Does Bulk Edit Events – Create Events in a Bulk Editor have any unpatched vulnerabilities?

No. All known vulnerabilities in Bulk Edit Events – Create Events in a Bulk Editor have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Bulk Edit Events – Create Events in a Bulk Editor compatible with WordPress 6.9.4?

According to WordPress.org data, Bulk Edit Events – Create Events in a Bulk Editor 1.1.39 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

What is Bulk Edit Events – Create Events in a Bulk Editor's security score?

Bulk Edit Events – Create Events in a Bulk Editor has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Bulk Edit Events – Create Events in a Bulk Editor Security & Risk Analysis

wordpress.org/plugins/bulk-edit-events

Modern Bulk Editor for Events, create and edit events in a spreadsheet inside wp-admin. No need to export/import, all the changes are applied live.

100 active installs v1.1.39 PHP + WP 4.7+ Updated Jan 17, 2026

calendareventeventsorganizervenue

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Bulk Edit Events – Create Events in a Bulk Editor Safe to Use in 2026?

Generally Safe

Score 100/100

Bulk Edit Events – Create Events in a Bulk Editor has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The "bulk-edit-events" plugin version 1.1.39 exhibits a concerning security posture, primarily due to a large number of unprotected AJAX handlers. While the plugin demonstrates good practices in SQL query preparation (98% prepared statements) and output escaping (93%), the presence of 20 AJAX handlers with no authentication checks presents a significant attack surface. These entry points could potentially be exploited by unauthenticated users to perform unintended actions or gain unauthorized access to sensitive data or functionality.

The taint analysis reveals 4 high-severity flows with unsanitized paths, indicating potential vulnerabilities related to how data is processed. Although there's no known vulnerability history for this plugin, the combination of a wide, unprotected attack surface and high-severity taint issues suggests a latent risk that could be exploited if specific conditions are met. The plugin does implement some nonce and capability checks, but these are insufficient given the sheer number of unprotected AJAX endpoints.

In conclusion, the "bulk-edit-events" plugin has strengths in its handling of SQL and output, but these are heavily overshadowed by the critical security flaw of exposing numerous AJAX endpoints without proper authentication. The taint analysis further amplifies this concern. Until these unprotected entry points are secured, the plugin remains at a high risk of exploitation. The lack of a vulnerability history is a positive sign, but does not negate the present risks identified in the code analysis.

Key Concerns

Large attack surface without auth (AJAX)
High severity taint flows
11 flows with unsanitized paths
Bundled Freemius v1.0 (potentially outdated)

Vulnerabilities

None known

Bulk Edit Events – Create Events in a Bulk Editor Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Bulk Edit Events – Create Events in a Bulk Editor Code Analysis

Dangerous Functions

Raw SQL Queries

103 prepared

Unescaped Output

385 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius1.0

SQL Query Safety

98% prepared105 total queries

Output Escaping

93% escaped413 total outputs

Data Flows

11 unsanitized

Data Flow Analysis

15 flows11 with unsanitized paths

maybe_download_log_file (modules\wp-sheet-editor\inc\api\logger.php:30)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

20 unprotected

Bulk Edit Events – Create Events in a Bulk Editor Attack Surface

Entry Points20

Unprotected20

AJAX Handlers 20

authwp_ajax_vgse_save_manual_column_resizemodules\columns-resizing\columns-resizing.php:17

authwp_ajax_vgse_update_columns_visibilitymodules\columns-visibility\columns-visibility.php:34

authwp_ajax_vgse_remove_columnmodules\columns-visibility\columns-visibility.php:35

authwp_ajax_vgse_restore_columnsmodules\columns-visibility\columns-visibility.php:36

authwp_ajax_vgse_delete_row_idsmodules\wp-sheet-editor\inc\ajax.php:643

authwp_ajax_vgse_dismiss_review_tipmodules\wp-sheet-editor\inc\ajax.php:644

authwp_ajax_vgse_notice_dismissmodules\wp-sheet-editor\inc\ajax.php:645

authwp_ajax_vgse_get_taxonomy_termsmodules\wp-sheet-editor\inc\ajax.php:646

authwp_ajax_vgse_load_datamodules\wp-sheet-editor\inc\ajax.php:647

authwp_ajax_vgse_save_gutenberg_contentmodules\wp-sheet-editor\inc\ajax.php:648

authwp_ajax_vgse_save_datamodules\wp-sheet-editor\inc\ajax.php:649

authwp_ajax_vgse_find_post_by_namemodules\wp-sheet-editor\inc\ajax.php:650

authwp_ajax_vgse_list_post_titlesmodules\wp-sheet-editor\inc\ajax.php:651

authwp_ajax_vgse_save_individual_postmodules\wp-sheet-editor\inc\ajax.php:652

authwp_ajax_vgse_insert_individual_postmodules\wp-sheet-editor\inc\ajax.php:653

authwp_ajax_vgse_search_taxonomy_termsmodules\wp-sheet-editor\inc\ajax.php:654

authwp_ajax_vgse_find_users_by_keywordmodules\wp-sheet-editor\inc\ajax.php:655

authwp_ajax_vgse_find_users_by_keyword_for_select2modules\wp-sheet-editor\inc\ajax.php:656

authwp_ajax_vgse_save_post_types_settingmodules\wp-sheet-editor\inc\ajax.php:657

authwp_ajax_vgse_set_settingsmodules\wp-sheet-editor\inc\ajax.php:658

WordPress Hooks 163

actionvg_sheet_editor/initializedevents.php:104

actionadmin_initevents.php:105

actioninitevents.php:106

actionbefore_woocommerce_initevents.php:107

actionadmin_noticesevents.php:136

filtervg_sheet_editor/register_admin_pagesevents.php:142

filtervg_sheet_editor/provider/post/get_items_argsintegrations\the-events-calendar-events.php:43

filtervg_sheet_editor/provider/post/update_item_metaintegrations\the-events-calendar-events.php:44

filtervg_sheet_editor/provider/post/get_item_metaintegrations\the-events-calendar-events.php:50

actionvg_sheet_editor/save_rows/after_saving_postintegrations\the-events-calendar-events.php:56

actionvg_sheet_editor/add_new_posts/after_all_posts_createdintegrations\the-events-calendar-events.php:62

filtervg_sheet_editor/columns/blacklisted_columnsintegrations\the-events-calendar-events.php:68

actionvg_sheet_editor/save_rows/before_saving_rowsintegrations\the-events-calendar-events.php:74

actionvg_sheet_editor/save_rows/after_saving_rowsintegrations\the-events-calendar-events.php:80

filtervg_sheet_editor/load_rows/wp_query_argsintegrations\the-events-calendar-events.php:86

filtertribe_events_rebuild_known_rangeintegrations\the-events-calendar-events.php:249

filtervg_sheet_editor/provider/post/get_items_argsintegrations\the-events-calendar-venues.php:25

filtervg_sheet_editor/handsontable/custom_argsmodules\autofill-cells\autofill-cells.php:30

actionvg_sheet_editor/initializedmodules\autofill-cells\autofill-cells.php:51

actionvg_sheet_editor/after_enqueue_assetsmodules\columns-resizing\columns-resizing.php:15

filtervg_sheet_editor/handsontable/custom_argsmodules\columns-resizing\columns-resizing.php:16

filtervg_sheet_editor/columns/provider_itemsmodules\columns-resizing\columns-resizing.php:20

actionvg_sheet_editor/initializedmodules\columns-resizing\columns-resizing.php:109

actionadmin_initmodules\columns-visibility\columns-visibility.php:30

filtervg_sheet_editor/columns/all_itemsmodules\columns-visibility\columns-visibility.php:31

actionvg_sheet_editor/editor/before_initmodules\columns-visibility\columns-visibility.php:32

actionvg_sheet_editor/after_enqueue_assetsmodules\columns-visibility\columns-visibility.php:33

filtervg_sheet_editor/columns/blacklisted_columnsmodules\columns-visibility\columns-visibility.php:37

actionvg_sheet_editor/save_rows/before_saving_rowsmodules\columns-visibility\columns-visibility.php:38

filtervg_sheet_editor/columns/all_itemsmodules\columns-visibility\columns-visibility.php:247

actionvg_sheet_editor/initializedmodules\columns-visibility\columns-visibility.php:582

actionvg_sheet_editor/initializedmodules\factory.php:34

actionvg_sheet_editor/after_initmodules\factory.php:35

actionvg_sheet_editor/editor/register_columnsmodules\factory.php:94

actionvg_sheet_editor/editor/register_columnsmodules\factory.php:95

actionvg_sheet_editor/editor/register_columnsmodules\factory.php:96

actionvg_sheet_editor/editor/before_initmodules\factory.php:97

filtervg_sheet_editor/custom_columns/teaser/allow_to_lock_columnmodules\factory.php:98

filtervg_sheet_editor/custom_post_types/get_all_post_typesmodules\factory.php:104

filtervg_sheet_editor/custom_post_types/get_all_post_types_namesmodules\factory.php:105

filtervg_sheet_editor/allowed_post_typesmodules\factory.php:106

filtervg_sheet_editor/frontend/allowed_post_typesmodules\factory.php:107

filtervg_sheet_editor/api/all_post_typesmodules\factory.php:108

actionvg_sheet_editor/editor/before_initmodules\filters\filters.php:21

actionvg_sheet_editor/editor/before_initmodules\filters\filters.php:22

actionvg_sheet_editor/editor/before_initmodules\filters\filters.php:23

actionvg_sheet_editor/after_enqueue_assetsmodules\filters\filters.php:24

filtervg_sheet_editor/load_rows/wp_query_argsmodules\filters\filters.php:25

actionvg_sheet_editor/load_rows/after_processingmodules\filters\filters.php:26

filtervg_sheet_editor/handsontable/custom_argsmodules\filters\filters.php:28

filterposts_clausesmodules\filters\filters.php:29

filtervg_sheet_editor/js_datamodules\filters\filters.php:30

filtervg_sheet_editor/load_rows/wp_query_argsmodules\filters\filters.php:31

actionvg_sheet_editor/editor_page/after_editor_pagemodules\filters\filters.php:32

actionload-edit.phpmodules\filters\filters.php:34

actioncurrent_screenmodules\filters\filters.php:35

actionvg_sheet_editor/initializedmodules\filters\filters.php:716

filtervg_sheet_editor/modules/listmodules\init.php:15

actionplugins_loadedmodules\init.php:17

actionafter_uninstallmodules\init.php:111

filterplugin_iconmodules\init.php:112

filtershow_deactivation_feedback_formmodules\init.php:113

filteris_submenu_visiblemodules\init.php:115

filterget_user_metadatamodules\init.php:162

actionadmin_footermodules\wp-sheet-editor\inc\api\bootstrap.php:96

actionadmin_menumodules\wp-sheet-editor\inc\api\editor.php:37

filterheartbeat_settingsmodules\wp-sheet-editor\inc\api\editor.php:65

actionadmin_headmodules\wp-sheet-editor\inc\api\editor.php:68

actionvg_sheet_editor/render_editor_js_settingsmodules\wp-sheet-editor\inc\api\editor.php:69

actionadmin_enqueue_scriptsmodules\wp-sheet-editor\inc\api\editor.php:71

actionadmin_print_stylesmodules\wp-sheet-editor\inc\api\editor.php:72

actionadmin_initmodules\wp-sheet-editor\inc\api\editor.php:73

filterBetterLinks/Admin/skip_no_conflictmodules\wp-sheet-editor\inc\api\editor.php:78

actionvg_sheet_editor/editor/register_columnsmodules\wp-sheet-editor\inc\api\infinite-serialized-field.php:25

filtervg_sheet_editor/woocommerce/variation_columnsmodules\wp-sheet-editor\inc\api\infinite-serialized-field.php:27

actionwpse_daily_cronmodules\wp-sheet-editor\inc\api\logger.php:302

actionwpse_daily_cronmodules\wp-sheet-editor\inc\api\logger.php:303

actionvg_sheet_editor/initializedmodules\wp-sheet-editor\inc\api\logger.php:306

actionvg_sheet_editor/editor/before_initmodules\wp-sheet-editor\inc\api\logger.php:307

actionwpse_daily_cronmodules\wp-sheet-editor\inc\api\queues.php:121

actionvg_sheet_editor/save_rows/before_saving_cellmodules\wp-sheet-editor\inc\api\serialized-field.php:38

actionvg_sheet_editor/editor/register_columnsmodules\wp-sheet-editor\inc\api\serialized-field.php:40

filtervg_sheet_editor/formulas/sql_execution/can_executemodules\wp-sheet-editor\inc\api\serialized-field.php:42

filtervg_sheet_editor/woocommerce/variation_columnsmodules\wp-sheet-editor\inc\api\serialized-field.php:45

filtervgse_sheet_editor/provider/post/prefetch/meta_keysmodules\wp-sheet-editor\inc\api\serialized-field.php:47

filtervg_sheet_editor/load_rows/preload_datamodules\wp-sheet-editor\inc\api\serialized-field.php:48

actionvg_sheet_editor/editor/register_columnsmodules\wp-sheet-editor\inc\api\tables-infinite-serialized-field.php:22

actionvg_sheet_editor/editor_page/after_contentmodules\wp-sheet-editor\inc\api\toolbar.php:170

actionvg_sheet_editor/editor/register_columnsmodules\wp-sheet-editor\inc\integrations\elementor.php:17

actionvg_sheet_editor/save_rows/after_saving_postmodules\wp-sheet-editor\inc\integrations\elementor.php:18

filtervg_sheet_editor/duplicate/final_post_idmodules\wp-sheet-editor\inc\integrations\elementor.php:19

actionvg_sheet_editor/initializedmodules\wp-sheet-editor\inc\integrations\elementor.php:99

actionvg_sheet_editor/editor/register_columnsmodules\wp-sheet-editor\inc\integrations\visual-composer.php:15

actionadmin_menumodules\wp-sheet-editor\inc\options-init.php:656

actionvg_sheet_editor/filters/after_fieldsmodules\wp-sheet-editor\inc\teasers\advanced-filters.php:28

actionvg_sheet_editor/after_initmodules\wp-sheet-editor\inc\teasers\advanced-filters.php:115

actionadmin_noticesmodules\wp-sheet-editor\inc\teasers\coupons.php:25

filtervg_sheet_editor/prepared_post_typesmodules\wp-sheet-editor\inc\teasers\coupons.php:26

actionvg_sheet_editor/initializedmodules\wp-sheet-editor\inc\teasers\coupons.php:104

actionvg_sheet_editor/editor/register_columnsmodules\wp-sheet-editor\inc\teasers\custom-columns.php:27

actionvg_sheet_editor/initializedmodules\wp-sheet-editor\inc\teasers\custom-columns.php:103

actionvg_sheet_editor/editor_page/after_contentmodules\wp-sheet-editor\inc\teasers\formulas.php:25

actionvg_sheet_editor/initializedmodules\wp-sheet-editor\inc\teasers\formulas.php:107

actionvg_sheet_editor/editor/before_initmodules\wp-sheet-editor\inc\teasers\frontend.php:24

actionvg_sheet_editor/after_initmodules\wp-sheet-editor\inc\teasers\frontend.php:108

actionvg_sheet_editor/editor/before_initmodules\wp-sheet-editor\inc\teasers\post-types.php:37

actionvg_sheet_editor/initializedmodules\wp-sheet-editor\inc\teasers\post-types.php:172

filtervg_sheet_editor/prepared_post_typesmodules\wp-sheet-editor\inc\teasers\terms.php:27

actionvg_sheet_editor/after_initmodules\wp-sheet-editor\inc\teasers\terms.php:103

actionvg_sheet_editor/editor_page/after_console_textmodules\wp-sheet-editor\inc\teasers\upgrade-popup.php:28

actionvg_sheet_editor/editor_page/after_contentmodules\wp-sheet-editor\inc\teasers\upgrade-popup.php:29

actionvg_sheet_editor/after_initmodules\wp-sheet-editor\inc\teasers\upgrade-popup.php:121

actionadmin_noticesmodules\wp-sheet-editor\inc\teasers\users.php:24

filtervg_sheet_editor/prepared_post_typesmodules\wp-sheet-editor\inc\teasers\users.php:25

actionvg_sheet_editor/after_initmodules\wp-sheet-editor\inc\teasers\users.php:99

filtervg_sheet_editor/allowed_post_typesmodules\wp-sheet-editor\inc\teasers\woocommerce.php:72

filtervg_sheet_editor/add_new_posts/create_new_postsmodules\wp-sheet-editor\inc\teasers\woocommerce.php:73

actionvg_sheet_editor/editor/register_columnsmodules\wp-sheet-editor\inc\teasers\woocommerce.php:74

actionvg_sheet_editor/editor/register_columnsmodules\wp-sheet-editor\inc\teasers\woocommerce.php:75

filtervg_sheet_editor/custom_columns/teaser/allow_to_lock_columnmodules\wp-sheet-editor\inc\teasers\woocommerce.php:76

actionwoocommerce_variable_product_before_variationsmodules\wp-sheet-editor\inc\teasers\woocommerce.php:77

actionvg_sheet_editor/editor_page/after_console_textmodules\wp-sheet-editor\inc\teasers\woocommerce.php:78

actionvg_sheet_editor/save_rows/after_saving_postmodules\wp-sheet-editor\inc\teasers\woocommerce.php:79

filtervg_sheet_editor/js_datamodules\wp-sheet-editor\inc\teasers\woocommerce.php:80

actionvg_sheet_editor/load_rows/found_postsmodules\wp-sheet-editor\inc\teasers\woocommerce.php:82

actionvg_sheet_editor/load_rows/outputmodules\wp-sheet-editor\inc\teasers\woocommerce.php:89

actionvg_sheet_editor/load_rows/allowed_post_columnsmodules\wp-sheet-editor\inc\teasers\woocommerce.php:95

actionvg_sheet_editor/load_rows/outputmodules\wp-sheet-editor\inc\teasers\woocommerce.php:100

filterwoocommerce_product_variation_title_include_attributesmodules\wp-sheet-editor\inc\teasers\woocommerce.php:106

filterwoocommerce_composite_update_price_metamodules\wp-sheet-editor\inc\teasers\woocommerce.php:371

actionvg_sheet_editor/initializedmodules\wp-sheet-editor\inc\teasers\woocommerce.php:953

filterwoocommerce_allow_marketplace_suggestionsmodules\wp-sheet-editor\wp-sheet-editor.php:125

filtervg_sheet_editor/extensions/is_toolbar_allowedmodules\wp-sheet-editor\wp-sheet-editor.php:595

filtervg_sheet_editor/extensions/is_page_allowedmodules\wp-sheet-editor\wp-sheet-editor.php:596

actionadmin_menumodules\wp-sheet-editor\wp-sheet-editor.php:600

actionadmin_enqueue_scriptsmodules\wp-sheet-editor\wp-sheet-editor.php:601

actionadmin_footermodules\wp-sheet-editor\wp-sheet-editor.php:603

actionadd_meta_boxesmodules\wp-sheet-editor\wp-sheet-editor.php:604

actionadmin_enqueue_scriptsmodules\wp-sheet-editor\wp-sheet-editor.php:606

actionadmin_enqueue_scriptsmodules\wp-sheet-editor\wp-sheet-editor.php:607

actionadmin_initmodules\wp-sheet-editor\wp-sheet-editor.php:608

actionwp_dashboard_setupmodules\wp-sheet-editor\wp-sheet-editor.php:609

filterwp_kses_allowed_htmlmodules\wp-sheet-editor\wp-sheet-editor.php:610

filtervg_sheet_editor/use_rest_api_onlymodules\wp-sheet-editor\wp-sheet-editor.php:617

filtervg_sheet_editor/use_rest_api_onlymodules\wp-sheet-editor\wp-sheet-editor.php:621

filtervg_sheet_editor/register_admin_pagesmodules\wp-sheet-editor\wp-sheet-editor.php:629

filtervg_sheet_editor/bootstrap/settingsmodules\wp-sheet-editor\wp-sheet-editor.php:630

actionvg_sheet_editor/after_initmodules\wp-sheet-editor\wp-sheet-editor.php:634

actioncreated_termmodules\wp-sheet-editor\wp-sheet-editor.php:644

filterwp_update_term_datamodules\wp-sheet-editor\wp-sheet-editor.php:645

actiondelete_termmodules\wp-sheet-editor\wp-sheet-editor.php:646

actionuser_registermodules\wp-sheet-editor\wp-sheet-editor.php:647

actionvg_sheet_editor/on_uninstallmodules\wp-sheet-editor\wp-sheet-editor.php:648

actionadmin_page_access_deniedmodules\wp-sheet-editor\wp-sheet-editor.php:649

filterstateless_skip_cache_bustingmodules\wp-sheet-editor\wp-sheet-editor.php:652

actionadmin_initmodules\wp-sheet-editor\wp-sheet-editor.php:653

actionadmin_noticesmodules\wp-sheet-editor\wp-sheet-editor.php:655

actionactivated_pluginmodules\wp-sheet-editor\wp-sheet-editor.php:676

actionadmin_initmodules\wp-sheet-editor\wp-sheet-editor.php:677

actionwp_loadedmodules\wp-sheet-editor\wp-sheet-editor.php:1555

actionwpmodules\wp-sheet-editor\wp-sheet-editor.php:1558

actioninitmodules\wp-sheet-editor\wp-sheet-editor.php:1612

actionsetup_thememodules\wp-sheet-editor\wp-sheet-editor.php:1613

Scheduled Events 1

wpse_daily_cron

Maintenance & Trust

Bulk Edit Events – Create Events in a Bulk Editor Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 17, 2026

PHP min version

Downloads15K

Community Trust

Rating100/100

Number of ratings3

Active installs100

Alternatives

Bulk Edit Events – Create Events in a Bulk Editor Alternatives

The Events Calendar

the-events-calendar

The Events Calendar: #1 calendar plugin for WordPress. Create/manage events (virtual too!) on your site with the free plugin.

700K 25 CVEs

Event Organiser

event-organiser

Create and maintain events, including complex reoccurring patterns, venue management (with Google Maps or OpenStreetMap), calendars and customisable e …

20K 1 unpatched

WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce

wp-event-manager

Lightweight, scalable and full-featured event listings & management plugin for managing events & tickets from the Frontend and Backend.

20K 11 CVEs

Events Calendar for GeoDirectory

events-for-geodirectory

Events Calendar add-on for GeoDirectory allows to extend your GeoDirectory powered website with a versatile event manager.

3K 1 CVE

Simple Event Planner

simple-event-planner

A powerful & flexible plugin to create event listing and event calendar on your website in a simple & elegant way.

1K 2 CVEs

Developer Profile

Bulk Edit Events – Create Events in a Bulk Editor Developer Profile

Jose Vega

20 plugins · 30K total installs

trust score

Avg Security Score

95/100

Avg Patch Time

258 days

View full developer profile

Detection Fingerprints

How We Detect Bulk Edit Events – Create Events in a Bulk Editor

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/bulk-edit-events/vendor/freemius/assets/css/styles.css/wp-content/plugins/bulk-edit-events/vendor/vg-plugin-sdk/assets/css/styles.css/wp-content/plugins/bulk-edit-events/assets/css/vg-sheet-editor-events.css/wp-content/plugins/bulk-edit-events/assets/js/vg-sheet-editor-events.js

Script Paths

/wp-content/plugins/bulk-edit-events/vendor/freemius/assets/js/scripts.js/wp-content/plugins/bulk-edit-events/vendor/vg-plugin-sdk/assets/js/scripts.js

HTML / DOM Fingerprints

CSS Classes

vgse-noticewpse-notice

HTML Comments

Data Attributes

data-vgse-plugin-initialized

JS Globals

vgse_events

FAQ