Does Event Timeline – Vertical Timeline have any unpatched vulnerabilities?

Yes — Event Timeline – Vertical Timeline currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is Event Timeline – Vertical Timeline compatible with WordPress 6.0.11?

According to WordPress.org data, Event Timeline – Vertical Timeline 1.1.6 has been tested up to WordPress 6.0.11. Check the plugin's changelog for the latest compatibility information.

How often is Event Timeline – Vertical Timeline updated?

Event Timeline – Vertical Timeline was last updated on Jul 16, 2022. Frequent updates are generally a positive security signal.

What is Event Timeline – Vertical Timeline's security score?

Event Timeline – Vertical Timeline has a WP-Safety security score of 64/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Event Timeline – Vertical Timeline Security & Risk Analysis

wordpress.org/plugins/rich-event-timeline

Timeline plugin is fully responsive. Timeline Is awesome WordPress plugin with many useful features and effects.

1K active installs v1.1.6 PHP + WP 4.2+ Updated Jul 16, 2022

event-timelineeventshistoryresponsive-timelinetimeline

C · Use Caution

CVEs total1

Unpatched1

Last CVEJul 11, 2022

Plugin page Download

Safety Verdict

Is Event Timeline – Vertical Timeline Safe to Use in 2026?

Use With Caution

Score 64/100

Event Timeline – Vertical Timeline has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.

1 known CVE 1 unpatched Last CVE: Jul 11, 2022Updated 3yr ago

Risk Assessment

The rich-event-timeline plugin exhibits a strong security posture in its static analysis. The complete absence of dangerous functions, the exclusive use of prepared statements for SQL queries, and 100% proper output escaping are excellent security practices. Furthermore, the presence of nonce and capability checks on entry points, alongside zero unsanitized taint flows, indicates a well-developed defensive coding approach. However, the plugin is not without its risks.

The vulnerability history reveals one known medium-severity Cross-Site Scripting (XSS) vulnerability, which remains unpatched. While the static analysis didn't identify any current XSS issues, the historical presence of such a vulnerability is a significant concern, suggesting potential for similar flaws. The bundled TinyMCE library, while not explicitly flagged as outdated, could present a risk if it's an older version lacking security patches.

In conclusion, while the current codebase demonstrates good security hygiene in many areas, the unpatched XSS vulnerability significantly lowers its overall security score. This historical issue demands immediate attention, and ongoing vigilance is recommended to ensure future updates address any newly discovered vulnerabilities.

Key Concerns

Unpatched CVE (Medium Severity XSS)
Bundled outdated library (TinyMCE)

Vulnerabilities

Event Timeline – Vertical Timeline Security Vulnerabilities

CVEs by Year

1 CVE in 2022 · unpatched

2022

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2022-1324medium · 5.5Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Event Timeline <= 1.1.6 - Authenticated (Admin+) Stored Cross-Site Scripting

Jul 11, 2022Unpatched

Code Analysis

Analyzed Mar 16, 2026

Event Timeline – Vertical Timeline Code Analysis

Dangerous Functions

Raw SQL Queries

156 prepared

Unescaped Output

4237 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

TinyMCE1.0

SQL Query Safety

100% prepared156 total queries

Output Escaping

100% escaped4242 total outputs

Data Flows

All sanitized

Data Flow Analysis

11 flows

<Rich-Web-Timeline-Admin-General> (Rich-Web-Timeline-Admin-General.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Event Timeline – Vertical Timeline Attack Surface

Entry Points9

Unprotected0

AJAX Handlers 8

authwp_ajax_rich_web_timelineRich-Web-Timeline-Ajax.php:2

authwp_ajax_rich_web_copy_timelineRich-Web-Timeline-Ajax.php:13

authwp_ajax_rich_web_timeline_optionsRich-Web-Timeline-Ajax.php:33

authwp_ajax_rich_web_timeline_delRich-Web-Timeline-Ajax.php:47

authwp_ajax_rich_web_timeline_styleRich-Web-Timeline-Ajax.php:60

authwp_ajax_rich_web_timeline_style_2Rich-Web-Timeline-Ajax.php:71

authwp_ajax_rich_web_timeline_del_optionRich-Web-Timeline-Ajax.php:82

authwp_ajax_rich_web_timeline_copy_styleRich-Web-Timeline-Ajax.php:95

Shortcodes 1

[Rich_Web_Timeline] Rich-Web-Timeline-Shortcode.php:9

WordPress Hooks 5

actionwidgets_initRich-Web-Timeline.php:12

actionwp_enqueue_scriptsRich-Web-Timeline.php:19

actionadmin_initRich-Web-Timeline.php:44

actionadmin_menuRich-Web-Timeline.php:53

actionadmin_enqueue_scriptsRich-Web-Timeline.php:112

Maintenance & Trust

Event Timeline – Vertical Timeline Maintenance & Trust

Maintenance Signals

WordPress version tested6.0.11

Last updatedJul 16, 2022

PHP min version

Downloads42K

Community Trust

Rating94/100

Number of ratings20

Active installs1K

Alternatives

Event Timeline – Vertical Timeline Alternatives

Ultimate Timeline – Responsive History Timeline

ultimate-timeline

100

Ultimate Timeline plugin creates beautiful history time-lines on your website. It is responsive time-line showcase in DESC order based on posted date …

60 No CVEs

Bold Timeline Lite

bold-timeline-lite

Bold Timeline Lite – WordPress Timeline Plugin

10K 5 CVEs

Timeline and History slider

timeline-and-history-slider

Timeline Plugin for WordPress. Easy to add and display history OR timeline for your WordPress website. Also work with Gutenberg shortcode block.

5K 1 CVE

History Timeline for Biography, Company History & Event Timeline

timeline-awesome

Create animated horizontal and vertical timeline under 5 minutes for personal history, company timeline and event story timeline

1K 2 unpatched

EventCrafter – Responsive Timelines, Roadmaps & Events Builder

eventcrafter-visual-timeline

100

Create beautiful vertical timelines, product roadmaps, and event history. Manage your events using the intuitive Visual Builder.

0 No CVEs

Developer Profile

Event Timeline – Vertical Timeline Developer Profile

richteam

7 plugins · 9K total installs

trust score

Avg Security Score

79/100

Avg Patch Time

549 days

View full developer profile

Detection Fingerprints

How We Detect Event Timeline – Vertical Timeline

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/rich-event-timeline/Style/Rich-Web-Icons.css/wp-content/plugins/rich-event-timeline/Style/Rich-Web-Timeline-Admin-Style.css/wp-content/plugins/rich-event-timeline/Scripts/Rich-Web-Timeline-Scripts.js/wp-content/plugins/rich-event-timeline/Scripts/tinymce.js/wp-content/plugins/rich-event-timeline/Scripts/Rich-Web-Timeline-Admin-Scripts.js/wp-content/plugins/rich-event-timeline/Scripts/Rich-Web-Timeline-Alpha-Color-Picker.js/wp-content/plugins/rich-event-timeline/Style/Rich-Web-Timeline-Alpha-Color-Picker.css

Script Paths

/wp-content/plugins/rich-event-timeline/Scripts/Rich-Web-Timeline-Scripts.js/wp-content/plugins/rich-event-timeline/Scripts/tinymce.js/wp-content/plugins/rich-event-timeline/Scripts/Rich-Web-Timeline-Admin-Scripts.js/wp-content/plugins/rich-event-timeline/Scripts/Rich-Web-Timeline-Alpha-Color-Picker.js

HTML / DOM Fingerprints

JS Globals

object.ajaxurlobject.rw_timeline_nonce

Shortcode Output

<div class="Rich-Web-Timeline-container"

FAQ