Does Gigatools Widget have any unpatched vulnerabilities?

No. All known vulnerabilities in Gigatools Widget have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Gigatools Widget compatible with WordPress 4.1.42?

According to WordPress.org data, Gigatools Widget 0.2.1 has been tested up to WordPress 4.1.42. Check the plugin's changelog for the latest compatibility information.

How often is Gigatools Widget updated?

Gigatools Widget was last updated on Dec 25, 2014. Frequent updates are generally a positive security signal.

What is Gigatools Widget's security score?

Gigatools Widget has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Gigatools Widget Security & Risk Analysis

wordpress.org/plugins/gigatools-widget

The easiest way to embed your GigaTools dates. No more hassle with an embed code. Just manage your GigaTools widget from your own WordPress admin.

10 active installs v0.2.1 PHP + WP 2.8+ Updated Dec 25, 2014

calenderdateseventsgigatoolsgigs

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Gigatools Widget Safe to Use in 2026?

Generally Safe

Score 85/100

Gigatools Widget has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The plugin "gigatools-widget" v0.2.1 exhibits a mixed security posture. On the positive side, there are no known CVEs in its history, suggesting a generally well-maintained or less targeted plugin. Furthermore, the static analysis shows no SQL injection vulnerabilities due to the consistent use of prepared statements, and no file operations or external HTTP requests are present, reducing common attack vectors. The limited attack surface with zero entry points is also a strong positive.

However, several significant concerns are present. The use of the `create_function` is a clear indicator of a potential security risk, as it can be exploited for code injection if not handled with extreme care. The extremely low percentage of properly escaped output (12%) is a major red flag, making the plugin highly susceptible to Cross-Site Scripting (XSS) attacks. The absence of any nonce checks, coupled with a single capability check that might not be sufficient for all potential interactions, further weakens its security, especially if any of the entry points were ever to be discovered or introduced.

Key Concerns

Use of dangerous function create_function
Low percentage of properly escaped output
Missing nonce checks

Vulnerabilities

None known

Gigatools Widget Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Gigatools Widget Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

11 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

create_functionadd_action('widgets_init', create_function('', 'return register_widget("GGTWidget");'));gigatools-widget.php:179

Output Escaping

12% escaped89 total outputs

Attack Surface

Gigatools Widget Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 4

actionwidgets_initgigatools-widget.php:179

actionwp_enqueue_scriptsgigatools-widget.php:184

actionadmin_enqueue_scriptsgigatools-widget.php:200

actionadmin_menugigatools-widget.php:209

Maintenance & Trust

Gigatools Widget Maintenance & Trust

Maintenance Signals

WordPress version tested4.1.42

Last updatedDec 25, 2014

PHP min version

Downloads3K

Community Trust

Rating36/100

Number of ratings5

Active installs10

Alternatives

Gigatools Widget Alternatives

Bandsintown Events

bandsintown

Bandsintown's Events plugin for displaying your upcoming events.

4K 1 CVE

Calendar

calendar

A simple but effective Calendar plugin for WordPress that allows you to manage your events and appointments and display them to the world.

4K 5 CVEs

Events Calendar for Google

events-calendar-for-google

Events Calendar for Google implements google calender to your wordpress website using different style and layouts. Get connected to your audience usin …

2K 1 CVE

AM Events

am-events

Manage and display your events. Allows fully customizable layouts and includes a widget for upcoming events.

100 1 unpatched

FT Calendar

ft-calendar

A calendar plugin supporting multiple calendars, recurring events, and several different widgets / shortcodes. More info at http://calendar-plugin.com

100 No CVEs

Developer Profile

Gigatools Widget Developer Profile

Beee

4 plugins · 330 total installs

trust score

Avg Security Score

77/100

Avg Patch Time

10 days

View full developer profile

Detection Fingerprints

How We Detect Gigatools Widget

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/gigatools-widget/assets/img/footer-gigatools.png

HTML / DOM Fingerprints

CSS Classes

ggt_belowwidgetggt_poweredggt_moredatesggt_bookinglinkggt_sublinks

Data Attributes

id="____gigawidget"id="ggt_widgettitle"id="ggt_usergroup"id="ggt_username"id="ggt_artist"id="ggt_font"+23 more

JS Globals

____gigawidget_config

FAQ