Does Evento have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Evento compatible with WordPress 6.8.5?

According to WordPress.org data, Evento 2.5 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Evento compatible with PHP 5.6+?

Evento requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Evento updated?

Evento was last updated on May 13, 2025. Frequent updates are generally a positive security signal.

What is Evento's security score?

Evento has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Evento Security & Risk Analysis

wordpress.org/plugins/evento

Enhance EventPress WordPress Themes Functionality.

1K active installs v2.5 PHP 5.6+ WP 6.0+ Updated May 13, 2025

companioncustomizerhomepage-setupone-click-demosections

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Evento Safe to Use in 2026?

Generally Safe

Score 92/100

Evento has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "evento" v2.5 plugin exhibits a generally strong security posture based on the static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events without proper authentication or permission checks, combined with zero critical or high severity taint flows, suggests a minimal attack surface. The plugin also utilizes prepared statements exclusively for SQL queries and has no recorded vulnerabilities, indicating a history of security consciousness. However, a significant concern arises from the output escaping: only 54% of outputs are properly escaped. This means over half of the plugin's outputting functions may be susceptible to Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is not sanitized before display. While the plugin has a clean vulnerability history, the high percentage of unescaped output presents a tangible risk that warrants immediate attention.

Key Concerns

High percentage of unescaped output

Vulnerabilities

None known

Evento Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Evento Release Timeline

v2.6

v2.5Current

v2.4

v2.2

v2.1

v2.0

v1.9

v1.8

v1.7

v1.6

v1.5

v1.4

v1.3

v1.2

v1.1

v1.0.20

v1.0.19

v1.0.18

v1.0.17

v1.0.16

Code Analysis

Analyzed Mar 16, 2026

Evento Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

160

186 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

54% escaped346 total outputs

Attack Surface

Evento Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 41

actioninitevento.php:68

actionwidgets_initevento.php:115

actionwidgets_initevento.php:116

actioncustomize_registerinc\eventplus\features\eventplus-countdown.php:199

actioncustomize_registerinc\eventplus\features\eventplus-countdown.php:227

actioncustomize_registerinc\eventplus\features\eventplus-gallery.php:249

actioncustomize_registerinc\eventplus\features\eventplus-gallery.php:283

actioncustomize_registerinc\eventplus\features\eventplus-navigation.php:315

actioncustomize_registerinc\eventplus\features\eventplus-organizer.php:217

actioncustomize_registerinc\eventplus\features\eventplus-organizer.php:251

actioncustomize_registerinc\eventplus\features\eventplus-slider-section.php:229

actioncustomize_registerinc\eventplus\features\eventplus-slider-section.php:250

actioncustomize_registerinc\eventplus\features\eventplus-style-configurator.php:81

actioncustomize_registerinc\eventplus\features\eventplus-typography.php:944

actioncustomize_registerinc\eventplus\features\eventplus-typography.php:1227

actionwp_headinc\eventplus\prebuilt-color.php:47

actioneventpress_sectionsinc\eventplus\sections\section-countdown.php:105

actioneventpress_sectionsinc\eventplus\sections\section-gallery.php:121

actioneventpress_sectionsinc\eventplus\sections\section-organizer.php:84

actioneventpress_sectionsinc\eventplus\sections\section-slider.php:119

actionwp_headinc\eventplus\typography_style.php:494

actioncustomize_registerinc\eventpress\features\eventpress-countdown.php:199

actioncustomize_registerinc\eventpress\features\eventpress-countdown.php:227

actioncustomize_registerinc\eventpress\features\eventpress-gallery.php:249

actioncustomize_registerinc\eventpress\features\eventpress-gallery.php:283

actioncustomize_registerinc\eventpress\features\eventpress-navigation.php:315

actioncustomize_registerinc\eventpress\features\eventpress-organizer.php:213

actioncustomize_registerinc\eventpress\features\eventpress-organizer.php:247

actioncustomize_registerinc\eventpress\features\eventpress-slider-section.php:229

actioncustomize_registerinc\eventpress\features\eventpress-slider-section.php:251

actioncustomize_registerinc\eventpress\features\eventpress-style-configurator.php:81

actioncustomize_registerinc\eventpress\features\eventpress-typography.php:944

actioncustomize_registerinc\eventpress\features\eventpress-typography.php:1227

actionwp_headinc\eventpress\prebuilt-color.php:158

actioneventpress_sectionsinc\eventpress\sections\section-countdown.php:105

actioneventpress_sectionsinc\eventpress\sections\section-gallery.php:121

actioneventpress_sectionsinc\eventpress\sections\section-organizer.php:97

actioneventpress_sectionsinc\eventpress\sections\section-slider.php:127

actionwp_headinc\eventpress\typography_style.php:494

actionadmin_enqueue_scriptsinc\widget\social-widget.php:27

actionadmin_enqueue_scriptsinc\widget\social-widget.php:28

Maintenance & Trust

Evento Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedMay 13, 2025

PHP min version5.6

Downloads49K

Community Trust

Rating0/100

Number of ratings0

Active installs1K

Alternatives

Evento Alternatives

Clever Fox

clever-fox

Clever Fox plugin to enhance the functionality of free themes made by Nayra Themes.

30K 2 CVEs

eCommerce Companion

ecommerce-companion

100

eCommerce Companion plugin only for Seller Themes. Its fully WooCommerce Compatible Themes

7K No CVEs

Specia Companion

specia-companion

Specia Companion is created for Specia Theme

5K 1 unpatched

Reset Customizer

reset-customizer

100

Adds a reset button to each section in the customizer and easily backup / restore / migrate customizer settings

800 No CVEs

Kirki Customizer Framework

kirki

100

The Ultimate Customizer Framework for WordPress Theme Developers

500K No CVEs

Developer Profile

Evento Developer Profile

Nayra Themes

72 plugins · 54K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

271 days

View full developer profile

Detection Fingerprints

How We Detect Evento

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/evento/inc/custom-controls/range-validator/assets/css/range-control.css/wp-content/plugins/evento/inc/custom-controls/range-validator/assets/js/range-control.js/wp-content/plugins/evento/inc/custom-controls/select/assets/js/select-control.js/wp-content/plugins/evento/inc/custom-controls/select/assets/selectize.default.css/wp-content/plugins/evento/inc/custom-controls/select/assets/js/selectize.min.js

HTML / DOM Fingerprints

CSS Classes

evento-rangeevento-range-defievento-range-valueevento-resets-range-valueevento-select-control

Data Attributes

type="evento-range"

JS Globals

Evento_Customizer_Range_ControlEvento_Customizer_Select_Control

FAQ