Houzez Property Feed

Automatically import properties to Houzez from estate agency CRMs and export to portals

v2.5.45Property HiveUpdated 1 month agoAdded 3 years ago1k+ installs94% rating33% support resolved

houzez houzez import property property export property import real-estate

Score

1,464

Errors

1,613

Warnings

Change

Category Scores

Security0

Repo87

Performance100

Maintainability0

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

3,077 findings

Maintainability

1,146

14 issue groups

Security

956

9 issue groups

I18n

863

2 issue groups

ERRORI18nText Domain MismatchMismatched text domain. Expected 'houzez-property-feed' but got 'houzez'.851

Category: I18n
Occurrences: 851
Severity: error

Sample message

Mismatched text domain. Expected 'houzez-property-feed' but got 'houzez'.

WordPress.WP.I18n.TextDomainMismatch Reference

WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.406

Category: Security
Occurrences: 406
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended

WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$agent_display_option".381

Category: Maintainability
Occurrences: 381
Severity: warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$agent_display_option".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$agent_display_option'.223

Category: Security
Occurrences: 223
Severity: error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$agent_display_option'.

WordPress.Security.EscapeOutput.OutputNotEscaped Reference

WARNINGMaintainabilityerror log print rprint_r() found. Debug code should not normally be used in production.164

Category: Maintainability
Occurrences: 164
Severity: warning

Sample message

print_r() found. Debug code should not normally be used in production.

WordPress.PHP.DevelopmentFunctions.error_log_print_r

WARNINGMaintainabilityNon-prefixed hook nameHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "save_post".117

Category: Maintainability
Occurrences: 117
Severity: warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "save_post".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound

WARNINGSecurityRequest data is not unslashed$_GET['_wpnonce'] not unslashed before sanitization. Use wp_unslash() or similar111

Category: Security
Occurrences: 111
Severity: warning

Sample message

$_GET['_wpnonce'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.99

Category: Maintainability
Occurrences: 99
Severity: warning

Sample message

Use of a direct database call is discouraged.

WordPress.DB.DirectDatabaseQuery.DirectQuery

WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().83

Category: Maintainability
Occurrences: 83
Severity: warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WordPress.DB.DirectDatabaseQuery.NoCaching

WARNINGMaintainabilityslow db query meta queryDetected usage of meta_query, possible slow query.72

Category: Maintainability
Occurrences: 72
Severity: warning

Sample message

Detected usage of meta_query, possible slow query.

WordPress.DB.SlowDBQuery.slow_db_query_meta_query

Show 15 more

ERRORSecuritySQL query is not prepared68

Category: Security
Occurrences: 68
Severity: error

Sample message

Use placeholders and $wpdb->prepare(); found !

WordPress.DB.PreparedSQL.NotPrepared

ERRORMaintainabilityMissing direct file access protection64

Category: Maintainability
Occurrences: 64
Severity: error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protection Reference

WARNINGSecuritywp redirect wp redirect42

Category: Security
Occurrences: 42
Severity: warning

Sample message

wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

WordPress.Security.SafeRedirect.wp_redirect_wp_redirect Reference

ERRORMaintainabilitycurl curl setopt38

Category: Maintainability
Occurrences: 38
Severity: error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

WordPress.WP.AlternativeFunctions.curl_curl_setopt

ERRORMaintainabilitywp function not compatible with requires wp38

Category: Maintainability
Occurrences: 38
Severity: error

Sample message

Function "current_datetime()" requires WordPress 5.3.0, but your plugin minimum supported version is WordPress 3.8.0.

wp_function_not_compatible_with_requires_wp Reference

WARNINGSecurityInput is not validated37

Category: Security
Occurrences: 37
Severity: warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_FILES[$format . '_' . $field['id']]['error']. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated

WARNINGSecurityMissing nonce verification34

Category: Security
Occurrences: 34
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing

ERRORMaintainabilitydate date30

Category: Maintainability
Occurrences: 30
Severity: error

Sample message

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

WordPress.DateTime.RestrictedFunctions.date_date

WARNINGSecurityInput is not sanitized19

Category: Security
Occurrences: 19
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_FILES[$format . '_' . $field['id']]['name']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

ERRORMaintainabilitystrip tags strip tags19

Category: Maintainability
Occurrences: 19
Severity: error

Sample message

strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.

WordPress.WP.AlternativeFunctions.strip_tags_strip_tags

ERRORSecurityDatabase parameter is not escaped16

Category: Security
Occurrences: 16
Severity: error

Sample message

Unescaped parameter $import_id used in $wpdb->get_row()\n$import_id assigned unsafely at line 56.

PluginCheck.Security.DirectDB.UnescapedDBParameter

ERRORMaintainabilityfile system operations fclose15

Category: Maintainability
Occurrences: 15
Severity: error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().

WordPress.WP.AlternativeFunctions.file_system_operations_fclose

ERRORMaintainabilityfile system operations fopen14

Category: Maintainability
Occurrences: 14
Severity: error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().

WordPress.WP.AlternativeFunctions.file_system_operations_fopen

ERRORMaintainabilityfile system operations fwrite12

Category: Maintainability
Occurrences: 12
Severity: error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fwrite().

WordPress.WP.AlternativeFunctions.file_system_operations_fwrite

ERRORI18nNon Singular String Literal Text12

Category: I18n
Occurrences: 12
Severity: error

Sample message

The $text parameter must be a single text string literal. Found: $field['label']

WordPress.WP.I18n.NonSingularStringLiteralText Reference

External Connections

Potential connections found in static code analysis.

52 domains

Outbound calls

277

External assets

Incoming endpoints

Notable Domains

houzezpropertyfeed.com148 · outbound

live-api.letmc.com18 · outbound

realtime-listings.webservices.zpg.co.uk10 · outbound

realtime-listings-api.webservices.zpg.co.uk6 · outbound

atlas.propertyfinder.com4 · outbound

home.smelogin.co.uk4 · outbound

Platform / Reference Domains

github.com13 · platform/reference

codex.wordpress.org5 · platform/reference

gnu.org1 · platform/reference

External Asset Domains

No external asset domains detected.

Incoming Endpoints

wp_ajax_nopriv_houzez_property_feed_import_properties_batchpublic

wp_ajax

Admin AJAX endpoints7

wp_ajax_houzez_property_feed_draw_automatic_imports_tableauthenticated

wp_ajax

wp_ajax_houzez_property_feed_fetch_csv_fieldsauthenticated

wp_ajax

wp_ajax_houzez_property_feed_fetch_xml_nodesauthenticated

wp_ajax

wp_ajax_houzez_property_feed_get_running_statusauthenticated

wp_ajax

wp_ajax_houzez_property_feed_import_importauthenticated

wp_ajax

wp_ajax_houzez_property_feed_import_properties_batchauthenticated

wp_ajax

wp_ajax_houzez_property_feed_test_property_import_detailsauthenticated

wp_ajax

Score History

First score snapshot

yesterday

v2.5.45

Latest

Findings: 3,077
Errors: 1,464
Warnings: 1,613
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
yesterdayLatest	23	3,077	1,464	1,613	v2.5.45	2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

37 nodes

Loading map

PluginAuthorCategoryIssueDomainRelated

Relationship links

Issue

Domain

Related Plugins

Property Hive

3k+ active installs