WP-Safety

Church Content – Sermons, Events and More Security & Risk Analysis

wordpress.org/plugins/church-theme-content

Provides an interface for managing sermons, events, people and locations. A compatible theme is required for presenting content from these church-cent …

4K active installs v2.7 PHP 7.4+ WP 3.6+ Updated Dec 1, 2025
churchchurchesministrysermonsermons
99
A · Safe
CVEs total1
Unpatched0
Last CVEApr 11, 2024
Plugin page Download
Safety Verdict

Is Church Content – Sermons, Events and More Safe to Use in 2026?

Generally Safe

Score 99/100

Church Content – Sermons, Events and More has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Apr 11, 2024Updated 4mo ago
Risk Assessment

The "church-theme-content" v2.7 plugin exhibits a generally good security posture with several positive indicators. The static analysis reveals a small attack surface consisting of a single AJAX handler, which is protected by authentication checks. The code demonstrates a strong commitment to security by utilizing prepared statements for a majority of its SQL queries and performing proper output escaping on most of its outputs. The presence of multiple nonce and capability checks further strengthens its defenses against common web attacks. Furthermore, the plugin has no known unpatched vulnerabilities, which is a significant positive sign.

However, there are a few areas that warrant attention. The taint analysis indicates three flows with unsanitized paths. While none of these are classified as critical or high severity, unsanitized paths can still represent a potential risk if they interact with sensitive functions or data. Additionally, the plugin makes three external HTTP requests, which could introduce risks if the target endpoints are compromised or if the requests themselves are not handled securely. The historical vulnerability data shows one medium severity CVE with a recent occurrence, indicating past security weaknesses that, while patched, suggest a need for continued vigilance.

In conclusion, "church-theme-content" v2.7 has a solid foundation for security, with robust defenses against common WordPress attack vectors. The minimal attack surface, good SQL and output sanitization practices, and the absence of unpatched critical or high vulnerabilities are commendable. Nevertheless, the presence of unsanitized paths in the taint analysis and the past medium CVE indicate areas where ongoing security auditing and careful development practices are essential to maintain a high level of security.

Key Concerns

  • Flows with unsanitized paths (Taint Analysis)
  • 1 Medium CVE reported in history
Vulnerabilities
1

Church Content – Sermons, Events and More Security Vulnerabilities

CVEs by Year

1 CVE in 2024
2024
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2024-32094medium · 4.3Cross-Site Request Forgery (CSRF)

Church Content – Sermons, Events and More <= 2.6 - Cross-Site Request Forgery to Notice Dismissal

Apr 11, 2024 Patched in 2.6.1 (7d)
Code Analysis
Analyzed Mar 16, 2026

Church Content – Sermons, Events and More Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
2 prepared
Unescaped Output
24
139 escaped
Nonce Checks
5
Capability Checks
12
File Operations
0
External Requests
3
Bundled Libraries
0

SQL Query Safety

67% prepared3 total queries

Output Escaping

85% escaped163 total outputs
Data Flows
3 unsanitized

Data Flow Analysis

3 flows3 with unsanitized paths
<edd-license> (includes\admin\edd-license.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Church Content – Sermons, Events and More Attack Surface

Entry Points1
Unprotected0

AJAX Handlers 1

authwp_ajax_ctc_gmaps_api_key_dismiss_noticeincludes\admin\admin-maps.php:297
WordPress Hooks 109
actionplugins_loadedchurch-theme-content.php:59
actionplugins_loadedchurch-theme-content.php:62
actionplugins_loadedchurch-theme-content.php:65
actionplugins_loadedchurch-theme-content.php:68
actionplugins_loadedchurch-theme-content.php:71
actioninitchurch-theme-content.php:78
filterplugin_row_metaincludes\admin\admin-add-ons.php:129
filterplugin_action_linksincludes\admin\admin-add-ons.php:164
actionctmb_field-_ctc_event_recurrenceincludes\admin\admin-add-ons.php:233
actionctmb_after_fieldsincludes\admin\admin-add-ons.php:301
actionctmb_before_fieldsincludes\admin\admin-add-ons.php:358
actionadmin_enqueue_scriptsincludes\admin\admin-enqueue-scripts.php:61
actionadmin_enqueue_scriptsincludes\admin\admin-enqueue-styles.php:50
actionadmin_initincludes\admin\admin-event-fields.php:310
actionadmin_initincludes\admin\admin-event-fields.php:560
actionadmin_initincludes\admin\admin-event-fields.php:654
actionsave_postincludes\admin\admin-event-fields.php:705
actionctc_after_save_eventincludes\admin\admin-event-fields.php:813
filtermanage_ctc_event_posts_columnsincludes\admin\admin-event-fields.php:888
actionmanage_posts_custom_columnincludes\admin\admin-event-fields.php:1069
filtermanage_edit-ctc_event_sortable_columnsincludes\admin\admin-event-fields.php:1086
filterrequestincludes\admin\admin-event-fields.php:1146
filtermanage_ctc_location_posts_columnsincludes\admin\admin-location-fields.php:339
actionadmin_initincludes\admin\admin-location-fields.php:362
actionmanage_posts_custom_columnincludes\admin\admin-location-fields.php:410
filtermanage_edit-ctc_location_sortable_columnsincludes\admin\admin-location-fields.php:427
filterrequestincludes\admin\admin-location-fields.php:482
actionadmin_noticesincludes\admin\admin-maps.php:223
actionadmin_print_footer_scriptsincludes\admin\admin-maps.php:268
actionctmb_after_fieldsincludes\admin\admin-maps.php:379
actionadmin_menuincludes\admin\admin-menu.php:94
filtercustom_menu_orderincludes\admin\admin-menu.php:111
filtermenu_orderincludes\admin\admin-menu.php:144
filterctc_post_type_sermon_argsincludes\admin\admin-menu.php:222
filterctc_post_type_event_argsincludes\admin\admin-menu.php:235
filterctc_post_type_location_argsincludes\admin\admin-menu.php:248
filterctc_post_type_person_argsincludes\admin\admin-menu.php:261
actionadmin_initincludes\admin\admin-person-fields.php:193
filtermanage_ctc_person_posts_columnsincludes\admin\admin-person-fields.php:227
actionmanage_posts_custom_columnincludes\admin\admin-person-fields.php:275
filtermanage_edit-ctc_person_sortable_columnsincludes\admin\admin-person-fields.php:293
filterrequestincludes\admin\admin-person-fields.php:348
filterwp_unique_post_slug_is_bad_flat_slugincludes\admin\admin-posts.php:51
filterwp_unique_post_slug_is_bad_hierarchical_slugincludes\admin\admin-posts.php:52
actionadmin_initincludes\admin\admin-sermon-fields.php:262
actionsave_postincludes\admin\admin-sermon-fields.php:313
actionctc_after_save_sermonincludes\admin\admin-sermon-fields.php:368
filtermanage_ctc_sermon_posts_columnsincludes\admin\admin-sermon-fields.php:448
actionmanage_posts_custom_columnincludes\admin\admin-sermon-fields.php:528
actionadmin_noticesincludes\admin\admin-support.php:95
actionadmin_initincludes\admin\admin-support.php:125
filterdashboard_glance_itemsincludes\admin\dashboard.php:83
filteradmin_initincludes\admin\dashboard.php:106
filterctps_section-licensesincludes\admin\edd-license.php:122
filterpre_update_option_ctc_settingsincludes\admin\edd-license.php:604
actionctps_after_saveincludes\admin\edd-license.php:657
actionadmin_noticesincludes\admin\edd-license.php:731
actionadmin_noticesincludes\admin\edd-license.php:815
actioncurrent_screenincludes\admin\edd-license.php:1304
actionadmin_initincludes\admin\edd-license.php:1371
filterhttp_request_argsincludes\admin\edd-license.php:1455
filterenter_title_hereincludes\admin\editor.php:160
filterwrite_your_storyincludes\admin\editor.php:236
actionimport_startincludes\admin\import.php:70
actionimport_endincludes\admin\import.php:96
actionimport_endincludes\admin\import.php:116
actionadmin_menuincludes\admin\migrate-risen.php:45
actionload-tools_page_ctc-migrate-risenincludes\admin\migrate-risen.php:268
filterctc_post_type_sermon_argsincludes\admin\migrate-risen.php:580
filterctc_post_type_event_argsincludes\admin\migrate-risen.php:581
filterctc_post_type_location_argsincludes\admin\migrate-risen.php:582
filterctc_post_type_person_argsincludes\admin\migrate-risen.php:583
actionadmin_noticesincludes\admin\migrate-risen.php:642
actionadmin_noticesincludes\admin\notices.php:108
actionadmin_initincludes\admin\upgrade.php:169
actionwp_feed_optionsincludes\classes\CTC_Dashboard_News.php:37
filterdashboard_secondary_itemsincludes\classes\CTC_Dashboard_News.php:40
filterpre_set_site_transient_update_pluginsincludes\classes\CTC_EDD_SL_Plugin_Updater.php:76
filterplugins_apiincludes\classes\CTC_EDD_SL_Plugin_Updater.php:77
actionadmin_initincludes\classes\CTC_EDD_SL_Plugin_Updater.php:80
filterpre_set_site_transient_update_pluginsincludes\classes\CTC_EDD_SL_Plugin_Updater.php:196
filterupload_mimesincludes\mime-types.php:56
filterpost_mime_typesincludes\mime-types.php:84
actioninitincludes\podcast.php:346
actioninitincludes\post-types.php:136
actioninitincludes\post-types.php:247
actioninitincludes\post-types.php:317
actioninitincludes\post-types.php:388
actionwpincludes\schedule.php:38
actionctc_update_recurring_event_datesincludes\schedule.php:141
actioninitincludes\settings.php:1559
actionctps_after_saveincludes\settings.php:1674
actionctps_after_saveincludes\settings.php:1692
filterctps_getincludes\settings.php:1742
filtergettextincludes\settings.php:1813
actionadmin_initincludes\settings.php:1891
actioninitincludes\support.php:144
actioninitincludes\support.php:368
actioninitincludes\taxonomies.php:98
actioninitincludes\taxonomies.php:178
actioninitincludes\taxonomies.php:258
actioninitincludes\taxonomies.php:337
actioninitincludes\taxonomies.php:417
actioninitincludes\taxonomies.php:491
actioninitincludes\taxonomies.php:563
actionadmin_head-edit-tags.phpincludes\taxonomies.php:640
actionadmin_head-term.phpincludes\taxonomies.php:641
actionadmin_head-post.phpincludes\taxonomies.php:708
actionadmin_head-post-new.phpincludes\taxonomies.php:709

Scheduled Events 1

ctc_update_recurring_event_dates
Maintenance & Trust

Church Content – Sermons, Events and More Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 1, 2025
PHP min version7.4
Downloads161K

Community Trust

Rating98/100
Number of ratings49
Active installs4K
Alternatives

Church Content – Sermons, Events and More Alternatives

Advanced Sermons

Advanced Sermons

advanced-sermons

A
96

Elevate your church's digital outreach with audio/video sermons, organized speakers, and series management.

1K 5 CVEs
Church Admin

Church Admin

church-admin

A
87

Organise and communicate church life, with associated Android and iOS app for your congregation.

1K 26 CVEs
Church Social

Church Social

church-social

A
85

This plugin allows churches to display content from their Church Social account on their WordPress website.

80 No CVEs
SermonPress

SermonPress

sermonpress

A
85

This is a fully customizable sermon library plugin. It comes complete with the ability to add audio and video sermons.

30 No CVEs
Sel Church Sermon

Sel Church Sermon

sel-church-sermons

A
85

This plugin created for official church themes from Selthemes.com

10 No CVEs
Developer Profile

Church Content – Sermons, Events and More Developer Profile

Steven Gliebe

2 plugins · 204K total installs

100
trust score
Avg Security Score
100/100
Avg Patch Time
7 days
View full developer profile
Detection Fingerprints

How We Detect Church Content – Sermons, Events and More

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/church-theme-content/css//wp-content/plugins/church-theme-content/js//wp-content/plugins/church-theme-content/includes/add-ons.php/wp-content/plugins/church-theme-content/includes/event-fields.php/wp-content/plugins/church-theme-content/includes/helpers.php/wp-content/plugins/church-theme-content/includes/mime-types.php/wp-content/plugins/church-theme-content/includes/podcast.php/wp-content/plugins/church-theme-content/includes/post-types.php+27 more

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about Church Content – Sermons, Events and More