Does Events Addon for Elementor have any unpatched vulnerabilities?

No. All known vulnerabilities in Events Addon for Elementor have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Events Addon for Elementor compatible with WordPress 6.8.5?

According to WordPress.org data, Events Addon for Elementor 2.3.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Events Addon for Elementor compatible with PHP 7.4+?

Events Addon for Elementor requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Events Addon for Elementor updated?

Events Addon for Elementor was last updated on Aug 28, 2025. Frequent updates are generally a positive security signal.

What is Events Addon for Elementor's security score?

Events Addon for Elementor has a WP-Safety security score of 96/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Events Addon for Elementor Security & Risk Analysis

wordpress.org/plugins/events-addon-for-elementor

Events Addon for Elementor is an Elementor Addons for Event Websites.

8K active installs v2.3.0 PHP 7.4+ WP 6.0+ Updated Aug 28, 2025

addonsconferenceelementorelementor-widgetevents

A · Safe

CVEs total7

Unpatched0

Last CVEAug 28, 2025

Plugin page Download

Safety Verdict

Is Events Addon for Elementor Safe to Use in 2026?

Generally Safe

Score 96/100

Events Addon for Elementor has a strong security track record. Known vulnerabilities have been patched promptly.

7 known CVEsLast CVE: Aug 28, 2025Updated 7mo ago

Risk Assessment

The plugin 'events-addon-for-elementor' v2.3.0 exhibits a mixed security posture. While the static analysis indicates good practices such as 100% SQL query sanitization, the presence of 6 AJAX handlers with nonce and capability checks is positive. However, the significant vulnerability history, with 7 known medium severity CVEs, is a major concern. These past vulnerabilities, including Authorization Bypass, Cross-Site Scripting, CSRF, and Missing Authorization, suggest recurring weaknesses in how the plugin handles user input and access control. Although no vulnerabilities are currently unpatched and the static analysis did not reveal critical taint flows or unsanitized paths, the historical pattern of multiple security flaws, particularly those related to authorization and input handling, indicates a need for caution. The 83% output escaping rate, while good, also means a small percentage of outputs are not properly escaped, which could potentially lead to XSS if user-controlled data is involved in those unescaped outputs.

Key Concerns

7 Medium severity CVEs in history
83% output escaping (17% not properly escaped)
Bundled Freemius v1.0 library (potentially outdated)

Vulnerabilities

Events Addon for Elementor Security Vulnerabilities

CVEs by Year

2 CVEs in 2023

2023

4 CVEs in 2024

2024

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

7 total CVEs

CVE-2025-8150medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Events Addon for Elementor <= 2.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Typewriter and Countdown Widgets

Aug 28, 2025 Patched in 2.3.0 (1d)

CVE-2024-12061medium · 4.3Authorization Bypass Through User-Controlled Key

Events Addon for Elementor <= 2.2.3 - Authenticated (Contributor+) Post Disclosure

Dec 17, 2024 Patched in 2.2.4 (1d)

CVE-2024-54315medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Events Addon for Elementor <= 2.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Dec 11, 2024 Patched in 2.2.3 (9d)

CVE-2024-49264medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Events Addon for Elementor <= 2.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

Oct 14, 2024 Patched in 2.2.1 (8d)

CVE-2024-4669medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Events Addon for Elementor <= 2.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets

Jun 11, 2024 Patched in 2.1.7 (1d)

WF-5256ef2b-e1fc-4746-b35e-07a265f47f95-events-addon-for-elementormedium · 4.3Cross-Site Request Forgery (CSRF)

Events Addon for Elementor <= 2.1.2 - Cross-Site Request Forgery

Nov 14, 2023 Patched in 2.1.3 (70d)

CVE-2023-47827medium · 5.3Missing Authorization

Events Addon for Elementor <= 2.1.2 - Missing Authorization

Nov 14, 2023 Patched in 2.1.3 (70d)

Code Analysis

Analyzed Mar 16, 2026

Events Addon for Elementor Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

180

853 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius1.0

Output Escaping

83% escaped1033 total outputs

Data Flows

All sanitized

Data Flow Analysis

4 flows

naevents_bw_toggle_submit_func (elementor\naevents-admin-functions.php:20)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Events Addon for Elementor Attack Surface

Entry Points6

Unprotected0

AJAX Handlers 6

authwp_ajax_naevents_bw_settings_saveelementor\naevents-admin-functions.php:19

authwp_ajax_naevents_bw_toggle_submitelementor\naevents-admin-functions.php:27

authwp_ajax_naevents_uw_settings_saveelementor\naevents-admin-functions.php:44

authwp_ajax_naevents_uw_toggle_submitelementor\naevents-admin-functions.php:52

authwp_ajax_naevents_pro_settings_saveelementor\naevents-admin-functions.php:69

authwp_ajax_naevents_pro_toggle_submitelementor\naevents-admin-functions.php:77

WordPress Hooks 40

actionplugins_loadedelementor\em-setup.php:33

actionelementor/frontend/after_enqueue_scriptselementor\em-setup.php:36

actionelementor/editor/before_enqueue_scriptselementor\em-setup.php:40

actionadmin_noticeselementor\em-setup.php:64

actionadmin_noticeselementor\em-setup.php:71

actionelementor/elements/categories_registeredelementor\em-setup.php:79

actionelementor/elements/categories_registeredelementor\em-setup.php:80

actionelementor/elements/categories_registeredelementor\em-setup.php:81

actionelementor/elements/categories_registeredelementor\em-setup.php:82

actionelementor/elements/categories_registeredelementor\em-setup.php:83

actionelementor/elements/categories_registeredelementor\em-setup.php:84

actionelementor/elements/categories_registeredelementor\em-setup.php:85

actionelementor/elements/categories_registeredelementor\em-setup.php:86

actionelementor/elements/categories_registeredelementor\em-setup.php:87

actionelementor/elements/categories_registeredelementor\em-setup.php:88

actionelementor/elements/categories_registeredelementor\em-setup.php:89

actionelementor/elements/categories_registeredelementor\em-setup.php:90

actionelementor/elements/categories_registeredelementor\em-setup.php:91

actionelementor/widgets/widgets_registeredelementor\em-setup.php:94

actionelementor/widgets/widgets_registeredelementor\em-setup.php:95

actionelementor/widgets/widgets_registeredelementor\em-setup.php:96

actionelementor/widgets/widgets_registeredelementor\em-setup.php:97

actionafter_switch_themeelementor\em-setup.php:343

actionpt-ocdi/after_content_import_executionelementor\em-setup.php:351

filterexcerpt_lengthelementor\em-setup.php:367

filterexcerpt_moreelementor\em-setup.php:392

filterconnect_urlevents-addon-for-elementor.php:56

filterafter_skip_urlevents-addon-for-elementor.php:57

filterafter_connect_urlevents-addon-for-elementor.php:58

filterafter_pending_connect_urlevents-addon-for-elementor.php:59

actionadmin_enqueue_scriptsevents-addon-for-elementor.php:85

actionadmin_menuevents-addon-for-elementor.php:98

actioninitevents-addon-for-elementor.php:129

actionadmin_noticesevents-addon-for-elementor.php:135

actionplugins_loadedevents-addon-for-elementor.php:140

actionadmin_noticesevents-addon-for-elementor.php:160

actionadmin_noticesevents-addon-for-elementor.php:178

actionelementor/editor/before_enqueue_scriptsevents-addon-for-elementor.php:191

actionelementor/frontend/after_enqueue_scriptsevents-addon-for-elementor.php:206

actionwp_enqueue_scriptsevents-addon-for-elementor.php:370

Maintenance & Trust

Events Addon for Elementor Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedAug 28, 2025

PHP min version7.4

Downloads186K

Community Trust

Rating64/100

Number of ratings5

Active installs8K

Alternatives

Events Addon for Elementor Alternatives

ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor

elementskit-lite

Join millions who empower their websites with ElementsKit Elementor Addons. Get templates, & 100+ widgets like header-footer, mega menu, custom widget

2.0M 22 CVEs

Essential Addons for Elementor – Popular Elementor Templates & Widgets

essential-addons-for-elementor-lite

Elementor addon offering 110+ widgets and templates — Elementor Gallery, Slider, Form, Post Grid, Menu, Accordion, WooCommerce & more.

2.0M 56 CVEs

Ultimate Addons for Elementor

header-footer-elementor

Powerful Elementor addon with advanced Elementor widgets, templates, WooCommerce widgets & Header-Footer builder to build professional websites fa …

2.0M 12 CVEs

Premium Addons for Elementor – Powerful Elementor Templates & Widgets

premium-addons-for-elementor

Elementor Carousel, Mega Menu, Posts List/Slider, Media Gallery, WooCommerce Widgets, Display Conditions, Premade Templates & more.

700K 35 CVEs

Royal Addons for Elementor – Addons and Templates Kit for Elementor

royal-elementor-addons

Elementor templates, Header footer builder, Elementor Post Grid, Woocommerce Grid builder, Slider, Forms, Gallery, Nav menu addons, Elementor widgets.

600K 1 unpatched

Developer Profile

Events Addon for Elementor Developer Profile

nicheaddons

7 plugins · 19K total installs

trust score

Avg Security Score

82/100

Avg Patch Time

74 days

View full developer profile

Detection Fingerprints

How We Detect Events Addon for Elementor

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/events-addon-for-elementor/assets/css/themify-icons.min.css/wp-content/plugins/events-addon-for-elementor/assets/css/admin-styles.css/wp-content/plugins/events-addon-for-elementor/assets/js/admin-scripts.js

Script Paths

/wp-content/plugins/events-addon-for-elementor/assets/js/admin-scripts.js

Version Parameters

events-addon-for-elementor/assets/css/themify-icons.min.css?ver=events-addon-for-elementor/assets/css/admin-styles.css?ver=events-addon-for-elementor/assets/js/admin-scripts.js?ver=

HTML / DOM Fingerprints

CSS Classes

naevents-admin-page

Data Attributes

data-elementor-iddata-elementor-post-typedata-elementor-type

JS Globals

NAEAFE_VERSIONNAEAFE_URL

FAQ