Does Orthodox Calendar have any unpatched vulnerabilities?

No. All known vulnerabilities in Orthodox Calendar have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Orthodox Calendar compatible with WordPress 6.3.8?

According to WordPress.org data, Orthodox Calendar 1.1 has been tested up to WordPress 6.3.8. Check the plugin's changelog for the latest compatibility information.

Is Orthodox Calendar compatible with PHP 7.0+?

Orthodox Calendar requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Orthodox Calendar updated?

Orthodox Calendar was last updated on Aug 17, 2023. Frequent updates are generally a positive security signal.

What is Orthodox Calendar's security score?

Orthodox Calendar has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Orthodox Calendar Security & Risk Analysis

wordpress.org/plugins/orthodox-calendar

Orthodox Calendar

60 active installs v1.1 PHP 7.0+ WP 2.1.0+ Updated Aug 17, 2023

holyorthodoxsidebartrinitywidget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Orthodox Calendar Safe to Use in 2026?

Generally Safe

Score 85/100

Orthodox Calendar has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago

Risk Assessment

The orthodox-calendar plugin v1.1 exhibits a generally positive security posture with no documented vulnerabilities or critical code signals suggesting immediate exploitation risks. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the plugin's attack surface, a commendable practice. Furthermore, the use of prepared statements for all SQL queries indicates robust database interaction security.

However, the static analysis reveals a significant concern regarding output escaping, with 0% of outputs being properly escaped. This presents a potential risk for cross-site scripting (XSS) vulnerabilities, as untrusted data rendered in the frontend could be manipulated. The presence of file operations without clear context also warrants caution, as it could be an entry point for unauthorized file modifications or access if not handled securely.

The plugin's vulnerability history is clean, with zero recorded CVEs, which is a strong indicator of past security diligence. However, the current analysis highlights that a clean history does not guarantee future safety, especially when basic security practices like output escaping are overlooked. In conclusion, while the plugin has a low attack surface and good SQL practices, the lack of output escaping is a notable weakness that needs to be addressed to ensure a more secure user experience.

Key Concerns

No output escaping found
File operations present without clear context

Vulnerabilities

None known

Orthodox Calendar Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Orthodox Calendar Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped2 total outputs

Attack Surface

Orthodox Calendar Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 2

actionplugins_loadedOrthodoxCalendar.php:145

actionwp_print_stylesOrthodoxCalendar.php:146

Maintenance & Trust

Orthodox Calendar Maintenance & Trust

Maintenance Signals

WordPress version tested6.3.8

Last updatedAug 17, 2023

PHP min version7.0

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs60

Alternatives

Orthodox Calendar Alternatives

Custom Sidebars – Dynamic Sidebar Classic Widget Area Manager

custom-sidebars

Flexible sidebars for custom classic widget configurations on any page or post. Create custom sidebars with ease!

100K 3 CVEs

Image Widget

image-widget

A simple image widget that uses the native WordPress media manager to add image widgets to your site.

100K 1 CVE

Widget Logic

widget-logic

Widget Logic lets you control on which pages widgets appear using WP's conditional tags.

100K 2 CVEs

WooSidebars

woosidebars

WooSidebars adds functionality to display different widgets in a sidebar, according to a context (for example, a specific page or a category).

100K 1 CVE

Fixed Widget and Sticky Elements for WordPress

q2w3-fixed-widget

More attention and a higher ad performance with fixed sticky widgets.

90K No CVEs

Developer Profile

Orthodox Calendar Developer Profile

davidbrush

1 plugin · 60 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Orthodox Calendar

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/orthodox-calendar/OrthodoxCalendar.css

HTML / DOM Fingerprints

CSS Classes

ocButtonsBarocButtonwidget-title

HTML Comments

--><!--

Data Attributes

onclickonreadystatechange

JS Globals

currentDayxmlHttp

Shortcode Output

<div class="widget"><h2 class="widget-title"> <a href="http://www.holytrinityorthodox.com/calendar/" title="Orthodox Calendar">Orthodox Calendar</a></h2>

FAQ