Does Eventish WP Widget have any unpatched vulnerabilities?

No. All known vulnerabilities in Eventish WP Widget have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Eventish WP Widget compatible with WordPress 3.2.1?

According to WordPress.org data, Eventish WP Widget 1.2.3 has been tested up to WordPress 3.2.1. Check the plugin's changelog for the latest compatibility information.

How often is Eventish WP Widget updated?

Eventish WP Widget was last updated on Nov 22, 2011. Frequent updates are generally a positive security signal.

What is Eventish WP Widget's security score?

Eventish WP Widget has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Eventish WP Widget Security & Risk Analysis

wordpress.org/plugins/eventish

This plugin displays your www.eventish.com events list in your Wordpress based website as a sidebar widget.

10 active installs v1.2.3 PHP + WP 2.5.2+ Updated Nov 22, 2011

email-invitationseventisheventsonline-registrationsell-tickets

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Eventish WP Widget Safe to Use in 2026?

Generally Safe

Score 85/100

Eventish WP Widget has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 14yr ago

Risk Assessment

The Eventish plugin, version 1.2.3, presents a mixed security posture. On the positive side, the static analysis reveals a lack of direct entry points like AJAX handlers, REST API routes, or shortcodes that are directly exposed without authentication. Furthermore, all detected SQL queries utilize prepared statements, which is a strong indicator of good database interaction practices, and there are no recorded vulnerabilities or CVEs for this plugin, suggesting a history of relative stability. However, a significant concern arises from the output escaping. With 7 total outputs and 0% properly escaped, this indicates a high likelihood of cross-site scripting (XSS) vulnerabilities. Any data displayed to users that originates from user input or other potentially untrusted sources is at risk of being injected with malicious scripts. The presence of an external HTTP request also warrants further investigation to ensure it's not a vector for other vulnerabilities, although its specific nature and security controls are not detailed in this analysis.

Key Concerns

Output escaping is not implemented
External HTTP request detected

Vulnerabilities

None known

Eventish WP Widget Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Eventish WP Widget Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped7 total outputs

Attack Surface

Eventish WP Widget Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 2

actionwp_print_stylesindex.php:42

actionplugins_loadedindex.php:138

Maintenance & Trust

Eventish WP Widget Maintenance & Trust

Maintenance Signals

WordPress version tested3.2.1

Last updatedNov 22, 2011

PHP min version

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Eventish WP Widget Alternatives

Tickera – Sell Tickets & Manage Events

tickera-event-ticketing-system

Sell tickets, manage events, and handle event registration on your site — PDF tickets, QR/Barcode check-in, and seamless ticket sales for WordPress.

3K 13 CVEs

TicketSource Ticket Shop

ticketsource-events

Sell event tickets online directly through your WordPress site with TicketSource. An easy to use, self service box office system.

800 1 CVE

Showpass WordPress Extension

showpass

List events, display event details and products. Use the Showpass purchase widget seamless purchases with no redirects, all with easy to use shortcode …

100 1 CVE

The Events Calendar

the-events-calendar

The Events Calendar: #1 calendar plugin for WordPress. Create/manage events (virtual too!) on your site with the free plugin.

700K 25 CVEs

LatePoint – Calendar Booking Plugin for Appointments and Events

latepoint

Optimize your appointment scheduling with our plugin. Sync calendars, automate reminders, and keep your bookings organized.

100K 2 unpatched

Developer Profile

Eventish WP Widget Developer Profile

Armen Margarian

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Eventish WP Widget

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/eventish/stylesheet.css

Version Parameters

eventish/stylesheet.css?ver=

HTML / DOM Fingerprints

CSS Classes

my_eventish_events-widgetmy-eventish-title-boxmy-eventish-box-top-leftmy-eventish-widget-titlemy-eventish-box-top-rightwidget-contentmy-eventish-box-middlemy-eventish-box-content+21 more

Data Attributes

data-eventid

Shortcode Output

<li class="widget-container my-eventish-events-widget"><div class="my-eventish-title-box"><span class="my-eventish-widget-title"><div class="my-eventish-box-middle">

FAQ