Does fyvent have any unpatched vulnerabilities?

No. All known vulnerabilities in fyvent have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is fyvent compatible with WordPress 5.9.13?

According to WordPress.org data, fyvent 1.0.0 has been tested up to WordPress 5.9.13. Check the plugin's changelog for the latest compatibility information.

Is fyvent compatible with PHP 7.2+?

fyvent requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is fyvent updated?

fyvent was last updated on Unknown. Frequent updates are generally a positive security signal.

What is fyvent's security score?

fyvent has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

fyvent Security & Risk Analysis

wordpress.org/plugins/fyvent

Fyvent helps with developing wordpress websites for events. This plugin defines some custom types and user roles that are useful to manage event infor …

0 active installs v1.0.0 PHP 7.2+ WP 5.0+ Updated Unknown

eventevent-organizationsessionsspeakers

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is fyvent Safe to Use in 2026?

Generally Safe

Score 100/100

fyvent has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The "fyvent" v1.0.0 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by using prepared statements for all SQL queries and has no known vulnerabilities recorded. The analysis also indicates a good effort in output escaping, with 71% of outputs being properly escaped, and the presence of capability checks suggests some level of access control is implemented.

However, several concerning signals are present in the static analysis. The use of `unserialize` is a significant risk, as it can lead to Remote Code Execution if used with untrusted user input. The taint analysis also identified one flow with an unsanitized path, which could be a precursor to an exploit if the data originates from an untrusted source. Furthermore, the complete absence of nonce checks is a critical oversight, leaving any potential entry points susceptible to Cross-Site Request Forgery (CSRF) attacks. The presence of 8 shortcodes, while not directly flagged as unprotected, represents a considerable attack surface that could be leveraged if any of them interact with the dangerous functions or unsanitized data flows.

In conclusion, while the plugin has a clean vulnerability history and some good security habits like prepared SQL statements, the identified risks, particularly the `unserialize` function and the lack of nonce checks, significantly outweigh these positives. The unsanitized taint flow is another area requiring immediate attention. A comprehensive review and remediation of these issues are necessary to improve the plugin's security.

Key Concerns

Dangerous function: unserialize used
Taint flow with unsanitized path
No nonce checks found
Output escaping only 71% proper

Vulnerabilities

None known

fyvent Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

fyvent Code Analysis

Dangerous Functions

Raw SQL Queries

3 prepared

Unescaped Output

187 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$files = unserialize( $speaker_data['fyvent_speaker_presentation'][0] );includes\functions.php:398

SQL Query Safety

100% prepared3 total queries

Output Escaping

71% escaped262 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

8 flows1 with unsanitized paths

fyvent_upload_media (includes\functions.php:92)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

fyvent Attack Surface

Entry Points8

Unprotected0

Shortcodes 8

[fyvent-event-name] includes\shortcodes.php:15

[fyvent-attendant-register] includes\shortcodes.php:18

[fyvent-speaker-register] includes\shortcodes.php:21

[fyvent-session] includes\shortcodes.php:24

[fyvent-speaker] includes\shortcodes.php:27

[fyvent-speaker-information] includes\shortcodes.php:30

[fyvent-update-info] includes\shortcodes.php:33

[fyvent-venue] includes\shortcodes.php:36

WordPress Hooks 38

actionadmin_enqueue_scriptsfyvent.php:80

actionadmin_menufyvent.php:111

actionadmin_initfyvent.php:115

actionadmin_initfyvent.php:117

actionadmin_headfyvent.php:119

actionadmin_headfyvent.php:123

actionadmin_footerfyvent.php:129

actioninitfyvent.php:144

actioninitfyvent.php:164

actionadmin_initincludes\attendant.php:20

actioncmb2_admin_initincludes\attendant.php:135

actioninitincludes\functions.php:58

actionpre_get_postsincludes\functions.php:82

filtermonths_dropdown_resultsincludes\functions.php:239

filterquery_varsincludes\functions.php:350

filterquery_varsincludes\functions.php:366

filterquery_varsincludes\functions.php:382

filtermanage_room_posts_columnsincludes\room.php:4

actionmanage_room_posts_custom_columnincludes\room.php:6

filtermanage_edit-room_sortable_columnsincludes\room.php:8

actionadmin_headincludes\room.php:10

actioninitincludes\room.php:228

actioncmb2_admin_initincludes\room.php:230

filtermanage_session_posts_columnsincludes\session.php:4

actionmanage_session_posts_custom_columnincludes\session.php:6

filtermanage_edit-session_sortable_columnsincludes\session.php:8

actionadmin_headincludes\session.php:10

actioninitincludes\session.php:250

actioncmb2_admin_initincludes\session.php:251

actionadmin_initincludes\speaker.php:20

filteruser_contactmethodsincludes\speaker.php:53

actioncmb2_admin_initincludes\speaker.php:178

filtermanage_venue_posts_columnsincludes\venue.php:4

actionmanage_venue_posts_custom_columnincludes\venue.php:6

filtermanage_edit-venue_sortable_columnsincludes\venue.php:8

actionadmin_headincludes\venue.php:10

actioninitincludes\venue.php:189

actioncmb2_admin_initincludes\venue.php:190

Maintenance & Trust

fyvent Maintenance & Trust

Maintenance Signals

WordPress version tested5.9.13

Last updatedUnknown

PHP min version7.2

Downloads727

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

fyvent Alternatives

Sympose

sympose

Sympose makes it easy for anyone to create a conference website. Install WordPress, install Sympose and kick start your conference.

60 No CVEs

ConFab

confab

100

Create professional conference schedules with responsive table and grid layouts. Security-hardened, accessible, and built for modern WordPress.

0 No CVEs

Miramedia Event Manager for TEDx

miramedia-event-manager-for-tedx

100

Event management for TEDx organizers. Manage talks, speakers, and sponsors with custom Gutenberg blocks and advanced filtering.

0 No CVEs

The Events Calendar

the-events-calendar

The Events Calendar: #1 calendar plugin for WordPress. Create/manage events (virtual too!) on your site with the free plugin.

700K 25 CVEs

Simple History – Track, Log, and Audit WordPress Changes

simple-history

Track changes and user activities on your WordPress site. See who created a page, uploaded an attachment, and more, for a complete audit trail.

300K 4 CVEs

Developer Profile

fyvent Developer Profile

Borja Prieto

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect fyvent

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/fyvent/admin/css/fyvent-admin.css/wp-content/plugins/fyvent/admin/css/skeleton.css

Version Parameters

fyvent/admin/css/fyvent-admin.css?ver=fyvent/admin/css/skeleton.css?ver=

HTML / DOM Fingerprints

CSS Classes

cmb2-id--fyvent_attendant_edit

Data Attributes

data-restriction-type="user"

Shortcode Output

[fyvent-event-name][fyvent-attendant-register][fyvent-speaker-register][fyvent-session]

FAQ