Does Dynamic Dates have any unpatched vulnerabilities?

No. All known vulnerabilities in Dynamic Dates have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Dynamic Dates compatible with WordPress 4.2.39?

According to WordPress.org data, Dynamic Dates 2.0.5 has been tested up to WordPress 4.2.39. Check the plugin's changelog for the latest compatibility information.

How often is Dynamic Dates updated?

Dynamic Dates was last updated on May 9, 2015. Frequent updates are generally a positive security signal.

What is Dynamic Dates's security score?

Dynamic Dates has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Dynamic Dates Security & Risk Analysis

wordpress.org/plugins/dynamic-dates

Calculate dates ('next Sunday') and relative dates ('December 25th two years from now') in your posts and pages.

100 active installs v2.0.5 PHP + WP 2.7+ Updated May 9, 2015

datedatesdynamictimetimes

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Dynamic Dates Safe to Use in 2026?

Generally Safe

Score 85/100

Dynamic Dates has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago

Risk Assessment

The 'dynamic-dates' plugin v2.0.5 exhibits a generally good security posture due to its adherence to several security best practices. Notably, it uses prepared statements for all SQL queries, avoiding a common and critical vulnerability. The absence of file operations and external HTTP requests further reduces the attack surface. The vulnerability history is clean, with no recorded CVEs, suggesting a well-maintained or less-targeted plugin.

However, there are significant areas for improvement. The plugin lacks nonce checks and capability checks entirely. While the static analysis reports zero unprotected entry points from AJAX or REST API, the absence of these fundamental security checks for shortcodes is a concern. Fifty percent of output is not properly escaped, which could lead to Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is included in these outputs. The lack of taint analysis results (0 flows analyzed) makes it difficult to fully assess risks related to data sanitization, especially concerning the unescaped outputs.

Key Concerns

Missing nonce checks
Missing capability checks
Half of output not escaped
No taint analysis data

Vulnerabilities

None known

Dynamic Dates Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Dynamic Dates Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

3 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

50% escaped6 total outputs

Attack Surface

Dynamic Dates Attack Surface

Entry Points18

Unprotected0

Shortcodes 18

[dynamic-dates-version] ShortCodeController.php:26

[date] ShortCodeController.php:30

[now] ShortCodeController.php:34

[yesterday] ShortCodeController.php:38

[today] ShortCodeController.php:42

[tomorrow] ShortCodeController.php:46

[last-month] ShortCodeController.php:50

[this-month] ShortCodeController.php:54

[next-month] ShortCodeController.php:58

[last-year] ShortCodeController.php:62

[this-year] ShortCodeController.php:66

[next-year] ShortCodeController.php:70

[last_month] ShortCodeController.php:75

[this_month] ShortCodeController.php:79

[next_month] ShortCodeController.php:83

[last_year] ShortCodeController.php:87

[this_year] ShortCodeController.php:91

[next_year] ShortCodeController.php:95

WordPress Hooks 3

actionadmin_menuAdminController.php:38

actionadmin_initAdminController.php:42

actionadmin_noticesAdminController.php:47

Maintenance & Trust

Dynamic Dates Maintenance & Trust

Maintenance Signals

WordPress version tested4.2.39

Last updatedMay 9, 2015

PHP min version

Downloads8K

Community Trust

Rating0/100

Number of ratings0

Active installs100

Alternatives

Dynamic Dates Alternatives

Calendar

calendar

A simple but effective Calendar plugin for WordPress that allows you to manage your events and appointments and display them to the world.

4K 5 CVEs

Product Delivery Date

product-delivery-date

Product Delivery Date is a plugin that allows you to customize the delivery date of a product. With this plugin, you can add a delivery date field to …

200 No CVEs

FT Calendar

ft-calendar

A calendar plugin supporting multiple calendars, recurring events, and several different widgets / shortcodes. More info at http://calendar-plugin.com

100 No CVEs

Next Date

nextdate

This plugin allows you to display the next date from a list of dates with the [nextdate] shortcode.

100 No CVEs

Calendar Plus

calendar-plus

A simple Calendar plugin for WordPress that allows 2 seperate calendars. This can be used as a drop-in replacement for the original Calendar plugin.

60 1 unpatched

Developer Profile

Dynamic Dates Developer Profile

Jason Hendriks

2 plugins · 130 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Dynamic Dates

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Version Parameters

dynamic-dates/style.css?ver=dynamic-dates/script.js?ver=

HTML / DOM Fingerprints

HTML Comments

JS Globals

window.DynamicDates

Shortcode Output

[dynamic-dates-version][date[now[yesterday

FAQ