[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f3iYkAWoT93FY5yVU7ZXSmiYX1gzHuOAUa61FVXCK3u0":3},{"slug":4,"name":4,"version":5,"author":6,"author_profile":7,"description":8,"short_description":9,"active_installs":10,"downloaded":11,"rating":12,"num_ratings":12,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":13,"tags":16,"homepage":22,"download_link":23,"security_score":24,"vuln_count":12,"unpatched_count":12,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":36,"analysis":135,"fingerprints":229},"ax-sidebar","1.31","Janar","https:\u002F\u002Fprofiles.wordpress.org\u002Ficeincube\u002F","\u003Cp>With this plugin you can add extra HTML or just plain text when posting a new page or post. That content will be displayed in sidebar widget. It is tested from WP 2.6 to 3.0.1.\u003C\u002Fp>\n","With this plugin you can add extra HTML or just plain text when posting a new page or post. That content will be displayed in sidebar widget.",10,5691,0,"","3.0.5","2.6",[17,18,19,20,21],"content","custom","post","sidebar","widget","http:\u002F\u002Feagerfish.eu\u002Fwordpress-plugin-ax-sidebar\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fax-sidebar.1.31.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":29,"display_name":6,"profile_url":7,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"iceincube",2,20,93,30,89,"2026-04-04T15:09:20.402Z",[37,63,79,99,118],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":13,"tags":52,"homepage":57,"download_link":58,"security_score":59,"vuln_count":60,"unpatched_count":12,"last_vuln_date":61,"fetched_at":62},"custom-post-widget","Content Blocks (Custom Post Widget)","3.4.1","Johan van der Wijk","https:\u002F\u002Fprofiles.wordpress.org\u002Fvanderwijk\u002F","\u003Cp>The \u003Ca href=\"http:\u002F\u002Fwww.vanderwijk.com\u002Fwordpress\u002Fwordpress-custom-post-widget\u002F?utm_source=wordpress&utm_medium=website&utm_campaign=custom_post_widget\" rel=\"nofollow ugc\">Content Blocks\u003C\u002Fa> allows you to display the contents of a specific custom post in a widget on in the content area using a shortcode.\u003C\u002Fp>\n\u003Cp>Even though you could use the text widget that comes with the default WordPress install, this plugin has some major benefits:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The Content Blocks plugin enables users to \u003Cstrong>use the WYSIWYG editor\u003C\u002Fstrong> for editing the content and adding images.\u003C\u002Fli>\n\u003Cli>If you are using the standard WordPress text widgets to display content on various areas of your template, this content can only be edited by users with administrator access. If you would like \u003Cstrong>non-administrator accounts to modify the widget content\u003C\u002Fstrong>, you can use this plugin to provide them access to the custom posts that provide the content for the widget areas.\u003C\u002Fli>\n\u003Cli>You can even use the \u003Cstrong>featured image functionality\u003C\u002Fstrong> to display them in a widget.\u003C\u002Fli>\n\u003Cli>The Content Blocks plugin is \u003Cstrong>compatible with the WPML\u003C\u002Fstrong> Multi-Language plugin and automatically shows the correct language in the widget area.\u003C\u002Fli>\n\u003Cli>The Content Blocks can be included in posts and pages using the \u003Cstrong>built-in shortcode functionality\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin creates a ‘content_block’ custom post type. You can choose to either display the title on the page or use it to describe the contents and widget position of the content block. Note that these content blocks can only be displayed in the context of the page. I have added ‘public’ => false to the custom post type which means that it is not accessible outside the page context.\u003C\u002Fp>\n\u003Cp>To add content to a widget, drag it to the required position in the sidebar and select the title of the custom post in the widget configuration.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Includes the following translations:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Swedish (sv_SE) by \u003Ca href=\"http:\u002F\u002Fkrokedil.se\" rel=\"nofollow ugc\">Andreas Larsson\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Spanish (es_ES) by \u003Ca href=\"https:\u002F\u002Fwww.ibidemgroup.com\" rel=\"nofollow ugc\">IBIDEM GROUP\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Portuguese (pt_BR) by Ronaldo Chevalier\u003C\u002Fli>\n\u003Cli>Polish (pl_PL) by Kuba Skublicki\u003C\u002Fli>\n\u003Cli>Dutch (nl_NL) by \u003Ca href=\"https:\u002F\u002Fvanderwijk.nl\" rel=\"nofollow ugc\">Johan van der Wijk\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Czech (cs_CZ) by \u003Ca href=\"http:\u002F\u002Fjsemweb.cz\u002F\" rel=\"nofollow ugc\">Martin Kucera\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fcustom-post-widget\" rel=\"nofollow ugc\">More translations are very welcome!\u003C\u002Fa>\u003C\u002Fp>\n","This plugin enables you to edit and display Content Blocks in a sidebar widget or using a shortcode.",10000,727658,98,80,"2026-01-27T13:29:00.000Z","6.9.4","4.6",[53,54,55,56,21],"block","content-block","custom-post","shortcode","https:\u002F\u002Fvanderwijk.com\u002Fwordpress\u002Fwordpress-custom-post-widget\u002F?utm_source=wordpress&utm_medium=plugin&utm_campaign=custom_post_widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-post-widget.3.4.1.zip",96,5,"2025-02-19 21:17:14","2026-03-15T15:16:48.613Z",{"slug":64,"name":65,"version":66,"author":67,"author_profile":68,"description":69,"short_description":70,"active_installs":71,"downloaded":72,"rating":24,"num_ratings":30,"last_updated":73,"tested_up_to":74,"requires_at_least":75,"requires_php":13,"tags":76,"homepage":13,"download_link":77,"security_score":78,"vuln_count":12,"unpatched_count":12,"last_vuln_date":25,"fetched_at":62},"content-widget","Content Widget","0.4.2","shazdeh","https:\u002F\u002Fprofiles.wordpress.org\u002Fshazdeh\u002F","\u003Cp>With this plugin you can display the content of a post (of any type) in a widget area. You can also limit number of words, change the delimiter and add a read more link to it.\u003C\u002Fp>\n\u003Cp>This means, in a widgetized theme, you can move the content around and arrange it however you like, and even reuse it in multiple places. Also comes in handy if you want your client to be in charge of the content, without having access to the Widgets manager.\u003C\u002Fp>\n\u003Cp>Since 0.3 you can also query for a random post, or the latest post and limit it by category and offset.\u003C\u002Fp>\n","A widget that allows you to display the content of a post (of any type) in a widget area.",400,11955,"2016-08-30T18:20:00.000Z","4.6.30","3.3",[17,19,20,21],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontent-widget.zip",85,{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":71,"downloaded":87,"rating":24,"num_ratings":88,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":13,"tags":92,"homepage":97,"download_link":98,"security_score":78,"vuln_count":12,"unpatched_count":12,"last_vuln_date":25,"fetched_at":62},"widget-entries","Widget Entries","0.1","marquex","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarquex\u002F","\u003Cp>The text widget that comes with WordPress is one of the its most useful features because of its power and flexibility. It admits HTML code but it is not very comfortable to code in that small box, so that is the reason because some WYSIWYG widgets were created some later, you can add images, and format the text easily.\u003C\u002Fp>\n\u003Cp>But widgets are pieces of our sites intended to change some often, and it would be nice to have revisions, or upload images just for them, use shortcodes… cutting the story short, to \u003Cstrong>handle widgets as they were posts\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>Widget Entries plugin creates the Widget post-type in the administration area to make easier the edition of the text widgets, and also register a new widget to import the widget entries easily.\u003C\u002Fp>\n\u003Cp>This way of working has many advantages:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>You can format your widget with the WordPress editor.\u003C\u002Fli>\n\u003Cli>You can upload images directly to be shown in your widgets.\u003C\u002Fli>\n\u003Cli>You can have widgets drafts.\u003C\u002Fli>\n\u003Cli>You can use shortcodes inside your widget.\u003C\u002Fli>\n\u003Cli>You can get back to a previous version of your widgets thanks to the revision feature.\u003C\u002Fli>\n\u003Cli>You can export your widgets contents.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>And you have more benefits like \u003Cstrong>using php scripts inside the widgets\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>This is the best way to manage your widgets when your theme has several sidebars, or different sidebars for every page. I recommend to use the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fcustom-sidebars\u002F\" rel=\"ugc\">Custom Sidebars plugin\u003C\u002Fa> to create and assign sidebars to posts and pages.\u003C\u002Fp>\n\u003Cp>This plugin uses the \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fusers\u002Fvtardia\u002F\" rel=\"nofollow ugc\">vtardia’s\u003C\u002Fa> \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fimproved-include-page\u002F\" rel=\"ugc\">Improved Include Page Plugin\u003C\u002Fa> to show the Widget posts. Thanks for his outstanding job.\u003C\u002Fp>\n\u003Cp>Translations are welcome! I will write your name down here if you donate your translation work. Thanks very much to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>marquex – English\u003C\u002Fli>\n\u003Cli>marquex – Spanish\u003C\u002Fli>\n\u003C\u002Ful>\n","Widget Entries plugin creates the Widget post-type in the administration area to make easier the edition of the text widgets, and it also register a n …",18235,1,"2011-01-24T13:28:00.000Z","3.1.4","3.0",[93,94,95,96,21],"custom-widgets","php","post-type","sidebars","http:\u002F\u002Fmarquex.posterous.com\u002Fpages\u002Fwidget-entries","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-entries.zip",{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":24,"downloaded":107,"rating":108,"num_ratings":109,"last_updated":110,"tested_up_to":111,"requires_at_least":75,"requires_php":13,"tags":112,"homepage":13,"download_link":117,"security_score":78,"vuln_count":12,"unpatched_count":12,"last_vuln_date":25,"fetched_at":62},"cpt-calender-widget","CPT Calender Widget for WordPress","1.0.0","Ahir Hemant","https:\u002F\u002Fprofiles.wordpress.org\u002Fhemant-ahir\u002F","\u003Col>\n\u003Cli>Create Custom Post and  and select CPT from dropdown.\u003C\u002Fli>\n\u003Cli>CPT Calnder Widget for WordPress is the easiest way to Display CPT Calnder in page and post\u003C\u002Fli>\n\u003Cli>Create Custom Post type Select from deropdown and add widget in sidebar.\u003C\u002Fli>\n\u003Cli>feel free to contact me via support \u003C\u002Fli>\n\u003Cli>please rate this plugin,Thanks \u003C\u002Fli>\n\u003Cli>enjoy!\u003Cbr \u002F>\nplease check installation and screenshot tab for more idea!.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Fully integrated \u003C\u002Fli>\n\u003Cli>Fully responsive design\u003C\u002Fli>\n\u003C\u002Ful>\n","Create Custom Post and  and select CPT from dropdown.",9683,94,3,"2015-09-24T16:35:00.000Z","4.3.34",[113,114,115,100,116],"calendar","calendar-sidebar","calendar-widget","custom-post-type-calendar","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcpt-calender-widget.zip",{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":24,"downloaded":126,"rating":24,"num_ratings":109,"last_updated":127,"tested_up_to":128,"requires_at_least":129,"requires_php":13,"tags":130,"homepage":133,"download_link":134,"security_score":78,"vuln_count":12,"unpatched_count":12,"last_vuln_date":25,"fetched_at":62},"last-updated","last updated","2.1","hobbeshunter","https:\u002F\u002Fprofiles.wordpress.org\u002Fwudi96\u002F","\u003Cp>EN:\u003C\u002Fp>\n\u003Cp>Provides a widget that displays posts (all post-types supported, custom as well) marked as significantly updated with the date of the update (optionally).\u003C\u002Fp>\n\u003Cp>Settings:\u003Cbr \u002F>\n* Widget Title\u003Cbr \u002F>\n* Amount\u003Cbr \u002F>\n* Post-Types\u003Cbr \u002F>\n* Whether the date of the update should be displayed or not.\u003C\u002Fp>\n\u003Cp>DE:\u003C\u002Fp>\n\u003Cp>Dieses Plugin stellt ein Widget zur Verfügung, das zuletzt aktualisierte Beiträge (alle Veröffentlichungsarten werden unterstützt, auch custom post-types) mit dem dazugehörigen Datumm der Aktualisierung (optional) anzeigt.\u003C\u002Fp>\n\u003Cp>Einstellungen:\u003Cbr \u002F>\n* Widget Titel\u003Cbr \u002F>\n* Anzahl\u003Cbr \u002F>\n* Veröffentlichungsarten\u003Cbr \u002F>\n* Ob das Datum der Veröffentlichung angezeigt werden soll oder nicht.\u003C\u002Fp>\n\u003Cp>Sehen Sie auch hier vorbei: http:\u002F\u002Fwww.martin.wudenka.de\u002Fwordpress-widget-zuletzt-aktualisierte-posts-anzeigen\u003C\u002Fp>\n","Mark posts as significantly updated an display them in a widget.",10661,"2015-10-18T13:46:00.000Z","4.4.34","3.8",[131,119,20,132,21],"custom-post-type","simple","http:\u002F\u002Fwww.martin.wudenka.de\u002Fwordpress-widget-zuletzt-aktualisierte-posts-anzeigen\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flast-updated.2.1.zip",{"attackSurface":136,"codeSignals":160,"taintFlows":196,"riskAssessment":215,"analyzedAt":228},{"hooks":137,"ajaxHandlers":156,"restRoutes":157,"shortcodes":158,"cronEvents":159,"entryPointCount":12,"unprotectedCount":12},[138,145,149,152],{"type":139,"name":140,"callback":141,"priority":142,"file":143,"line":144},"action","init","initAxSidebar",11,"axsidebar.php",35,{"type":139,"name":146,"callback":147,"file":143,"line":148},"edit_page_form","axSideBarPageEditShow",36,{"type":139,"name":150,"callback":147,"file":143,"line":151},"edit_form_advanced",37,{"type":139,"name":153,"callback":154,"file":143,"line":155},"save_post","axSidebarSave",38,[],[],[],[],{"dangerousFunctions":161,"sqlUsage":162,"outputEscaping":176,"fileOperations":12,"externalRequests":12,"nonceChecks":12,"capabilityChecks":12,"bundledLibraries":195},[],{"prepared":12,"raw":163,"locations":164},4,[165,168,171,174],{"file":143,"line":166,"context":167},57,"$wpdb->query() with variable interpolation",{"file":143,"line":169,"context":170},74,"$wpdb->get_results() with variable interpolation",{"file":143,"line":172,"context":173},108,"$wpdb->get_var() with variable interpolation",{"file":143,"line":175,"context":170},206,{"escaped":12,"rawEcho":177,"locations":178},8,[179,182,184,185,187,189,191,193],{"file":143,"line":180,"context":181},88,"raw output",{"file":143,"line":183,"context":181},92,{"file":143,"line":108,"context":181},{"file":143,"line":186,"context":181},211,{"file":143,"line":188,"context":181},215,{"file":143,"line":190,"context":181},219,{"file":143,"line":192,"context":181},221,{"file":143,"line":194,"context":181},224,[],[197],{"entryPoint":198,"graph":199,"unsanitizedCount":30,"severity":214},"\u003Caxsidebar> (axsidebar.php:0)",{"nodes":200,"edges":211},[201,206],{"id":202,"type":203,"label":204,"file":143,"line":205},"n0","source","$_POST (x2)",47,{"id":207,"type":208,"label":209,"file":143,"line":183,"wp_function":210},"n1","sink","echo() [XSS]","echo",[212],{"from":202,"to":207,"sanitized":213},false,"low",{"summary":216,"deductions":217},"The \"ax-sidebar\" plugin v1.31 presents a mixed security posture.  On one hand, the absence of known CVEs and a lack of recorded vulnerability history suggest a potentially well-maintained or less targeted plugin. The static analysis also indicates a small attack surface, with no detected AJAX handlers, REST API routes, shortcodes, or cron events, which is a positive sign for reducing exposure. However, several critical security concerns are highlighted by the code analysis. The presence of SQL queries without prepared statements is a significant risk, as it can lead to SQL injection vulnerabilities. Furthermore, the fact that 100% of output is not properly escaped means that any data rendered by the plugin could be susceptible to cross-site scripting (XSS) attacks. The taint analysis revealing a flow with unsanitized paths, even without a critical or high severity classification, indicates a potential for sensitive data to be mishandled or exposed.",[218,220,222,224,226],{"reason":219,"points":10},"Raw SQL queries used",{"reason":221,"points":177},"No output escaping",{"reason":223,"points":60},"Unsanitized path flow found",{"reason":225,"points":60},"No capability checks",{"reason":227,"points":60},"No nonce checks","2026-03-16T23:15:44.135Z",{"wat":230,"direct":236},{"assetPaths":231,"generatorPatterns":233,"scriptPaths":234,"versionParams":235},[232],"\u002Fwp-content\u002Fplugins\u002Fax-sidebar\u002Faxsidebar.php",[],[],[],{"cssClasses":237,"htmlComments":239,"htmlAttributes":243,"restEndpoints":251,"jsGlobals":252,"shortcodeOutput":253},[238],"postboxAxSidebar",[240,241,242,240,241,242],"\u003C!-- Post or page id -->","\u003C!-- The content -->","\u003C!-- The widget title -->",[244,245,246,247,248,249,250],"name=\"ax_sidebar\"","name=\"ax_sidebar[0]\"","name=\"ax_sidebar[1]\"","name=\"ax_sidebar_show_only_on_single_page\"","name=\"ax_sidebar_show_without_title\"","name=\"ax_sidebar_show_without_ul_li\"","name=\"ax_sidebar_save_values\"",[],[],[]]