Does LifePress have any unpatched vulnerabilities?

No. All known vulnerabilities in LifePress have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is LifePress compatible with WordPress 6.9.4?

According to WordPress.org data, LifePress 2.2.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is LifePress updated?

LifePress was last updated on Feb 17, 2026. Frequent updates are generally a positive security signal.

What is LifePress's security score?

LifePress has a WP-Safety security score of 98/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

LifePress Security & Risk Analysis

wordpress.org/plugins/lifepress

You are the creator of wonderful events in your life. Record and track progress of your life events with LifePress.

200 active installs v2.2.2 PHP + WP 6.0+ Updated Feb 17, 2026

calendardiaryjournallife-eventsonline-journal

A · Safe

CVEs total2

Unpatched0

Last CVEJan 22, 2026

Plugin page Download

Safety Verdict

Is LifePress Safe to Use in 2026?

Generally Safe

Score 98/100

LifePress has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Jan 22, 2026Updated 1mo ago

Risk Assessment

The "lifepress" v2.2.2 plugin exhibits a mixed security posture. On the positive side, there are no identified AJAX handlers or REST API routes lacking authentication, a good practice for limiting the attack surface. The presence of numerous nonce and capability checks further strengthens its defenses. However, concerns arise from the static analysis, particularly the taint analysis revealing three flows with unsanitized paths. While not classified as critical or high severity, these indicate potential pathways for malicious input to reach sensitive functions. Furthermore, only 25% of SQL queries utilize prepared statements, leaving a significant portion vulnerable to SQL injection if input is not meticulously sanitized elsewhere. The vulnerability history shows two medium severity CVEs, both related to missing authorization, which are now patched. This historical pattern, coupled with the current taint analysis findings, suggests a recurring weakness in authorization and input sanitization that warrants continued attention, even with recent patches.

Key Concerns

Taint flows with unsanitized paths (3)
Low percentage of prepared SQL statements (25%)
Medium severity CVEs in history (2)
Moderate percentage of unescaped output (57%)

Vulnerabilities

LifePress Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

1 CVE in 2026

2026

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2026-24563medium · 4.3Missing Authorization

LifePress <= 2.2.1 - Missing Authorization

Jan 22, 2026 Patched in 2.2.2 (34d)

CVE-2025-53337medium · 4.3Missing Authorization

LifePress <= 2.1.3 - Missing Authorization

Aug 20, 2025 Patched in 2.2 (140d)

Code Analysis

Analyzed Mar 16, 2026

LifePress Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

77 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

25% prepared8 total queries

Output Escaping

57% escaped136 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

4 flows3 with unsanitized paths

data_creation_form (includes\admin\class-admin-ajax.php:158)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

LifePress Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[add_lifepress] includes\class-shortcode.php:9

WordPress Hooks 29

actionadmin_menuincludes\admin\class-admin.php:10

actionadmin_initincludes\admin\class-admin.php:11

actionshow_user_profileincludes\admin\class-admin.php:26

actionedit_user_profileincludes\admin\class-admin.php:27

actionprofile_updateincludes\admin\class-admin.php:28

actioninitincludes\class-ajax.php:16

filterheartbeat_receivedincludes\class-ajax.php:36

filterheartbeat_nopriv_receivedincludes\class-ajax.php:37

actioninitincludes\class-frontend.php:10

filtertemplate_includeincludes\class-frontend.php:11

filterbody_classincludes\class-frontend.php:153

filtershow_admin_barincludes\class-frontend.php:156

actioninitincludes\class-install.php:9

actioninitincludes\class-install.php:10

actionadmin_initincludes\class-install.php:11

filterdisplay_post_statesincludes\class-install.php:13

actionlp_temp_header_viewsincludes\class-lunisolar.php:12

actionLIFEPRESS_temp_moon_viewincludes\class-lunisolar.php:13

filterlifepress_ajax_init_loadincludes\class-lunisolar.php:15

filterlifepress_entry_createdincludes\class-metrics.php:14

filterlifepress_entry_editedincludes\class-metrics.php:15

filterlifepress_entry_jsonincludes\class-metrics.php:16

actionlifepress_temp_entry_viewincludes\class-metrics.php:18

filterlifepress_temp_week_view_entryincludes\class-metrics.php:19

filterlifepress_temp_month_view_entryincludes\class-metrics.php:20

filterlifepress_temp_list_view_entryincludes\class-metrics.php:21

actionlifepress_entry_form_midincludes\class-metrics.php:23

actioninitlifepress.php:52

actionafter_setup_themelifepress.php:53

Maintenance & Trust

LifePress Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 17, 2026

PHP min version

Downloads5K

Community Trust

Rating100/100

Number of ratings5

Active installs200

Alternatives

LifePress Alternatives

Chicmi Fashion Calendar

chicmi-fashion-calendar

Show a calendar of fashion events for your city, sourced from Chicmi.com

10 No CVEs

MML Booking Calendar

mml-booking-calendar

100

MML Booking Calender was created to allow private music teachers to take bookings and payment directly from their website.

10 No CVEs

Tempus

tempus

100

Only in Portuguese (BR) yet. Others languages soon. Este plugin tem como objetivo manter um controle simples e eficiente de eventos

10 No CVEs

The Events Calendar

the-events-calendar

The Events Calendar: #1 calendar plugin for WordPress. Create/manage events (virtual too!) on your site with the free plugin.

700K 25 CVEs

LatePoint – Calendar Booking Plugin for Appointments and Events

latepoint

Optimize your appointment scheduling with our plugin. Sync calendars, automate reminders, and keep your bookings organized.

100K 2 unpatched

Developer Profile

LifePress Developer Profile

Ashan Perera

2 plugins · 6K total installs

trust score

Avg Security Score

92/100

Avg Patch Time

72 days

View full developer profile

Detection Fingerprints

How We Detect LifePress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/lifepress/assets/admin.css/wp-content/plugins/lifepress/assets/admin.js/wp-content/plugins/lifepress/assets/libs/fontawesome/solid.js/wp-content/plugins/lifepress/assets/libs/fontawesome/fontawesome.js/wp-content/plugins/lifepress/assets/libs/fontawesome/all.js

Script Paths

/wp-content/plugins/lifepress/assets/admin.js/wp-content/plugins/lifepress/assets/libs/fontawesome/solid.js/wp-content/plugins/lifepress/assets/libs/fontawesome/fontawesome.js/wp-content/plugins/lifepress/assets/libs/fontawesome/all.js

Version Parameters

lifepress/assets/admin.css?ver=lifepress/assets/admin.js?ver=lifepress/assets/libs/fontawesome/solid.js?ver=lifepress/assets/libs/fontawesome/fontawesome.js?ver=lifepress/assets/libs/fontawesome/all.js?ver=

HTML / DOM Fingerprints

CSS Classes

lp_lightboxeslifepress_settings

HTML Comments

Data Attributes

id='lp_lightboxes'id='lifepress_settings'name='_dash_title'name='_homelink'name='_moonsun'name='_moonview'+1 more

JS Globals

lifepress_vars

Shortcode Output

<a href="" target="_blank">

FAQ

LifePress Security & Risk Analysis

Is LifePress Safe to Use in 2026?

Generally Safe

Key Concerns

LifePress Security Vulnerabilities

CVEs by Year

Severity Breakdown

LifePress Code Analysis

SQL Query Safety

Output Escaping

Data Flow Analysis

LifePress Attack Surface

Shortcodes 1

LifePress Maintenance & Trust

Maintenance Signals

Community Trust

LifePress Alternatives

Chicmi Fashion Calendar

MML Booking Calendar

Tempus

The Events Calendar

LatePoint – Calendar Booking Plugin for Appointments and Events

LifePress Developer Profile

How We Detect LifePress

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about LifePress