Does Date counter have any unpatched vulnerabilities?

Yes — Date counter currently has 1 published unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is Date counter compatible with WordPress 6.8.5?

According to WordPress.org data, Date counter 2.0.3 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Date counter compatible with PHP 5.3+?

Date counter requires PHP 5.3 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Date counter updated?

Date counter was last updated on Dec 19, 2024. Frequent updates are generally a positive security signal.

What is Date counter's security score?

Date counter has a WP-Safety security score of 70/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Date counter Security & Risk Analysis

wordpress.org/plugins/date-counter

Date counter - is just a 9 kilobytes WordPress plugin.

1K active installs v2.0.3 PHP 5.3+ WP 3.1+ Updated Dec 19, 2024

counterdatedate-counterdaysyears

B · Generally Safe

CVEs total1

Unpatched1

Last CVEOct 11, 2025

Plugin page Download

Safety Verdict

Is Date counter Safe to Use in 2026?

Mostly Safe

Score 70/100

Date counter is generally safe to use though it hasn't been updated recently. 1 past CVE were resolved.

1 known CVE 1 unpatched Last CVE: Oct 11, 2025Updated 1yr ago

Risk Assessment

The "date-counter" plugin v2.0.3 exhibits a mixed security posture. On the positive side, the static analysis reveals excellent adherence to secure coding practices, with no dangerous functions, all SQL queries using prepared statements, and all output properly escaped. The absence of file operations and external HTTP requests also reduces the potential attack surface. Furthermore, the taint analysis found no unsanitized paths, indicating that input handling for observable flows is generally robust.

However, a significant concern arises from the vulnerability history. The presence of one known, and critically, *unpatched* medium severity CVE suggests a potential for exploitation. The fact that this vulnerability was a Cross-site Scripting (XSS) issue, and the last recorded vulnerability was recent (October 2025), indicates a recurring security weakness or a lack of timely patching in previous versions. While the current version's code analysis doesn't immediately expose this specific vulnerability, the historical pattern warrants caution.

In conclusion, while the code itself appears to be well-written with good security controls in place for new development, the unpatched historical vulnerability presents a clear and present risk. Users of this plugin should be aware of this known exploit and the implications of it remaining unaddressed. The plugin's strengths lie in its well-implemented secure coding practices, but its weakness is its historical vulnerability management.

Key Concerns

Unpatched CVE present

Vulnerabilities

1 published

Date counter Security Vulnerabilities

CVEs by Year

1 CVE in 2025 · unpatched

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-62948medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Date counter <= 2.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

Oct 11, 2025Unpatched

Version History

Date counter Release Timeline

No version history available.

Code Analysis

Analyzed Mar 16, 2026

Date counter Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

Date counter Attack Surface

Entry Points4

Unprotected0

Shortcodes 4

[CurrentDatetime] Classes\CurrentDatetime.php:21

[DateCounter] Classes\DateCounter.php:92

[DatetimeDifference] Classes\DatetimeDifference.php:43

[TotalDatetimeDifference] Classes\TotalDatetimeDifference.php:65

WordPress Hooks 1

filterget_my_plugin_instanceClasses\AbstractDatetime.php:11

Maintenance & Trust

Date counter Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedDec 19, 2024

PHP min version5.3

Downloads20K

Community Trust

Rating100/100

Number of ratings8

Active installs1K

Alternatives

Date counter Alternatives

Day Counter

day-counter

This plugin enables you to create customized timelines and dates on WordPress pages and posts with a shortcode.

20 No CVEs

WebBooster Update History

webbooster-update-history

100

Display a summary of all updates performed on your WordPress site directly in the Dashboard.

20 No CVEs

Easy Timer

easy-timer

Allows you to easily display a count down/up timer, the time or the current date on your website, and to schedule an automatic content modification.

1K 1 CVE

Today's Date Inserter

todays-date-inserter

Simply and quickly add the current date and or time to your wordpress posts or pages using a shortcode Date widget also included

800 1 unpatched

On This Day (by Room 34)

room-34-presents-on-this-day

100

Display your blog posts from this date in previous years as a sidebar widget.

100 No CVEs

Developer Profile

Date counter Developer Profile

Konstantin Pankratov

2 plugins · 1K total installs

trust score

Avg Security Score

81/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Date counter

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Data Attributes

formatstartdateenddate

Shortcode Output

[CurrentDatetime][DateCounter][DatetimeDifference][TotalDatetimeDifference]

FAQ