Source evidence

Security Vulnerabilities Identified in moment.js v2.24.0

Events Widgets For Elementor And The Events Calendar · support · 2025-10-16T15:44:00+00:00

Events Widgets For Elementor And The Events Calendar plugin evidence original source source API

mixedsentiment

highseverity

0.94relevance

3replies

Evidence linked to opportunitycommercial context

Proof Health

Open evidence

Commercial opportunities need traceable source links before they are treated as build-worthy.

7 / 35 rows with source links

20.0% of this page's analysis has direct source links.

0 build-decision rows missing links

0 rows here require auditable proof before promotion.

28 rows with no attached evidence

0 rows have source counts but still need direct links.

Conversation

support

grreingold2 resolved

During a recent security scan conducted earlier this week, we identified that your plugin is using the JavaScript library moment.js, version 2.24.0 , which contains known major vulnerabilities: CVE-2022-31129 CVE-2022-24785 Could you update moment.js as soon as possible please? Solution: Upgrade moment to version 2.29.4 or higher. Thank you. Hi @grreingold2 , Thank you for bringing this to our attention. We’ve addressed the reported vulnerabilities related to moment.js (CVE-2022-31129 and CVE-2022-24785) . The issue has been resolved in the latest release — version 1.26.6 , where moment.js has been upgraded to version 2.30.1 to ensure enhanced security and compliance. We recommend updating to version 1.26.6 at your earliest convenience. If you still face any issues after updating, please let us know — we’ll be happy to assist further. Thanks & Regards Thanks! Much appreciated. Hi @grreingold2 , If our support has been helpful for you, we’d really appreciate it if you could take a minute to leave us a positive review here: https://wordpress.org/support/plugin/events-widgets-for-elementor-and-the-events-calendar/reviews/#new-post Your feedback means a lot to us and helps motivate our team to keep improving. Thanks & Regards

Commercial Context

Opportunity

booking revenue assurance

Events booking flow assurance for keeping booking availability and appointment flows working

Buyer: service businesses and booking-site builders

Wedge: test events availability, booking notifications, payment handoffs, and calendar sync

Proof Blocked card complete market

Analysis

heuristic-v1

Summary: Security Vulnerabilities Identified in moment.js v2.24.0: users show security, bugs, compatibility pain that may indicate a product gap.

Evidence quote: Security Vulnerabilities Identified in moment.js v2.24.0 During a recent security scan conducted earlier this week, we identified that your plugin is using the JavaScript library moment.js, version 2.24.0 , which contains known major vulnerabilities: CVE-2022-31129 CVE-2022-24785 Could you update moment.js as soon as possible please?

Affected feature: elementor

security bugs compatibility support

Plugin

API

Events Widgets For Elementor And The Events Calendar

10.0K active installs · 378.5K downloads · rating 90.0

elementor widget event calendar events events calendar the events calendar

Comments

3 shown

Vishali Tayal 2025-10-17T06:56:00+00:00

Hi @grreingold2 , Thank you for bringing this to our attention. We’ve addressed the reported vulnerabilities related to moment.js (CVE-2022-31129 and CVE-2022-24785) . The issue has been resolved in the latest release — version 1.26.6 , where moment.js has been upgraded to version 2.30.1 to ensure enhanced security and compliance. We recommend updating to version 1.26.6 at your earliest convenience. If you still face any issues after updating, please let us know — we’ll be happy to assist further. Thanks & Regards

grreingold2 2025-10-23T19:19:00+00:00

Thanks! Much appreciated.

Vishali Tayal 2025-10-24T04:30:00+00:00

Hi @grreingold2 , If our support has been helpful for you, we’d really appreciate it if you could take a minute to leave us a positive review here: https://wordpress.org/support/plugin/events-widgets-for-elementor-and-the-events-calendar/reviews/#new-post Your feedback means a lot to us and helps motivate our team to keep improving. Thanks & Regards