Bomond Event Security & Risk Analysis
wordpress.org/plugins/bomond-eventDisplaying the latest events from the BOMOND website in the carousel. Shortcode embedding. [bomond]
Is Bomond Event Safe to Use in 2026?
Generally Safe
Score 85/100Bomond Event has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The 'bomond-event' plugin v1.0.1 exhibits a mixed security posture. On the positive side, the plugin has no known vulnerabilities (CVEs) and zero reported taint flows, which suggests a lack of known exploitability and careful handling of user-supplied data in critical areas. The absence of dangerous functions and the use of prepared statements for all SQL queries are also strong indicators of good security practices in these specific aspects. However, significant concerns arise from the static analysis. Notably, 100% of the plugin's output is not properly escaped, indicating a high risk of Cross-Site Scripting (XSS) vulnerabilities. The presence of file operations without explicit mention of sanitization, coupled with a complete lack of nonce and capability checks across all entry points, further amplifies the risk of unauthorized actions and data manipulation. The plugin's vulnerability history is clean, but this cannot compensate for the clear and present risks identified in the static analysis.
Key Concerns
- All output unescaped (XSS risk)
- File operations present without sanitization context
- No nonce checks on entry points
- No capability checks on entry points
Bomond Event Security Vulnerabilities
Bomond Event Release Timeline
Bomond Event Code Analysis
Output Escaping
Bomond Event Attack Surface
Shortcodes 1
WordPress Hooks 11
Maintenance & Trust
Bomond Event Maintenance & Trust
Maintenance Signals
Community Trust
Bomond Event Alternatives
The Events Calendar
the-events-calendar
The Events Calendar: #1 calendar plugin for WordPress. Create/manage events (virtual too!) on your site with the free plugin.
Simple History – Track, Log, and Audit WordPress Changes
simple-history
Track changes and user activities on your WordPress site. See who created a page, uploaded an attachment, and more, for a complete audit trail.
WP Activity Log
wp-security-audit-log
The #1 user-rated activity log plugin for event logging, activity monitoring and change tracking.
LatePoint – Calendar Booking Plugin for Appointments and Events
latepoint
Optimize your appointment scheduling with our plugin. Sync calendars, automate reminders, and keep your bookings organized.
WP Content Copy Protection & No Right Click
wp-content-copy-protector
This WP plugin protects posts from being copied (content copy protection). Keep your content safe from unauthorized distribution!
Bomond Event Developer Profile
1 plugin · 0 total installs
How We Detect Bomond Event
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/bomond-event/public/js/slick.js/wp-content/plugins/bomond-event/public/css/slick-theme.css/wp-content/plugins/bomond-event/public/css/slick.csspublic/js/slick.jspublic/css/slick-theme.csspublic/css/slick.cssbomond-event/public/js/slick.js?ver=1.0bomond-event/public/css/slick-theme.css?ver=bomond-event/public/css/slick.css?ver=HTML / DOM Fingerprints
event_containerhHKXhvevent_doorTimeevent_titleregularsliderslick-initializedslick-slider+1 morejQuery$/wp-json/bomondevent<section class="regular slider"><div class="event_container"><a<div class="hHKXhv"><div class="event_doorTime">