
Calendário Dekatrian Security & Risk Analysis
wordpress.org/plugins/calendario-dekatrianAltere as datas do seu Wordpress para o Calendário Dekatrian.
Is Calendário Dekatrian Safe to Use in 2026?
Generally Safe
Score 85/100Calendário Dekatrian has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "calendario-dekatrian" plugin v0.1.2 exhibits a significant security concern due to its single unprotected AJAX handler. This handler represents a direct entry point into the plugin's functionality that is not protected by any authentication or authorization checks. While the plugin does not appear to use dangerous functions, raw SQL queries, or make external HTTP requests, the lack of access control on its AJAX endpoint is a critical vulnerability. The plugin also shows a concerningly low percentage of properly escaped output, increasing the risk of cross-site scripting (XSS) vulnerabilities, especially when combined with the unprotected AJAX handler.
The absence of any recorded CVEs and taint analysis issues is positive, suggesting a potentially clean codebase in those specific areas. However, the static analysis findings, particularly the unprotected AJAX handler and insufficient output escaping, present a clear and present danger. The vulnerability history is nonexistent, which could indicate a lack of past exploitation or simply a new or infrequently audited plugin. The current version has a clear weakness that could be exploited to execute arbitrary actions or inject malicious content into the site.
In conclusion, while the plugin has some strengths like the absence of dangerous functions and proper SQL handling, the unprotected AJAX endpoint and poor output escaping create a substantial security risk. This requires immediate attention to secure the AJAX handler and improve output sanitization to prevent potential compromises.
Key Concerns
- Unprotected AJAX handler found
- Low percentage of properly escaped output
- No nonce checks on AJAX handler
- No capability checks on AJAX handler
Calendário Dekatrian Security Vulnerabilities
Calendário Dekatrian Release Timeline
Calendário Dekatrian Code Analysis
Output Escaping
Calendário Dekatrian Attack Surface
AJAX Handlers 1
WordPress Hooks 6
Maintenance & Trust
Calendário Dekatrian Maintenance & Trust
Maintenance Signals
Community Trust
Calendário Dekatrian Alternatives
iCalendrier
icalendrier
Simple plugin that displays daily informations like date, name day or moon phase. --- Petit plugin simple qui vous permet d'afficher sur votre si …
Catholic Liturgy Calendar
catholic-liturgical-calendar
An animation with the current date on the roman catholic liturgical year. It contains links to mass lectures and the saints calendar online.
Calendario del Perú
calendario-del-peru
Muestra eventos del día del Calendario peruano. Este plugin mostrará 5 titulares del Calendario, todos los días.
runnerplace-calendar
calendario-runnerplace
Utiliza el calendario de carreras populares de RunnerPlace para tenerlo actualizado en tu web.
Filter Calendar Admin
filter-calendar-admin
Agrega un calendario al dashboard de wordpress para filtrar por día los post Add a calendar wordpress dashboard to filter daily posts
Calendário Dekatrian Developer Profile
1 plugin · 0 total installs
How We Detect Calendário Dekatrian
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/calendario-dekatrian/admin/js/dekatrian-admin.js/wp-content/plugins/calendario-dekatrian/admin/css/dekatrian-admin.css/wp-content/plugins/calendario-dekatrian/admin/js/dekatrian-admin.jscalendario-dekatrian/admin/js/dekatrian-admin.js?ver=calendario-dekatrian/admin/css/dekatrian-admin.css?ver=HTML / DOM Fingerprints
date-time-textdate-time-docid="date_format-custom"id="date_format-0"id="date_format-1"name="dekatrian_settings[date_format]"name="dekatrian_settings[activate]"ajaxurlwindow.dekatrian_date_format/wp-json/wp/v2/settings