[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$feLOnhc31mog6MjyQ21mq_3YOaVW5h-wr7z1Rdgjqx-s":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":19,"download_link":20,"security_score":21,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23,"vulnerabilities":24,"developer":25,"crawl_stats":22,"alternatives":33,"analysis":34,"fingerprints":193},"import-xml-csv-listings-to-inventor-wp","WP All Import – Listings Import for Inventor WP","1.1.1","WP All Import","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpallimport\u002F","\u003Cp>The Inventor WP Add-On for \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-all-import\" title=\"WordPress XML & CSV Import\" rel=\"ugc\">WP All Import\u003C\u002Fa> makes it easy to bulk import your listings to the Inventor WP plugin and Superlist theme in less than 10 minutes.\u003C\u002Fp>\n\u003Cp>The left side shows all of the fields that you can import to and the right side displays a property listing from your XML\u002FCSV file. Then you can simply drag & drop the data from your XML or CSV into the Inventor WP fields to import it.\u003C\u002Fp>\n\u003Cp>The importer is so intuitive it is almost like manually adding a listing in Inventor WP.\u003C\u002Fp>\n\u003Ch4>Why you should use the Inventor WP Add-On for WP All Import\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>Instead of using the Custom Fields section of WP All Import, you are shown the fields such as contact fields, social network fields, and listing categories.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Easily import into banner images, banner videos, gallery and repeater fields like FAQ and Menu.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Supports files in any format and structure. There are no requirements that the data in your file be organized in a certain way. CSV imports into Inventor WP are easy no matter the structure of your file.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Supports files of practically unlimited size by automatically splitting them into chunks. WP All Import is limited solely by your server settings.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WP All Import Professional Edition\u003C\u002Fh4>\n\u003Cp>The Inventor WP Add-On for WP All Import is fully compatible with \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-all-import\" title=\"WordPress XML & CSV Import\" rel=\"ugc\">the free version of WP All Import\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>However, \u003Ca href=\"http:\u002F\u002Fwww.wpallimport.com\u002Forder-now\u002F?utm_source=free-plugin&utm_medium=dot-org&utm_campaign=inventorwp\" rel=\"nofollow ugc\">the professional edition of WP All Import\u003C\u002Fa> includes premium support and adds the following features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Import files from a URL: Download and import files from external websites, even if they are password protected with HTTP authentication.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Cron Job\u002FRecurring Imports: WP All Import Pro can check periodically check a file for updates, and add, edit, delete, and update your posts.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Custom PHP Functions: Pass your data through custom functions by using [my_function({data[1]})] in your import template. WP All Import will pass the value of {data[1]} through my_function and use whatever it returns.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Access to premium technical support.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.wpallimport.com\u002Forder-now\u002F?utm_source=free-plugin&utm_medium=dot-org&utm_campaign=inventorwp\" rel=\"nofollow ugc\">Upgrade to the professional edition of WP All Import now.\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Developers: Create Your Own Add-On\u003C\u002Fh4>\n\u003Cp>This Add-On was created using the \u003Ca href=\"http:\u002F\u002Fwww.wpallimport.com\u002Fdocumentation\u002Faddon-dev\u002Foverview\u002F\" rel=\"nofollow ugc\">Rapid Add-On API\u003C\u002Fa> for WP All Import. We’ve made it really easy to write your own Add-On.\u003C\u002Fp>\n\u003Cp>Don’t have time? We’ll write one for you.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.wpallimport.com\u002Fadd-ons\u002F#developers\" rel=\"nofollow ugc\">Read more about getting an Add-On made for your plugin or theme.\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Related Plugins\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fjobify-xml-csv-listings-import\u002F\" rel=\"ugc\">Import Listings into the Jobify Theme\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flistify-xml-csv-listings-import\u002F\" rel=\"ugc\">Import Listings into the Listify Theme\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-job-manager-xml-csv-listings-import\u002F\" rel=\"ugc\">Import Listings into WP Job Manager\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fimport-xml-csv-listings-to-listable-theme\" rel=\"ugc\">Import Listings into the Listable Theme\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>We do not handle support in the WordPress.org community forums.\u003C\u002Fp>\n\u003Cp>We do try to handle support for our free version users at the following e-mail address:\u003C\u002Fp>\n\u003Cp>E-mail: support@wpallimport.com\u003C\u002Fp>\n\u003Cp>Support for free version customers is not guaranteed and based on availability. For premium support, purchase \u003Ca href=\"http:\u002F\u002Fwww.wpallimport.com\u002Forder-now\u002F?utm_source=free-plugin&utm_medium=dot-org&utm_campaign=inventorwp\" rel=\"nofollow ugc\">WP All Import Pro\u003C\u002Fa>.\u003C\u002Fp>\n","Drag & drop to import directory listings from any CSV, XML, Excel, or Google Sheets file of any size or format. Supports images, categories, locat …",10,3899,0,"2026-01-30T14:12:00.000Z","6.9.4","4.1.0","",[],"http:\u002F\u002Fwww.wpallimport.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fimport-xml-csv-listings-to-inventor-wp.1.1.1.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":26,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":28,"avg_security_score":29,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},"wpallimport",22,207240,99,1036,78,"2026-04-04T02:29:47.252Z",[],{"attackSurface":35,"codeSignals":117,"taintFlows":150,"riskAssessment":176,"analyzedAt":192},{"hooks":36,"ajaxHandlers":113,"restRoutes":114,"shortcodes":115,"cronEvents":116,"entryPointCount":13,"unprotectedCount":13},[37,43,48,53,57,61,65,69,73,77,81,85,89,93,97,101,105,109],{"type":38,"name":39,"callback":40,"priority":11,"file":41,"line":42},"filter","pmxi_visible_template_sections","wpai_pmxi_visible_template_sections","inventorwp-add-on.php",3886,{"type":44,"name":45,"callback":46,"file":41,"line":47},"action","admin_enqueue_scripts","inventorwp_addon_style_load",3942,{"type":38,"name":49,"callback":50,"file":51,"line":52},"pmxi_addons","wpai_api_register","rapid-addon.php",144,{"type":38,"name":54,"callback":55,"file":51,"line":56},"wp_all_import_addon_parse","wpai_api_parse",145,{"type":38,"name":58,"callback":59,"file":51,"line":60},"wp_all_import_addon_import","wpai_api_import",146,{"type":38,"name":62,"callback":63,"file":51,"line":64},"wp_all_import_addon_saved_post","wpai_api_post_saved",147,{"type":38,"name":66,"callback":67,"file":51,"line":68},"pmxi_options_options","wpai_api_options",148,{"type":38,"name":70,"callback":71,"priority":11,"file":51,"line":72},"wp_all_import_image_sections","additional_sections",149,{"type":38,"name":74,"callback":75,"priority":11,"file":51,"line":76},"pmxi_custom_types","filter_post_types",150,{"type":38,"name":78,"callback":79,"priority":11,"file":51,"line":80},"pmxi_post_list_order","sort_post_types",151,{"type":38,"name":82,"callback":83,"priority":11,"file":51,"line":84},"wp_all_import_post_type_image","post_type_image",152,{"type":44,"name":86,"callback":87,"priority":11,"file":51,"line":88},"pmxi_extend_options_featured","wpai_api_metabox",153,{"type":44,"name":90,"callback":91,"file":51,"line":92},"admin_init","admin_notice_ignore",154,{"type":38,"name":94,"callback":95,"priority":11,"file":51,"line":96},"wp_all_import_acf_is_show_group","acf_is_show_group",219,{"type":38,"name":98,"callback":99,"priority":11,"file":51,"line":100},"wp_all_import_is_show_add_new_images","filter_is_show_add_new_images",912,{"type":38,"name":102,"callback":103,"priority":11,"file":51,"line":104},"wp_all_import_is_allow_import_images","is_allow_import_images",915,{"type":38,"name":106,"callback":107,"priority":11,"file":51,"line":108},"wp_all_import_is_images_section_enabled","is_enable_default_images_section",958,{"type":44,"name":110,"callback":111,"file":51,"line":112},"admin_notices","display_admin_notice",1153,[],[],[],[],{"dangerousFunctions":118,"sqlUsage":129,"outputEscaping":132,"fileOperations":148,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":149},[119,123,126],{"fn":120,"file":41,"line":121,"context":122},"unserialize",44,"$import_options_arr = unserialize($import_options['options']);",{"fn":120,"file":41,"line":124,"context":125},52,"$import_options_arr = empty($import_options) ? array() : unserialize($import_options['option_value']",{"fn":120,"file":51,"line":127,"context":128},551,"$fieldData = (!empty($field_params['field_obj']->post_content)) ? unserialize($field_params['field_o",{"prepared":130,"raw":13,"locations":131},4,[],{"escaped":133,"rawEcho":133,"locations":134},6,[135,138,140,142,144,146],{"file":51,"line":136,"context":137},411,"raw output",{"file":51,"line":139,"context":137},435,{"file":51,"line":141,"context":137},558,{"file":51,"line":143,"context":137},562,{"file":51,"line":145,"context":137},567,{"file":51,"line":147,"context":137},570,1,[],[151],{"entryPoint":152,"graph":153,"unsanitizedCount":130,"severity":175},"\u003Cinventorwp-add-on> (inventorwp-add-on.php:0)",{"nodes":154,"edges":171},[155,160,166,168],{"id":156,"type":157,"label":158,"file":41,"line":159},"n0","source","$_GET (x2)",30,{"id":161,"type":162,"label":163,"file":41,"line":164,"wp_function":165},"n1","sink","get_row() [SQLi]",39,"get_row",{"id":167,"type":157,"label":158,"file":41,"line":159},"n2",{"id":169,"type":162,"label":170,"file":41,"line":121,"wp_function":120},"n3","unserialize() [Object Injection]",[172,174],{"from":156,"to":161,"sanitized":173},false,{"from":167,"to":169,"sanitized":173},"high",{"summary":177,"deductions":178},"The plugin \"import-xml-csv-listings-to-inventor-wp\" v1.1.1 exhibits a mixed security posture. On the positive side, it has no recorded vulnerabilities (CVEs) and its SQL queries are all secured with prepared statements, indicating an awareness of common database injection risks. The absence of external HTTP requests and the limited attack surface from a static analysis perspective are also strengths. However, significant concerns arise from the code signals. The presence of the `unserialize` function is a major red flag, as it can be exploited for remote code execution if user-controlled data is passed to it without proper sanitization. Furthermore, the taint analysis reveals a flow with unsanitized paths, specifically of high severity, suggesting a potential pathway for attackers to exploit. The plugin also demonstrates a complete lack of nonce checks and capability checks, leaving any potential entry points vulnerable to CSRF attacks and unauthorized access if they were to be discovered or introduced in future versions.",[179,182,185,188,190],{"reason":180,"points":181},"Dangerous function 'unserialize' used",15,{"reason":183,"points":184},"High severity unsanitized taint flow detected",12,{"reason":186,"points":187},"No nonce checks implemented",7,{"reason":189,"points":187},"No capability checks implemented",{"reason":191,"points":130},"50% of outputs not properly escaped","2026-03-17T00:22:01.220Z",{"wat":194,"direct":201},{"assetPaths":195,"generatorPatterns":197,"scriptPaths":198,"versionParams":199},[196],"\u002Fwp-content\u002Fplugins\u002Fimport-xml-csv-listings-to-inventor-wp\u002Frapid-addon.php",[],[],[200],"import-xml-csv-listings-to-inventor-wp\u002Frapid-addon.php?ver=",{"cssClasses":202,"htmlComments":207,"htmlAttributes":210,"restEndpoints":233,"jsGlobals":234,"shortcodeOutput":235},[203,204,205,206],"opening-hours-day","opening-hours-from","opening-hours-to","opening-hours-custom-text",[208,209],"\u003C!-- Inventor Google Map\" plugin is active, add the \"Google Map\",\n *   \"Google Street view\" & \"Google Inside View\" banner types to\n *   the list of availble banner types.\n -->","Use any format supported by the PHP \u003Cb>strtotime\u003C\u002Fb> function. That means pretty much any human-readable time will work.",[211,212,213,214,215,216,217,218,219,220,221,222,223,224,225,226,227,228,229,230,231,232],"listing_banner_image","listing_banner_video","listing_banner_video_loop","listing_banner_map_zoom","listing_banner_map_type","listing_banner_map_marker","listing_banner","listing_video","listing_opening_hours_from_mon","listing_opening_hours_to_mon","listing_opening_hours_custom_text_mon","listing_opening_hours_from_tues","listing_opening_hours_to_tues","listing_opening_hours_custom_text_tues","listing_opening_hours_from_weds","listing_opening_hours_to_weds","listing_opening_hours_custom_text_weds","listing_opening_hours_from_thurs","listing_opening_hours_to_thurs","listing_opening_hours_custom_text_thurs","listing_opening_hours_from_fri","listing_opening_hours_to_fri",[],[],[]]