WP-Safety

Elegant Calendar Lite – WordPress Events Calendar Plugin Security & Risk Analysis

wordpress.org/plugins/elegant-calendar-lite

Elegant Calendar is a flexible plugin that make you easily manage and share events.

0 active installs v1.6.16 PHP + WP 4.0+ Updated Jun 25, 2025
calendareventeventsorganizerschedule
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Elegant Calendar Lite – WordPress Events Calendar Plugin Safe to Use in 2026?

Generally Safe

Score 100/100

Elegant Calendar Lite – WordPress Events Calendar Plugin has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago
Risk Assessment

The 'elegant-calendar-lite' plugin version 1.6.16 demonstrates a strong security posture in several key areas. The static analysis shows no dangerous functions or file operations, and all SQL queries are properly prepared, indicating a good practice against common injection vulnerabilities. Furthermore, a high percentage of output is properly escaped, and ample nonce and capability checks are present on its entry points, including its AJAX handlers, shortcodes, and cron events. The complete absence of known CVEs and the lack of any critical or high-severity taint flows further bolster its security profile. However, the presence of one external HTTP request, while not inherently a vulnerability, represents a potential avenue for information leakage or manipulation if the external service is compromised or insecure. While the attack surface is relatively small and all entry points have auth checks, the single external HTTP request warrants attention in a comprehensive security assessment.

Key Concerns

  • External HTTP requests
Vulnerabilities
None known

Elegant Calendar Lite – WordPress Events Calendar Plugin Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Elegant Calendar Lite – WordPress Events Calendar Plugin Release Timeline

No version history available.
Code Analysis
Analyzed Apr 16, 2026

Elegant Calendar Lite – WordPress Events Calendar Plugin Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
24
336 escaped
Nonce Checks
5
Capability Checks
4
File Operations
0
External Requests
1
Bundled Libraries
2

Bundled Libraries

Select2Freemius1.0

Output Escaping

93% escaped360 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

6 flows
save_glabal_settings (admin/classes/class-admin-ajax.php:92)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Elegant Calendar Lite – WordPress Events Calendar Plugin Attack Surface

Entry Points5
Unprotected0

AJAX Handlers 4

authwp_ajax_elegant_calendar_save_eventadmin/classes/class-admin-ajax.php:24
authwp_ajax_elegant_save_glabal_settingsadmin/classes/class-admin-ajax.php:25
authwp_ajax_elegant_activate_licensesadmin/classes/class-admin-ajax.php:26
authwp_ajax_elegant_deactivate_licensesadmin/classes/class-admin-ajax.php:27

Shortcodes 1

[elegant_calendar] includes/class-core.php:75
WordPress Hooks 22
actionadmin_menuadmin/abstracts/class-admin-module.php:46
actionadmin_headadmin/abstracts/class-admin-module.php:47
actionadmin_menu_editor-menu_replacedadmin/abstracts/class-admin-module.php:50
filtersubmenu_fileadmin/abstracts/class-admin-module.php:52
actionadmin_enqueue_scriptsadmin/abstracts/class-admin-page.php:259
actioninitadmin/abstracts/class-admin-page.php:260
actionadmin_menuadmin/classes/class-admin.php:29
actionadmin_menuadmin/classes/class-admin.php:83
actionadmin_menuadmin/classes/class-admin.php:107
actionadmin_initelegant-calendar-lite.php:78
actionadmin_initelegant-calendar-lite.php:128
actionplugins_loadedelegant-calendar-lite.php:161
actionadmin_menuincludes/class-core.php:63
filterscript_loader_tagincludes/class-core.php:69
actionwp_enqueue_scriptsincludes/class-core.php:72
actionwp_footerincludes/class-core.php:253
actioninitincludes/class-post-types.php:46
actioninitincludes/class-post-types.php:47
filtertemplate_includeincludes/class-template-loader.php:46
filterwp_insert_post_dataincludes/class-template-loader.php:47
filtercron_schedulesincludes/jobs/class-cron-job.php:45
actionelegant_calendar_cron_hookincludes/jobs/class-cron-job.php:75

Scheduled Events 1

elegant_calendar_cron_hook
Maintenance & Trust

Elegant Calendar Lite – WordPress Events Calendar Plugin Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedJun 25, 2025
PHP min version
Downloads3K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Elegant Calendar Lite – WordPress Events Calendar Plugin Alternatives

The Events Calendar

The Events Calendar

the-events-calendar

B
82

The Events Calendar: #1 calendar plugin for WordPress. Create/manage events (virtual too!) on your site with the free plugin.

700K 25 CVEs
Events Calendar for GeoDirectory

Events Calendar for GeoDirectory

events-for-geodirectory

A
94

Events Calendar add-on for GeoDirectory allows to extend your GeoDirectory powered website with a versatile event manager.

3K 2 CVEs
Events Calendar Plus

Events Calendar Plus

events-calendar-plus

A
100

Display a beautiful events calendar with customizable views, coloring, filtering, date formats, images, and optimized for mobile on your own website.

50 No CVEs
Pretty Grid – WordPress Images Gallery, Slider, and Carousel Plugin

Pretty Grid – WordPress Images Gallery, Slider, and Carousel Plugin

pretty-grid

A
100

Pretty Grid is a flexible plugin that make you display social media content in WordPress.

20 No CVEs
Crowdcue

Crowdcue

crowdcue

A
85

Crowdcue is the unofficial OccasionGenius WordPress plugin allows you to easily output a beautiful and simple events page without any coding using the …

0 No CVEs
Developer Profile

Elegant Calendar Lite – WordPress Events Calendar Plugin Developer Profile

wphobby

16 plugins · 220 total installs

86
trust score
Avg Security Score
88/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Elegant Calendar Lite – WordPress Events Calendar Plugin

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/elegant-calendar-lite/assets/css/elegant-calendar.css/wp-content/plugins/elegant-calendar-lite/assets/js/elegant-calendar.js
Script Paths
/wp-content/plugins/elegant-calendar-lite/assets/js/elegant-calendar.js
Version Parameters
elegant-calendar-lite/assets/css/elegant-calendar.css?ver=elegant-calendar-lite/assets/js/elegant-calendar.js?ver=

HTML / DOM Fingerprints

CSS Classes
elegant-calendar-listelegant-calendar-gridelegant-calendar-single
HTML Comments
<!-- Elegant Calendar -->
Data Attributes
data-event-iddata-event-slug
JS Globals
elegant_calendar_params
REST Endpoints
/wp-json/elegant-calendar/v1/events
Shortcode Output
[elegant_calendar]
FAQ

Frequently Asked Questions about Elegant Calendar Lite – WordPress Events Calendar Plugin