Does Easy Liveblogs have any unpatched vulnerabilities?

No. All known vulnerabilities in Easy Liveblogs have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Easy Liveblogs compatible with WordPress 6.7.5?

According to WordPress.org data, Easy Liveblogs 2.3.7 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

How often is Easy Liveblogs updated?

Easy Liveblogs was last updated on Nov 20, 2024. Frequent updates are generally a positive security signal.

What is Easy Liveblogs's security score?

Easy Liveblogs has a WP-Safety security score of 91/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Easy Liveblogs Security & Risk Analysis

wordpress.org/plugins/easy-liveblogs

Live blogging made easy with the Easy Liveblogs plugin from vanrossum.dev.

300 active installs v2.3.7 PHP + WP 4.4+ Updated Nov 20, 2024

liveblog

A · Safe

CVEs total1

Unpatched0

Last CVENov 22, 2024

Plugin page Download

Safety Verdict

Is Easy Liveblogs Safe to Use in 2026?

Generally Safe

Score 91/100

Easy Liveblogs has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Nov 22, 2024Updated 1yr ago

Risk Assessment

The 'easy-liveblogs' plugin version 2.3.7 exhibits a mixed security posture. On the positive side, it avoids dangerous functions, file operations, and external HTTP requests. The absence of critical or high-severity vulnerabilities in its history, along with recent patching of its sole medium-severity CVE, is encouraging. However, several concerning aspects warrant attention. The plugin has a small but notable attack surface, with one unprotected REST API route identified. Furthermore, all SQL queries are executed without prepared statements, posing a significant risk of SQL injection vulnerabilities. While taint analysis found no issues, this might be due to the limited scope of analysis or the absence of complex data flow. The moderate percentage of properly escaped outputs indicates a potential for cross-site scripting vulnerabilities if inputs are not handled carefully within the unescaped sections.

Key Concerns

Unprotected REST API route
SQL queries without prepared statements
Moderate output escaping percentage

Vulnerabilities

Easy Liveblogs Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-11387medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Easy Liveblogs <= 2.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

Nov 22, 2024 Patched in 2.3.6 (1d)

Code Analysis

Analyzed Mar 16, 2026

Easy Liveblogs Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

31 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared3 total queries

Output Escaping

53% escaped58 total outputs

Attack Surface

1 unprotected

Easy Liveblogs Attack Surface

Entry Points2

Unprotected1

REST API Routes 1

GET/wp-json/easy-liveblogs/v1/liveblog/(?P<id>\d+)includes\api\class-elb-feed.php:19

Shortcodes 1

[elb_liveblog] includes\elb-shortcodes.php:29

WordPress Hooks 34

actionplugins_loadedeasy-liveblogs.php:49

actionwp_enqueue_scriptseasy-liveblogs.php:50

actionadmin_enqueue_scriptseasy-liveblogs.php:51

actionwp_enqueue_scriptseasy-liveblogs.php:52

actionadmin_enqueue_scriptseasy-liveblogs.php:53

actioniniteasy-liveblogs.php:54

actioniniteasy-liveblogs.php:55

actionadmin_menuincludes\admin\elb-pages.php:17

actionadmin_initincludes\admin\elb-register-settings.php:51

actionrest_api_initincludes\api\class-elb-feed.php:10

filterelb_feed_from_cacheincludes\caching\class-elb-object.php:11

actionelb_cache_feedincludes\caching\class-elb-object.php:12

actionelb_purge_feed_cacheincludes\caching\class-elb-object.php:13

filterelb_feed_from_cacheincludes\caching\class-elb-transient.php:11

actionelb_cache_feedincludes\caching\class-elb-transient.php:12

actionelb_purge_feed_cacheincludes\caching\class-elb-transient.php:13

filterparse_queryincludes\elb-filters.php:35

actioninitincludes\elb-filters.php:73

filterdisplay_post_statesincludes\elb-filters.php:91

filterthe_titleincludes\elb-filters.php:129

actionloop_startincludes\elb-filters.php:134

filtermanage_elb_entry_posts_columnsincludes\elb-filters.php:147

actionmanage_elb_entry_posts_custom_columnincludes\elb-filters.php:172

filterthe_contentincludes\elb-filters.php:191

filterbody_classincludes\elb-functions.php:494

actionwp_headincludes\elb-functions.php:561

actionadd_meta_boxesincludes\elb-metabox.php:23

actionelb_liveblog_meta_box_fieldsincludes\elb-metabox.php:107

actionelb_entry_meta_box_fieldsincludes\elb-metabox.php:153

actionsave_postincludes\elb-metabox.php:202

actionbefore_delete_postincludes\elb-metabox.php:218

actionsave_postincludes\elb-metabox.php:268

actiontrashed_postincludes\elb-metabox.php:290

actioninitincludes\elb-post-types.php:39

Maintenance & Trust

Easy Liveblogs Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedNov 20, 2024

PHP min version

Downloads9K

Community Trust

Rating76/100

Number of ratings6

Active installs300

Alternatives

Easy Liveblogs Alternatives

Liveblog

liveblog

100

Empowers website owners to provide rich and engaging live event coverage to a large, distributed audience.

2K No CVEs

24liveblog – live blog tool

24liveblog

24liveblog is the most popular live blog tool, trusted by thousands of publishers.

700 No CVEs

Arena.IM – Live Blogging for real-time events

arena-liveblog-and-chat-tool

Arena.im is a powerful FREE live blogging platform for real-time events. Cover sports, news, tech, etc. SEO optimized and mobile ready.

200 2 unpatched

DmiMag LiveBlog. Live broadcast

dmimag-liveblog

100

DmiMag LiveBlog. Live broadcast - is a lightweight WordPress live broadcast Plugin

10 No CVEs

Live Blog WP – Easy WordPress Live Blogging

live-blog-wp

Create a Gutenberg powered auto updating live blog and start live blogging directly within WordPress today.

10 No CVEs

Developer Profile

Easy Liveblogs Developer Profile

Jeffrey van Rossum

3 plugins · 350 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

1 days

View full developer profile

Detection Fingerprints

How We Detect Easy Liveblogs

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/easy-liveblogs/assets/js/easy-liveblogs-admin.js/wp-content/plugins/easy-liveblogs/assets/selectize/selectize.min.js/wp-content/plugins/easy-liveblogs/assets/css/easy-liveblogs-admin.css/wp-content/plugins/easy-liveblogs/assets/selectize/selectize.default.css/wp-content/plugins/easy-liveblogs/assets/js/easy-liveblogs.js

Script Paths

assets/js/easy-liveblogs-admin.jsassets/selectize/selectize.min.jsassets/js/easy-liveblogs.js

Version Parameters

easy-liveblogs/assets/js/easy-liveblogs-admin.js?ver=easy-liveblogs/assets/css/easy-liveblogs-admin.css?ver=easy-liveblogs/assets/js/easy-liveblogs.js?ver=

HTML / DOM Fingerprints

CSS Classes

elb-liveblog-entryelb-liveblog-timelineelb-liveblog-wrapperelb-liveblog-header

HTML Comments

<!-- Easy Liveblogs Plugin

Data Attributes

data-elb-update-intervaldata-elb-post-id

JS Globals

elb

REST Endpoints

/wp-json/easy-liveblogs/v1/feed

Shortcode Output

[easy-liveblog

FAQ