Does Simple Event Planner have any unpatched vulnerabilities?

No. All known vulnerabilities in Simple Event Planner have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Simple Event Planner compatible with WordPress 6.9.4?

According to WordPress.org data, Simple Event Planner 1.5.7 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Simple Event Planner compatible with PHP 7.4+?

Simple Event Planner requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Simple Event Planner updated?

Simple Event Planner was last updated on Jan 27, 2026. Frequent updates are generally a positive security signal.

What is Simple Event Planner's security score?

Simple Event Planner has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Simple Event Planner Security & Risk Analysis

wordpress.org/plugins/simple-event-planner

A powerful & flexible plugin to create event listing and event calendar on your website in a simple & elegant way.

1K active installs v1.5.7 PHP 7.4+ WP 4.5+ Updated Jan 27, 2026

event-calendareventslistingseminarvenue

A · Safe

CVEs total2

Unpatched0

Last CVEMar 23, 2022

Plugin page Download

Safety Verdict

Is Simple Event Planner Safe to Use in 2026?

Generally Safe

Score 99/100

Simple Event Planner has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Mar 23, 2022Updated 2mo ago

Risk Assessment

The "simple-event-planner" v1.5.7 plugin exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices by utilizing prepared statements for all SQL queries, performing capability checks on all identified AJAX handlers and shortcodes, and including nonce checks. There are no unpatched vulnerabilities in its history, and the code analysis indicates a clean record regarding file operations and external HTTP requests. However, the presence of three instances of the `unserialize` function is a significant concern, as it can lead to remote code execution vulnerabilities if not handled with extreme care and proper input validation. While the taint analysis did not flag any critical or high severity flows, one flow with an unsanitized path indicates a potential for subtle issues that might not be caught by automated analysis alone. The plugin's vulnerability history shows a pattern of Medium severity Cross-Site Scripting (XSS) vulnerabilities, with the last one occurring in March 2022. This history suggests a tendency for input sanitization issues that, while not critical, can still impact users. Overall, the plugin has strong foundations in secure coding practices but requires careful scrutiny of its `unserialize` usage and ongoing vigilance for potential XSS vulnerabilities.

Key Concerns

Dangerous function: unserialize detected
Vulnerability history: 2 medium severity CVEs
Taint flow with unsanitized path
Output escaping: 86% properly escaped (14% not)

Vulnerabilities

Simple Event Planner Security Vulnerabilities

CVEs by Year

2 CVEs in 2022

2022

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2022-25611medium · 5.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Simple Event Planner <= 1.5.4 - Authenticated Stored Cross-Site Scripting

Mar 23, 2022 Patched in 1.5.5 (670d)

CVE-2022-25612medium · 4.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Simple Event Planner plugin <= 1.5.4 - Cross-Site Scripting

Mar 23, 2022 Patched in 1.5.5 (670d)

Code Analysis

Analyzed Mar 16, 2026

Simple Event Planner Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

354 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$seg_array = unserialize($seg_array);includes\meta-boxes\class-simple-event-planner-meta-box-event-options.php:40

unserialize$seg_array = unserialize($seg_array);public\partials\simple-event-planner-template-functions.php:406

unserialize$seg_array = unserialize($seg_array);public\partials\simple-event-planner-template-functions.php:410

SQL Query Safety

100% prepared1 total queries

Output Escaping

86% escaped414 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

5 flows1 with unsanitized paths

sep_event_option_save (includes\class-simple-event-planner-ajax.php:47)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Simple Event Planner Attack Surface

Entry Points7

Unprotected0

AJAX Handlers 4

noprivwp_ajax_sep_event_option_saveincludes\class-simple-event-planner-ajax.php:30

authwp_ajax_sep_event_option_saveincludes\class-simple-event-planner-ajax.php:31

noprivwp_ajax_sep_search_eventsincludes\class-simple-event-planner-ajax.php:34

authwp_ajax_sep_search_eventsincludes\class-simple-event-planner-ajax.php:35

Shortcodes 3

[event_calendar] includes\shortcodes\class-simple-event-planner-shortcode-event-calendar.php:51

[event_listing] includes\shortcodes\class-simple-event-planner-shortcode-event-listing.php:35

[event_map] includes\shortcodes\class-simple-event-planner-shortcode-event-map.php:50

WordPress Hooks 39

actionadmin_menuadmin\class-simple-event-planner-admin-settings-init.php:80

actionadmin_headadmin\class-simple-event-planner-admin-shortcodes-generator.php:37

filtermce_external_pluginsadmin\class-simple-event-planner-admin-shortcodes-generator.php:39

filtermce_buttonsadmin\class-simple-event-planner-admin-shortcodes-generator.php:40

filtermce_external_pluginsadmin\class-simple-event-planner-admin-shortcodes-generator.php:64

filtermce_buttonsadmin\class-simple-event-planner-admin-shortcodes-generator.php:65

filteradmin_footer_textadmin\class-simple-event-planner-admin.php:69

actionenqueue_block_editor_assetsadmin\class-simple-event-planner-admin.php:72

filtersep_settings_tab_menusadmin\settings\class-simple-event-planner-color-options-settings.php:28

actionsep_general_settingsadmin\settings\class-simple-event-planner-color-options-settings.php:31

filtersep_settings_tab_menusadmin\settings\class-simple-event-planner-settings-api-key.php:29

actionsep_api_key_settingsadmin\settings\class-simple-event-planner-settings-api-key.php:32

filtersep_settings_tab_menusadmin\settings\class-simple-event-planner-template-settings.php:28

actionsep_appearance_settingsadmin\settings\class-simple-event-planner-template-settings.php:31

filtersep_settings_tab_menusadmin\settings\class-simple-event-planner-visual-layout.php:24

actionsep_visual_layoutadmin\settings\class-simple-event-planner-visual-layout.php:27

actionadd_meta_boxesincludes\class-simple-event-planner-meta-boxes-init.php:32

actionsave_post_event_listingincludes\class-simple-event-planner-meta-boxes-init.php:35

actionsep_save_event_listing_metaincludes\class-simple-event-planner-meta-boxes-init.php:38

actioninitincludes\class-simple-event-planner-post-type-event-listing.php:31

actionadmin_initincludes\class-simple-event-planner-post-type-event-listing.php:34

filtersingle_templateincludes\class-simple-event-planner-post-type-event-listing.php:49

filterarchive_templateincludes\class-simple-event-planner-post-type-event-listing.php:52

filtermanage_event_listing_posts_columnsincludes\class-simple-event-planner-post-type-event-listing.php:63

actionmanage_event_listing_posts_custom_columnincludes\class-simple-event-planner-post-type-event-listing.php:66

actionplugins_loadedincludes\class-simple-event-planner.php:167

actionadmin_enqueue_scriptsincludes\class-simple-event-planner.php:179

actionadmin_enqueue_scriptsincludes\class-simple-event-planner.php:180

actionwp_enqueue_scriptsincludes\class-simple-event-planner.php:192

actionwp_enqueue_scriptsincludes\class-simple-event-planner.php:193

actionafter_setup_themepublic\class-simple-event-planner-public.php:48

actionwp_headpublic\class-simple-event-planner-typography.php:29

filterbody_classpublic\partials\simple-event-planner-template-functions.php:117

actionsingle_event_listing_startpublic\partials\simple-event-planner-template-functions.php:747

actionsep_before_main_contentpublic\partials\simple-event-planner-template-functions.php:837

actionsep_after_main_contentpublic\partials\simple-event-planner-template-functions.php:848

filterposts_searchpublic\partials\simple-event-planner-template-functions.php:882

actionsep_event_listing_archive_viewspublic\partials\simple-event-planner-template-functions.php:980

actionin_plugin_update_message-simple-event-planner/simple-event-planner.phpsimple-event-planner.php:41

Maintenance & Trust

Simple Event Planner Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 27, 2026

PHP min version7.4

Downloads57K

Community Trust

Rating86/100

Number of ratings23

Active installs1K

Alternatives

Simple Event Planner Alternatives

My Calendar – Accessible Event Manager

my-calendar

Accessible WordPress event calendar plugin. Manage single or recurring events, event venues, and display your calendar anywhere on your site.

20K 16 CVEs

Events Widgets For Elementor And The Events Calendar

events-widgets-for-elementor-and-the-events-calendar

The Events Calendar Elementor widgets help you manage and display an upcoming events list with date, time, venue and event ticket booking details.

10K 1 CVE

Sugar Calendar – Events Calendar, Event Tickets, and Events Management Platform

sugar-calendar-lite

Easily manage events and sell tickets on your WordPress site. Sugar Calendar is easy-to-use, reliable, and exceptionally powerful. See for yourself.

10K 1 unpatched

Events Shortcodes For The Events Calendar

template-events-calendar

Add The Events Calendar shortcode or Gutenberg block to show upcoming events list with event details on any WordPress page using smart event filters.

10K 1 CVE

Eventin – Events Calendar, Event Booking, Ticket & Registration (AI Powered)

wp-event-solution

Create and manage events with a flexible WordPress events calendar plugin. Add recurring events, RSVP, ticket booking, and WooCommerce ticket selling …

10K 19 CVEs

Developer Profile

Simple Event Planner Developer Profile

PressTigers

12 plugins · 32K total installs

trust score

Avg Security Score

84/100

Avg Patch Time

317 days

View full developer profile

Detection Fingerprints

How We Detect Simple Event Planner

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/simple-event-planner/assets/css/simple-event-planner-admin.css/wp-content/plugins/simple-event-planner/assets/css/simple-event-planner-public.css/wp-content/plugins/simple-event-planner/assets/js/simple-event-planner-admin.js/wp-content/plugins/simple-event-planner/assets/js/simple-event-planner-public.js/wp-content/plugins/simple-event-planner/assets/js/date.js/wp-content/plugins/simple-event-planner/assets/js/moment.min.js/wp-content/plugins/simple-event-planner/assets/js/fullcalendar.min.js/wp-content/plugins/simple-event-planner/assets/js/gcal.min.js+1 more

Script Paths

/wp-content/plugins/simple-event-planner/assets/js/simple-event-planner-admin.js/wp-content/plugins/simple-event-planner/assets/js/simple-event-planner-public.js/wp-content/plugins/simple-event-planner/assets/js/date.js/wp-content/plugins/simple-event-planner/assets/js/moment.min.js/wp-content/plugins/simple-event-planner/assets/js/fullcalendar.min.js/wp-content/plugins/simple-event-planner/assets/js/gcal.min.js+1 more

Version Parameters

simple-event-planner/simple-event-planner.php?ver=simple-event-planner/assets/css/simple-event-planner-admin.css?ver=simple-event-planner/assets/css/simple-event-planner-public.css?ver=simple-event-planner/assets/js/simple-event-planner-admin.js?ver=simple-event-planner/assets/js/simple-event-planner-public.js?ver=simple-event-planner/assets/js/date.js?ver=simple-event-planner/assets/js/moment.min.js?ver=simple-event-planner/assets/js/fullcalendar.min.js?ver=simple-event-planner/assets/js/gcal.min.js?ver=simple-event-planner/assets/js/jquery.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

sep-wrapsep-container-fluidpt-wrapper-bgsep-col-lg-2sep-col-md-3sep-col-sm-4sep-col-xs-2form-msg+1417 more

HTML Comments

Data Attributes

data-wp-element="block"

JS Globals

sep_event_option_savesep_event_optionssep_event_settings_tab_menu

FAQ