Does Multisite Event Sync have any unpatched vulnerabilities?

No. All known vulnerabilities in Multisite Event Sync have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Multisite Event Sync compatible with WordPress 6.8.5?

According to WordPress.org data, Multisite Event Sync 1.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is Multisite Event Sync updated?

Multisite Event Sync was last updated on Jun 23, 2025. Frequent updates are generally a positive security signal.

What is Multisite Event Sync's security score?

Multisite Event Sync has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Multisite Event Sync Security & Risk Analysis

wordpress.org/plugins/multisite-event-sync

Synchronizes events from subsites in a WordPress Multisite network into the main site's calendar (The Events Calendar plugin).

0 active installs v1.0 PHP + WP 6.0+ Updated Jun 23, 2025

croneventsmultisitesynchronizationthe-events-calendar

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Multisite Event Sync Safe to Use in 2026?

Generally Safe

Score 100/100

Multisite Event Sync has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9mo ago

Risk Assessment

The 'multisite-event-sync' v1.0 plugin demonstrates a generally strong security posture based on the provided static analysis. The absence of dangerous functions, secure handling of all SQL queries via prepared statements, and 100% proper output escaping are significant strengths. Furthermore, the lack of file operations and external HTTP requests minimizes potential attack vectors. The plugin also incorporates nonce checks and appears to have a clean vulnerability history with no recorded CVEs, which is highly positive.

However, a notable concern is the complete absence of capability checks for any of its entry points, which are identified as a single cron event. While the attack surface is currently small and no immediate vulnerabilities are evident from the taint analysis, this lack of capability checks means that the cron event, if it performs any sensitive actions, could potentially be triggered by any authenticated user, regardless of their role or privileges. This omission represents a missed opportunity to enforce role-based access control and could become a significant risk if the cron event's functionality evolves to handle sensitive data or operations.

In conclusion, the plugin exhibits good coding practices in several critical areas. Its vulnerability history is excellent. The primary weakness lies in the potential for unauthorized execution of its sole cron event due to a lack of capability checks. While not an immediate critical flaw, it is an area that warrants attention for future development to ensure robust security.

Key Concerns

No capability checks on entry points (cron event)

Vulnerabilities

None known

Multisite Event Sync Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Multisite Event Sync Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

5 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped5 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

multisite_event_sync_admin_page (multisite-event-sync.php:119)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Multisite Event Sync Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 2

actionmultisite_event_sync_cronmultisite-event-sync.php:107

actionadmin_menumultisite-event-sync.php:109

Scheduled Events 1

multisite_event_sync_cron

Maintenance & Trust

Multisite Event Sync Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJun 23, 2025

PHP min version

Downloads1K

Community Trust

Rating100/100

Number of ratings1

Active installs0

Alternatives

Multisite Event Sync Alternatives

The Events Calendar Shortcode & Block

the-events-calendar-shortcode

Add shortcode, block, Elementor and Bricks functionality to The Events Calendar Plugin, so you can easily list and promote your events anywhere.

20K 2 CVEs

Events Widgets For Elementor And The Events Calendar

events-widgets-for-elementor-and-the-events-calendar

The Events Calendar Elementor widgets help you manage and display an upcoming events list with date, time, venue and event ticket booking details.

10K 1 CVE

Events Shortcodes For The Events Calendar

template-events-calendar

Add The Events Calendar shortcode or Gutenberg block to show upcoming events list with event details on any WordPress page using smart event filters.

10K 1 CVE

Event Single Page Builder For The Events Calendar

event-page-templates-addon-for-the-events-calendar

100

The Events Calendar addon to create custom single event page templates and replace the default event single page layout with your own branded design.

6K No CVEs

Event Countdown for The Events Calendar

countdown-for-the-events-calendar

Event countdown timer addon for The Events Calendar plugin to display upcoming event countdowns anywhere using a simple shortcode.

3K 2 CVEs

Developer Profile

Multisite Event Sync Developer Profile

AHK Softwaregutachten.at e.U.

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Multisite Event Sync

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

multisite-event-sync-wrapmultisite-event-sync-notice-success

Data Attributes

data-blog-iddata-unique-key

JS Globals

multisite_event_sync_admin_page

FAQ