilities

CVEs by Year

Severity Breakdown

Estatik Real Estate Plugin Release Timeline

Estatik Real Estate Plugin Code Analysis

Dangerous Functions Found

Bundled Libraries

SQL Query Safety

Output Escaping

Data Flow Analysis

Estatik Real Estate Plugin Attack Surface

AJAX Handlers 44

Scheduled Events 1

Estatik Real Estate Plugin Maintenance & Trust

Maintenance Signals

Community Trust

Estatik Real Estate Plugin Alternatives

Diverse Solutions IDX Real Estate Listings & MLS Search

SimplyRETS Real Estate IDX

My IDX Home Search

PeakIDX Real Estate Search & Lead Generation

Optima Express IDX

Estatik Real Estate Plugin Developer Profile

How We Detect Estatik Real Estate Plugin

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Estatik Real Estate Plugin