Does Hebrew Dates have any unpatched vulnerabilities?

No. All known vulnerabilities in Hebrew Dates have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Hebrew Dates compatible with WordPress 6.6.5?

According to WordPress.org data, Hebrew Dates 2.3.1 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

How often is Hebrew Dates updated?

Hebrew Dates was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Hebrew Dates's security score?

Hebrew Dates has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Hebrew Dates Security & Risk Analysis

wordpress.org/plugins/hebrewdates

This plugin allows WordPress to easily show Hebrew dates instead of (or in addition to) the standard Gregorian dates. No theme changes are required.

10 active installs v2.3.1 PHP + WP 2.0+ Updated Unknown

datesformattinghebrewjewish

A · Safe

CVEs total1

Unpatched0

Last CVENov 11, 2024

Plugin page Download

Safety Verdict

Is Hebrew Dates Safe to Use in 2026?

Generally Safe

Score 99/100

Hebrew Dates has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Nov 11, 2024

Risk Assessment

The Hebrewdates plugin v2.3.1 demonstrates strong adherence to secure coding practices, particularly regarding SQL injection prevention and output escaping. The static analysis reveals no direct entry points like AJAX handlers, REST API routes, or shortcodes that are exposed without authentication, and importantly, no dangerous functions, file operations, or external HTTP requests were identified. The complete absence of unsanitized paths in the taint analysis further reinforces a positive security posture. However, the plugin's vulnerability history, specifically a medium-severity Cross-Site Request Forgery (CSRF) vulnerability reported in late 2024, indicates a potential weakness. Although this vulnerability is now patched, it highlights a historical area of concern and suggests that the plugin's input validation or state-changing operations might require more robust protection, even if not immediately apparent in the current static analysis.

Key Concerns

Medium severity CSRF vulnerability historically present
Only 1 nonce check for a plugin of this size
0 capability checks found

Vulnerabilities

Hebrew Dates Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-52388medium · 6.1Cross-Site Request Forgery (CSRF)

Hebrew Date <= 2.1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

Nov 11, 2024 Patched in 2.3.0 (11d)

Code Analysis

Analyzed Mar 16, 2026

Hebrew Dates Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

43 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped43 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

hebrewdate_subpanel (hebrewdate.php:667)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Hebrew Dates Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 7

actionadmin_menuhebrewdate.php:837

filterthe_timehebrewdate.php:838

filterthe_datehebrewdate.php:839

filterget_the_timehebrewdate.php:840

filterget_the_datehebrewdate.php:841

filterget_comment_datehebrewdate.php:842

filterget_comment_timehebrewdate.php:843

Maintenance & Trust

Hebrew Dates Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedUnknown

PHP min version

Downloads5K

Community Trust

Rating70/100

Number of ratings2

Active installs10

Alternatives

Hebrew Dates Alternatives

WP Hebrew Date

wordpress-hebrew-date

100

Convert dates in wordpress to Hebrew dates.

700 No CVEs

CalJ

calj

100

Display the Shabbat times (zmanim) for the city of your choice.

90 No CVEs

Jewish Date

jewish-date

100

Jewish Date is a small plugin to show the Jewish date on your WordPress site.

40 No CVEs

Hebrew username

hebrew-username

Add Hebrew characters to sanitize_user

20 No CVEs

Advanced Editor Tools

tinymce-advanced

100

Extends and enhances the block editor (Gutenberg) and the classic editor (TinyMCE).

2.0M 1 CVE

Developer Profile

Hebrew Dates Developer Profile

mikeage

1 plugin · 10 total installs

trust score

Avg Security Score

99/100

Avg Patch Time

11 days

View full developer profile

Detection Fingerprints

How We Detect Hebrew Dates

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/hebrewdates/hebrewdate.css/wp-content/plugins/hebrewdates/hebrewdate.js

Script Paths

/wp-content/plugins/hebrewdates/hebrewdate.js

Version Parameters

hebrewdates/hebrewdate.css?ver=hebrewdates/hebrewdate.js?ver=

HTML / DOM Fingerprints

JS Globals

hebrewdate

FAQ