WP-Safety

Events Block For The Events Calendar Security & Risk Analysis

wordpress.org/plugins/events-block-for-the-events-calendar

The Events Block for The Events Calendar lets you showcase your events from The Events Calendar right within the Gutenberg pages.

2K active installs v1.4.3 PHP 7.2+ WP 6.0+ Updated Mar 10, 2026
events-blockevents-calendarevents-listgutenberg-blockthe-events-calendar-blocks
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Events Block For The Events Calendar Safe to Use in 2026?

Generally Safe

Score 100/100

Events Block For The Events Calendar has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 24d ago
Risk Assessment

The "events-block-for-the-events-calendar" plugin version 1.4.3 demonstrates a generally strong security posture with several good practices observed in the static analysis. The absence of any dangerous functions, the exclusive use of prepared statements for SQL queries, and the high percentage of properly escaped output are all positive indicators. The plugin also implements a reasonable number of nonce and capability checks, further strengthening its defenses against common attack vectors. The vulnerability history is entirely clean, with no recorded CVEs, which suggests a history of secure development and maintenance.

However, there are minor areas for consideration. The presence of file operations and external HTTP requests, while not inherently insecure, represents potential attack surfaces that require careful implementation to prevent vulnerabilities. While taint analysis found no unsanitized paths, the existence of these flows means that future code changes could introduce risks if not handled with extreme care. The total number of entry points, though all protected, is noteworthy, and maintaining robust authentication and authorization for all of them is crucial.

In conclusion, "events-block-for-the-events-calendar" v1.4.3 is currently a well-secured plugin, with a commendable lack of known vulnerabilities and solid coding practices. The main concerns revolve around the potential risks associated with file operations and external requests, which, while not exploited in this version according to the analysis, warrant ongoing vigilance. The clean vulnerability history is a significant strength.

Key Concerns

  • File operations present potential risk
  • External HTTP requests present potential risk
  • Potential for issues with unescaped output
Vulnerabilities
None known

Events Block For The Events Calendar Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Events Block For The Events Calendar Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
26
363 escaped
Nonce Checks
4
Capability Checks
12
File Operations
1
External Requests
2
Bundled Libraries
0

Output Escaping

93% escaped389 total outputs
Data Flows
All sanitized

Data Flow Analysis

1 flows
<events-addon-page> (admin\events-addon-page\events-addon-page.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Events Block For The Events Calendar Attack Surface

Entry Points3
Unprotected0

AJAX Handlers 3

authwp_ajax_cpfm_handle_opt_inadmin\cpfm-feedback\cpfm-feedback-notice.php:13
authwp_ajax_ect_dashboard_install_pluginadmin\events-addon-page\events-addon-page.php:57
authwp_ajax_ebec_dismiss_noticeadmin\feedback-notice\ebec-review-notice.php:15
WordPress Hooks 23
actionadmin_initadmin\cpfm-feedback\cpfm-feedback-notice.php:11
actionadmin_enqueue_scriptsadmin\cpfm-feedback\cpfm-feedback-notice.php:12
actionadmin_footeradmin\cpfm-feedback\cpfm-feedback-notice.php:15
filtercron_schedulesadmin\cpfm-feedback\cron\class-cron.php:12
actionebec_extra_data_updateadmin\cpfm-feedback\cron\class-cron.php:13
actionadmin_menuadmin\events-addon-page\events-addon-page.php:56
actionadmin_enqueue_scriptsadmin\events-addon-page\events-addon-page.php:58
actionadmin_enqueue_scriptsadmin\feedback\admin-feedback-form.php:23
actionadmin_headadmin\feedback\admin-feedback-form.php:24
actionect_display_admin_noticesadmin\feedback-notice\ebec-review-notice.php:14
actioninitevents-block-for-the-event-calender.php:60
actionplugins_loadedevents-block-for-the-event-calender.php:62
actioninitevents-block-for-the-event-calender.php:63
actionadmin_print_scriptsevents-block-for-the-event-calender.php:64
actionadmin_noticesevents-block-for-the-event-calender.php:189
actioncpfm_register_noticeevents-block-for-the-event-calender.php:230
actioncpfm_after_opt_in_ebecevents-block-for-the-event-calender.php:255
actionect_display_admin_noticesevents-block-for-the-event-calender.php:265
filtertribe_rest_event_max_per_pageevents-block-for-the-event-calender.php:293
filterrest_tribe_events_collection_paramsevents-block-for-the-event-calender.php:297
actionenqueue_block_assetsincludes\ebec-block.php:24
actionenqueue_block_editor_assetsincludes\ebec-block.php:25
actioninitincludes\ebec-block.php:26

Scheduled Events 2

ebec_extra_data_update
ebec_extra_data_update
Maintenance & Trust

Events Block For The Events Calendar Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 10, 2026
PHP min version7.2
Downloads58K

Community Trust

Rating60/100
Number of ratings5
Active installs2K
Alternatives

Events Block For The Events Calendar Alternatives

Spectra Gutenberg Blocks – Website Builder for the Block Editor

Spectra Gutenberg Blocks – Website Builder for the Block Editor

ultimate-addons-for-gutenberg

A
92

Power-up Gutenberg with advanced blocks for faster website creation. Build your WordPress website effortlessly using powerful building blocks!

1.0M 26 CVEs
Kadence Blocks — Page Builder Toolkit for Gutenberg Editor

Kadence Blocks — Page Builder Toolkit for Gutenberg Editor

kadence-blocks

A
86

20+ AI-powered Gutenberg Blocks with endless options, enabling top-notch efficiency for high-performance dynamic website creation.

600K 31 CVEs
Page Builder: Pagelayer – Drag and Drop website builder

Page Builder: Pagelayer – Drag and Drop website builder

pagelayer

A
88

The most advanced frontend drag & drop page builder. Pagelayer is a light weight but extremely powerful Website Builder.

400K 25 CVEs
Page Builder Gutenberg Blocks – CoBlocks

Page Builder Gutenberg Blocks – CoBlocks

coblocks

B
72

CoBlocks is a suite of page builder WordPress blocks for Gutenberg, with 10+ new blocks and a true page builder experience with rows and columns.

300K 1 unpatched
Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE

Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE

otter-blocks

A
94

Quickly create WordPress pages with 20+ blocks, 100+ ready-to-import designs, and advanced editor extensions. It’s website building, Lego-style!

300K 11 CVEs
Developer Profile

Events Block For The Events Calendar Developer Profile

Cool Plugins

19 plugins · 109K total installs

78
trust score
Avg Security Score
98/100
Avg Patch Time
490 days
View full developer profile
Detection Fingerprints

How We Detect Events Block For The Events Calendar

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/events-block-for-the-events-calendar/admin/feedback/admin-feedback-form.php/wp-content/plugins/events-block-for-the-events-calendar/admin/feedback-notice/ebec-review-notice.php/wp-content/plugins/events-block-for-the-events-calendar/includes/ebec-block.php/wp-content/plugins/events-block-for-the-events-calendar/admin/cpfm-feedback/cpfm-feedback-notice.php
Version Parameters
events-block-for-the-events-calendar/events-block-for-the-event-calender.php?ver=

HTML / DOM Fingerprints

Data Attributes
data-blockdata-post_iddata-post_typedata-events
JS Globals
ebec
FAQ

Frequently Asked Questions about Events Block For The Events Calendar