Does Bangla Date Display have any unpatched vulnerabilities?

No. All known vulnerabilities in Bangla Date Display have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Bangla Date Display compatible with WordPress 6.9.4?

According to WordPress.org data, Bangla Date Display 9.4.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Bangla Date Display compatible with PHP 5.6+?

Bangla Date Display requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Bangla Date Display updated?

Bangla Date Display was last updated on Feb 17, 2026. Frequent updates are generally a positive security signal.

What is Bangla Date Display's security score?

Bangla Date Display has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Bangla Date Display Security & Risk Analysis

wordpress.org/plugins/bangla-date-display

Displays Bangla, Gregorian & Hijri date and Archive Calendar in bangla language via widgets and shortcodes!

4K active installs v9.4.2 PHP 5.6+ WP 3.0+ Updated Feb 17, 2026

banglabangla-archivebangla-calendarbangla-datebengali

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Bangla Date Display Safe to Use in 2026?

Generally Safe

Score 100/100

Bangla Date Display has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "bangla-date-display" v9.4.2 plugin exhibits several concerning security practices, despite a clean vulnerability history. The static analysis reveals a significant attack surface with 2 out of 8 total entry points lacking authentication checks. This is a primary concern as it exposes these functions to potential unauthorized access and manipulation.

Furthermore, the plugin's handling of SQL queries is a major weakness. All 2 SQL queries are executed without prepared statements, introducing a high risk of SQL injection vulnerabilities. The taint analysis also flagged 2 flows with unsanitized paths, indicating potential issues with how external data is handled, although no critical or high severity vulnerabilities were identified in this specific analysis.

While the plugin has no recorded CVEs, this does not negate the inherent risks present in the code. The lack of capability checks and nonce checks on entry points, coupled with the significant portion of improperly escaped output (55%), further amplifies the potential for cross-site scripting (XSS) and other injection attacks. The plugin's security posture is therefore considered weak due to these critical coding flaws.

Key Concerns

Unprotected AJAX handlers
Raw SQL queries without prepared statements
Flows with unsanitized paths detected
Lack of nonce checks on entry points
Lack of capability checks
Significant portion of output not properly escaped

Vulnerabilities

None known

Bangla Date Display Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Bangla Date Display Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

65 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared2 total queries

Output Escaping

45% escaped144 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

bddp_ac_callback (ajax-archive-calendar.php:238)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Bangla Date Display Attack Surface

Entry Points8

Unprotected2

AJAX Handlers 2

authwp_ajax_bddp_acajax-archive-calendar.php:235

noprivwp_ajax_bddp_acajax-archive-calendar.php:236

Shortcodes 6

[bangla_time] bangla-date-display.php:38

[bangla_day] bangla-date-display.php:69

[bangla_date] bangla-date-display.php:84

[bangla_season] bangla-date-display.php:119

[english_date] bangla-date-display.php:151

[hijri_date] bangla-date-display.php:184

WordPress Hooks 13

actionwp_enqueue_scriptsajax-archive-calendar.php:6

actionwidgets_initajax-archive-calendar.php:19

filterwp_headajax-archive-calendar.php:560

filterday_linkajax-archive-calendar.php:572

actionadmin_menubddp_admin.php:333

actionadmin_initbddp_admin.php:340

filterwp_datetranslator.php:9

filterdate_i18ntranslator.php:11

filtercomments_numbertranslator.php:16

filterget_comment_counttranslator.php:17

filternumber_format_i18ntranslator.php:22

actionwidgets_initwidgets copy.php:4

actionwidgets_initwidgets.php:16

Maintenance & Trust

Bangla Date Display Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 17, 2026

PHP min version5.6

Downloads84K

Community Trust

Rating92/100

Number of ratings11

Active installs4K

Alternatives

Bangla Date Display Alternatives

Bangla Calendar Display

bangla-calendar-display

100

Display the current Bengali (Bangla) date and time on your WordPress site with a choice of attractive layouts. Includes a live preview and shortcode g …

40 No CVEs

WP Bongabdo Date

wp-bongabdo-date

Converts posts and comments date from Gregorian Date to Bongabdo Date.

10 No CVEs

Bangla Web Fonts

bangla-web-fonts

100

Enables Bangla web fonts for wordpress site.

2K No CVEs

Bangla Font CDN

bangla-font-cdn

100

A powerful and easy-to-use plugin to use 10+ beautiful Bangla fonts on website with live preview, fallback font options, and advanced typography.

200 No CVEs

Bangla Number Converter

bangla-number-converter

Bangla Number Converter plugin will help you to Converts English numbers to Bangla numbers of your WordPress website.

100 No CVEs

Developer Profile

Bangla Date Display Developer Profile

ALI IMRAN

5 plugins · 7K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

447 days

View full developer profile

Detection Fingerprints

How We Detect Bangla Date Display

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/bangla-date-display/css/archive-calendar.css/wp-content/plugins/bangla-date-display/css/bootstrap.min.css/wp-content/plugins/bangla-date-display/css/jquery-ui.css/wp-content/plugins/bangla-date-display/js/archive-calendar.js/wp-content/plugins/bangla-date-display/js/moment-with-locales.js/wp-content/plugins/bangla-date-display/js/moment.min.js

Script Paths

/wp-content/plugins/bangla-date-display/js/archive-calendar.js/wp-content/plugins/bangla-date-display/js/moment-with-locales.js/wp-content/plugins/bangla-date-display/js/moment.min.js

Version Parameters

bangla-date-display/css/archive-calendar.css?ver=bangla-date-display/css/bootstrap.min.css?ver=bangla-date-display/css/jquery-ui.css?ver=bangla-date-display/js/archive-calendar.js?ver=bangla-date-display/js/moment-with-locales.js?ver=bangla-date-display/js/moment.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

bangla-date-display-shortcode

JS Globals

moment

Shortcode Output

{{day}} {{month_year}}{{last_word}}{{event}}{{hour}}{{day}}{{seasons[$month]}}

FAQ