Does Simple calendar for Elementor have any unpatched vulnerabilities?

No. All known vulnerabilities in Simple calendar for Elementor have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Simple calendar for Elementor compatible with WordPress 6.9.4?

According to WordPress.org data, Simple calendar for Elementor 1.6.7 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Simple calendar for Elementor compatible with PHP 7.2+?

Simple calendar for Elementor requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Simple calendar for Elementor updated?

Simple calendar for Elementor was last updated on Jan 22, 2026. Frequent updates are generally a positive security signal.

What is Simple calendar for Elementor's security score?

Simple calendar for Elementor has a WP-Safety security score of 96/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Simple calendar for Elementor Security & Risk Analysis

wordpress.org/plugins/simple-calendar-for-elementor

Simple calendar plugin for Elementor to show e.g. availability on different days. You can choose between different layouts, colors, create multiple ca …

500 active installs v1.6.7 PHP 7.2+ WP 5.2+ Updated Jan 22, 2026

availability-calendarbelegungbookingcalendarelementor

A · Safe

CVEs total3

Unpatched0

Last CVEJan 27, 2026

Download

Safety Verdict

Is Simple calendar for Elementor Safe to Use in 2026?

Generally Safe

Score 96/100

Simple calendar for Elementor has a strong security track record. Known vulnerabilities have been patched promptly.

3 known CVEsLast CVE: Jan 27, 2026Updated 2mo ago

Risk Assessment

The "simple-calendar-for-elementor" v1.6.7 plugin exhibits a mixed security posture. While it demonstrates a lack of dangerous functions, file operations, and external HTTP requests, significant concerns arise from its attack surface. A substantial number of AJAX handlers (10 out of 10) lack authorization checks, presenting a broad entry point for potential abuse. The taint analysis further amplifies these concerns, revealing 4 high-severity flows with unsanitized paths, indicating a risk of data injection or manipulation.

Key Concerns

Unprotected AJAX handlers
High severity unsanitized taint flows
Low percentage of prepared SQL statements
Moderate percentage of properly escaped output
Total known CVEs

Vulnerabilities

Simple calendar for Elementor Security Vulnerabilities

CVEs by Year

2 CVEs in 2025

2025

1 CVE in 2026

2026

Patched Has unpatched

Severity Breakdown

Medium

3 total CVEs

CVE-2026-1310medium · 5.3Missing Authorization

Simple calendar for Elementor <= 1.6.6 - Missing Authorization to Unauthenticated Arbitrary Calendar Entry Deletion

Jan 27, 2026 Patched in 1.6.7 (1d)

CVE-2025-47542medium · 4.3Cross-Site Request Forgery (CSRF)

Simple calendar for Elementor <= 1.6.5 - Cross-Site Request Forgery

May 7, 2025 Patched in 1.6.6 (7d)

CVE-2025-46249medium · 4.3Cross-Site Request Forgery (CSRF)

Simple calendar for Elementor <= 1.6.4 - Cross-Site Request Forgery

Apr 22, 2025 Patched in 1.6.5 (9d)

Code Analysis

Analyzed Mar 16, 2026

Simple calendar for Elementor Code Analysis

Dangerous Functions

Raw SQL Queries

16 prepared

Unescaped Output

110 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

42% prepared38 total queries

Output Escaping

57% escaped194 total outputs

Data Flows

4 unsanitized

Data Flow Analysis

8 flows4 with unsanitized paths

miga_ajax_editor_cal (trunk\widget\includes\backend_functions.php:39)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

10 unprotected

Simple calendar for Elementor Attack Surface

Entry Points12

Unprotected10

AJAX Handlers 10

authwp_ajax_miga_custom_post_filter_calmiga_simple_calendar.php:112

noprivwp_ajax_miga_custom_post_filter_calmiga_simple_calendar.php:113

authwp_ajax_miga_editor_calmiga_simple_calendar.php:114

authwp_ajax_miga_editor_cal_deletemiga_simple_calendar.php:115

authwp_ajax_miga_editor_cal_updatemiga_simple_calendar.php:116

authwp_ajax_miga_custom_post_filter_caltrunk\miga_simple_calendar.php:112

noprivwp_ajax_miga_custom_post_filter_caltrunk\miga_simple_calendar.php:113

authwp_ajax_miga_editor_caltrunk\miga_simple_calendar.php:114

authwp_ajax_miga_editor_cal_deletetrunk\miga_simple_calendar.php:115

authwp_ajax_miga_editor_cal_updatetrunk\miga_simple_calendar.php:116

Shortcodes 2

[simple-calendar-for-elementor] miga_simple_calendar.php:117

[simple-calendar-for-elementor] trunk\miga_simple_calendar.php:117

WordPress Hooks 10

actioninitmiga_simple_calendar.php:36

actionwp_enqueue_scriptsmiga_simple_calendar.php:143

actionadmin_enqueue_scriptsmiga_simple_calendar.php:227

actionadmin_menumiga_simple_calendar.php:228

actionadmin_initmiga_simple_calendar.php:229

actioninittrunk\miga_simple_calendar.php:36

actionwp_enqueue_scriptstrunk\miga_simple_calendar.php:143

actionadmin_enqueue_scriptstrunk\miga_simple_calendar.php:227

actionadmin_menutrunk\miga_simple_calendar.php:228

actionadmin_inittrunk\miga_simple_calendar.php:229

Maintenance & Trust

Simple calendar for Elementor Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 22, 2026

PHP min version7.2

Downloads7K

Community Trust

Rating100/100

Number of ratings3

Active installs500

Alternatives

Simple calendar for Elementor Alternatives

WP Simple Booking Calendar

wp-simple-booking-calendar

This booking calendar shows when something is booked or available. Use it to show when your holiday home is available for rent, for example.

20K 4 CVEs

WP Booking System – Booking Calendar

wp-booking-system

The booking calendar plugin for WordPress. Get easy online booking with this lightweight and powerful booking calendar.

20K 7 CVEs

Pinpoint Booking System – Version 2

booking-system

Book anything, anytime, anywhere.

3K 13 CVEs

Booking System Trafft

booking-system-trafft

Trafft is a next-level booking system offering limitless opportunities for scheduling appointments and managing your calendar & all of your bookings.

500 2 CVEs

Redforts Hotel Booking Engine

oscar-hotel-booking-engine

100

This plugin integrates with Redforts Hotel Software, the all-in-one solution for hotels, hostels, apartments, villas, campings, and more.

300 No CVEs

Developer Profile

Simple calendar for Elementor Developer Profile

Michael

7 plugins · 10K total installs

trust score

Avg Security Score

98/100

Avg Patch Time

11 days

View full developer profile

Detection Fingerprints

How We Detect Simple calendar for Elementor

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/simple-calendar-for-elementor/styles/main.css/wp-content/plugins/simple-calendar-for-elementor/scripts/main.js/wp-content/plugins/simple-calendar-for-elementor/widget/includes/backend_events.php/wp-content/plugins/simple-calendar-for-elementor/widget/includes/backend_status.php/wp-content/plugins/simple-calendar-for-elementor/widget/includes/backend_calendars.php/wp-content/plugins/simple-calendar-for-elementor/styles/edit

Script Paths

simple-calendar-for-elementor/scripts/main.js

Version Parameters

simple-calendar-for-elementor/scripts/main.js?ver=1.0.1

HTML / DOM Fingerprints

CSS Classes

miga_calendarmiga_calendar_boxloading_spinnermiga_calendar_backendnav-tab-wrappernav-tabnav-tab-active

Data Attributes

data-calendardata-yeardata-month

JS Globals

miga_calendar

Shortcode Output

[simple-calendar-for-elementor]

FAQ