Crowdcue Security & Risk Analysis
wordpress.org/plugins/crowdcueCrowdcue is the unofficial OccasionGenius WordPress plugin allows you to easily output a beautiful and simple events page without any coding using the …
Is Crowdcue Safe to Use in 2026?
Generally Safe
Score 85/100Crowdcue has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The crowdcue plugin version 1.3.0 presents several security concerns despite a clean vulnerability history. A significant portion of its attack surface, specifically all 11 REST API routes, lacks proper permission callbacks. This means any authenticated user could potentially interact with these endpoints without explicit authorization, opening the door for privilege escalation or unauthorized data manipulation. Furthermore, the plugin utilizes raw SQL queries without prepared statements, a practice that is highly susceptible to SQL injection vulnerabilities. While the plugin demonstrates good output escaping practices and doesn't appear to have critical taint analysis findings or known historical vulnerabilities, the identified lack of authorization on REST API routes and the use of un-prepared SQL queries represent significant security weaknesses that require immediate attention.
Key Concerns
- REST API routes without permission callbacks
- SQL queries not using prepared statements
- No nonce checks on AJAX handlers
- No capability checks
Crowdcue Security Vulnerabilities
Crowdcue Code Analysis
SQL Query Safety
Output Escaping
Crowdcue Attack Surface
REST API Routes 11
Shortcodes 1
WordPress Hooks 26
Scheduled Events 2
Maintenance & Trust
Crowdcue Maintenance & Trust
Maintenance Signals
Community Trust
Crowdcue Alternatives
The Events Calendar
the-events-calendar
The Events Calendar: #1 calendar plugin for WordPress. Create/manage events (virtual too!) on your site with the free plugin.
Events Calendar for GeoDirectory
events-for-geodirectory
Events Calendar add-on for GeoDirectory allows to extend your GeoDirectory powered website with a versatile event manager.
Events Calendar Plus
events-calendar-plus
Display a beautiful events calendar with customizable views, coloring, filtering, date formats, images, and optimized for mobile on your own website.
Pretty Grid – WordPress Images Gallery, Slider, and Carousel Plugin
pretty-grid
Pretty Grid is a flexible plugin that make you display social media content in WordPress.
Events: Calendar, Boxes, and List
fsdpe-events
A simple and powerful events manager plugin with multiple views: calendar, boxes, and list.
Crowdcue Developer Profile
2 plugins · 0 total installs
How We Detect Crowdcue
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/crowdcue/og-events/build/static/css/main.css/wp-content/plugins/crowdcue/og-events/build/static/js/main.js/wp-content/plugins/crowdcue/og-events/build/static/js/runtime-main.js/wp-content/plugins/crowdcue/og-events/build/static/js/runtime-main.js/wp-content/plugins/crowdcue/og-events/build/static/js/main.jscrowdcue/og-events/build/static/css/main.css?ver=crowdcue/og-events/build/static/js/runtime-main.js?ver=crowdcue/og-events/build/static/js/main.js?ver=HTML / DOM Fingerprints
og-events-widgetdata-og-api-keydata-og-asset-manifestog_events_widget_data/wp-json/occasiongenius/v1/events/wp-json/occasiongenius/v1/event//wp-json/occasiongenius/v1/flag//wp-json/occasiongenius/v1/flags/wp-json/occasiongenius/v1/areas/wp-json/occasiongenius/v1/venue//wp-json/occasiongenius/v1/suggested//wp-json/occasiongenius/v1/personalized/wp-json/occasiongenius/v1/bucket/wp-json/occasiongenius/v1/event_flags/wp-json/occasiongenius/v1/nearby/[occasiongenius_events