Does Monthly Events Calendar have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Monthly Events Calendar compatible with WordPress 6.8.5?

According to WordPress.org data, Monthly Events Calendar 1.2 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Monthly Events Calendar compatible with PHP 7.2+?

Monthly Events Calendar requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Monthly Events Calendar updated?

Monthly Events Calendar was last updated on Aug 11, 2025. Frequent updates are generally a positive security signal.

What is Monthly Events Calendar's security score?

Monthly Events Calendar has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Monthly Events Calendar Security & Risk Analysis

wordpress.org/plugins/monthly-events-calendar

Events Calendar: Manage & showcase events on WordPress with ease.

60 active installs v1.2 PHP 7.2+ WP 6.0+ Updated Aug 11, 2025

calendareventeventsevents-calendarorganizer

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Monthly Events Calendar Safe to Use in 2026?

Generally Safe

Score 100/100

Monthly Events Calendar has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9mo ago

Risk Assessment

The monthly-events-calendar plugin v1.2 exhibits a generally good security posture in several key areas. The static analysis reveals a complete absence of dangerous functions, proper escaping of all outputs, and the exclusive use of prepared statements for SQL queries, which are excellent security practices. Furthermore, there are no recorded vulnerabilities in its history, indicating a potentially stable and well-maintained codebase.

However, a significant concern arises from the presence of an unprotected AJAX handler. With a total of two entry points, one of which lacks authentication checks, this presents a clear attack vector. While the taint analysis found no issues and nonce checks are present (though not explicitly linked to the unprotected AJAX handler), the lack of authorization on this entry point is a notable weakness that could be exploited.

In conclusion, while the plugin demonstrates strengths in output handling, SQL security, and a clean vulnerability record, the unprotected AJAX handler is a critical flaw that elevates the risk profile. Developers should prioritize securing this entry point to mitigate potential unauthorized actions.

Key Concerns

Unprotected AJAX handler

Vulnerabilities

None known

Monthly Events Calendar Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Monthly Events Calendar Release Timeline

v1.2Current

v1.1

v1.0.2

Code Analysis

Analyzed Mar 16, 2026

Monthly Events Calendar Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

152 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped152 total outputs

Attack Surface

1 unprotected

Monthly Events Calendar Attack Surface

Entry Points2

Unprotected1

AJAX Handlers 1

authwp_ajax_org_fieldsincludes\class-ecwp.php:209

Shortcodes 1

[wp_monthly_events] includes\class-ecwp.php:232

WordPress Hooks 43

actionplugins_loadedincludes\class-ecwp.php:174

actionadmin_enqueue_scriptsincludes\class-ecwp.php:187

actionadmin_enqueue_scriptsincludes\class-ecwp.php:188

actionadmin_menuincludes\class-ecwp.php:189

actioninitincludes\class-ecwp.php:190

filteruse_block_editor_for_post_typeincludes\class-ecwp.php:191

actionrest_api_initincludes\class-ecwp.php:194

actionrest_api_initincludes\class-ecwp.php:195

filterrest_wood-event_queryincludes\class-ecwp.php:196

filterrest_wood-event_queryincludes\class-ecwp.php:197

filterrest_wood-event_collection_paramsincludes\class-ecwp.php:198

actionadd_meta_boxesincludes\class-ecwp.php:201

actionsave_postincludes\class-ecwp.php:202

actionsave_post_wood-organizersincludes\class-ecwp.php:203

filterpostbox_classes_wood-event_ecwp_detailsincludes\class-ecwp.php:204

filterpostbox_classes_wood-event_ecwp_locaton_detailsincludes\class-ecwp.php:205

filterpostbox_classes_wood-event_organizer_details_for_eventincludes\class-ecwp.php:206

filterpostbox_classes_wood-venue_ecwp_locaton_detailsincludes\class-ecwp.php:207

filterpostbox_classes_wood-organizers_ecwp_organizer_detailsincludes\class-ecwp.php:208

filtermanage_wood-event_posts_columnsincludes\class-ecwp.php:212

actionmanage_wood-event_posts_custom_columnincludes\class-ecwp.php:213

filtermanage_edit-wood-event_sortable_columnsincludes\class-ecwp.php:214

actionpre_get_postsincludes\class-ecwp.php:215

actionwp_enqueue_scriptsincludes\class-ecwp.php:228

actionwp_enqueue_scriptsincludes\class-ecwp.php:229

filtertemplate_includeincludes\class-ecwp.php:230

filtersingle_templateincludes\class-ecwp.php:231

actionmodern_single_template_startincludes\class-ecwp.php:235

actionmodern_single_template_endincludes\class-ecwp.php:236

actionmodern_organizersincludes\class-ecwp.php:237

actionmodern_organizers_detailsincludes\class-ecwp.php:238

actionmodern_single_sidebarincludes\class-ecwp.php:239

actionmonthly_events_start_dateincludes\class-ecwp.php:240

actionmonthly_events_end_dateincludes\class-ecwp.php:241

filtermonthly_events_timeincludes\class-ecwp.php:242

actionmonthly_events_locationincludes\class-ecwp.php:243

actionmonthly_events_addressincludes\class-ecwp.php:244

actionmonthly_events_categoryincludes\class-ecwp.php:245

filtermonthly_events_venueincludes\class-ecwp.php:246

actionmonthly_events_websiteincludes\class-ecwp.php:247

actionmonthly_events_buttonincludes\class-ecwp.php:248

filtermonthly_events_imgincludes\class-ecwp.php:249

actionmodern_taxonomy_template_titleincludes\class-ecwp.php:250

Maintenance & Trust

Monthly Events Calendar Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedAug 11, 2025

PHP min version7.2

Downloads2K

Community Trust

Rating100/100

Number of ratings2

Active installs60

Alternatives

Monthly Events Calendar Alternatives

Event Organiser

event-organiser

Create and maintain events, including complex reoccurring patterns, venue management (with Google Maps or OpenStreetMap), calendars and customisable e …

20K 1 unpatched

The Events Calendar

the-events-calendar

The Events Calendar: #1 calendar plugin for WordPress. Create/manage events (virtual too!) on your site with the free plugin.

700K 25 CVEs

Timetable and Event Schedule by MotoPress

mp-timetable

Smart event organizer and time-management tool with a clean minimalist design for featuring your timetables and upcoming events.

30K 8 CVEs

The Events Calendar Shortcode & Block

the-events-calendar-shortcode

Add shortcode, block, Elementor and Bricks functionality to The Events Calendar Plugin, so you can easily list and promote your events anywhere.

20K 2 CVEs

WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce

wp-event-manager

Lightweight, scalable and full-featured event listings & management plugin for managing events & tickets from the Frontend and Backend.

20K 11 CVEs

Developer Profile

Monthly Events Calendar Developer Profile

Devteam HaywoodTech

2 plugins · 460 total installs

trust score

Avg Security Score

73/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Monthly Events Calendar

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/monthly-events-calendar/public/css/ecwp-public.css/wp-content/plugins/monthly-events-calendar/admin/css/ecwp-admin.css/wp-content/plugins/monthly-events-calendar/admin/js/daterangepicker.js/wp-content/plugins/monthly-events-calendar/admin/js/ecwp-admin.js/wp-content/plugins/monthly-events-calendar/public/src/dist/runtime~calendar.js/wp-content/plugins/monthly-events-calendar/public/src/dist/calendar.js/wp-content/plugins/monthly-events-calendar/public/src/dist/admin.js

Script Paths

admin/js/daterangepicker.jsadmin/js/ecwp-admin.jspublic/src/dist/runtime~calendar.jspublic/src/dist/calendar.jspublic/src/dist/admin.js

Version Parameters

monthly-events-calendar/admin/css/ecwp-admin.css?ver=monthly-events-calendar/public/css/ecwp-public.css?ver=monthly-events-calendar/admin/js/daterangepicker.js?ver=3.1monthly-events-calendar/admin/js/ecwp-admin.js?ver=monthly-events-calendar/public/src/dist/runtime~calendar.js?ver=monthly-events-calendar/public/src/dist/calendar.js?ver=monthly-events-calendar/public/src/dist/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

ecwp-calendar-container

Data Attributes

data-ecwp-settings

JS Globals

ECWP

REST Endpoints

/wp-json/ecwp/v1/events

Shortcode Output

[ecwp-calendar]

FAQ