Does IT Listings have any unpatched vulnerabilities?

No. All known vulnerabilities in IT Listings have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is IT Listings compatible with WordPress 6.4.8?

According to WordPress.org data, IT Listings 1.5.1 has been tested up to WordPress 6.4.8. Check the plugin's changelog for the latest compatibility information.

How often is IT Listings updated?

IT Listings was last updated on Jan 11, 2026. Frequent updates are generally a positive security signal.

What is IT Listings's security score?

IT Listings has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

IT Listings Security & Risk Analysis

wordpress.org/plugins/it-listings

Custom Post Types and additional Functionality for IT Residence WordPress Theme

300 active installs v1.5.1 PHP + WP 6.0+ Updated Jan 11, 2026

blockscustom-post-typesgutenbergit-residencemetabox

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is IT Listings Safe to Use in 2026?

Generally Safe

Score 100/100

IT Listings has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The "it-listings" plugin v1.5.1 demonstrates a strong security posture with several commendable practices. The absence of any recorded vulnerabilities or CVEs in its history is a significant positive indicator, suggesting a mature and well-maintained codebase. Furthermore, the static analysis reveals no critical or high severity taint flows, no dangerous functions, and importantly, all SQL queries utilize prepared statements. The plugin also incorporates nonce and capability checks for its entry points, which are crucial security mechanisms. However, there are areas for improvement. A notable concern is the presence of 2 AJAX handlers with zero found to be unprotected by authentication checks. While the analysis indicates zero unprotected entry points, the mere existence of AJAX handlers without explicit mention of authentication for both is a potential oversight, as robust authorization is key to preventing unauthorized actions. Additionally, while 77% output escaping is good, it implies that approximately 23% of outputs are not properly escaped, which could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is involved in those unescaped outputs. Overall, "it-listings" v1.5.1 is likely a secure plugin, but vigilance regarding output escaping and explicit authentication for all AJAX handlers is warranted.

Key Concerns

Potential unescaped output exists
AJAX handlers may lack robust auth checks

Vulnerabilities

None known

IT Listings Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

IT Listings Code Analysis

Dangerous Functions

Raw SQL Queries

8 prepared

Unescaped Output

197 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared8 total queries

Output Escaping

77% escaped257 total outputs

Data Flows

All sanitized

Data Flow Analysis

4 flows

ajax_import_demo (inc\class-demo-importer.php:229)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

IT Listings Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 2

authwp_ajax_import_demoinc\class-demo-importer.php:13

authwp_ajax_import_demotrunk\inc\class-demo-importer.php:13

WordPress Hooks 41

filterupgrader_source_selectioninc\admin\class-demo-pack-upgrader.php:70

actioninitinc\class-demo-importer.php:8

actionadmin_menuinc\class-demo-importer.php:10

actionadmin_headinc\class-demo-importer.php:11

actionadmin_enqueue_scriptsinc\class-demo-importer.php:12

filterimport_post_meta_keyinc\importers\wordpress-importer\class-wxr-importer.php:103

filterhttp_request_timeoutinc\importers\wordpress-importer\class-wxr-importer.php:104

actioninitinc\listings-cpt.php:62

actioninitinc\listings-cpt.php:107

actioninitinc\listings-cpt.php:148

actionadd_meta_boxesinc\metaboxes\testimonials-metabox.php:13

actionsave_postinc\metaboxes\testimonials-metabox.php:64

actionadmin_noticesinc\notice-upgrade.php:13

actionadmin_noticesinc\notice.php:13

actionwidgets_initinc\register_sidebar.php:21

actioninitinc\testimonials-cpt.php:63

filterbody_classit-listings.php:42

filterblock_categories_allit-listings.php:43

filterscript_loader_tagit-listings.php:44

actioninitit-listings.php:46

filterupgrader_source_selectiontrunk\inc\admin\class-demo-pack-upgrader.php:70

actioninittrunk\inc\class-demo-importer.php:8

actionadmin_menutrunk\inc\class-demo-importer.php:10

actionadmin_headtrunk\inc\class-demo-importer.php:11

actionadmin_enqueue_scriptstrunk\inc\class-demo-importer.php:12

filterimport_post_meta_keytrunk\inc\importers\wordpress-importer\class-wxr-importer.php:103

filterhttp_request_timeouttrunk\inc\importers\wordpress-importer\class-wxr-importer.php:104

actioninittrunk\inc\listings-cpt.php:62

actioninittrunk\inc\listings-cpt.php:107

actioninittrunk\inc\listings-cpt.php:148

actioninittrunk\inc\listings-cpt.php:160

actionadd_meta_boxestrunk\inc\metaboxes\testimonials-metabox.php:13

actionsave_posttrunk\inc\metaboxes\testimonials-metabox.php:64

actionadmin_noticestrunk\inc\notice-upgrade.php:13

actionadmin_noticestrunk\inc\notice.php:13

actionwidgets_inittrunk\inc\register_sidebar.php:21

actioninittrunk\inc\testimonials-cpt.php:63

filterbody_classtrunk\it-listings.php:43

filterblock_categories_alltrunk\it-listings.php:44

filterscript_loader_tagtrunk\it-listings.php:45

actioninittrunk\it-listings.php:47

Maintenance & Trust

IT Listings Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8

Last updatedJan 11, 2026

PHP min version

Downloads9K

Community Trust

Rating0/100

Number of ratings0

Active installs300

Alternatives

IT Listings Alternatives

Voxycure Framework

voxycure-framework

100

Create custom fields, blocks, and post types with no limitations. A flexible, free solution for building with custom data in WordPress.

10 No CVEs

Miramedia Event Manager for TEDx

miramedia-event-manager-for-tedx

100

Event management for TEDx organizers. Manage talks, speakers, and sponsors with custom Gutenberg blocks and advanced filtering.

0 No CVEs

Spectra Gutenberg Blocks – Website Builder for the Block Editor

ultimate-addons-for-gutenberg

Power-up Gutenberg with advanced blocks for faster website creation. Build your WordPress website effortlessly using powerful building blocks!

1.0M 26 CVEs

Kadence Blocks — Page Builder Toolkit for Gutenberg Editor

kadence-blocks

20+ AI-powered Gutenberg Blocks with endless options, enabling top-notch efficiency for high-performance dynamic website creation.

600K 31 CVEs

Extendify

extendify

100

The best WordPress templates, pattern, and layout library with 1,000+ designs built for the Gutenberg block editor.

500K No CVEs

Developer Profile

IT Listings Developer Profile

indithemes

10 plugins · 890 total installs

trust score

Avg Security Score

94/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect IT Listings

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/it-listings/assets/blocks/js/itre-testimonials/index.js/wp-content/plugins/it-listings/assets/blocks/jsx/testimonials/custom.js/wp-content/plugins/it-listings/assets/js/swiper.min.js/wp-content/plugins/it-listings/assets/css/swiper.css/wp-content/plugins/it-listings/assets/css/global.css

Script Paths

Version Parameters

it-listings/assets/blocks/js/itre-testimonials/index.js?ver=it-listings/assets/blocks/jsx/testimonials/custom.js?ver=it-listings/assets/js/swiper.min.js?ver=it-listings/assets/css/swiper.css?ver=it-listings/assets/css/global.css?ver=

HTML / DOM Fingerprints

CSS Classes

has-plugin-itlstitre-for-tagitre-featured-tabs__postitre-featured-tabs__post-title

Data Attributes

type="module"

JS Globals

itre-swiper-js

FAQ