Does Inventory Presser – Car Dealer Listings have any unpatched vulnerabilities?

No. All known vulnerabilities in Inventory Presser – Car Dealer Listings have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Inventory Presser – Car Dealer Listings compatible with WordPress 6.8.5?

According to WordPress.org data, Inventory Presser – Car Dealer Listings 15.2.7 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Inventory Presser – Car Dealer Listings compatible with PHP 7.0.0+?

Inventory Presser – Car Dealer Listings requires PHP 7.0.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Inventory Presser – Car Dealer Listings updated?

Inventory Presser – Car Dealer Listings was last updated on Nov 17, 2025. Frequent updates are generally a positive security signal.

What is Inventory Presser – Car Dealer Listings's security score?

Inventory Presser – Car Dealer Listings has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Inventory Presser – Car Dealer Listings Security & Risk Analysis

wordpress.org/plugins/inventory-presser

Vehicle inventory management for dealerships. Supports multiple car lot locations. Provides listing templates & photo sliders. Multisite compatible.

100 active installs v15.2.7 PHP 7.0.0+ WP 5.0.0+ Updated Nov 17, 2025

auto-dealercar-dealercar-dealershipcar-listingscar-sales

A · Safe

CVEs total1

Unpatched0

Last CVEJun 19, 2025

Plugin page Download

Safety Verdict

Is Inventory Presser – Car Dealer Listings Safe to Use in 2026?

Generally Safe

Score 99/100

Inventory Presser – Car Dealer Listings has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jun 19, 2025Updated 4mo ago

Risk Assessment

The Inventory Presser plugin v15.2.7 demonstrates a generally good security posture with strong adherence to best practices in several key areas. The plugin excels in output escaping, with 98% of outputs being properly handled, and a high percentage (92%) of SQL queries utilizing prepared statements, significantly mitigating risks like SQL injection. The absence of dangerous functions, critical or high severity taint flows, and bundled libraries further contributes to a robust security foundation. However, there are specific areas that warrant attention. The presence of two unprotected entry points, specifically one AJAX handler and one REST API route lacking permission callbacks, presents a direct attack vector for unauthenticated users. While the vulnerability history shows only one medium severity CVE and no currently unpatched vulnerabilities, the fact that the last vulnerability was in June 2025 (potentially a typo and should be in the past) is concerning. The type of past vulnerability (Cross-site Scripting) coupled with the unprotected entry points suggests a potential for similar issues if input validation is not consistently applied to these exposed handlers.

Key Concerns

AJAX handler without auth checks
REST API route without permission callbacks
Medium severity CVE history

Vulnerabilities

Inventory Presser – Car Dealer Listings Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-50012medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Inventory Presser <= 15.2.6 - Authenticated (Administrator+) Stored Cross-Site Scripting

Jun 19, 2025 Patched in 15.2.7 (253d)

Code Analysis

Analyzed Mar 16, 2026

Inventory Presser – Car Dealer Listings Code Analysis

Dangerous Functions

Raw SQL Queries

12 prepared

Unescaped Output

963 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

92% prepared13 total queries

Output Escaping

98% escaped986 total outputs

Attack Surface

2 unprotected

Inventory Presser – Car Dealer Listings Attack Surface

Entry Points25

Unprotected2

AJAX Handlers 2

authwp_ajax_delete_all_post_attachmentsincludes\integrations\class-classic-editor.php:33

authwp_ajax_get_add_media_resultincludes\integrations\class-classic-editor.php:36

REST API Routes 2

GET/wp-json/invp/v1/settings/includes\class-rest.php:144

PUT/wp-json/invp/v1/feed-complete/includes\class-rest.php:153

Shortcodes 21

[invp-archive-vehicle] includes\shortcode\class-shortcode-archive-vehicle.php:20

[invp_archive_vehicle] includes\shortcode\class-shortcode-archive-vehicle.php:21

[invp-archive] includes\shortcode\class-shortcode-archive.php:19

[invp_archive] includes\shortcode\class-shortcode-archive.php:20

[invp-attribute-table] includes\shortcode\class-shortcode-attribute-table.php:24

[invp_attribute_table] includes\shortcode\class-shortcode-attribute-table.php:25

[invp-iframe] includes\shortcode\class-shortcode-iframe.php:25

[invp_iframe] includes\shortcode\class-shortcode-iframe.php:26

[invp-inventory-grid] includes\shortcode\class-shortcode-inventory-grid.php:18

[invp_inventory_grid] includes\shortcode\class-shortcode-inventory-grid.php:19

[invp-inventory-slider] includes\shortcode\class-shortcode-inventory-slider.php:17

[invp_inventory_slider] includes\shortcode\class-shortcode-inventory-slider.php:18

[invp-photo-slider] includes\shortcode\class-shortcode-photo-slider.php:17

[invp_photo_slider] includes\shortcode\class-shortcode-photo-slider.php:18

[invp-price] includes\shortcode\class-shortcode-price.php:23

[invp_price] includes\shortcode\class-shortcode-price.php:24

[invp-single-vehicle] includes\shortcode\class-shortcode-single-vehicle.php:17

[invp_single_vehicle] includes\shortcode\class-shortcode-single-vehicle.php:18

[invp_sort_by] includes\shortcode\class-shortcode-sort-by.php:17

[invp-vin] includes\shortcode\class-shortcode-vin.php:23

[invp_vin] includes\shortcode\class-shortcode-vin.php:24

WordPress Hooks 178

filterpre_set_site_transient_update_pluginsincludes\addon\class-addon-updater.php:73

filterplugins_apiincludes\addon\class-addon-updater.php:74

actionload-plugins.phpincludes\addon\class-addon-updater.php:76

actionadmin_initincludes\addon\class-addon-updater.php:78

filtersite_transient_update_pluginsincludes\addon\class-addon-updater.php:85

actionadmin_print_footer_scriptsincludes\addon\class-addon-updater.php:420

filterpre_set_site_transient_update_pluginsincludes\addon\class-addon-updater.php:517

filterpre_set_site_transient_update_pluginsincludes\addon\class-addon.php:64

actionadmin_initincludes\addon\class-addon.php:77

actionadmin_bar_menuincludes\admin\class-admin-bar.php:46

actionenqueue_block_editor_assetsincludes\admin\class-admin-editor-sidebar.php:55

actioninitincludes\admin\class-admin-editor-sidebar.php:56

actionadmin_enqueue_scriptsincludes\admin\class-admin-editor-sidebar.php:57

actionlocation_add_form_fieldsincludes\admin\class-admin-location-meta.php:25

actionlocation_edit_form_fieldsincludes\admin\class-admin-location-meta.php:26

actioncreated_locationincludes\admin\class-admin-location-meta.php:27

actionedited_locationincludes\admin\class-admin-location-meta.php:28

actionadmin_enqueue_scriptsincludes\admin\class-admin-location-meta.php:31

actionedited_locationincludes\admin\class-admin-location-meta.php:579

actionadmin_initincludes\admin\class-admin-menus.php:35

actionwp_update_nav_menu_itemincludes\admin\class-admin-menus.php:37

actionedited_locationincludes\admin\class-admin-menus.php:43

actionadmin_enqueue_scriptsincludes\admin\class-admin-options.php:31

actionadmin_initincludes\admin\class-admin-options.php:32

actionadmin_menuincludes\admin\class-admin-options.php:33

actionadmin_initincludes\admin\class-admin-options.php:36

filterinvp_html_select_vehicle_keys_valueincludes\admin\class-admin-options.php:719

actionadd_attachmentincludes\admin\class-admin-photo-arranger.php:32

actiondelete_attachmentincludes\admin\class-admin-photo-arranger.php:33

actionwp_media_attach_actionincludes\admin\class-admin-photo-arranger.php:34

actionthe_postincludes\admin\class-admin-photo-arranger.php:48

filterposts_clausesincludes\admin\class-admin-posts-list.php:80

filterpre_get_postsincludes\admin\class-admin-posts-list.php:92

actionadmin_enqueue_scriptsincludes\admin\class-admin-posts-list.php:94

filterposts_distinctincludes\class-add-custom-fields-to-search.php:27

filterposts_joinincludes\class-add-custom-fields-to-search.php:28

filterposts_whereincludes\class-add-custom-fields-to-search.php:29

filterinvp_rewrite_slugsincludes\class-additional-listings-pages.php:21

filterinvp_rewrite_rulesincludes\class-additional-listings-pages.php:22

actionpre_get_postsincludes\class-additional-listings-pages.php:23

filterpost_type_archive_titleincludes\class-additional-listings-pages.php:24

actionpre_get_postsincludes\class-allow-inventory-as-home-page.php:152

actioninvp_archive_buttonsincludes\class-badges.php:68

actioninvp_single_buttonsincludes\class-badges.php:69

actioninvp_archive_buttonsincludes\class-badges.php:73

actioninvp_single_buttonsincludes\class-badges.php:74

actioninitincludes\class-blocks.php:36

actionenqueue_block_assetsincludes\class-blocks.php:37

filterblock_categories_allincludes\class-blocks.php:38

actionthe_postincludes\class-blocks.php:44

filterwalker_nav_menu_start_elincludes\class-menu-item-email-a-friend.php:33

filterwalker_nav_menu_start_elincludes\class-menu-item-print.php:29

actionadd_attachmentincludes\class-photo-numberer.php:28

actionedit_attachmentincludes\class-photo-numberer.php:29

filterthe_titleincludes\class-photo-numberer.php:35

actionpre_get_postsincludes\class-range-filters.php:29

actionwpincludes\class-redirect-404-vehicles.php:64

actionrest_api_initincludes\class-rest.php:21

actionrest_api_initincludes\class-rest.php:23

filterrest_attachment_collection_paramsincludes\class-rest.php:26

filterrest_attachment_queryincludes\class-rest.php:27

actionwp_body_openincludes\class-schema-org-generator.php:26

filtersite_status_testsincludes\class-site-health.php:21

actioninitincludes\class-taxonomies.php:116

actionadmin_headincludes\class-taxonomies.php:119

actioninitincludes\class-taxonomies.php:121

actioninvp_delete_all_dataincludes\class-taxonomies.php:123

filterget_terms_orderbyincludes\class-taxonomies.php:126

actionpre_get_postsincludes\class-taxonomies.php:129

filterinvp_taxonomy_dataincludes\class-taxonomies.php:142

filterwp_robotsincludes\class-taxonomies.php:145

actioninvp_taxonomy_overlapper_updated_metaincludes\class-taxonomy-overlapper.php:102

actioninvp_taxonomy_overlapper_deleted_metaincludes\class-taxonomy-overlapper.php:103

actioninvp_taxonomy_overlapper_deleted_metaincludes\class-taxonomy-overlapper.php:105

actionupdated_postmetaincludes\class-taxonomy-overlapper.php:115

actionadded_post_metaincludes\class-taxonomy-overlapper.php:116

actiondeleted_post_metaincludes\class-taxonomy-overlapper.php:117

actionadded_term_relationshipincludes\class-taxonomy-overlapper.php:127

actiondeleted_term_relationshipsincludes\class-taxonomy-overlapper.php:128

filtersingle_templateincludes\class-template-provider.php:21

filterarchive_templateincludes\class-template-provider.php:22

filterthe_contentincludes\class-template-provider.php:96

filterhas_post_thumbnailincludes\class-template-provider.php:99

filterinvp_rewrite_rulesincludes\class-vehicle-urls-by-vin.php:33

filterquery_varsincludes\class-vehicle-urls-by-vin.php:34

actiontemplate_redirectincludes\class-vehicle-urls-by-vin.php:35

filterfusion_get_all_metaincludes\integrations\class-avada.php:29

filterfusion_shortcode_contentincludes\integrations\class-avada.php:32

filterfusion_post_cards_shortcode_query_argsincludes\integrations\class-avada.php:35

actioncurrent_screenincludes\integrations\class-classic-editor.php:30

filtermedia_send_to_editorincludes\integrations\class-classic-editor.php:39

actionadd_meta_boxesincludes\integrations\class-classic-editor.php:66

actionedit_form_after_titleincludes\integrations\class-classic-editor.php:70

actionadd_meta_boxesincludes\integrations\class-classic-editor.php:73

actionadmin_enqueue_scriptsincludes\integrations\class-classic-editor.php:76

actionmedia_buttonsincludes\integrations\class-classic-editor.php:79

actionwpcf7_initincludes\integrations\class-contact-form-7.php:19

filterwpcf7_special_mail_tagsincludes\integrations\class-contact-form-7.php:22

filterwpcf7_mail_tag_replaced_invp_vehicleincludes\integrations\class-contact-form-7.php:25

filterwp_mail_content_typeincludes\integrations\class-contact-form-7.php:67

filterwp_mail_content_typeincludes\integrations\class-contact-form-7.php:97

filterwp_mail_content_typeincludes\integrations\class-contact-form-7.php:174

actionenqueue_block_editor_assetsincludes\integrations\class-divi.php:30

actioninvp_listings_pages_settingsincludes\integrations\class-divi.php:33

filteret_builder_resolve_dynamic_content_custom_meta_inventory_presser_options_arrayincludes\integrations\class-divi.php:36

filteret_builder_resolve_dynamic_contentincludes\integrations\class-divi.php:37

filteret_builder_post_typesincludes\integrations\class-divi.php:100

actionpmxi_update_post_metaincludes\integrations\class-wp-all-import.php:26

actionpmxi_saved_postincludes\integrations\class-wp-all-import.php:29

actionpmxi_gallery_imageincludes\integrations\class-wp-all-import.php:32

actionpmxi_before_post_importincludes\integrations\class-wp-all-import.php:34

actionwpforms_frontend_cssincludes\integrations\class-wpforms-field-vehicle.php:71

actionwpforms_frontend_jsincludes\integrations\class-wpforms-field-vehicle.php:74

actionenqueue_block_assetsincludes\integrations\class-wpforms-field-vehicle.php:76

filterwpforms_smart_tagsincludes\integrations\class-wpforms.php:18

filterwpforms_smart_tag_processincludes\integrations\class-wpforms.php:19

filterwpforms_get_form_fields_allowedincludes\integrations\class-wpforms.php:29

actioninitincludes\shortcode\class-shortcode-archive-vehicle.php:30

filterhas_post_thumbnailincludes\shortcode\class-shortcode-archive-vehicle.php:76

filterhas_post_thumbnailincludes\shortcode\class-shortcode-archive-vehicle.php:134

filterhas_post_thumbnailincludes\shortcode\class-shortcode-archive-vehicle.php:207

actioninitincludes\shortcode\class-shortcode-archive.php:29

filterinvp_range_filters_main_queryincludes\shortcode\class-shortcode-archive.php:107

actioninitincludes\shortcode\class-shortcode-attribute-table.php:34

actioninitincludes\shortcode\class-shortcode-hours-today.php:36

filterinvp_vehicle_location_sentenceincludes\shortcode\class-shortcode-hours-today.php:39

filterinvp_hours_titleincludes\shortcode\class-shortcode-hours-today.php:42

actioninitincludes\shortcode\class-shortcode-iframe.php:35

actioninitincludes\shortcode\class-shortcode-inventory-grid.php:28

actioninitincludes\shortcode\class-shortcode-inventory-slider.php:27

actioninitincludes\shortcode\class-shortcode-photo-slider.php:27

actioninitincludes\shortcode\class-shortcode-price.php:33

actioninitincludes\shortcode\class-shortcode-single-vehicle.php:27

actioninitincludes\shortcode\class-shortcode-sort-by.php:26

actioninitincludes\shortcode\class-shortcode-sort-by.php:27

actionpre_get_postsincludes\shortcode\class-shortcode-sort-by.php:177

filterinvp_sort_dropdown_optionsincludes\shortcode\class-shortcode-sort-by.php:184

filterinvp_sort_dropdown_optionsincludes\shortcode\class-shortcode-sort-by.php:186

filterinvp_sort_dropdown_optionsincludes\shortcode\class-shortcode-sort-by.php:191

actioninitincludes\shortcode\class-shortcode-vin.php:33

actioninvp_delete_all_dataincludes\widget\class-widget-address.php:33

actioninvp_delete_all_dataincludes\widget\class-widget-carfax.php:65

actioninvp_delete_all_dataincludes\widget\class-widget-fuel-economy.php:30

actioninvp_delete_all_dataincludes\widget\class-widget-google-maps-v3.php:36

actioninvp_delete_all_dataincludes\widget\class-widget-google-maps.php:36

actioninvp_delete_all_dataincludes\widget\class-widget-hours.php:30

actioninvp_delete_all_dataincludes\widget\class-widget-inventory-grid.php:32

actioninvp_delete_all_dataincludes\widget\class-widget-inventory-slider.php:37

actioninvp_delete_all_dataincludes\widget\class-widget-kbb.php:45

actioninvp_delete_all_dataincludes\widget\class-widget-map.php:35

actioninvp_delete_all_dataincludes\widget\class-widget-maximum-price-filter.php:43

actioninvp_delete_all_dataincludes\widget\class-widget-order-by.php:40

actioninvp_delete_all_dataincludes\widget\class-widget-phones.php:89

filterposts_clausesinventory-presser.php:87

filterposts_orderbyinventory-presser.php:302

filterinvp_prefix_meta_keyinventory-presser.php:640

filterinvp_unprefix_meta_keyinventory-presser.php:641

actioninitinventory-presser.php:644

actioninitinventory-presser.php:651

actionadmin_initinventory-presser.php:654

actioninitinventory-presser.php:657

filterregister_post_type_argsinventory-presser.php:660

actiongenerate_rewrite_rulesinventory-presser.php:685

actionwidgets_initinventory-presser.php:702

actionpre_get_postsinventory-presser.php:709

actionwp_enqueue_scriptsinventory-presser.php:713

actionadmin_enqueue_scriptsinventory-presser.php:714

actionenqueue_block_assetsinventory-presser.php:715

actiontrashed_postinventory-presser.php:769

actionbefore_delete_postinventory-presser.php:772

filterpost_updated_messagesinventory-presser.php:775

filterpre_term_linkinventory-presser.php:778

filterpostmeta_form_limitinventory-presser.php:892

actioninvp_archive_buttonsinventory-presser.php:906

actioninvp_single_sectionsinventory-presser.php:909

actionplugins_loadedinventory-presser.php:911

filterdocument_title_partsinventory-presser.php:924

actionplugins_loadedinventory-presser.php:935

Maintenance & Trust

Inventory Presser – Car Dealer Listings Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedNov 17, 2025

PHP min version7.0.0

Downloads16K

Community Trust

Rating100/100

Number of ratings2

Active installs100

Alternatives

Inventory Presser – Car Dealer Listings Alternatives

Auto Listings – Car Listings & Car Dealership Plugin for WordPress

auto-listings

List, manage & sell cars easily. Advanced search, vehicle data from 1941, lead capture, gallery, maps. Great for car dealers.

2K 2 CVEs

Motors VIN Decoder

motors-vin-decoder

100

Motors VIN Decoder & Vehicle History Check is free plugin to decode your vehicle VIN. Free version is based on USA National Highway Traffic Safety …

500 No CVEs

Directorykit Car Dealer Addon

directorykit-car-dealer-addon

100

Transforms WordPress into a car dealership portal with demo listings; fully customizable with Elementor for automotive sites.

0 No CVEs

Motors – Car Dealership & Classified Listings Plugin

motors-car-dealership-classified-listings

Manage classified listings with WordPress, and allow users to post classified listings directly to your website.

10K 17 CVEs

DirectoryPress Frontend

directorypress-frontend

This plugin provides frontend listing functionality for [DirectoryPress - Directory Listing Plugin](https://designinvento.

1K 1 CVE

Developer Profile

Inventory Presser – Car Dealer Listings Developer Profile

fridaysystems

1 plugin · 100 total installs

trust score

Avg Security Score

99/100

Avg Patch Time

253 days

View full developer profile

Detection Fingerprints

How We Detect Inventory Presser – Car Dealer Listings

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/inventory-presser/css/archive.css/wp-content/plugins/inventory-presser/css/common.css/wp-content/plugins/inventory-presser/css/dealer.css/wp-content/plugins/inventory-presser/css/frontend.css/wp-content/plugins/inventory-presser/css/inventory-presser.css/wp-content/plugins/inventory-presser/css/print.css/wp-content/plugins/inventory-presser/css/single-vehicle.css/wp-content/plugins/inventory-presser/js/archive.js+4 more

Script Paths

/wp-content/plugins/inventory-presser/js/archive.js/wp-content/plugins/inventory-presser/js/common.js/wp-content/plugins/inventory-presser/js/frontend.js/wp-content/plugins/inventory-presser/js/inventory-presser.js/wp-content/plugins/inventory-presser/js/single-vehicle.js

Version Parameters

inventory-presser/css/archive.css?ver=inventory-presser/css/common.css?ver=inventory-presser/css/dealer.css?ver=inventory-presser/css/frontend.css?ver=inventory-presser/css/inventory-presser.css?ver=inventory-presser/css/print.css?ver=inventory-presser/css/single-vehicle.css?ver=inventory-presser/js/archive.js?ver=inventory-presser/js/common.js?ver=inventory-presser/js/frontend.js?ver=inventory-presser/js/inventory-presser.js?ver=inventory-presser/js/single-vehicle.js?ver=

HTML / DOM Fingerprints

CSS Classes

invp-archive-filterinvp-archive-filter-controlsinvp-archive-filter-controls-wrapperinvp-archive-filter-controlinvp-archive-filter-control-buttoninvp-archive-filter-control-button-inactiveinvp-archive-filter-control-button-activeinvp-archive-filter-control-select+118 more

Data Attributes

data-invp-post-typedata-invp-taxonomydata-invp-filter-id

JS Globals

INVP_DATA

REST Endpoints

/wp-json/inventory-presser/v1/vehicles/wp-json/inventory-presser/v1/makes/wp-json/inventory-presser/v1/models/wp-json/inventory-presser/v1/trims

FAQ