Sync My Rex Security & Risk Analysis
wordpress.org/plugins/rex-syncProviding tool to sync all listings, listing agents from Rex Software to WordPress
Is Sync My Rex Safe to Use in 2026?
Generally Safe
Score 100/100Sync My Rex has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The rex-sync plugin version 2.2.2 exhibits a generally strong security posture based on the provided static analysis. The absence of any recorded vulnerabilities or CVEs in its history, coupled with good coding practices like 100% prepared statement usage for SQL queries and robust nonce and capability checks, suggests a commitment to security by the developers. The plugin also demonstrates a high percentage of properly escaped output, minimizing the risk of cross-site scripting vulnerabilities.
However, there are minor areas for improvement. A small portion of outputs are not properly escaped, representing a potential, albeit low, risk. The presence of file operations without further context raises a slight concern, as does the single external HTTP request, which could be a vector if the external service is compromised or misconfigured. The plugin's attack surface, while currently protected, is composed solely of AJAX handlers, which warrants continued vigilance.
Overall, rex-sync v2.2.2 appears to be a secure plugin with a strong track record. The identified weaknesses are minor and well-mitigated by the overall secure coding practices employed. Continued monitoring for any future vulnerabilities and addressing the minor output escaping issues would further enhance its security.
Key Concerns
- Some outputs are not properly escaped
- File operations present
- External HTTP request present
Sync My Rex Security Vulnerabilities
Sync My Rex Code Analysis
Bundled Libraries
SQL Query Safety
Output Escaping
Sync My Rex Attack Surface
AJAX Handlers 3
WordPress Hooks 8
Maintenance & Trust
Sync My Rex Maintenance & Trust
Maintenance Signals
Community Trust
Sync My Rex Alternatives
MME Real Estate
mme-real-estate
MME Real Estate allows you to manage a catalog of properties for rent or sale in a simple and effective way.
Easy Property Listings
easy-property-listings
Fast. Flexible. Forward-thinking solution for real estate agents using WordPress. Built for scale, listing management and works with any theme.
WPCasa
wpcasa
Flexible WordPress plugin to create professional real estate websites and manage property listings with ease.
Real Estate Manager – Property Listing and Agent Management
real-estate-manager
A comprehensive WordPress plugin designed to create feature-rich real estate websites and portals including Agent Management System.
WP All Import – Property Import for RealHomes
realhomes-xml-csv-property-listings-import
Drag & drop to import real estate listings from any CSV, XML, Excel, or Google Sheets file of any size or format. Supports images, floor plans, am …
Sync My Rex Developer Profile
3 plugins · 120 total installs
How We Detect Sync My Rex
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/rex-sync/assets/css/backend.css/wp-content/plugins/rex-sync/assets/js/backend.js/wp-content/plugins/rex-sync/assets/js/frontend.js/wp-content/plugins/rex-sync/assets/css/frontend.css/wp-content/plugins/rex-sync/assets/js/backend.js/wp-content/plugins/rex-sync/assets/js/frontend.jsrex-sync/assets/css/backend.css?ver=rex-sync/assets/js/backend.js?ver=rex-sync/assets/js/frontend.js?ver=rex-sync/assets/css/frontend.css?ver=HTML / DOM Fingerprints
rex-sync-admin-pagerex-sync-settings-wraprex-sync-mapping-tablersc-button-sync<!-- rex-sync-admin-page --><!-- rex-sync-settings-wrap --><!-- rex-sync-mapping-table --><!-- rsc-button-sync -->+1 moredata-nonce="rsc-settings-nonce"data-nonce="rsc-mapping-nonce"RexSyncBackendRexSyncFrontend/wp-json/rex-sync/v1/listings/wp-json/rex-sync/v1/agents/wp-json/rex-sync/v1/settings[rex_sync_listings][rex_sync_agents]