Does Event Organiser NGO have any unpatched vulnerabilities?

No. All known vulnerabilities in Event Organiser NGO have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Event Organiser NGO compatible with WordPress 4.6.30?

According to WordPress.org data, Event Organiser NGO 1.2.4 has been tested up to WordPress 4.6.30. Check the plugin's changelog for the latest compatibility information.

How often is Event Organiser NGO updated?

Event Organiser NGO was last updated on Dec 12, 2016. Frequent updates are generally a positive security signal.

What is Event Organiser NGO's security score?

Event Organiser NGO has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Event Organiser NGO Security & Risk Analysis

wordpress.org/plugins/event-organiser-ngo

License GPLv2 or later License URI: http://www.gnu.org/licenses/gpl-2.0.html Plugin to share events in a WPMU installation.

10 active installs v1.2.4 PHP + WP 3.0.1+ Updated Dec 12, 2016

event-organisershare-events-with-a-portal-siteshow-site-events-on-network-site

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Event Organiser NGO Safe to Use in 2026?

Generally Safe

Score 85/100

Event Organiser NGO has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago

Risk Assessment

The static analysis of the "event-organiser-ngo" v1.2.4 plugin reveals a mixed security posture. While the plugin exhibits a minimal attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events, several concerning code signals are present. The use of `create_function` is a significant red flag, as it can lead to arbitrary code execution if user input is directly passed to it without proper sanitization. Furthermore, the plugin executes SQL queries without using prepared statements, which opens it up to SQL injection vulnerabilities. The low percentage of properly escaped output (23%) also indicates a high risk of cross-site scripting (XSS) vulnerabilities. The absence of nonce checks on any potential entry points is another area of concern, making it susceptible to cross-site request forgery (CSRF) attacks. The vulnerability history being clean is a positive sign, suggesting that past versions may have been more secure or that the plugin has not been a significant target. However, this does not mitigate the risks identified in the current static analysis.

Key Concerns

Dangerous function: create_function used
SQL queries without prepared statements
Low percentage of properly escaped output
No nonce checks on potential entry points

Vulnerabilities

None known

Event Organiser NGO Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Event Organiser NGO Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

13 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

create_functionadd_action( 'widgets_init', create_function('', 'return register_widget("PortalOneWeekCalendar");') includes\event-organiser-portal.php:101

create_functionadd_action( 'widgets_init', create_function('', 'return register_widget("NGOOneWeekCalendar");') );includes\event-organiser-sites.php:203

create_functionadd_action( 'widgets_init', create_function('', 'return register_widget("NGOTwoWeekCalendar");') );includes\event-organiser-sites.php:356

SQL Query Safety

0% prepared2 total queries

Output Escaping

23% escaped56 total outputs

Attack Surface

Event Organiser NGO Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 24

actionplugins_loadedevent-organiser-ngo.php:23

actionadmin_initevent-organiser-ngo.php:29

actionadmin_noticesevent-organiser-ngo.php:33

actionwp_loadedevent-organiser-ngo.php:87

actionadmin_menuevent-organiser-ngo.php:91

actionadmin_menuevent-organiser-ngo.php:95

actiondo_meta_boxesevent-organiser-ngo.php:96

actionwp_enqueue_scriptsevent-organiser-ngo.php:130

actionplugins_loadedevent-organiser-ngo.php:136

actionadmin_initincludes\event-organiser-portal.php:4

actionpre_get_postsincludes\event-organiser-portal.php:5

actionadd_meta_boxesincludes\event-organiser-portal.php:6

actionsave_postincludes\event-organiser-portal.php:7

actionwidgets_initincludes\event-organiser-portal.php:101

filtereventorganiser_fullcalendarincludes\event-organiser-portal_cal.php:4

actionadmin_initincludes\event-organiser-sites.php:4

actionpre_get_postsincludes\event-organiser-sites.php:5

actionadd_meta_boxesincludes\event-organiser-sites.php:6

actionsave_postincludes\event-organiser-sites.php:7

actionadd_meta_boxesincludes\event-organiser-sites.php:8

actionsave_postincludes\event-organiser-sites.php:9

filterthe_timeincludes\event-organiser-sites.php:10

actionwidgets_initincludes\event-organiser-sites.php:203

actionwidgets_initincludes\event-organiser-sites.php:356

Maintenance & Trust

Event Organiser NGO Maintenance & Trust

Maintenance Signals

WordPress version tested4.6.30

Last updatedDec 12, 2016

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Event Organiser NGO Alternatives

Event Organiser Posterboard

event-organiser-posterboard

Adds an 'event board' to display your events in a responsive posterboard.

2K No CVEs

Developer Profile

Event Organiser NGO Developer Profile

George Bredberg

2 plugins · 20 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Event Organiser NGO

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/event-organiser-ngo/css/calendar_style.css

Version Parameters

event-organiser-ngo/css/calendar_style.css?ver=

HTML / DOM Fingerprints

CSS Classes

ngo_show_events

HTML Comments

Data Attributes

id="show_events_in_feed"

FAQ