Does Property – Real Estate Directory Listing have any unpatched vulnerabilities?

No. All known vulnerabilities in Property – Real Estate Directory Listing have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Property – Real Estate Directory Listing compatible with WordPress 6.8.5?

According to WordPress.org data, Property – Real Estate Directory Listing 1.0.8 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Property – Real Estate Directory Listing compatible with PHP 5.2.4+?

Property – Real Estate Directory Listing requires PHP 5.2.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Property – Real Estate Directory Listing updated?

Property – Real Estate Directory Listing was last updated on Oct 3, 2025. Frequent updates are generally a positive security signal.

What is Property – Real Estate Directory Listing's security score?

Property – Real Estate Directory Listing has a WP-Safety security score of 98/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Property – Real Estate Directory Listing Security & Risk Analysis

wordpress.org/plugins/property

Easily manage real estate listings, property directories, and classified ads with a powerful, user-friendly, and SEO-optimized interface.

50 active installs v1.0.8 PHP 5.2.4+ WP 4.9+ Updated Oct 3, 2025

business-directoryclassifiedsdirectory-listingproperty-listingreal-estate

A · Safe

CVEs total1

Unpatched0

Last CVEMay 26, 2025

Plugin page Download

Safety Verdict

Is Property – Real Estate Directory Listing Safe to Use in 2026?

Generally Safe

Score 98/100

Property – Real Estate Directory Listing has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: May 26, 2025Updated 6mo ago

Risk Assessment

The 'property' plugin v1.0.8 exhibits a mixed security posture. On the positive side, it demonstrates good practices by exclusively using prepared statements for SQL queries and having a high rate of output escaping. The presence of numerous nonce and capability checks indicates an effort to secure various functionalities. However, significant concerns arise from the substantial attack surface, particularly the 10 unprotected AJAX handlers, which represent direct entry points for attackers. The taint analysis revealing one high-severity flow with unsanitized paths is also a critical finding, suggesting a potential for exploitable vulnerabilities even with other security measures in place.

The plugin's vulnerability history, while showing no currently unpatched CVEs, does indicate a past high-severity vulnerability attributed to missing authorization. This historical pattern, combined with the identified unprotected AJAX handlers, strongly suggests a recurring issue with robust authorization enforcement. The plugin's strengths lie in its secure database interaction and output handling, but these are overshadowed by the risks posed by unprotected entry points and the confirmed high-severity taint flow, demanding immediate attention and remediation.

Key Concerns

Unprotected AJAX handlers
High severity taint flow
Past high severity vulnerability (Missing Authorization)
Bundled libraries (potential for outdated versions)

Vulnerabilities

Property – Real Estate Directory Listing Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

High

1 total CVE

CVE-2025-5117high · 8.8Missing Authorization

Property 1.0.5 - 1.0.6 - Missing Authorization to Authenticated (Author+) Privilege Escalation via property_package_user_role Metadata in PayPal Registration

May 26, 2025 Patched in 1.0.7 (1d)

Code Analysis

Analyzed Mar 16, 2026

Property – Real Estate Directory Listing Code Analysis

Dangerous Functions

Raw SQL Queries

123 prepared

Unescaped Output

307

2678 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

DataTablesSelect2TinyMCETCPDF

SQL Query Safety

100% prepared123 total queries

Output Escaping

90% escaped2985 total outputs

Data Flows

5 unsanitized

Data Flow Analysis

18 flows5 with unsanitized paths

property_update_package_status (admin\admin.php:1274)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

10 unprotected

Property – Real Estate Directory Listing Attack Surface

Entry Points95

Unprotected10

AJAX Handlers 78

authwp_ajax_property_save_packageadmin\admin.php:15

authwp_ajax_property_update_packageadmin\admin.php:16

authwp_ajax_property_update_paypal_settingsadmin\admin.php:17

authwp_ajax_property_update_stripe_settingsadmin\admin.php:18

authwp_ajax_property_create_couponadmin\admin.php:19

authwp_ajax_property_update_couponadmin\admin.php:20

authwp_ajax_property_update_payment_settingadmin\admin.php:21

authwp_ajax_property_update_page_settingadmin\admin.php:22

authwp_ajax_property_update_email_settingadmin\admin.php:23

authwp_ajax_property_update_mailchamp_settingadmin\admin.php:24

authwp_ajax_property_add_home_pageadmin\admin.php:25

authwp_ajax_property_update_package_statusadmin\admin.php:26

authwp_ajax_property_gateway_settings_updateadmin\admin.php:27

authwp_ajax_property_update_account_settingadmin\admin.php:28

authwp_ajax_property_update_protected_settingadmin\admin.php:29

authwp_ajax_property_import_dataadmin\admin.php:30

authwp_ajax_property_update_user_settingsadmin\admin.php:31

authwp_ajax_property_update_profile_fieldsadmin\admin.php:32

authwp_ajax_property_update_dir_fieldsadmin\admin.php:33

authwp_ajax_property_update_profile_signup_fieldsadmin\admin.php:34

authwp_ajax_property_update_dir_settingadmin\admin.php:35

authwp_ajax_property_update_search_fieldsadmin\admin.php:36

authwp_ajax_property_update_archive_fieldsadmin\admin.php:37

authwp_ajax_property_update_single_fieldsadmin\admin.php:38

authwp_ajax_property_create_search_shortcodeadmin\admin.php:39

authwp_ajax_property_search_shortcodes_saved_deleteadmin\admin.php:40

authwp_ajax_property_update_map_settingsadmin\admin.php:41

authwp_ajax_property_update_color_settingsadmin\admin.php:42

authwp_ajax_property_update_myaccount_menuadmin\admin.php:43

authwp_ajax_property_update_openai_settingsadmin\admin.php:44

authwp_ajax_property_check_couponproperty.php:73

noprivwp_ajax_property_check_couponproperty.php:74

authwp_ajax_property_check_package_amountproperty.php:75

noprivwp_ajax_property_check_package_amountproperty.php:76

authwp_ajax_property_update_profile_picproperty.php:77

authwp_ajax_property_update_profile_settingproperty.php:78

authwp_ajax_property_update_wp_postproperty.php:79

authwp_ajax_property_save_wp_postproperty.php:80

authwp_ajax_property_update_setting_passwordproperty.php:81

authwp_ajax_property_check_loginproperty.php:82

noprivwp_ajax_property_check_loginproperty.php:83

authwp_ajax_property_forget_passwordproperty.php:84

noprivwp_ajax_property_forget_passwordproperty.php:85

authwp_ajax_property_cancel_stripeproperty.php:86

authwp_ajax_property_cancel_paypalproperty.php:87

authwp_ajax_propertyfile_stripe_upgradeproperty.php:88

authwp_ajax_property_save_favoriteproperty.php:89

authwp_ajax_property_save_un_favoriteproperty.php:90

authwp_ajax_property_save_notificationproperty.php:91

authwp_ajax_property_delete_favoriteproperty.php:92

authwp_ajax_property_message_deleteproperty.php:93

authwp_ajax_property_booking_deleteproperty.php:94

authwp_ajax_property_message_sendproperty.php:95

noprivwp_ajax_property_message_sendproperty.php:96

authwp_ajax_property_booking_message_sendproperty.php:97

noprivwp_ajax_property_booking_message_sendproperty.php:98

authwp_ajax_property_chatgpt_upload_imageproperty.php:99

authwp_ajax_property_claim_sendproperty.php:100

noprivwp_ajax_property_claim_sendproperty.php:101

authwp_ajax_property_cron_listingproperty.php:102

noprivwp_ajax_property_cron_listingproperty.php:103

authwp_ajax_property_finalerp_csv_product_uploadproperty.php:104

authwp_ajax_property_save_csv_file_to_databaseproperty.php:105

authwp_ajax_property_eppro_get_import_statusproperty.php:106

authwp_ajax_property_contact_popupproperty.php:107

authwp_ajax_property_listing_contact_popupproperty.php:108

noprivwp_ajax_property_listing_contact_popupproperty.php:109

authwp_ajax_property_listing_claim_popupproperty.php:110

noprivwp_ajax_property_listing_claim_popupproperty.php:111

authwp_ajax_property_listing_booking_popupproperty.php:112

noprivwp_ajax_property_listing_booking_popupproperty.php:113

authwp_ajax_property_load_categories_fields_wpadminproperty.php:115

noprivwp_ajax_property_load_categories_fields_wpadminproperty.php:116

authwp_ajax_property_save_post_without_userproperty.php:117

noprivwp_ajax_property_save_post_without_userproperty.php:118

authwp_ajax_property_save_user_reviewproperty.php:119

authwp_ajax_property_chatgpt_post_creatorproperty.php:122

noprivwp_ajax_property_chatgpt_post_creatorproperty.php:123

Shortcodes 17

[property_form_wizard] property.php:127

[propertyfile_template] property.php:128

[property_login] property.php:129

[property_categories] property.php:130

[property_featured] property.php:131

[property_map] property.php:132

[property_archive_grid_rounded] property.php:133

[property_archive_grid_no_map] property.php:134

[property_single_rounded] property.php:135

[property_search] property.php:136

[property_listing_filter] property.php:137

[property_categories_carousel] property.php:138

[property_tags_carousel] property.php:139

[property_locations_carousel] property.php:140

[property_locations] property.php:141

[property_reminder_email_cron] property.php:142

[property_add_listing] property.php:143

WordPress Hooks 43

actionadmin_menuadmin\admin.php:12

actionadmin_print_scriptsadmin\admin.php:13

actionadmin_print_stylesadmin\admin.php:14

actioninitadmin\admin.php:45

actioninitadmin\admin.php:46

filtermanage_edit-iv_payment_columnsadmin\admin.php:47

actionadmin_initadmin\admin.php:48

actionmanage_iv_payment_posts_custom_columnadmin\admin.php:49

actionmanage_property_message_posts_custom_columnadmin\pages\manage-cpt-columns.php:7

filtermanage_edit-property_message_columnsadmin\pages\manage-cpt-columns.php:8

actionadmin_enqueue_scriptsadmin\pages\metaboxes\category-meta.php:138

actionadmin_enqueue_scriptsadmin\pages\metaboxes\location-meta.php:78

actionadmin_enqueue_scriptsadmin\pages\metaboxes\tag-meta.php:78

actionenqueue_block_editor_assetsadmin\pages\tinymce_shortcode_button.php:11

filterblock_categories_alladmin\pages\tinymce_shortcode_button.php:28

actionwidgets_initproperty.php:67

actionadd_meta_boxesproperty.php:120

actionsave_postproperty.php:121

actionpre_get_postsproperty.php:124

filtertemplate_includeproperty.php:145

actioninitproperty.php:148

actioninitproperty.php:151

actioninitproperty.php:152

actioninitproperty.php:154

actioninitproperty.php:155

actioninitproperty.php:156

actioninitproperty.php:157

actioninitproperty.php:158

actioninitproperty.php:159

actioninitproperty.php:160

actioninitproperty.php:162

actionwp_enqueue_scriptsproperty.php:164

filterviews_edit-postproperty.php:1943

filterviews_uploadproperty.php:1944

actionadmin_noticesproperty.php:2284

filterposts_fieldsproperty.php:3209

filterposts_joinproperty.php:3210

filterposts_whereproperty.php:3211

filterposts_groupbyproperty.php:3212

filterposts_orderbyproperty.php:3213

actionelementor/frontend/after_register_scriptstemplate\elementor\custom-elementor-widgets.php:129

actionelementor/widgets/widgets_registeredtemplate\elementor\custom-elementor-widgets.php:181

actionelementor/elements/categories_registeredtemplate\elementor\custom-elementor-widgets.php:194

Maintenance & Trust

Property – Real Estate Directory Listing Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedOct 3, 2025

PHP min version5.2.4

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs50

Alternatives

Property – Real Estate Directory Listing Alternatives

Advanced Classifieds & Directory Pro

advanced-classifieds-and-directory-pro

Build any kind of directory site: classifieds, cars, bikes & other vehicles dealers site, pets, real estate portal, yellow pages, etc...

2K 4 CVEs

Directorist: AI-Powered Business Directory, Listings & Classified Ads

directorist

Build any type of directory website such as a business directory, job directory, classifieds directory, and more with this WordPress directory plugin.

20K 2 unpatched

Classified Listing – AI-Powered Classified ads & Business Directory Plugin

classified-listing

A Classified ads and Business Directory plugin for WordPress, to create classified listing, real estate directory, local business directory, and more.

10K 15 CVEs

GeoDirectory – WP Business Directory Plugin and Classified Listings Directory

geodirectory

A superb WordPress Business Directory plugin to create a local business directory, classified ads directory, or job listings board.

10K 16 CVEs

HivePress – Business Directory & Classified Ads Plugin

hivepress

100

A simple yet powerful plugin to create a business directory, job board, real estate, classified ads, or basically any type of directory website.

10K No CVEs

Developer Profile

Property – Real Estate Directory Listing Developer Profile

themeglow

3 plugins · 150 total installs

trust score

Avg Security Score

74/100

Avg Patch Time

31 days

View full developer profile

Detection Fingerprints

How We Detect Property – Real Estate Directory Listing

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/property/css/property.css/wp-content/plugins/property/css/property_custom.css/wp-content/plugins/property/css/property_style.css/wp-content/plugins/property/css/property_admin.css/wp-content/plugins/property/css/property_dashbord.css/wp-content/plugins/property/css/property_responsive.css/wp-content/plugins/property/css/property_template.css/wp-content/plugins/property/css/property_listing.css+29 more

Script Paths

/wp-content/plugins/property/js/property.js/wp-content/plugins/property/js/property_custom.js/wp-content/plugins/property/js/property_validation.js/wp-content/plugins/property/js/property_template.js/wp-content/plugins/property/js/property_map.js/wp-content/plugins/property/js/property_featured.js+13 more

Version Parameters

property/css/property.css?ver=property/css/property_custom.css?ver=property/css/property_style.css?ver=property/css/property_admin.css?ver=property/css/property_dashbord.css?ver=property/css/property_responsive.css?ver=property/css/property_template.css?ver=property/css/property_listing.css?ver=property/css/property_map.css?ver=property/css/property_featured.css?ver=property/css/property_carousel.css?ver=property/css/property_detail_page.css?ver=property/css/property_search.css?ver=property/css/property_form_wizard.css?ver=property/css/property_profile.css?ver=property/css/property_archive.css?ver=property/css/property_checkout.css?ver=property/css/property_shortcode.css?ver=property/js/property.js?ver=property/js/property_custom.js?ver=property/js/property_validation.js?ver=property/js/property_template.js?ver=property/js/property_map.js?ver=property/js/property_featured.js?ver=property/js/property_listing.js?ver=property/js/property_detail.js?ver=property/js/property_checkout.js?ver=property/js/property_shortcode.js?ver=property/js/property_profile.js?ver=property/js/property_archive.js?ver=property/js/property_dashboard.js?ver=property/js/property_form_wizard.js?ver=property/js/property_search.js?ver=property/js/property_calander.js?ver=property/js/property_carousel.js?ver=property/js/property_chatgpt.js?ver=property/js/property_custom_js.js?ver=

HTML / DOM Fingerprints

CSS Classes

property_main_menuproperty_listingproperty_search_formproperty_detail_pageproperty_profile_pageproperty_checkout_formproperty_form_wizardproperty_categories_list+8 more

HTML Comments

+20 more

Data Attributes

data-property-iddata-property-titledata-property-latdata-property-lngdata-property-marker-icondata-property-search-url+4 more

JS Globals

property_ajax_objectproperty_objproperty_varsproperty_script_varsproperty_custom_varsproperty_template_vars+6 more

REST Endpoints

/wp-json/property/v1/check_coupon/wp-json/property/v1/check_package_amount/wp-json/property/v1/update_profile_pic/wp-json/property/v1/update_profile_setting/wp-json/property/v1/update_wp_post/wp-json/property/v1/save_wp_post/wp-json/property/v1/update_setting_password/wp-json/property/v1/check_login/wp-json/property/v1/forget_password/wp-json/property/v1/cancel_stripe/wp-json/property/v1/cancel_paypal/wp-json/property/v1/stripe_upgrade/wp-json/property/v1/save_favorite/wp-json/property/v1/save_un_favorite/wp-json/property/v1/save_notification/wp-json/property/v1/delete_favorite/wp-json/property/v1/message_delete/wp-json/property/v1/booking_delete/wp-json/property/v1/message_send/wp-json/property/v1/booking_message_send/wp-json/property/v1/chatgpt_upload_image/wp-json/property/v1/claim_send/wp-json/property/v1/cron_listing/wp-json/property/v1/finalerp_csv_product_upload/wp-json/property/v1/save_csv_file_to_database/wp-json/property/v1/eppro_get_import_status/wp-json/property/v1/contact_popup/wp-json/property/v1/listing_contact_popup/wp-json/property/v1/listing_claim_popup/wp-json/property/v1/listing_booking_popup/wp-json/property/v1/load_categories_fields_wpadmin/wp-json/property/v1/save_post_without_user/wp-json/property/v1/save_user_review/wp-json/property/v1/chatgpt_post_creator

Shortcode Output

[property_form_wizard][propertyfile_template][property_login][property_categories]

FAQ