WP-Safety

EventOn Connect Security & Risk Analysis

wordpress.org/plugins/events-connector-event-on

Show Eventbrite events on website and create Eventbrite events directly from Wordpress.

0 active installs v1.1.0 PHP 5.4+ WP 5.4+ Updated Unknown
calendareventbriteeventonexportimport
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is EventOn Connect Safe to Use in 2026?

Generally Safe

Score 100/100

EventOn Connect has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The 'events-connector-event-on' plugin v1.1.0 presents a mixed security posture. On the positive side, it exhibits strong practices in handling SQL queries, utilizing prepared statements exclusively. The absence of known CVEs and a clean vulnerability history are also favorable indicators, suggesting a historically stable codebase.

However, the static analysis reveals significant areas for concern. The presence of two instances of the `unserialize` function is a critical risk, as unserialization of untrusted data can lead to remote code execution vulnerabilities. While the taint analysis shows no critical or high severity unsanitized paths, the `unserialize` function itself is a powerful tool that needs extremely careful handling, especially if the data being unserialized originates from user input. Furthermore, the plugin performs a high number of external HTTP requests (21), which could be a vector for various attacks if not properly validated or if the target endpoints are compromised. The capability checks are also notably absent, which is concerning given the potential for unauthorized actions if entry points were to be discovered.

Overall, while the plugin benefits from a clean vulnerability history and secure database practices, the risky `unserialize` function and lack of capability checks introduce substantial potential security weaknesses. The high number of external requests also warrants careful scrutiny to ensure proper validation and sanitization of any data involved.

Key Concerns

  • Dangerous function: unserialize used
  • No capability checks
  • High number of external HTTP requests
  • Bundled library (Freemius v1.0) potentially outdated
Vulnerabilities
None known

EventOn Connect Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

EventOn Connect Code Analysis

Dangerous Functions
2
Raw SQL Queries
0
0 prepared
Unescaped Output
28
149 escaped
Nonce Checks
9
Capability Checks
0
File Operations
4
External Requests
21
Bundled Libraries
1

Dangerous Functions Found

unserialize$repeat_intervals = unserialize( $repeat_intervals );includes\admin\class-momo-themes-export-eventbrite.php:143
unserialize$repeat_intervals = unserialize( $repeat_intervals );includes\admin\class-momo-themes-export-eventbrite.php:198

Bundled Libraries

Freemius1.0

Output Escaping

84% escaped177 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

6 flows2 with unsanitized paths
mmt_eo_exim_import_single_event_eb (includes\admin\class-momo-themes-admin-ajax.php:612)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

EventOn Connect Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 8
actionplugins_loadedclass-momo-themes-exim-lite.php:129
actionadmin_menuclass-momo-themes-exim-lite.php:139
actioninitclass-momo-themes-exim-lite.php:140
actionwidgets_initclass-momo-themes-exim-lite.php:154
actionsave_post_ajde_eventsincludes\admin\class-momo-themes-export-eventbrite.php:17
actionadd_meta_boxesincludes\admin\class-momo-themes-export-eventbrite.php:18
actioninitincludes\class-momo-themes-exim-script-style.php:19
actionadmin_enqueue_scriptsincludes\class-momo-themes-exim-script-style.php:20
Maintenance & Trust

EventOn Connect Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8
Last updatedUnknown
PHP min version5.4
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

EventOn Connect Alternatives

Import Eventbrite Events

Import Eventbrite Events

import-eventbrite-events

A
99

Import Eventbrite Events into WordPress website and/or Event Calendar. Nice Display with shortcode & Event widget.

3K 1 CVE
WP Event Aggregator: Import Eventbrite events, Meetup events, social events and any iCal Events into Event Calendar

WP Event Aggregator: Import Eventbrite events, Meetup events, social events and any iCal Events into Event Calendar

wp-event-aggregator

A
95

Xylus WP Event Aggregator: Easy way to import Eventbrite events, MeetUp events, Social site Events into your WordPress Event Calendar.

1K 4 CVEs
All-in-One WP Migration and Backup

All-in-One WP Migration and Backup

all-in-one-wp-migration

A
90

Trusted by 60M+ sites: The gold standard for WordPress migration and backup. Migrate, backup, and restore your WordPress site with one click.

5.0M 13 CVEs
Widget Importer & Exporter

Widget Importer & Exporter

widget-importer-exporter

A
100

Import and export your widgets.

200K No CVEs
WP Migrate Lite – Migration Made Easy

WP Migrate Lite – Migration Made Easy

wp-migrate-db

A
99

Migrate your database. Export full sites including media, themes, and plugins. Find and replace content with support for serialized data.

200K 1 CVE
Developer Profile

EventOn Connect Developer Profile

Ashish

7 plugins · 700 total installs

87
trust score
Avg Security Score
90/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect EventOn Connect

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/events-connector-event-on/freemius/icon-32.png/wp-content/plugins/events-connector-event-on/freemius/icon-64.png/wp-content/plugins/events-connector-event-on/freemius/icon-128.png/wp-content/plugins/events-connector-event-on/freemius/assets/css/admin.css/wp-content/plugins/events-connector-event-on/freemius/assets/js/admin.js/wp-content/plugins/events-connector-event-on/includes/admin/css/admin.css/wp-content/plugins/events-connector-event-on/includes/admin/js/admin.js/wp-content/plugins/events-connector-event-on/assets/css/eventon-connect.css
Script Paths
/wp-content/plugins/events-connector-event-on/freemius/start.php/wp-content/plugins/events-connector-event-on/includes/class-momo-themes-exim-script-style.php/wp-content/plugins/events-connector-event-on/includes/class-momo-themes-exim-functions.php/wp-content/plugins/events-connector-event-on/includes/class-momo-themes-exim-currency-list.php/wp-content/plugins/events-connector-event-on/includes/class-momo-themes-eventbrite-widget.php/wp-content/plugins/events-connector-event-on/includes/class-momo-themes-eventbrite-api.php+3 more
Version Parameters
events-connector-event-on/freemius/assets/css/admin.css?ver=events-connector-event-on/freemius/assets/js/admin.js?ver=events-connector-event-on/includes/admin/css/admin.css?ver=events-connector-event-on/includes/admin/js/admin.js?ver=events-connector-event-on/assets/css/eventon-connect.css?ver=

HTML / DOM Fingerprints

CSS Classes
mmt-eventbrite-widget
HTML Comments
Exit if accessed directly.Plugin Name: EventOn ConnectDescription: Export / import events to / from Eventbrite. Display Eventbrite events with shortcodes and widget.Text Domain: mmt-eo-exim+17 more
Data Attributes
widget_mmt_eventbritemmt-eventbrite-widget
JS Globals
mmt_eo_eximevents_connector_eventon_fs
FAQ

Frequently Asked Questions about EventOn Connect