WP-Safety

Realty Portal – My Favorites Security & Risk Analysis

wordpress.org/plugins/realty-portal-my-favorites

Stable tag: 0.3.1 License: GPLv2 or later License URI: http://www.gnu.org/licenses/gpl-2.0.html The add-on allows user to save your properties as fa …

30 active installs v0.3.9 PHP + WP 4.5+ Updated Mar 22, 2019
listingspropertyproperty-listingsproperty-managementreal-estate
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Realty Portal – My Favorites Safe to Use in 2026?

Generally Safe

Score 85/100

Realty Portal – My Favorites has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago
Risk Assessment

The "realty-portal-my-favorites" plugin v0.3.9 exhibits a concerning security posture primarily due to its unprotected AJAX handlers. The static analysis reveals two AJAX entry points, both of which lack proper authentication checks. This is a significant risk as it allows any unauthenticated user to potentially trigger these functions, leading to unintended consequences or access to sensitive data depending on the functionality of these handlers. While the plugin shows strengths in avoiding dangerous functions, raw SQL, and external HTTP requests, and claims to use prepared statements for its SQL queries, the lack of output escaping on 92% of outputs is also a serious weakness. This makes it susceptible to Cross-Site Scripting (XSS) attacks, where malicious scripts can be injected and executed within the user's browser.

Key Concerns

  • AJAX handlers without authentication
  • High percentage of unescaped output
Vulnerabilities
None known

Realty Portal – My Favorites Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Realty Portal – My Favorites Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
34
3 escaped
Nonce Checks
1
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

8% escaped37 total outputs
Attack Surface
2 unprotected

Realty Portal – My Favorites Attack Surface

Entry Points2
Unprotected2

AJAX Handlers 2

authwp_ajax_rp_favoritesincludes\class-my-favorites-process.php:18
noprivwp_ajax_rp_favoritesincludes\class-my-favorites-process.php:19
WordPress Hooks 11
actionrp_property_list_more_actionincludes\class-my-favorites-process.php:21
actionnre_nav_menu_profile_beforeincludes\class-my-favorites-process.php:23
filterrp_list_shortcodeincludes\class-my-favorites-shortcode.php:18
actioninitrealty-portal-my-favorites.php:34
actionrp_agent_form_settingrealty-portal-my-favorites.php:39
actionwp_enqueue_scriptsrealty-portal-my-favorites.php:41
actionrp_single_property_box_metarealty-portal-my-favorites.php:42
actionnetwork_admin_noticesrealty-portal-my-favorites.php:51
actionadmin_noticesrealty-portal-my-favorites.php:56
filterrp_create_pagesrealty-portal-my-favorites.php:118
actionrp_initrealty-portal-my-favorites.php:277
Maintenance & Trust

Realty Portal – My Favorites Maintenance & Trust

Maintenance Signals

WordPress version tested4.8.28
Last updatedMar 22, 2019
PHP min version
Downloads3K

Community Trust

Rating0/100
Number of ratings0
Active installs30
Alternatives

Realty Portal – My Favorites Alternatives

Realty Portal – Floor Plan

Realty Portal – Floor Plan

realty-portal-floor-plan

A
85

Stable tag: 0.3.1 License: GPLv2 or later License URI: http://www.gnu.org/licenses/gpl-2.0.html An add-on to display detailed information of propert …

60 No CVEs
Realty Portal – Advanced Search

Realty Portal – Advanced Search

realty-portal-advanced-search

A
85

Stable tag: 0.3.3 License: GPLv2 or later License URI: http://www.gnu.org/licenses/gpl-2.0.html An add-on to manage agents and their information rig …

40 No CVEs
Realty Portal – Agent Dashboard

Realty Portal – Agent Dashboard

realty-portal-agent-dashboard

A
85

Stable tag: 0.3.1 License: GPLv2 or later License URI: http://www.gnu.org/licenses/gpl-2.0.html Fast, Powerful, Flexible solution for real estate ag …

40 No CVEs
Realty Portal – Agent Profile

Realty Portal – Agent Profile

realty-portal-agent-profile

A
85

Stable tag: 0.3.1 License: GPLv2 or later License URI: http://www.gnu.org/licenses/gpl-2.0.html The add-on to help agents manage all personal inform …

40 No CVEs
Realty Portal – Nearby Places

Realty Portal – Nearby Places

realty-portal-nearby-places

A
85

Stable tag: 0.3.2 License: GPLv2 or later License URI: http://www.gnu.org/licenses/gpl-2.0.html Quickly display places nearby the property.

40 No CVEs
Developer Profile

Realty Portal – My Favorites Developer Profile

NooTheme

13 plugins · 350 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Realty Portal – My Favorites

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/realty-portal-my-favorites/assets/js/rp-favorites.js
Script Paths
/wp-content/plugins/realty-portal-my-favorites/assets/js/rp-favorites.js

HTML / DOM Fingerprints

CSS Classes
rp-event
Data Attributes
data-iddata-userdata-processdata-statusdata-contentdata-url
JS Globals
RP_Favorites
Shortcode Output
[rp_my_favorites]
FAQ

Frequently Asked Questions about Realty Portal – My Favorites