Does AJAX Calendar have any unpatched vulnerabilities?

No. All known vulnerabilities in AJAX Calendar have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is AJAX Calendar compatible with WordPress 3.2.1?

According to WordPress.org data, AJAX Calendar 2.5.1 has been tested up to WordPress 3.2.1. Check the plugin's changelog for the latest compatibility information.

How often is AJAX Calendar updated?

AJAX Calendar was last updated on Jul 17, 2011. Frequent updates are generally a positive security signal.

What is AJAX Calendar's security score?

AJAX Calendar has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

AJAX Calendar Security & Risk Analysis

wordpress.org/plugins/ajax-calendar

AJAX Calendar is a plugin that will display an AJAXified WordPress calendar.

400 active installs v2.5.1 PHP + WP 2.9+ Updated Jul 17, 2011

ajaxcalendarwidget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is AJAX Calendar Safe to Use in 2026?

Generally Safe

Score 85/100

AJAX Calendar has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 14yr ago

Risk Assessment

The static analysis of ajax-calendar v2.5.1 reveals a plugin with a seemingly very limited attack surface. There are no identified AJAX handlers, REST API routes, shortcodes, or cron events, which significantly reduces the potential entry points for malicious activity. Furthermore, the code exhibits good practices in handling SQL queries, as 100% of them utilize prepared statements, and there are no detected dangerous functions, file operations, or external HTTP requests. This indicates a conscientious effort to avoid common vulnerabilities.

Key Concerns

Low output escaping coverage
Absence of capability checks
Absence of nonce checks

Vulnerabilities

None known

AJAX Calendar Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

AJAX Calendar Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

27% escaped15 total outputs

Attack Surface

AJAX Calendar Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 3

actiontemplate_redirectajax-calendar.php:20

filterqueryajax-calendar.php:79

actionwidgets_initajax-calendar.php:144

Maintenance & Trust

AJAX Calendar Maintenance & Trust

Maintenance Signals

WordPress version tested3.2.1

Last updatedJul 17, 2011

PHP min version

Downloads111K

Community Trust

Rating74/100

Number of ratings3

Active installs400

Alternatives

AJAX Calendar Alternatives

Forex News Widget

forex-news-widget

100

Display filtered Forex economic news by impact level and timezone. Lightweight, responsive, and customizable via shortcode.

30 No CVEs

Multiple Ajax Calendar

multiple-ajax-calendar

The wordpress calendar widget enhanced to allow multiple instances of it in one page.

20 No CVEs

WP Better Calendar

wp-better-calendar

A Better Calendar for sidebar widgets.

10 No CVEs

Simple Calendar – Google Calendar Plugin

google-calendar-events

Add Google Calendar events to your WordPress site in minutes. Beautiful calendar displays. Mobile responsive.

50K 7 CVEs

Events Widgets For Elementor And The Events Calendar

events-widgets-for-elementor-and-the-events-calendar

The Events Calendar Elementor widgets help you manage and display an upcoming events list with date, time, venue and event ticket booking details.

10K 1 CVE

Developer Profile

AJAX Calendar Developer Profile

John Godley

14 plugins · 2.1M total installs

trust score

Avg Security Score

87/100

Avg Patch Time

4069 days

View full developer profile

Detection Fingerprints

How We Detect AJAX Calendar

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Script Paths

/wp-content/plugins/ajax-calendar/ajax-calendar.php

HTML / DOM Fingerprints

CSS Classes

ajax_calendar_widget

Data Attributes

id="next"id="prev"

JS Globals

show_micro_ajaxmicroAjax

FAQ