WP-Safety

Structured Listing Business Directory Security & Risk Analysis

wordpress.org/plugins/structured-listing

With WPSL, you can usefully expand your site with well-structured and simple to use business directory and earn money.

0 active installs v1.0.0 PHP 8.0+ WP 6.7+ Updated Jan 15, 2025
blockbusiness-directorystructured-listingwpslyellow-pages
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Structured Listing Business Directory Safe to Use in 2026?

Generally Safe

Score 92/100

Structured Listing Business Directory has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The "structured-listing" plugin v1.0.0 exhibits a generally good security posture due to its adherence to several key WordPress security best practices. The absence of dangerous functions, file operations, and external HTTP requests, coupled with 100% of SQL queries using prepared statements and a very high percentage of properly escaped output, are strong indicators of secure coding. The presence of nonce and capability checks, while not comprehensive across all entry points, is also a positive sign.

However, a significant concern arises from the plugin's attack surface. It exposes one REST API route without any permission callbacks. This means any unauthenticated user could potentially interact with this endpoint, which could lead to unintended consequences or be used as a pivot point for further attacks, especially if the endpoint's functionality is sensitive. The static analysis does not indicate any taint flows, which is encouraging, but the unprotected REST API endpoint represents a clear and present risk.

The plugin's vulnerability history is spotless, with no known CVEs. This, combined with the positive code signals, suggests a plugin that has likely been developed with security in mind. Nevertheless, the lack of historical vulnerabilities does not negate the immediate risk posed by the unprotected REST API endpoint. The plugin's strengths lie in its secure handling of core WordPress functionalities like SQL and output, but its weakness is a directly exposed, unauthenticated REST API entry point.

Key Concerns

  • REST API route without permission callbacks
Vulnerabilities
None known

Structured Listing Business Directory Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Structured Listing Business Directory Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
1
108 escaped
Nonce Checks
3
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

99% escaped109 total outputs
Attack Surface
1 unprotected

Structured Listing Business Directory Attack Surface

Entry Points1
Unprotected1

REST API Routes 1

GET/wp-json/address-block/v1/searchinc\rest-api.php:8
WordPress Hooks 41
actionadd_meta_boxesinc\addresses-fields.php:20
actionsave_postinc\addresses-fields.php:68
actionadd_meta_boxesinc\addresses-fields.php:84
actionsave_postinc\addresses-fields.php:164
actionadd_meta_boxesinc\addresses-fields.php:182
actionrest_api_initinc\addresses-fields.php:230
actioninitinc\cpt-addresses.php:59
actionwp_enqueue_scriptsinc\enqueue-script-style.php:43
actionadmin_enqueue_scriptsinc\enqueue-script-style.php:46
actionwp_enqueue_scriptsinc\enqueue-script-style.php:87
filtertemplate_includeinc\filters.php:27
filterwp_insert_post_datainc\filters.php:44
filterget_the_archive_titleinc\filters.php:56
filtertemplate_includeinc\filters.php:74
filterblock_categories_allinc\gutenberg-block-category.php:6
actionadmin_noticesinc\notice-info.php:20
actionadmin_noticesinc\notice-info.php:23
actionadmin_initinc\notice-info.php:26
actionadmin_enqueue_scriptsinc\notice-info.php:69
actionadmin_menuinc\permalink-settings.php:8
actionadmin_initinc\permalink-settings.php:9
actionadd_meta_boxesinc\permalink-settings.php:10
actionsave_postinc\permalink-settings.php:11
actionwp_headinc\permalink-settings.php:12
filterpost_type_linkinc\permalink-settings.php:13
filterwp_sitemaps_posts_query_argsinc\permalink-settings.php:14
filterrank_math/sitemap/entryinc\permalink-settings.php:18
filterrank_math/sitemap/enable_cachinginc\permalink-settings.php:19
filterrank_math/sitemap/entryinc\permalink-settings.php:20
filterwpseo_sitemap_entryinc\permalink-settings.php:29
filterpost_type_linkinc\permalink-settings.php:257
actiontemplate_redirectinc\permalink-settings.php:284
actioninitinc\register-blocks.php:22
actionrest_api_initinc\rest-api.php:7
actioninitinc\tax-address-category.php:38
filterterm_linkinc\tax-address-category.php:50
filterrewrite_rules_arrayinc\tax-address-category.php:71
filterpost_type_linkinc\tax-address-category.php:84
actioninitinc\tax-address-category.php:102
actionsave_postinc\tax-address-category.php:119
actionplugins_loadedstructured-listing.php:33
Maintenance & Trust

Structured Listing Business Directory Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedJan 15, 2025
PHP min version8.0
Downloads522

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Structured Listing Business Directory Alternatives

Classic Editor

Classic Editor

classic-editor

A
100

Enables the previous "classic" editor and the old-style Edit Post screen with TinyMCE, Meta Boxes, etc. Supports all plugins that extend this screen.

9.0M No CVEs
Starter Templates – AI-Powered Templates for Elementor & Gutenberg

Starter Templates – AI-Powered Templates for Elementor & Gutenberg

astra-sites

A
89

The growing library of 300+ ready-to-use templates that work with all WordPress themes including Astra, Hello, OceanWP, GeneratePress and more

2.0M 7 CVEs
Advanced Editor Tools

Advanced Editor Tools

tinymce-advanced

A
100

Extends and enhances the block editor (Gutenberg) and the classic editor (TinyMCE).

2.0M 1 CVE
Spectra Gutenberg Blocks – Website Builder for the Block Editor

Spectra Gutenberg Blocks – Website Builder for the Block Editor

ultimate-addons-for-gutenberg

A
92

Power-up Gutenberg with advanced blocks for faster website creation. Build your WordPress website effortlessly using powerful building blocks!

1.0M 26 CVEs
Breadcrumb NavXT

Breadcrumb NavXT

breadcrumb-navxt

A
98

Adds breadcrumb navigation showing the visitor's path to their current location.

800K 2 CVEs
Developer Profile

Structured Listing Business Directory Developer Profile

Antonio Leutsch

2 plugins · 1K total installs

86
trust score
Avg Security Score
89/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Structured Listing Business Directory

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/structured-listing/build/blocks/address-block/index.css/wp-content/plugins/structured-listing/build/blocks/single-address/index.css/wp-content/plugins/structured-listing/assets/js/view.js/wp-content/plugins/structured-listing/assets/js/editor-script.js/wp-content/plugins/structured-listing/assets/js/address-category.js
Script Paths
/wp-content/plugins/structured-listing/assets/js/view.js/wp-content/plugins/structured-listing/build/blocks/address-block/index.css/wp-content/plugins/structured-listing/build/blocks/single-address/index.css/wp-content/plugins/structured-listing/assets/js/editor-script.js/wp-content/plugins/structured-listing/assets/js/address-category.js
Version Parameters
structured-listing/assets/js/view.js?ver=structured-listing/build/blocks/address-block/index.css?ver=structured-listing/build/blocks/single-address/index.css?ver=structured-listing/assets/js/editor-script.js?ver=structured-listing/assets/js/address-category.js?ver=

HTML / DOM Fingerprints

Data Attributes
data-address-block-search-urldata-address-block-nonce
JS Globals
addressBlockaddressBlockCategoriesaddressCategoryData
REST Endpoints
/wp-json/address-block/v1/search
FAQ

Frequently Asked Questions about Structured Listing Business Directory