Does MSTW Schedules & Scoreboards have any unpatched vulnerabilities?

No. All known vulnerabilities in MSTW Schedules & Scoreboards have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is MSTW Schedules & Scoreboards compatible with WordPress 6.6.5?

According to WordPress.org data, MSTW Schedules & Scoreboards 1.5.1 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

How often is MSTW Schedules & Scoreboards updated?

MSTW Schedules & Scoreboards was last updated on Nov 19, 2024. Frequent updates are generally a positive security signal.

What is MSTW Schedules & Scoreboards's security score?

MSTW Schedules & Scoreboards has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

MSTW Schedules & Scoreboards Security & Risk Analysis

wordpress.org/plugins/mstw-schedules-scoreboards

Manages multiple sports team schedules and scoreboards. Displays schedule tables, schedule sliders, scoreboards, and countdown timers.

100 active installs v1.5.1 PHP + WP 5.3+ Updated Nov 19, 2024

gamesschedulescoreboardssportsteam-schedule

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is MSTW Schedules & Scoreboards Safe to Use in 2026?

Generally Safe

Score 92/100

MSTW Schedules & Scoreboards has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The mstw-schedules-scoreboards plugin v1.5.1 exhibits a mixed security posture. On the positive side, there are no recorded vulnerabilities (CVEs), no dangerous functions used, no external HTTP requests, and a reasonable number of nonce and capability checks present on its entry points. The absence of AJAX handlers and REST API routes without authentication checks is also a good sign, significantly reducing the attack surface in those areas.

However, the static analysis reveals several areas of concern. The significant number of file operations (6) coupled with a high percentage of unsanitized paths in taint analysis (3 out of 4 flows) suggests a potential risk of directory traversal or other file-related vulnerabilities. Furthermore, the plugin uses a raw SQL query without prepared statements, which is a common vector for SQL injection attacks. The relatively low percentage of properly escaped output (32%) also raises concerns about cross-site scripting (XSS) vulnerabilities.

While the plugin has no historical CVEs, this doesn't guarantee future security. The identified code signals, particularly the unsanitized paths and unescaped output, represent active risks that should be addressed. The plugin demonstrates good intent with its checks but lacks robust data sanitization and secure SQL practices.

Key Concerns

Unsanitized paths in taint analysis
SQL query without prepared statements
Low percentage of properly escaped output
Multiple file operations

Vulnerabilities

None known

MSTW Schedules & Scoreboards Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

MSTW Schedules & Scoreboards Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

173

82 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared1 total queries

Output Escaping

32% escaped255 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

4 flows3 with unsanitized paths

post (includes\mstw-ss-csv-import-class.php:272)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

MSTW Schedules & Scoreboards Attack Surface

Entry Points5

Unprotected0

Shortcodes 5

[mstw_countdown_timer] includes\mstw-ss-countdown-timer.php:30

[mstw_schedule_slider] includes\mstw-ss-schedule-slider.php:30

[mstw_schedule_table] includes\mstw-ss-schedule-table.php:30

[mstw_scoreboard] includes\mstw-ss-scoreboard.php:28

[mstw_venue_table] includes\mstw-ss-venue-table.php:29

WordPress Hooks 56

actionadmin_initincludes\mstw-ss-admin.php:29

actionadmin_noticesincludes\mstw-ss-admin.php:46

actionadmin_head-post.phpincludes\mstw-ss-admin.php:55

actionadmin_head-post-new.phpincludes\mstw-ss-admin.php:56

actionadmin_head-edit.phpincludes\mstw-ss-admin.php:93

filterpost_row_actionsincludes\mstw-ss-admin.php:120

filterbulk_actions-edit-mstw_ss_scheduleincludes\mstw-ss-admin.php:147

filterbulk_actions-edit-mstw_ss_teamincludes\mstw-ss-admin.php:149

filterbulk_actions-edit-mstw_ss_gameincludes\mstw-ss-admin.php:151

filterbulk_actions-edit-mstw_ss_sportincludes\mstw-ss-admin.php:153

filterbulk_actions-edit-mstw_ss_venueincludes\mstw-ss-admin.php:155

filterpost_updated_messagesincludes\mstw-ss-admin.php:166

filterbulk_post_updated_messagesincludes\mstw-ss-admin.php:257

actionadmin_enqueue_scriptsincludes\mstw-ss-admin.php:315

actionadmin_print_scriptsincludes\mstw-ss-admin.php:385

actionadmin_print_stylesincludes\mstw-ss-admin.php:386

actionadmin_menuincludes\mstw-ss-admin.php:402

actionadmin_headincludes\mstw-ss-admin.php:563

actionadd_meta_boxes_mstw_ss_gameincludes\mstw-ss-game-cpt-admin.php:28

actionsave_post_mstw_ss_gameincludes\mstw-ss-game-cpt-admin.php:513

filtermanage_edit-mstw_ss_game_columnsincludes\mstw-ss-game-cpt-admin.php:645

actionmanage_mstw_ss_game_posts_custom_columnincludes\mstw-ss-game-cpt-admin.php:674

filtermanage_edit-mstw_ss_game_sortable_columnsincludes\mstw-ss-game-cpt-admin.php:780

filterrequestincludes\mstw-ss-game-cpt-admin.php:794

actionrestrict_manage_postsincludes\mstw-ss-game-cpt-admin.php:821

actionrestrict_manage_postsincludes\mstw-ss-game-cpt-admin.php:880

filterparse_queryincludes\mstw-ss-game-cpt-admin.php:921

actionadd_meta_boxes_mstw_ss_scheduleincludes\mstw-ss-schedule-cpt-admin.php:28

actionsave_post_mstw_ss_scheduleincludes\mstw-ss-schedule-cpt-admin.php:101

filtername_save_preincludes\mstw-ss-schedule-cpt-admin.php:195

filterget_sample_permalink_htmlincludes\mstw-ss-schedule-cpt-admin.php:229

filterpre_get_shortlinkincludes\mstw-ss-schedule-cpt-admin.php:239

filtermanage_edit-mstw_ss_schedule_columnsincludes\mstw-ss-schedule-cpt-admin.php:248

actionmanage_mstw_ss_schedule_posts_custom_columnincludes\mstw-ss-schedule-cpt-admin.php:269

filtermanage_edit-mstw_ss_schedule_sortable_columnsincludes\mstw-ss-schedule-cpt-admin.php:315

actionadd_meta_boxes_mstw_ss_sportincludes\mstw-ss-sport-cpt-admin.php:29

actionsave_post_mstw_ss_sportincludes\mstw-ss-sport-cpt-admin.php:97

filtermanage_edit-mstw_ss_sport_columnsincludes\mstw-ss-sport-cpt-admin.php:133

actionmanage_mstw_ss_sport_posts_custom_columnincludes\mstw-ss-sport-cpt-admin.php:151

filtermanage_edit-mstw_ss_sport_sortable_columnsincludes\mstw-ss-sport-cpt-admin.php:186

actionadd_meta_boxes_mstw_ss_teamincludes\mstw-ss-team-cpt-admin.php:28

actionsave_post_mstw_ss_teamincludes\mstw-ss-team-cpt-admin.php:307

filterpre_get_shortlinkincludes\mstw-ss-team-cpt-admin.php:410

filtermanage_edit-mstw_ss_team_columnsincludes\mstw-ss-team-cpt-admin.php:419

actionmanage_mstw_ss_team_posts_custom_columnincludes\mstw-ss-team-cpt-admin.php:444

actionadd_meta_boxes_mstw_ss_venueincludes\mstw-ss-venue-cpt-admin.php:28

actionsave_post_mstw_ss_venueincludes\mstw-ss-venue-cpt-admin.php:111

filtermanage_edit-mstw_ss_venue_columnsincludes\mstw-ss-venue-cpt-admin.php:175

actionmanage_mstw_ss_venue_posts_custom_columnincludes\mstw-ss-venue-cpt-admin.php:201

actioninitmstw-schedules-scoreboards.php:38

filtersingle_templatemstw-schedules-scoreboards.php:99

actionwp_enqueue_scriptsmstw-schedules-scoreboards.php:259

actionplugins_loadedmstw-schedules-scoreboards.php:303

filterplugin_action_linksmstw-schedules-scoreboards.php:316

filterwp_headmstw-schedules-scoreboards.php:343

actionwidgets_initmstw-schedules-scoreboards.php:348

Maintenance & Trust

MSTW Schedules & Scoreboards Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedNov 19, 2024

PHP min version

Downloads14K

Community Trust

Rating100/100

Number of ratings4

Active installs100

Alternatives

MSTW Schedules & Scoreboards Alternatives

CyberPress

cyberpress

100

Manage eSport Tournaments, Matches, Teams and Players.

200 No CVEs

Achievements sports league

joomsport-achievements

100

Sports plugin for motor racing, athletics, aquatics, gymnastics, golf, running, cycling, skiing, poker and similar sports. Manage your league with us!

200 No CVEs

MSTW League Manager

mstw-league-manager

Manages multiple sports leagues and seasons. Displays schedules and standings in multiple formats.

100 1 unpatched

Matches

matches

This plugin makes it easy to administer and display matches (sports or otherwise) with a neat widget.

10 No CVEs

MSTW Schedule Builder

mstw-schedule-builder

Builds round-robin games schedules for teams, leagues & tournaments created in the MSTW League Manager plugin.

10 No CVEs

Developer Profile

MSTW Schedules & Scoreboards Developer Profile

Mark O'Donnell

7 plugins · 550 total installs

trust score

Avg Security Score

84/100

Avg Patch Time

158 days

View full developer profile

Detection Fingerprints

How We Detect MSTW Schedules & Scoreboards

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/mstw-schedules-scoreboards/css/mstw-ss-style.css/wp-content/plugins/mstw-schedules-scoreboards/css/mstw-ss-jquery-ui.min.css/wp-content/plugins/mstw-schedules-scoreboards/js/mstw-ss-jquery.min.js/wp-content/plugins/mstw-schedules-scoreboards/js/mstw-ss-jquery-ui.min.js/wp-content/plugins/mstw-schedules-scoreboards/js/mstw-ss-global.js/wp-content/plugins/mstw-schedules-scoreboards/js/mstw-ss-schedule-table.js/wp-content/plugins/mstw-schedules-scoreboards/js/mstw-ss-venue-table.js/wp-content/plugins/mstw-schedules-scoreboards/js/mstw-ss-countdown-timer.js+2 more

Script Paths

/wp-content/plugins/mstw-schedules-scoreboards/js/mstw-ss-jquery.min.js/wp-content/plugins/mstw-schedules-scoreboards/js/mstw-ss-jquery-ui.min.js/wp-content/plugins/mstw-schedules-scoreboards/js/mstw-ss-global.js/wp-content/plugins/mstw-schedules-scoreboards/js/mstw-ss-schedule-table.js/wp-content/plugins/mstw-schedules-scoreboards/js/mstw-ss-venue-table.js/wp-content/plugins/mstw-schedules-scoreboards/js/mstw-ss-countdown-timer.js+2 more

Version Parameters

mstw-schedules-scoreboards/css/mstw-ss-style.css?ver=mstw-schedules-scoreboards/css/mstw-ss-jquery-ui.min.css?ver=mstw-schedules-scoreboards/js/mstw-ss-jquery.min.js?ver=mstw-schedules-scoreboards/js/mstw-ss-jquery-ui.min.js?ver=mstw-schedules-scoreboards/js/mstw-ss-global.js?ver=mstw-schedules-scoreboards/js/mstw-ss-schedule-table.js?ver=mstw-schedules-scoreboards/js/mstw-ss-venue-table.js?ver=mstw-schedules-scoreboards/js/mstw-ss-countdown-timer.js?ver=mstw-schedules-scoreboards/js/mstw-ss-schedule-slider.js?ver=mstw-schedules-scoreboards/js/mstw-ss-scoreboard.js?ver=

HTML / DOM Fingerprints

CSS Classes

mstw-ss-tablemstw-ss-scoreboard-containermstw-ss-countdown-timer-wrappermstw-ss-schedule-slider-wrapper

Data Attributes

data-mstw-ss-game-iddata-mstw-ss-venue-iddata-mstw-ss-team-id

JS Globals

mstw_ss_globals

Shortcode Output

[mstw_schedules][mstw_scoreboard][mstw_countdown_timer][mstw_schedule_slider]

FAQ