Does easyVerein have any unpatched vulnerabilities?

No. All known vulnerabilities in easyVerein have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is easyVerein compatible with WordPress 6.9.4?

According to WordPress.org data, easyVerein 2.1.9 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is easyVerein compatible with PHP 7.2+?

easyVerein requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is easyVerein updated?

easyVerein was last updated on Dec 3, 2025. Frequent updates are generally a positive security signal.

What is easyVerein's security score?

easyVerein has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

easyVerein Security & Risk Analysis

wordpress.org/plugins/easyverein

Das offizielle easyVerein Plugin für WordPress.

300 active installs v2.1.9 PHP 7.2+ WP 5.2+ Updated Dec 3, 2025

easyvereinvereinsverwaltung

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is easyVerein Safe to Use in 2026?

Generally Safe

Score 100/100

easyVerein has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The security posture of easyverein v2.1.9 appears to be relatively strong based on the static analysis. The plugin demonstrates good practices in handling SQL queries, with a high percentage utilizing prepared statements. Output escaping is also robust, with a near-perfect implementation. The absence of file operations and external HTTP requests further contributes to a reduced attack surface in these areas. The vulnerability history is also clean, with no recorded CVEs, suggesting a history of secure development or a lack of prior exploitation.

However, the static analysis does reveal some areas of concern. Notably, the taint analysis indicates that all analyzed flows (4 out of 4) have unsanitized paths, though none are classified as critical or high severity. This suggests a potential for vulnerabilities if these paths are exploitable, even if not currently rated as severe. Furthermore, the complete lack of nonce checks and capability checks across all entry points is a significant weakness. While the attack surface of unprotected entry points is reported as zero, the absence of these fundamental security measures on shortcodes, AJAX handlers, and cron events leaves them potentially vulnerable to various attacks if an attacker can trigger them, especially in combination with any unsanitized taint flows.

In conclusion, easyverein v2.1.9 benefits from strong SQL and output handling and a clean vulnerability history. However, the presence of unsanitized paths in taint flows and, more critically, the complete absence of nonce and capability checks represent significant security weaknesses that could be exploited. Addressing these fundamental security measures should be a priority.

Key Concerns

Taint flows with unsanitized paths (all)
No nonce checks on any entry points
No capability checks on any entry points

Vulnerabilities

None known

easyVerein Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

easyVerein Code Analysis

Dangerous Functions

Raw SQL Queries

68 prepared

Unescaped Output

128 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

94% prepared72 total queries

Output Escaping

98% escaped130 total outputs

Data Flows

4 unsanitized

Data Flow Analysis

4 flows4 with unsanitized paths

easyVerein_sso_redirect (helper\easyVereinApiHelper.php:173)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

easyVerein Attack Surface

Entry Points9

Unprotected0

Shortcodes 9

[easyverein_calendar] public\shortcodes\easyVereinShortcodeCalendar.php:7

[easyverein_club_calendar] public\shortcodes\easyVereinShortcodeClubCalendar.php:14

[easyverein_club_memberlist] public\shortcodes\easyVereinShortcodeClubMemberlist.php:14

[easyverein_invoices] public\shortcodes\easyVereinShortcodeInvoices.php:14

[easyverein_login] public\shortcodes\easyVereinShortcodeLogin.php:44

[easyverein_memberlist] public\shortcodes\easyVereinShortcodeMembers.php:6

[easyverein_profile] public\shortcodes\easyVereinShortcodeProfile.php:14

[easyverein_protocol] public\shortcodes\easyVereinShortcodeProtocol.php:5

[easyverein_reset_password] public\shortcodes\easyVereinShortcodeResetPassword.php:13

WordPress Hooks 13

actionadmin_menuadmin\easyVereinSettings.php:7

actionadmin_noticesadmin\includes\easyVereinDebugMode.php:81

actioneasyVerein_member_sync_hookeasyVerein.php:33

filterplugin_row_metaeasyVerein.php:36

actionshow_user_profileeasyVerein.php:85

actionedit_user_profileeasyVerein.php:86

actionadmin_menueasyVereinSettings.php:7

actioninitpublic\shortcodes\easyVereinShortcodeClubCalendar.php:6

actioninitpublic\shortcodes\easyVereinShortcodeClubMemberlist.php:6

actioninitpublic\shortcodes\easyVereinShortcodeInvoices.php:6

actioninitpublic\shortcodes\easyVereinShortcodeLogin.php:6

actioninitpublic\shortcodes\easyVereinShortcodeProfile.php:6

actioninitpublic\shortcodes\easyVereinShortcodeResetPassword.php:6

Scheduled Events 3

easyVerein_member_sync_hook

Maintenance & Trust

easyVerein Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 3, 2025

PHP min version7.2

Downloads5K

Community Trust

Rating0/100

Number of ratings0

Active installs300

Alternatives

easyVerein Alternatives

No alternatives data available yet.

Developer Profile

easyVerein Developer Profile

SD Software Design GmbH

1 plugin · 300 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect easyVerein

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/easyverein/css/easyVereinSettings.css/wp-content/plugins/easyverein/js/easyVereinSettings.js/wp-content/plugins/easyverein/js/easyVereinAccordion.js

Script Paths

/wp-content/plugins/easyverein/js/easyVereinSettings.js/wp-content/plugins/easyverein/js/easyVereinAccordion.js

HTML / DOM Fingerprints

CSS Classes

easyVereineasyVerein_headereasyVerein_contenteasyVerein_content_wrapperbold_text

Data Attributes

data-name="easyVerein"id="easyVerein"name="easyVereinId"id="easyVereinId"

FAQ