Does NS Booking Calendar Agenda have any unpatched vulnerabilities?

No. All known vulnerabilities in NS Booking Calendar Agenda have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is NS Booking Calendar Agenda compatible with WordPress 5.9.13?

According to WordPress.org data, NS Booking Calendar Agenda 1.3.5 has been tested up to WordPress 5.9.13. Check the plugin's changelog for the latest compatibility information.

How often is NS Booking Calendar Agenda updated?

NS Booking Calendar Agenda was last updated on Feb 7, 2022. Frequent updates are generally a positive security signal.

What is NS Booking Calendar Agenda's security score?

NS Booking Calendar Agenda has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

NS Booking Calendar Agenda Security & Risk Analysis

wordpress.org/plugins/ns-booking-agenda

Booking Agenda is a plugin for dentists, lawyers, plumbers and all professional who sell his service hourly.

10 active installs v1.3.5 PHP + WP 4.7+ Updated Feb 7, 2022

bookingbooking-agendawoocommercewoocommerce-agendawoocommerce-booking

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is NS Booking Calendar Agenda Safe to Use in 2026?

Generally Safe

Score 85/100

NS Booking Calendar Agenda has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The ns-booking-agenda plugin v1.3.5 exhibits a concerning security posture primarily due to its substantial attack surface of unprotected AJAX handlers. While the plugin demonstrates good practices in its handling of SQL queries, utilizing prepared statements exclusively, and has no recorded vulnerability history, these strengths are overshadowed by the critical weakness of unauthenticated entry points. The static analysis reveals that all 20 identified AJAX handlers lack proper authentication checks, representing a significant risk of unauthorized actions being performed by unauthenticated users. Although the taint analysis did not identify critical or high-severity unsanitized flows, the presence of 7 flows with unsanitized paths, even at lower severities, combined with the unprotected AJAX handlers, creates a fertile ground for potential attacks if malicious input is not properly validated. The limited proper output escaping (33%) further exacerbates this, increasing the risk of cross-site scripting (XSS) vulnerabilities being exploitable through these unprotected AJAX endpoints. The plugin's zero known CVEs is a positive indicator of past security diligence, but the current static analysis findings necessitate immediate attention to secure its entry points.

Key Concerns

All AJAX handlers lack authentication checks
Significant percentage of unsanitized paths in taint flows
Low percentage of properly escaped output
Only 1 nonce check for 20 AJAX handlers
Only 3 capability checks for 20 AJAX handlers

Vulnerabilities

None known

NS Booking Calendar Agenda Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

NS Booking Calendar Agenda Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

38 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

33% escaped115 total outputs

Data Flows

7 unsanitized

Data Flow Analysis

7 flows7 with unsanitized paths

pe_deactivation_ajax_function (plugineye\plugineye-ajax\plugineye_on_deactivation_function.php:5)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

20 unprotected

NS Booking Calendar Agenda Attack Surface

Entry Points20

Unprotected20

AJAX Handlers 20

noprivwp_ajax_ns_update_booking_prod_descns-agenda-ajax-functions.php:5

authwp_ajax_ns_update_booking_prod_descns-agenda-ajax-functions.php:6

noprivwp_ajax_ns_filter_start_hour_by_prod_template_formns-agenda-ajax-functions.php:79

authwp_ajax_ns_filter_start_hour_by_prod_template_formns-agenda-ajax-functions.php:80

noprivwp_ajax_ns_filter_end_hour_by_start_hour_template_formns-agenda-ajax-functions.php:114

authwp_ajax_ns_filter_end_hour_by_start_hour_template_formns-agenda-ajax-functions.php:115

noprivwp_ajax_ns_filter_modal_date_frontns-agenda-ajax-functions.php:173

authwp_ajax_ns_filter_modal_date_frontns-agenda-ajax-functions.php:174

noprivwp_ajax_ns_filter_prod_template_formns-agenda-ajax-functions.php:199

authwp_ajax_ns_filter_prod_template_formns-agenda-ajax-functions.php:200

noprivwp_ajax_ns_modal_days_prod_frontns-agenda-ajax-functions.php:237

authwp_ajax_ns_modal_days_prod_frontns-agenda-ajax-functions.php:238

noprivwp_ajax_ns_modal_personal_days_prod_frontns-agenda-ajax-functions.php:304

authwp_ajax_ns_modal_personal_days_prod_frontns-agenda-ajax-functions.php:305

noprivwp_ajax_ns_agenda_export_outlook_eventsoutlook-integration\async-outlook-export.php:3

authwp_ajax_ns_agenda_export_outlook_eventsoutlook-integration\async-outlook-export.php:4

noprivwp_ajax_ns_agenda_import_outlook_eventsoutlook-integration\async-outlook-import.php:3

authwp_ajax_ns_agenda_import_outlook_eventsoutlook-integration\async-outlook-import.php:4

authwp_ajax_pe_deactivation_ajax_functionplugineye\plugineye-ajax\plugineye_on_deactivation_function.php:2

noprivwp_ajax_pe_deactivation_ajax_functionplugineye\plugineye-ajax\plugineye_on_deactivation_function.php:3

WordPress Hooks 52

actionadmin_menuns-admin-options-pro\ns-admin-options-setup.php:7

actionadmin_enqueue_scriptsns-admin-options-pro\ns-admin-options-setup.php:13

actionwp_enqueue_scriptsns-admin-options-pro\ns-admin-options-setup.php:32

actioninitns-agenda-custom-post.php:20

actioninitns-agenda-custom-post.php:32

actionadd_meta_boxesns-agenda-custom-post.php:37

actionsave_postns-agenda-custom-post.php:224

filtermanage_ns_agenda_posts_columnsns-agenda-custom-post.php:228

filtermanage_edit-ns_agenda_sortable_columnsns-agenda-custom-post.php:244

filterposts_clausesns-agenda-custom-post.php:255

actionmanage_ns_agenda_posts_custom_columnns-agenda-custom-post.php:280

actionwp_trash_postns-agenda-custom-post.php:322

actionactivated_pluginns-agenda-option-struct.php:30

actionactivated_pluginns-agenda-option-struct.php:48

actiondeactivated_pluginns-agenda-option-struct.php:55

actionupdated_optionns-agenda-option-struct.php:80

actiontrash_productns-agenda-option-struct.php:262

actionadmin_initns-agenda-options.php:35

filtersingle_templatens-agenda-page.php:84

actioninitns-agenda-page.php:88

filterpage_templatens-agenda-page.php:98

actioninitns-agenda-page.php:120

filterquery_varsns-agenda-page.php:131

filterwoocommerce_account_menu_itemsns-agenda-page.php:142

actionwoocommerce_account_my-agenda_endpointns-agenda-page.php:154

actioninitns-agenda-page.php:161

filterquery_varsns-agenda-page.php:169

filterwoocommerce_account_menu_itemsns-agenda-page.php:177

actionwoocommerce_account_contact-form-my-agenda_endpointns-agenda-page.php:248

actioninitns-agenda-page.php:255

filterwoocommerce_order_button_textns-agenda-page.php:258

actionwoocommerce_before_calculate_totalsns-agenda-page.php:264

filterwoocommerce_get_price_htmlns-agenda-page.php:286

filterwoocommerce_cart_item_pricens-agenda-page.php:298

filterwoocommerce_add_cart_item_datans-agenda-page.php:314

filterwoocommerce_get_cart_item_from_sessionns-agenda-page.php:341

filterwoocommerce_cart_item_namens-agenda-page.php:344

actionwoocommerce_add_order_item_metans-agenda-page.php:363

filterwoocommerce_product_data_tabsns-agenda-product-functions.php:3

actionwoocommerce_product_data_panelsns-agenda-product-functions.php:14

actionwoocommerce_process_product_metans-agenda-product-functions.php:40

actionupdate_post_metans-agenda-product-functions.php:68

actionupdate_post_metans-agenda-product-functions.php:127

filterproduct_type_optionsns-agenda-product-functions.php:153

actionwoocommerce_thankyouns-agenda-product-functions.php:186

filterplugin_action_linksplugineye\plugineye-class.php:96

actionadmin_menuplugineye\plugineye-class.php:113

actionadmin_enqueue_scriptsplugineye\plugineye-class.php:125

actionadmin_enqueue_scriptsplugineye\plugineye-class.php:136

actionactivated_pluginplugineye\plugineye-class.php:147

actionin_admin_footerplugineye\plugineye-class.php:401

actionactivated_pluginplugineye\plugineye-class.php:440

Maintenance & Trust

NS Booking Calendar Agenda Maintenance & Trust

Maintenance Signals

WordPress version tested5.9.13

Last updatedFeb 7, 2022

PHP min version

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

NS Booking Calendar Agenda Alternatives

Booking Activities

booking-activities

Reservation system specialized in activities: sports, leisure, courses, events, tourism, and more! Works great with WooCommerce.

4K 2 CVEs

Easy Hotel Booking – Powerful Hotel Booking

easy-hotel

All-in-one hotel booking solution to manage reservations, rooms, pricing, and availability with ease.

600 2 unpatched

RnB Lite – WooCommerce Booking and Rental System

booking-and-rental-system-woocommerce

Integrate a booking / reservation system into your WordPress website.

300 No CVEs

Calendar Event Add-on WooCommerce Bookings

gcal-event-addon-woocommerce-bookings

This plugin is used to send additional information about the customer when WooCommerce Bookings creates an event in Google Calendar.

100 No CVEs

SKU for WooCommerce Bookings

sku-for-woocommerce-bookings

100

This plugin adds SKUs to your WooCommerce bookings products and also makes it searchable in your site.

10 No CVEs

Developer Profile

NS Booking Calendar Agenda Developer Profile

NsThemes

24 plugins · 4K total installs

trust score

Avg Security Score

88/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect NS Booking Calendar Agenda

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ns-booking-agenda/assets/css/admin.css/wp-content/plugins/ns-booking-agenda/assets/css/front.css/wp-content/plugins/ns-booking-agenda/assets/css/main.css/wp-content/plugins/ns-booking-agenda/assets/js/admin.js/wp-content/plugins/ns-booking-agenda/assets/js/front.js/wp-content/plugins/ns-booking-agenda/assets/js/main.js/wp-content/plugins/ns-booking-agenda/assets/js/selectize.js/wp-content/plugins/ns-booking-agenda/assets/js/selectize.min.js+5 more

Script Paths

/wp-content/plugins/ns-booking-agenda/assets/js/selectize.js/wp-content/plugins/ns-booking-agenda/assets/js/selectize.min.js/wp-content/plugins/ns-booking-agenda/assets/js/front.js/wp-content/plugins/ns-booking-agenda/assets/js/admin.js/wp-content/plugins/ns-booking-agenda/assets/js/main.js

Version Parameters

ns-booking-agenda/assets/css/admin.css?ver=ns-booking-agenda/assets/css/front.css?ver=ns-booking-agenda/assets/css/main.css?ver=ns-booking-agenda/assets/js/admin.js?ver=ns-booking-agenda/assets/js/front.js?ver=ns-booking-agenda/assets/js/main.js?ver=ns-booking-agenda/assets/js/selectize.js?ver=ns-booking-agenda/assets/js/selectize.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

ns-form-groupns-border-radiusns-btn-frontns-booking-agenda-frontendns-booking-agenda-adminns-agenda-calendar-wrapns-agenda-calendar-headerns-agenda-day-header+9 more

HTML Comments

*** plugin options ***/*******SINGLE BOOKING *****************//*************************************//**CREATE DEFAULT PAGE ON INIT*/+19 more

Data Attributes

data-ns-booking-agenda-iddata-ns-booking-agenda-titledata-ns-booking-agenda-startdata-ns-booking-agenda-end

JS Globals

window.nsBookingAgendaAdminwindow.nsBookingAgendaFront

REST Endpoints

/wp-json/ns-booking-agenda/v1/bookings/wp-json/ns-booking-agenda/v1/availability

Shortcode Output

[ns_booking_agenda_calendar][ns_booking_agenda_booking_form]

FAQ