Does VistaWP – IDX Feeds for Page Builders have any unpatched vulnerabilities?

No. All known vulnerabilities in VistaWP – IDX Feeds for Page Builders have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is VistaWP – IDX Feeds for Page Builders compatible with WordPress 6.9.4?

According to WordPress.org data, VistaWP – IDX Feeds for Page Builders 1.4.5 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is VistaWP – IDX Feeds for Page Builders compatible with PHP 7.4.1+?

VistaWP – IDX Feeds for Page Builders requires PHP 7.4.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is VistaWP – IDX Feeds for Page Builders updated?

VistaWP – IDX Feeds for Page Builders was last updated on Dec 30, 2025. Frequent updates are generally a positive security signal.

What is VistaWP – IDX Feeds for Page Builders's security score?

VistaWP – IDX Feeds for Page Builders has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

VistaWP – IDX Feeds for Page Builders Security & Risk Analysis

wordpress.org/plugins/vistawp

VistaWP is an IDX plugin that displays MLS data on any page using simple shortcodes, compatible with any page builder

10 active installs v1.4.5 PHP 7.4.1+ WP 4.7+ Updated Dec 30, 2025

idxidx-pluginidx-searchmlsreal-estate-search

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is VistaWP – IDX Feeds for Page Builders Safe to Use in 2026?

Generally Safe

Score 100/100

VistaWP – IDX Feeds for Page Builders has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

The plugin "vistawp" v1.4.5 exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The absence of known CVEs and the excellent performance in output escaping (93%) are positive indicators. The code analysis reveals no dangerous functions, no direct SQL queries without prepared statements, and no file operations or external HTTP requests, all of which significantly reduce the attack surface. The fact that all identified entry points (shortcodes) are effectively protected with capability checks and nonce checks is also a notable strength.

However, there are areas for improvement. The analysis indicates zero nonce checks and zero capability checks reported for the entry points, which contradicts the statement that entry points are protected. If this means that actual checks are missing, it represents a significant concern, especially for the 7 shortcodes which form the primary attack surface. While taint analysis shows no issues, the lack of explicit checks for the entry points could still allow for the injection of malicious data if inputs are not properly handled within the shortcode logic. The plugin's vulnerability history being completely clean is commendable but doesn't entirely negate the potential risks identified in the code analysis, particularly regarding the handling of shortcode inputs.

Key Concerns

Missing Nonce Checks on Entry Points
Missing Capability Checks on Entry Points
Limited Taint Analysis (0 flows analyzed)
7 Shortcodes without Explicit Auth/Nonce Indication

Vulnerabilities

None known

VistaWP – IDX Feeds for Page Builders Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

VistaWP – IDX Feeds for Page Builders Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

139 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

93% escaped150 total outputs

Attack Surface

VistaWP – IDX Feeds for Page Builders Attack Surface

Entry Points7

Unprotected0

Shortcodes 7

[vista_analytics_field] includes\analytics\analytics-display.php:35

[vista_listing_filter] includes\listings\listing-display-by-filters.php:41

[vista_listings_map] includes\listings\multiple-listings-map.php:41

[vista_simple_listings] includes\listings\simple-listings.php:35

[vista_listing_field] includes\listings\single-listing-display.php:36

[vista_link_query] includes\multiple-display.php:98

[vista_openhouse_field] includes\openhouses\open-house-display.php:47

WordPress Hooks 3

filterstyle_loader_srcincludes\listings\multiple-listings-map.php:62

actionadmin_menuincludes\options\options-display.php:98

actionplugins_loadedvista.php:347

Maintenance & Trust

VistaWP – IDX Feeds for Page Builders Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 30, 2025

PHP min version7.4.1

Downloads2K

Community Trust

Rating100/100

Number of ratings2

Active installs10

Alternatives

VistaWP – IDX Feeds for Page Builders Alternatives

Optima Express IDX

optima-express

100

Embed real estate property listings, market reports & MLS data on your WordPress site. Responsive design, great SEO & proven lead capture.

8K 1 CVE

Showcase IDX Real Estate Search & Lead Capture

showcase-idx

100

Add MLS listings to your website and capture more leads, all with one plugin! Showcase IDX is a top-performing real estate search plugin that's S …

2K No CVEs

SimplyRETS Real Estate IDX

simply-rets

Show your Real Estate listings on your website, simply! SimplyRETS makes it easy to search and display MLS listings on your WordPress website, and giv …

300 1 unpatched

Apex IDX

apex-idx

Use the superior IDX solution to easily integrate MLS listings on your real estate website. Lead driving, responsive designs with dominant SEO.

70 No CVEs

Estatik Real Estate Plugin

estatik

You will love its clean design, simple use, and colorful themes. WordPress real estate plugin Estatik is a worthy choice for single agents and portals

10K 2 unpatched

Developer Profile

VistaWP – IDX Feeds for Page Builders Developer Profile

VistaWP Real Estate Plugin

1 plugin · 10 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect VistaWP – IDX Feeds for Page Builders

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/vistawp/includes/listings/simple-listings.php/wp-content/plugins/vistawp/includes/listings/listing-display-by-filters.php/wp-content/plugins/vistawp/includes/listings/single-listing-display.php/wp-content/plugins/vistawp/includes/api/RETS-API.php/wp-content/plugins/vistawp/includes/listings/single-listing.php/wp-content/plugins/vistawp/includes/api/get-listing-params.php/wp-content/plugins/vistawp/includes/api/get-analytics-params.php/wp-content/plugins/vistawp/includes/api/get-openhouse-params.php+19 more

Script Paths

/wp-content/plugins/vistawp/assets/js/main.js/wp-content/plugins/vistawp/assets/js/custom.js/wp-content/plugins/vistawp/assets/js/map.js/wp-content/plugins/vistawp/assets/js/analytics.js/wp-content/plugins/vistawp/assets/js/admin.js

Version Parameters

vistawp/assets/js/main.js?ver=vistawp/assets/js/custom.js?ver=vistawp/assets/js/map.js?ver=vistawp/assets/js/analytics.js?ver=vistawp/assets/js/admin.js?ver=vistawp/assets/css/main.css?ver=vistawp/assets/css/custom.css?ver=vistawp/assets/css/map.css?ver=vistawp/assets/css/analytics.css?ver=vistawp/assets/css/admin.css?ver=

HTML / DOM Fingerprints

CSS Classes

vistawp-listingsvistawp-single-listingvistawp-mapvistawp-analyticsvistawp-form-basicvistawp-form-advancedvistawp-form-searchvistawp-license-manager

HTML Comments

+12 more

Data Attributes

data-vistawp-listing-iddata-vistawp-map-optionsdata-vistawp-analytics-data

JS Globals

vistaWP

Shortcode Output

[vistawp_listings[vistawp_single_listing[vistawp_map[vistawp_analytics

FAQ