Does Talika have any unpatched vulnerabilities?

No. All known vulnerabilities in Talika have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Talika compatible with WordPress 5.9.13?

According to WordPress.org data, Talika 1.0.0 has been tested up to WordPress 5.9.13. Check the plugin's changelog for the latest compatibility information.

Is Talika compatible with PHP 7.0+?

Talika requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Talika updated?

Talika was last updated on Apr 5, 2022. Frequent updates are generally a positive security signal.

What is Talika's security score?

Talika has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Talika Security & Risk Analysis

wordpress.org/plugins/talika

Talika is an easy to use free appointment and scheduling plugin suitable for any business niche offering a range of services to their customers.

0 active installs v1.0.0 PHP 7.0+ WP 5.1+ Updated Apr 5, 2022

appointment-bookingappointmentsbookingcalendarscheduling

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Talika Safe to Use in 2026?

Generally Safe

Score 85/100

Talika has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

The "talika" plugin v1.0.0 exhibits a generally good security posture, with several strong practices in place. The plugin demonstrates a commitment to secure coding by utilizing prepared statements for all SQL queries and properly escaping the vast majority of its output. Furthermore, the absence of known CVEs and a clean vulnerability history are positive indicators. The plugin also avoids bundling external libraries, which can often introduce vulnerabilities. However, there are notable areas of concern regarding the attack surface. Specifically, the presence of an unprotected AJAX handler and a REST API route without permission callbacks introduces potential attack vectors. While taint analysis and static code signals for dangerous functions are clean, these unprotected entry points remain a significant risk that could be exploited by unauthenticated users. The plugin also has a single external HTTP request, which, while not inherently a vulnerability, could become one if the external service is compromised or if the request is not handled securely.

Key Concerns

Unprotected AJAX handler
REST API route without permission callback
Single external HTTP request

Vulnerabilities

None known

Talika Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Talika Code Analysis

Dangerous Functions

Raw SQL Queries

34 prepared

Unescaped Output

94 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared34 total queries

Output Escaping

99% escaped95 total outputs

Attack Surface

2 unprotected

Talika Attack Surface

Entry Points8

Unprotected2

AJAX Handlers 2

authwp_ajax_sendTestMailincludes\classes\class-admin-ajax.php:23

authwp_ajax_get_talika_fonts_listincludes\classes\class-talika-fonts-manager.php:791

REST API Routes 2

GET/wp-json/talika/v1/authincludes\api\inc\endpoints\class-talika-rest-auth-controller.php:14

GET/wp-json/talika/v1/uidincludes\api\inc\endpoints\class-talika-rest-auth-controller.php:29

Shortcodes 4

[talika_booking_form] includes\classes\class-shortcode.php:15

[talika_service_list] includes\classes\class-shortcode.php:16

[talika_staff_list] includes\classes\class-shortcode.php:17

[talika_location_list] includes\classes\class-shortcode.php:18

WordPress Hooks 38

filterdetermine_current_userincludes\api\inc\class-talika-rest-authentication.php:39

filterdetermine_current_userincludes\api\inc\class-talika-rest-authentication.php:50

filterrest_authentication_errorsincludes\api\inc\class-talika-rest-authentication.php:68

actionrest_api_initincludes\api\inc\endpoints\class-talika-rest-analytics-controller.php:902

actionrest_api_initincludes\api\inc\endpoints\class-talika-rest-appointment-controller.php:882

actionrest_api_initincludes\api\inc\endpoints\class-talika-rest-auth-controller.php:122

actionrest_api_initincludes\api\inc\endpoints\class-talika-rest-customers-controller.php:894

actionrest_api_initincludes\api\inc\endpoints\class-talika-rest-global-controller.php:683

actionrest_api_initincludes\api\inc\endpoints\class-talika-rest-locations-controller.php:717

actionrest_api_initincludes\api\inc\endpoints\class-talika-rest-notifications-controller.php:432

actionrest_api_initincludes\api\inc\endpoints\class-talika-rest-services-controller.php:1484

actionrest_api_initincludes\api\inc\endpoints\class-talika-rest-staffs-controller.php:841

actionenqueue_block_assetsincludes\classes\class-blocks.php:30

actionenqueue_block_editor_assetsincludes\classes\class-blocks.php:60

filterblock_categories_allincludes\classes\class-blocks.php:98

filterdetermine_current_userincludes\classes\class-talika-jwt-handler.php:38

actiontalika_status_notificationsincludes\functions\EmailHelpers.php:101

actionpre_get_postsincludes\TalikaAPP.php:69

filterget_terms_orderbyincludes\TalikaAPP.php:72

filterwp_get_object_termsincludes\TalikaAPP.php:73

filterget_termsincludes\TalikaAPP.php:74

actioninitincludes\TalikaAPP.php:76

actionadmin_menuincludes\TalikaAPPAdmin.php:35

actionadmin_enqueue_scriptsincludes\TalikaAPPAdmin.php:36

actionadmin_enqueue_scriptsincludes\TalikaAPPAdmin.php:38

actionadmin_initincludes\TalikaAPPAdmin.php:42

actionin_admin_headerincludes\TalikaAPPAdmin.php:45

actionwp_enqueue_scriptsincludes\TalikaAPPPublic.php:50

actionwpincludes\TalikaAPPPublic.php:51

actionwp_headincludes\TalikaAPPPublic.php:52

actioninitincludes\TalikaAPPRegisterRequiredPostType.php:45

actioninitincludes\TalikaAPPRegisterRequiredPostType.php:48

actioninitincludes\TalikaAPPRegisterRequiredPostType.php:49

actioninitincludes\TalikaAPPRegisterRequiredPostType.php:52

actionrest_api_initincludes\TalikaAPPRegisterRequiredPostType.php:53

actionrest_api_initincludes\TalikaAPPRegisterRequiredPostType.php:54

actionrest_api_initincludes\TalikaAPPRegisterRequiredPostType.php:55

actionrest_api_initincludes\TalikaAPPRegisterRequiredPostType.php:56

Maintenance & Trust

Talika Maintenance & Trust

Maintenance Signals

WordPress version tested5.9.13

Last updatedApr 5, 2022

PHP min version7.0

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Talika Alternatives

Easy Appointment Booking & Scheduling System – Webba Booking Calendar

webba-booking-lite

Free Appointment Booking Plugin 📅 Unlimited appointments, booking management, calendar sync, notifications, 5* support = powerful booking system!

3K 7 CVEs

Hydra Booking — Appointment Scheduling & Booking Calendar

hydra-booking

A complete appointment scheduling and booking calendar for WordPress — integrates with WooCommerce, Google Calendar, Zoom, and more.

2K 8 CVEs

Timetics – Appointment Booking Calendar & Scheduling System

timetics

Appointment booking system for Professionals — schedule, manage calendars, accept payments, send reminders & automate bookings easily.

2K 8 CVEs

Ultimate Appointment Booking & Scheduling

ultimate-appointment-scheduling

100

Appointment booking calendar and scheduling plugin that lets you set up different services, service providers, locations and availability

90 1 CVE

Sugar Calendar Bookings Scheduling Appointments Lite

sugar-calendar-bookings-scheduling-appointments-lite

100

The easiest appointment booking plugin for WordPress. Create booking forms, manage services & schedules, and accept Stripe payments.

10 No CVEs

Developer Profile

Talika Developer Profile

Kraft Plugins

5 plugins · 23K total installs

trust score

Avg Security Score

92/100

Avg Patch Time

5 days

View full developer profile

Detection Fingerprints

How We Detect Talika

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/talika/app/build/blocksPublic.css/wp-content/plugins/talika/assets/dist/fontawesome/css/all.min.css/wp-content/plugins/talika/app/build/blocks.js/wp-content/plugins/talika/app/build/blockscss.css

Script Paths

/wp-content/plugins/talika/app/build/blocks.js

Version Parameters

talika/app/build/blocks.js?ver=talika/app/build/blockscss.css?ver=

HTML / DOM Fingerprints

CSS Classes

talika-add-appointment-button

Data Attributes

data-talika-settings

JS Globals

wpapp

FAQ