Does 1Day Booking Engine have any unpatched vulnerabilities?

No. All known vulnerabilities in 1Day Booking Engine have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is 1Day Booking Engine compatible with WordPress 6.1.10?

According to WordPress.org data, 1Day Booking Engine 1.0.4 has been tested up to WordPress 6.1.10. Check the plugin's changelog for the latest compatibility information.

Is 1Day Booking Engine compatible with PHP 7.2+?

1Day Booking Engine requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is 1Day Booking Engine updated?

1Day Booking Engine was last updated on Nov 28, 2022. Frequent updates are generally a positive security signal.

What is 1Day Booking Engine's security score?

1Day Booking Engine has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

1Day Booking Engine Security & Risk Analysis

wordpress.org/plugins/1day-io

Simple, modern and flexible booking engine for your hotel. Let customers book rooms easily without being redirected away from your website.

10 active installs v1.0.4 PHP 7.2+ WP 5.2+ Updated Nov 28, 2022

booking-enginechannel-managerhotelhotel-bookingreservation

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is 1Day Booking Engine Safe to Use in 2026?

Generally Safe

Score 85/100

1Day Booking Engine has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

The '1day-io' plugin version 1.0.4 demonstrates several positive security practices, including the absence of known CVEs, no critical or high severity taint flows, and the use of prepared statements for all SQL queries. The code also includes a reasonable number of output escaping mechanisms and a file operation and external HTTP request are present but do not appear to be directly exposed or directly manipulated without checks. However, there are significant security concerns regarding its attack surface. The plugin exposes two AJAX handlers without any authentication checks, creating a direct pathway for unauthenticated users to interact with potentially sensitive functionality. While the number of total entry points is relatively low, the presence of unprotected AJAX handlers is a serious oversight that could lead to unauthorized actions if these handlers perform any modifications or expose information.

Despite the lack of historical vulnerabilities, this does not guarantee future safety, especially given the identified unprotected entry points. The plugin's vulnerability history is clean, which is a positive indicator, but it does not mitigate the immediate risks presented by the unauthenticated AJAX endpoints. In conclusion, while the plugin benefits from good SQL handling and a clean vulnerability record, the unprotected AJAX handlers represent a notable weakness. Developers should prioritize adding proper authentication and authorization checks to these AJAX endpoints to significantly improve the plugin's security posture.

Key Concerns

Unprotected AJAX handlers detected
Moderate output escaping issues (27% unescaped)

Vulnerabilities

None known

1Day Booking Engine Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

1Day Booking Engine Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

134

358 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

73% escaped492 total outputs

Data Flows

All sanitized

Data Flow Analysis

1 flows

<rates-table> (inc\templates\rooms\rates\rates-table.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

1Day Booking Engine Attack Surface

Entry Points5

Unprotected2

AJAX Handlers 2

authwp_ajax_get_ratesinc\ajax\get_rates.php:2

noprivwp_ajax_get_ratesinc\ajax\get_rates.php:3

Shortcodes 3

[oneday_search_form] inc\shortcodes\search_form.php:6

[oneday_search_map] inc\shortcodes\search_map.php:6

[oneday_search_results] inc\shortcodes\search_results.php:6

WordPress Hooks 46

actioninitinc\class\init\init_filter_post_type.php:11

actionadd_meta_boxesinc\class\init\init_filter_post_type.php:16

actionsave_postinc\class\init\init_filter_post_type.php:21

filtermanage_oneday_filter_posts_columnsinc\class\init\init_filter_post_type.php:23

actionmanage_oneday_filter_posts_custom_columninc\class\init\init_filter_post_type.php:29

actionadmin_menuinc\class\init\init_filter_post_type.php:41

actioninitinc\class\init\init_hotel_taxonomy.php:7

actionhotel_add_form_fieldsinc\class\init\init_hotel_taxonomy.php:9

actionhotel_edit_form_fieldsinc\class\init\init_hotel_taxonomy.php:11

actioncreated_hotelinc\class\init\init_hotel_taxonomy.php:13

actionedited_hotelinc\class\init\init_hotel_taxonomy.php:15

actionadmin_enqueue_scriptsinc\class\init\init_hotel_taxonomy.php:17

actionhotel_edit_forminc\class\init\init_hotel_taxonomy.php:19

actionhotel_add_forminc\class\init\init_hotel_taxonomy.php:20

filtermanage_edit-hotel_columnsinc\class\init\init_hotel_taxonomy.php:22

filtertemplate_includeinc\class\init\init_hotel_taxonomy.php:28

actioninitinc\class\init\init_room_product_type.php:11

filterproduct_type_selectorinc\class\init\init_room_product_type.php:16

filterwoocommerce_product_data_tabsinc\class\init\init_room_product_type.php:21

actionwoocommerce_product_data_tabsinc\class\init\init_room_product_type.php:26

actionwoocommerce_product_data_panelsinc\class\init\init_room_product_type.php:31

actionwoocommerce_process_product_metainc\class\init\init_room_product_type.php:36

actionwoocommerce_after_single_product_summaryinc\class\init\init_room_product_type.php:41

actionwoocommerce_is_purchasableinc\class\init\init_room_product_type.php:53

filterwoocommerce_add_to_cart_validationinc\class\init\init_room_product_type.php:60

filterwoocommerce_add_cart_item_datainc\class\init\init_room_product_type.php:62

actionwoocommerce_checkout_create_order_line_iteminc\class\init\init_room_product_type.php:64

actionwoocommerce_before_calculate_totalsinc\class\init\init_room_product_type.php:66

actionwoocommerce_single_product_summaryinc\class\init\init_room_product_type.php:70

actionwoocommerce_checkout_order_processedinc\class\init\init_room_product_type.php:72

actionwoocommerce_cart_item_nameinc\class\init\init_room_product_type.php:78

actionwoocommerce_order_item_nameinc\class\init\init_room_product_type.php:79

actionwoocommerce_single_product_summaryinc\class\init\init_room_product_type.php:173

filterwoocommerce_currencyinc\class\init\init_room_product_type.php:192

actionadmin_menuinc\class\settings_page.php:15

actionadmin_initinc\class\settings_page.php:16

actioninitinc\class\sync\sync_hotels.php:22

actionadmin_enqueue_scriptsinc\enqueue_scripts.php:50

actionwp_enqueue_scriptsinc\enqueue_scripts.php:73

actionadd_meta_boxesinc\hooks\product-admin-page.php:2

actionadmin_footerinc\hooks\products-admin-page.php:2

actioninitinc\hooks\search.php:3

actionwoocommerce_order_status_on-holdinc\hooks\woocommerce.php:23

actionwoocommerce_order_status_processinginc\hooks\woocommerce.php:24

actionadmin_noticesinc\is_the_plugin_active.php:69

actionadmin_initinc\is_the_plugin_active.php:100

Maintenance & Trust

1Day Booking Engine Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10

Last updatedNov 28, 2022

PHP min version7.2

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

1Day Booking Engine Alternatives

VikBooking Hotel Booking Engine & PMS

vikbooking

Famous Booking Engine, PMS and Hotel Reservations plugin for property managers. The best solution for accommodations to drive more direct bookings.

9K 17 CVEs

MotoPress Hotel Booking

motopress-hotel-booking-lite

The #1 Hotel Booking and Vacation Rental Plugin for WordPress. Online payments, seasons, rates, free or paid extras, coupons, taxes & fees.

10K 4 CVEs

Redforts Hotel Booking Engine

oscar-hotel-booking-engine

100

This plugin integrates with Redforts Hotel Software, the all-in-one solution for hotels, hostels, apartments, villas, campings, and more.

300 No CVEs

Jomres Hotel Booking Engine for WordPress

jomres

Build your own Online Travel Agency like Booking.com or AirBNB

50 No CVEs

Softinn Hotel Booking Engine

softinn-booking-engine

Unlock room booking power on your WP site with Softinn Hotel Booking Engine, tailored for boutique hotels in Southeast Asia.

10 No CVEs

Developer Profile

1Day Booking Engine Developer Profile

1Day.io

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect 1Day Booking Engine

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/1day-io/build/app.css/wp-content/plugins/1day-io/build/app.js/wp-content/plugins/1day-io/build/admin.css/wp-content/plugins/1day-io/build/admin.js

Script Paths

/wp-content/plugins/1day-io/build/app.js/wp-content/plugins/1day-io/build/admin.js

HTML / DOM Fingerprints

CSS Classes

odp_search_results-empty

JS Globals

one_day

Shortcode Output

[oneday_search_form][oneday_search_map][oneday_search_results]

FAQ