
Filter Calendar Admin Security & Risk Analysis
wordpress.org/plugins/filter-calendar-adminAgrega un calendario al dashboard de wordpress para filtrar por día los post Add a calendar wordpress dashboard to filter daily posts
Is Filter Calendar Admin Safe to Use in 2026?
Generally Safe
Score 85/100Filter Calendar Admin has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The 'filter-calendar-admin' plugin version 0.1 presents a mixed security profile. On the positive side, the plugin exhibits an extremely small attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events. Furthermore, it demonstrates good practices by exclusively using prepared statements for its SQL queries and avoiding file operations and external HTTP requests. The complete absence of known vulnerabilities and CVEs in its history is also a strong indicator of a secure development process to date.
However, there are significant concerns regarding output escaping. With one total output and 0% properly escaped, this indicates a high likelihood of cross-site scripting (XSS) vulnerabilities. Any data displayed to users without proper sanitization could be exploited. Additionally, the complete lack of nonce checks and capability checks across all identified entry points (though there are currently none) means that if new entry points are introduced without these security measures, they would be immediately vulnerable to various attacks. While the current attack surface is zero, the lack of these fundamental security mechanisms in the code itself is a significant weakness.
In conclusion, the plugin's current state shows strengths in avoiding direct vulnerabilities and employing secure SQL practices. Nevertheless, the almost complete absence of output escaping and the fundamental lack of authorization and integrity checks represent critical potential weaknesses that could be easily exploited if the plugin evolves or if attackers find a way to inject unsanitized data. The lack of any recorded vulnerabilities so far is positive, but it doesn't mitigate the identified coding flaws.
Key Concerns
- Output escaping is not used
- No nonce checks found
- No capability checks found
Filter Calendar Admin Security Vulnerabilities
Filter Calendar Admin Release Timeline
Filter Calendar Admin Code Analysis
Output Escaping
Filter Calendar Admin Attack Surface
WordPress Hooks 3
Maintenance & Trust
Filter Calendar Admin Maintenance & Trust
Maintenance Signals
Community Trust
Filter Calendar Admin Alternatives
iCalendrier
icalendrier
Simple plugin that displays daily informations like date, name day or moon phase. --- Petit plugin simple qui vous permet d'afficher sur votre si …
Catholic Liturgy Calendar
catholic-liturgical-calendar
An animation with the current date on the roman catholic liturgical year. It contains links to mass lectures and the saints calendar online.
Calendario del Perú
calendario-del-peru
Muestra eventos del día del Calendario peruano. Este plugin mostrará 5 titulares del Calendario, todos los días.
runnerplace-calendar
calendario-runnerplace
Utiliza el calendario de carreras populares de RunnerPlace para tenerlo actualizado en tu web.
Calendário Dekatrian
calendario-dekatrian
Altere as datas do seu Wordpress para o Calendário Dekatrian.
Filter Calendar Admin Developer Profile
2 plugins · 40 total installs
How We Detect Filter Calendar Admin
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/filter-calendar-admin/admin-calendario/calendar.js/wp-content/plugins/filter-calendar-admin/admin-calendario/calendario.css/wp-content/plugins/filter-calendar-admin/admin-calendario/calendar.gif/wp-content/plugins/filter-calendar-admin/admin-calendario/calendar.jsHTML / DOM Fingerprints
datepickerid="fechadia"name="fechadia"id="cal_img"Calendar.setup