
Event Calendar / Scheduler Security & Risk Analysis
wordpress.org/plugins/event-calendar-schedulerEvent calendar plugin that allows you to add a nice-looking scheduler/planner with drag-n-drop interface, recurring events, Google Map integration.
Is Event Calendar / Scheduler Safe to Use in 2026?
Generally Safe
Score 85/100Event Calendar / Scheduler has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "event-calendar-scheduler" v3.0 plugin exhibits a mixed security posture. On the positive side, the plugin has no known vulnerabilities (CVEs) and a clean history, suggesting a generally stable and well-maintained codebase. Furthermore, the attack surface appears minimal with no exposed AJAX handlers, REST API routes, shortcodes, or cron events that are unprotected. The majority of SQL queries utilize prepared statements, which is a good practice for preventing SQL injection. However, there are significant concerns stemming from the static code analysis. A very low percentage of output is properly escaped (16%), indicating a high risk of Cross-Site Scripting (XSS) vulnerabilities across numerous output points. Additionally, the taint analysis reveals flows with unsanitized paths, with one identified as high severity. The complete absence of nonce checks, despite 4 capability checks, is also a notable weakness, potentially leaving actions vulnerable to CSRF if not otherwise protected by capability checks alone. The presence of file operations and external HTTP requests without specific security details warrants caution, as these can be vectors for further exploitation if not handled securely.
Key Concerns
- High percentage of unsanitized output
- High severity unsanitized taint flow
- No nonce checks present
- File operations present
- External HTTP requests present
Event Calendar / Scheduler Security Vulnerabilities
Event Calendar / Scheduler Release Timeline
Event Calendar / Scheduler Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
Event Calendar / Scheduler Attack Surface
WordPress Hooks 6
Maintenance & Trust
Event Calendar / Scheduler Maintenance & Trust
Maintenance Signals
Community Trust
Event Calendar / Scheduler Alternatives
Events Widgets For Elementor And The Events Calendar
events-widgets-for-elementor-and-the-events-calendar
The Events Calendar Elementor widgets help you manage and display an upcoming events list with date, time, venue and event ticket booking details.
Sugar Calendar – Events Calendar, Event Tickets, and Events Management Platform
sugar-calendar-lite
Easily manage events and sell tickets on your WordPress site. Sugar Calendar is easy-to-use, reliable, and exceptionally powerful. See for yourself.
Events Shortcodes For The Events Calendar
template-events-calendar
Add The Events Calendar shortcode or Gutenberg block to show upcoming events list with event details on any WordPress page using smart event filters.
WP FullCalendar
wp-fullcalendar
Uses the FullCalendar library to create a stunning calendar view of events, posts and other custom post types
Event Booking Manager for WooCommerce
mage-eventpress
Flexible WooCommerce plugin for event booking, attendee management, and responsive ticketing with a modern event calendar.
Event Calendar / Scheduler Developer Profile
1 plugin · 30 total installs
How We Detect Event Calendar / Scheduler
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/event-calendar-scheduler/codebase/dhtmlxscheduler.css/wp-content/plugins/event-calendar-scheduler/codebase/dhtmlxscheduler_terrace.css/wp-content/plugins/event-calendar-scheduler/codebase/dhtmlxscheduler.js/wp-content/plugins/event-calendar-scheduler/codebase/dhtmlxscheduler_date.js/wp-content/plugins/event-calendar-scheduler/codebase/dhtmlxscheduler_locale.js/wp-content/plugins/event-calendar-scheduler/codebase/locale/common_en.php/wp-content/plugins/event-calendar-scheduler/codebase/dhtmlxscheduler.js/wp-content/plugins/event-calendar-scheduler/codebase/dhtmlxscheduler_date.js/wp-content/plugins/event-calendar-scheduler/codebase/dhtmlxscheduler_locale.js/wp-content/plugins/event-calendar-scheduler/codebase/dhtmlxscheduler.css?ver=/wp-content/plugins/event-calendar-scheduler/codebase/dhtmlxscheduler_terrace.css?ver=/wp-content/plugins/event-calendar-scheduler/codebase/dhtmlxscheduler.js?ver=/wp-content/plugins/event-calendar-scheduler/codebase/dhtmlxscheduler_date.js?ver=/wp-content/plugins/event-calendar-scheduler/codebase/dhtmlxscheduler_locale.js?ver=HTML / DOM Fingerprints
dhx_cal_navlinedhx_cal_prev_buttondhx_cal_next_buttondhx_cal_today_buttondhx_cal_datedhx_cal_weekdaydhx_cal_eventdhx_cal_event_line+12 more<!-- scheduler --><!-- end scheduler --><!-- begin scheduler_plugin --><!-- end scheduler_plugin -->data-scheduler-iddata-scheduler-viewschedulerDHXSchedulerscheduler_configscheduler_localedhx_scheduler[scheduler_plugin][scheduler_sidebar]