WP-Safety

Event – Add to Calendar Security & Risk Analysis

wordpress.org/plugins/evtcal-add-to-calendar

Add customizable "Add to Calendar" buttons to your WordPress site with support for Google Calendar, Outlook, Apple Calendar, and more.

20 active installs v1.0.0 PHP 7.4+ WP 5.0+ Updated Jan 18, 2026
add-to-calendarcalendareventsgoogle-calendarics
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Event – Add to Calendar Safe to Use in 2026?

Generally Safe

Score 100/100

Event – Add to Calendar has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The "evtcal-add-to-calendar" v1.0.0 plugin exhibits a generally strong security posture based on the provided static analysis. The absence of dangerous functions, raw SQL queries, and external HTTP requests is a positive indicator. Furthermore, the high percentage of properly escaped output and the presence of nonce and capability checks suggest good development practices for input validation and access control where they are implemented.

The attack surface is minimal, consisting of a single shortcode. Crucially, the analysis indicates no unprotected entry points, which is a significant strength. Taint analysis shows no flows with unsanitized paths and no critical or high severity issues, reinforcing the perception of a secure codebase.

The plugin's vulnerability history is entirely clean, with no recorded CVEs. This, combined with the static analysis results, suggests that the plugin has either been developed with security in mind or has not yet been targeted by attackers. However, it's important to note that a lack of history doesn't guarantee future security, especially as plugins evolve. Overall, the plugin appears to be well-secured, with no immediate critical vulnerabilities identified.

Vulnerabilities
None known

Event – Add to Calendar Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Event – Add to Calendar Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
2
54 escaped
Nonce Checks
3
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

96% escaped56 total outputs
Data Flows
All sanitized

Data Flow Analysis

4 flows
handle_settings_save (includes\class-evtcal-admin.php:45)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Event – Add to Calendar Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[evtcal_add_to_calendar] includes\class-evtcal-shortcode.php:22
WordPress Hooks 7
actionadmin_menuincludes\class-evtcal-admin.php:22
actionadmin_enqueue_scriptsincludes\class-evtcal-admin.php:23
actionadmin_initincludes\class-evtcal-admin.php:24
actionwp_enqueue_scriptsincludes\class-evtcal-assets.php:22
actionwp_enqueue_scriptsincludes\class-evtcal-assets.php:23
actioninitincludes\class-evtcal-ics-handler.php:22
actionadmin_initincludes\class-evtcal-settings.php:27
Maintenance & Trust

Event – Add to Calendar Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 18, 2026
PHP min version7.4
Downloads149

Community Trust

Rating0/100
Number of ratings0
Active installs20
Alternatives

Event – Add to Calendar Alternatives

ICS Calendar

ICS Calendar

ics-calendar

A
99

Add the calendar you already use to Any WordPress site! Google Calendar, Microsoft 365, iCloud and more… no API keys or complicated setup required.

10K 1 CVE
Booking Manager – Sync WP Booking Calendar – Import Events, Export Bookings to ICS Calendar

Booking Manager – Sync WP Booking Calendar – Import Events, Export Bookings to ICS Calendar

booking-manager

A
93

Showing events listing from .ics feeds or sync bookings from different sources to your website

5K 4 CVEs
Hydrogen Calendar Embeds

Hydrogen Calendar Embeds

hydrogen-calendar-embeds

A
100

The free, simple, lightweight way to embed beautiful, fully customizable ICS calendars into your WordPress site.

500 No CVEs
Simple Calendar – Google Calendar Plugin

Simple Calendar – Google Calendar Plugin

google-calendar-events

A
95

Add Google Calendar events to your WordPress site in minutes. Beautiful calendar displays. Mobile responsive.

50K 7 CVEs
Events Calendar for Google

Events Calendar for Google

events-calendar-for-google

A
98

Events Calendar for Google implements google calender to your wordpress website using different style and layouts. Get connected to your audience usin …

2K 1 CVE
Developer Profile

Event – Add to Calendar Developer Profile

melonwebstudio

2 plugins · 30 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Event – Add to Calendar

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/evtcal-add-to-calendar/assets/css/evtcal-admin.css/wp-content/plugins/evtcal-add-to-calendar/assets/js/evtcal-admin.js/wp-content/plugins/evtcal-add-to-calendar/assets/js/evtcal-frontend.js
Script Paths
/wp-content/plugins/evtcal-add-to-calendar/assets/js/evtcal-admin.js/wp-content/plugins/evtcal-add-to-calendar/assets/js/evtcal-frontend.js
Version Parameters
evtcal-add-to-calendar/assets/css/evtcal-admin.css?ver=evtcal-add-to-calendar/assets/js/evtcal-admin.js?ver=evtcal-add-to-calendar/assets/js/evtcal-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
evtcal-admin-wrapevtcal-admin-headerevtcal-versionevtcal-tabsevtcal-tab-btnevtcal-tab-contentevtcal-settings-formevtcal-form-field+3 more
Data Attributes
data-tab
JS Globals
evtcal_frontend_params
FAQ

Frequently Asked Questions about Event – Add to Calendar