Does Show Eventbrite Events – Event Feed for Eventbrite have any unpatched vulnerabilities?

No. All known vulnerabilities in Show Eventbrite Events – Event Feed for Eventbrite have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Show Eventbrite Events – Event Feed for Eventbrite compatible with WordPress 6.8.5?

According to WordPress.org data, Show Eventbrite Events – Event Feed for Eventbrite 1.4.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Show Eventbrite Events – Event Feed for Eventbrite compatible with PHP 5.6+?

Show Eventbrite Events – Event Feed for Eventbrite requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

What is Show Eventbrite Events – Event Feed for Eventbrite's security score?

Show Eventbrite Events – Event Feed for Eventbrite has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Show Eventbrite Events – Event Feed for Eventbrite Security & Risk Analysis

wordpress.org/plugins/event-feed-for-eventbrite

Show Eventbrite events easily with the Eventbrite WordPress plugin. Eventbrite widget integration without imports or complicated setup.

900 active installs v1.4.0 PHP 5.6+ WP 5.0+ Updated Aug 29, 2025

apicalendareventbriteeventswidget

A · Safe

CVEs total1

Unpatched0

Last CVESep 3, 2025

Plugin page Download

Safety Verdict

Is Show Eventbrite Events – Event Feed for Eventbrite Safe to Use in 2026?

Generally Safe

Score 99/100

Show Eventbrite Events – Event Feed for Eventbrite has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Sep 3, 2025Updated 7mo ago

Risk Assessment

The security posture of the "event-feed-for-eventbrite" plugin version 1.4.0 presents a mixed bag of good practices and significant concerns. On the positive side, the plugin demonstrates strong output escaping practices with 96% of outputs properly handled, and it has a good number of nonce and capability checks. The absence of dangerous functions and file operations is also commendable. However, a substantial portion of the attack surface remains unprotected, with 4 out of 5 entry points lacking authentication or permission checks. This is a critical oversight that could allow unauthorized users to trigger plugin functionality. The taint analysis shows no immediate critical or high-severity issues, which is a good sign, but the lack of sanitization on paths is still a potential concern.

The vulnerability history reveals a past medium-severity Cross-site Scripting (XSS) vulnerability. While currently unpatched CVEs are zero, the existence of a past XSS issue, combined with the unprotected entry points, suggests a need for vigilance. The plugin also uses the Freemius licensing library, which, if outdated, could introduce its own vulnerabilities. Overall, while the plugin has made strides in secure coding, the high number of unprotected entry points and past XSS vulnerability present a tangible risk that needs to be addressed.

Key Concerns

Unprotected AJAX handlers
Unprotected REST API routes
SQL queries not fully prepared
Past medium severity XSS vulnerability
Bundled Freemius library potentially outdated

Vulnerabilities

Show Eventbrite Events – Event Feed for Eventbrite Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-58623medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Event Feed for Eventbrite <= 1.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Sep 3, 2025 Patched in 1.4.0 (7d)

Code Analysis

Analyzed Mar 16, 2026

Show Eventbrite Events – Event Feed for Eventbrite Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

739 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius1.0

SQL Query Safety

50% prepared2 total queries

Output Escaping

96% escaped770 total outputs

Data Flows

All sanitized

Data Flow Analysis

3 flows

duplicate_event_feed_as_draft (admin\class-admin.php:1533)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

4 unprotected

Show Eventbrite Events – Event Feed for Eventbrite Attack Surface

Entry Points5

Unprotected4

AJAX Handlers 2

authwp_ajax_get_dateformatincludes\class-event-feed-for-eventbrite.php:216

noprivwp_ajax_get_dateformatincludes\class-event-feed-for-eventbrite.php:217

REST API Routes 2

GET/wp-json/event-feed-for-eventbrite/v1/feed/(?P<id>\d+)public\class-public.php:383

GET/wp-json/event-feed-for-eventbrite/v1/image/(?P<id>\d+)public\class-public.php:400

Shortcodes 1

[event-feed] includes\class-event-feed-for-eventbrite.php:251

WordPress Hooks 52

actionafter_uninstallevent-feed-for-eventbrite.php:137

filterhttp_request_timeoutincludes\class-event-feed-api.php:362

actionplugins_loadedincludes\class-event-feed-for-eventbrite.php:119

actionadmin_enqueue_scriptsincludes\class-event-feed-for-eventbrite.php:135

actionadmin_enqueue_scriptsincludes\class-event-feed-for-eventbrite.php:136

actionadmin_enqueue_scriptsincludes\class-event-feed-for-eventbrite.php:139

actionadmin_initincludes\class-event-feed-for-eventbrite.php:142

actionadmin_post_effe_getting_started_save_api_key_responseincludes\class-event-feed-for-eventbrite.php:145

actioninitincludes\class-event-feed-for-eventbrite.php:148

actionadmin_menuincludes\class-event-feed-for-eventbrite.php:151

actionadmin_menuincludes\class-event-feed-for-eventbrite.php:152

actionadmin_headincludes\class-event-feed-for-eventbrite.php:153

actioninitincludes\class-event-feed-for-eventbrite.php:161

filterenter_title_hereincludes\class-event-feed-for-eventbrite.php:164

actioninitincludes\class-event-feed-for-eventbrite.php:167

actioninitincludes\class-event-feed-for-eventbrite.php:170

filtermanage_event_feed_posts_columnsincludes\class-event-feed-for-eventbrite.php:173

actionmanage_event_feed_posts_custom_columnincludes\class-event-feed-for-eventbrite.php:174

filtermanage_edit-event_feed_sortable_columnsincludes\class-event-feed-for-eventbrite.php:177

actionpre_get_postsincludes\class-event-feed-for-eventbrite.php:178

filtermanage_edit-event_feed_sortable_columnsincludes\class-event-feed-for-eventbrite.php:181

actionpre_get_postsincludes\class-event-feed-for-eventbrite.php:182

actionadmin_headincludes\class-event-feed-for-eventbrite.php:185

actionadmin_bar_menuincludes\class-event-feed-for-eventbrite.php:188

actionadmin_noticesincludes\class-event-feed-for-eventbrite.php:191

filteradmin_footer_textincludes\class-event-feed-for-eventbrite.php:194

filterupdate_footerincludes\class-event-feed-for-eventbrite.php:195

actionpost_submitbox_startincludes\class-event-feed-for-eventbrite.php:198

actionadmin_headincludes\class-event-feed-for-eventbrite.php:201

actionadd_meta_boxes_event_feedincludes\class-event-feed-for-eventbrite.php:204

actionsave_post_event_feedincludes\class-event-feed-for-eventbrite.php:207

actionadmin_action_duplicate_event_feed_as_draftincludes\class-event-feed-for-eventbrite.php:210

filterpost_row_actionsincludes\class-event-feed-for-eventbrite.php:213

actioninitincludes\class-event-feed-for-eventbrite.php:220

actionenqueue_block_editor_assetsincludes\class-event-feed-for-eventbrite.php:221

filterwp_insert_post_dataincludes\class-event-feed-for-eventbrite.php:224

actioninitincludes\class-event-feed-for-eventbrite.php:239

actioninitincludes\class-event-feed-for-eventbrite.php:240

actionwp_enqueue_scriptsincludes\class-event-feed-for-eventbrite.php:241

actionwp_enqueue_scriptsincludes\class-event-feed-for-eventbrite.php:242

actionwp_headincludes\class-event-feed-for-eventbrite.php:245

actionwp_footerincludes\class-event-feed-for-eventbrite.php:248

filtertemplate_includeincludes\class-event-feed-for-eventbrite.php:254

actionrest_api_initincludes\class-event-feed-for-eventbrite.php:257

filtersgo_js_minify_excludeincludes\class-event-feed-for-eventbrite.php:260

filtersgo_js_async_excludeincludes\class-event-feed-for-eventbrite.php:261

filtersgo_javascript_combine_excludeincludes\class-event-feed-for-eventbrite.php:262

filtersgo_javascript_combine_excluded_external_pathsincludes\class-event-feed-for-eventbrite.php:263

filterrocket_exclude_jsincludes\class-event-feed-for-eventbrite.php:266

filterrocket_exclude_defer_jsincludes\class-event-feed-for-eventbrite.php:267

filterrocket_defer_inline_exclusionsincludes\class-event-feed-for-eventbrite.php:268

actionrest_api_initincludes\class-event-feed-for-eventbrite.php:270

Maintenance & Trust

Show Eventbrite Events – Event Feed for Eventbrite Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedAug 29, 2025

PHP min version5.6

Downloads15K

Community Trust

Rating86/100

Number of ratings9

Active installs900

Alternatives

Show Eventbrite Events – Event Feed for Eventbrite Alternatives

Simple Calendar – Google Calendar Plugin

google-calendar-events

Add Google Calendar events to your WordPress site in minutes. Beautiful calendar displays. Mobile responsive.

50K 7 CVEs

Events Widgets For Elementor And The Events Calendar

events-widgets-for-elementor-and-the-events-calendar

The Events Calendar Elementor widgets help you manage and display an upcoming events list with date, time, venue and event ticket booking details.

10K 1 CVE

Import Eventbrite Events

import-eventbrite-events

Import Eventbrite Events into WordPress website and/or Event Calendar. Nice Display with shortcode & Event widget.

3K 1 CVE

Display Eventbrite Events

widget-for-eventbrite-api

Display your upcoming Eventbrite events quickly and easily.

3K 1 CVE

Upcoming Events Lists

upcoming-events-lists

A WordPress plugin to show a list of upcoming events on the front-end.

1K 1 unpatched

Developer Profile

Show Eventbrite Events – Event Feed for Eventbrite Developer Profile

Bohemia Plugins

2 plugins · 940 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

7 days

View full developer profile

Detection Fingerprints

How We Detect Show Eventbrite Events – Event Feed for Eventbrite

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/event-feed-for-eventbrite/admin/css/style.css/wp-content/plugins/event-feed-for-eventbrite/admin/js/event-feed-for-eventbrite-admin.js/wp-content/plugins/event-feed-for-eventbrite/public/css/event-feed-for-eventbrite-public.css/wp-content/plugins/event-feed-for-eventbrite/public/js/event-feed-for-eventbrite-public.js/wp-content/plugins/event-feed-for-eventbrite/freemius/static/img/logos/freemius-logo-full-color.svg/wp-content/plugins/event-feed-for-eventbrite/freemius/static/img/logos/freemius-logo-icon-color.svg/wp-content/plugins/event-feed-for-eventbrite/freemius/static/img/logos/freemius-logo-icon-color-white.svg/wp-content/plugins/event-feed-for-eventbrite/freemius/static/img/logos/freemius-logo-full-color-white.svg

Script Paths

/wp-content/plugins/event-feed-for-eventbrite/admin/js/event-feed-for-eventbrite-admin.js/wp-content/plugins/event-feed-for-eventbrite/public/js/event-feed-for-eventbrite-public.js

Version Parameters

event-feed-for-eventbrite/admin/css/style.css?ver=event-feed-for-eventbrite/admin/js/event-feed-for-eventbrite-admin.js?ver=event-feed-for-eventbrite/public/css/event-feed-for-eventbrite-public.css?ver=event-feed-for-eventbrite/public/js/event-feed-for-eventbrite-public.js?ver=

HTML / DOM Fingerprints

CSS Classes

event-feed-for-eventbrite-publicevent_feed_admin_main_containerevent_feed_admin_main_nav

Data Attributes

data-plugin-name="event-feed-for-eventbrite"data-version="1.4.0"

JS Globals

effe_freemius

FAQ