
Catholic Liturgy Calendar Security & Risk Analysis
wordpress.org/plugins/catholic-liturgical-calendarAn animation with the current date on the roman catholic liturgical year. It contains links to mass lectures and the saints calendar online.
Is Catholic Liturgy Calendar Safe to Use in 2026?
Generally Safe
Score 85/100Catholic Liturgy Calendar has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "catholic-liturgical-calendar" plugin version 0.0.4 exhibits a very limited attack surface, with no identified AJAX handlers, REST API routes, shortcodes, or cron events that are exposed. This lack of entry points significantly reduces the potential for external attackers to interact with the plugin directly. Furthermore, the code analysis shows no dangerous functions, file operations, or external HTTP requests, and all SQL queries utilize prepared statements, which are positive security practices. The absence of any recorded vulnerabilities in its history is also a strong indicator of a secure development process thus far.
However, the most significant concern identified is the complete lack of output escaping. With 12 identified output points and 0% properly escaped, this presents a substantial risk of Cross-Site Scripting (XSS) vulnerabilities. Attackers could potentially inject malicious scripts through data that the plugin processes and displays, which would then be executed in the user's browser. The absence of nonce and capability checks further exacerbates this risk, as there are no mechanisms to verify user intent or permissions before certain actions might be performed or data displayed, though the limited attack surface does mitigate the immediate impact of this. The plugin's current version is very early (0.0.4), which might explain the lack of features and thus attack vectors, but the unescaped output is a critical flaw that needs immediate attention regardless of version.
Key Concerns
- Output escaping completely missing
- No nonce checks
- No capability checks
Catholic Liturgy Calendar Security Vulnerabilities
Catholic Liturgy Calendar Release Timeline
Catholic Liturgy Calendar Code Analysis
Output Escaping
Catholic Liturgy Calendar Attack Surface
WordPress Hooks 2
Maintenance & Trust
Catholic Liturgy Calendar Maintenance & Trust
Maintenance Signals
Community Trust
Catholic Liturgy Calendar Alternatives
iCalendrier
icalendrier
Simple plugin that displays daily informations like date, name day or moon phase. --- Petit plugin simple qui vous permet d'afficher sur votre si …
Calendario del Perú
calendario-del-peru
Muestra eventos del día del Calendario peruano. Este plugin mostrará 5 titulares del Calendario, todos los días.
runnerplace-calendar
calendario-runnerplace
Utiliza el calendario de carreras populares de RunnerPlace para tenerlo actualizado en tu web.
Filter Calendar Admin
filter-calendar-admin
Agrega un calendario al dashboard de wordpress para filtrar por día los post Add a calendar wordpress dashboard to filter daily posts
Calendário Dekatrian
calendario-dekatrian
Altere as datas do seu Wordpress para o Calendário Dekatrian.
Catholic Liturgy Calendar Developer Profile
2 plugins · 190 total installs
How We Detect Catholic Liturgy Calendar
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/catholic-liturgical-calendar/css/svgly.css/wp-content/plugins/catholic-liturgical-calendar/js/compatibility.js/wp-content/plugins/catholic-liturgical-calendar/js/_locales//wp-content/plugins/catholic-liturgical-calendar/js/svgly.js/wp-content/plugins/catholic-liturgical-calendar/js/popup.js/wp-content/plugins/catholic-liturgical-calendar/js/popup.jsHTML / DOM Fingerprints
cathlitid="cathlitgadgetd"id="cathlits"cathlit_getradius