[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fsaGcFn3zqqpF1wxBCWuZErkh5MFBaxyQW1ZK6-PJ6PM":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":37,"analysis":135,"fingerprints":248},"block-widgets-monster","Block Widgets Monster","1.0.4","RGB Lab","https:\u002F\u002Fprofiles.wordpress.org\u002Frgblab\u002F","\u003Cp>Block Widgets Monster is a free WordPress plugin that will allow you to test multiple WordPress and\u002For WooCommerce block\u002Flegacy widgets with ease.\u003C\u002Fp>\n\u003Cp>Here is a list of supported widgets.\u003C\u002Fp>\n\u003Cp>WordPress legacy widgets:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Archives (2 instances – list and dropdown)\u003C\u002Fli>\n\u003Cli>Calendar\u003C\u002Fli>\n\u003Cli>Categories (2 instances – list and dropdown)\u003C\u002Fli>\n\u003Cli>Pages\u003C\u002Fli>\n\u003Cli>Meta\u003C\u002Fli>\n\u003Cli>Nav menu\u003C\u002Fli>\n\u003Cli>Recent comments\u003C\u002Fli>\n\u003Cli>Recent posts\u003C\u002Fli>\n\u003Cli>RSS\u003C\u002Fli>\n\u003Cli>Search\u003C\u002Fli>\n\u003Cli>Text (with content for theme unit test)\u003C\u002Fli>\n\u003Cli>Tag cloud\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>WordPress block widgets:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Archives (2 instances – list and dropdown)\u003C\u002Fli>\n\u003Cli>Calendar\u003C\u002Fli>\n\u003Cli>Categories (2 instances – list and dropdown)\u003C\u002Fli>\n\u003Cli>Latest comments (2 instances – list with\u002Fwithout avatar)\u003C\u002Fli>\n\u003Cli>Latest posts (2 instances – list with\u002Fwithout image)\u003C\u002Fli>\n\u003Cli>Login\u002Fout (2 instances – link and form)\u003C\u002Fli>\n\u003Cli>Page list\u003C\u002Fli>\n\u003Cli>RSS\u003C\u002Fli>\n\u003Cli>Social icons\u003C\u002Fli>\n\u003Cli>Search (5 instances – button inside\u002Foutside, button with icon\u002Ftext and only text field)\u003C\u002Fli>\n\u003Cli>Tag cloud\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>WooCommerce legacy widgets:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Cart\u003C\u002Fli>\n\u003Cli>Product search\u003C\u002Fli>\n\u003Cli>Layered nav filter\u003C\u002Fli>\n\u003Cli>Layered nav (2 instances – list and multiselect dropdown)\u003C\u002Fli>\n\u003Cli>Price filter\u003C\u002Fli>\n\u003Cli>Product categories (2 instances – list and dropdown)\u003C\u002Fli>\n\u003Cli>Product tag cloud\u003C\u002Fli>\n\u003Cli>All products (3 instances – all, featured and on sale)\u003C\u002Fli>\n\u003Cli>Recent reviews\u003C\u002Fli>\n\u003Cli>Recently viewed products\u003C\u002Fli>\n\u003Cli>Top rated products\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>WooCommerce block widgets:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>All reviews\u003C\u002Fli>\n\u003Cli>Featured category\u003C\u002Fli>\n\u003Cli>Featured product\u003C\u002Fli>\n\u003Cli>Hand picked products\u003C\u002Fli>\n\u003Cli>Best selling products\u003C\u002Fli>\n\u003Cli>Product categories (3 instances – list with\u002Fwithout image and dropdown)\u003C\u002Fli>\n\u003Cli>Products by category\u003C\u002Fli>\n\u003Cli>Newest products\u003C\u002Fli>\n\u003Cli>On sale products\u003C\u002Fli>\n\u003Cli>Products by attribute\u003C\u002Fli>\n\u003Cli>Top rated products\u003C\u002Fli>\n\u003Cli>Product search (5 instances – button inside\u002Foutside, button with icon\u002Ftext and only text field)\u003C\u002Fli>\n\u003Cli>Products by tag\u003C\u002Fli>\n\u003Cli>Filter products by price (2 instances – editable and regular price values)\u003C\u002Fli>\n\u003Cli>Filter products by stock\u003C\u002Fli>\n\u003Cli>Mini cart\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can check out Block Widgets Monster plugin in action \u003Ca href=\"http:\u002F\u002Fdemo.rgblab.net\u002Fblock-widgets-monster\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Need help? Have feature request? Visit \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fblock-widgets-monster\" rel=\"ugc\">support thread\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Please consider donating even a small sum via \u003Ca href=\"https:\u002F\u002Fwww.paypal.me\u002Frgblab\" rel=\"nofollow ugc\">PayPal\u003C\u002Fa>.\u003C\u002Fp>\n","Quick and easy testing of multiple WordPress and\u002For WooCommerce block\u002Flegacy widgets. Not intended for production use.",40,3294,100,2,"2025-10-05T07:57:00.000Z","6.8.5","5.8","5.6",[20,21,22,23,24],"debug","monster-widget","theme-development","widget","woocommerce-widget-bundle","http:\u002F\u002Fdemo.rgblab.net\u002Fblock-widgets-monster\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblock-widgets-monster.zip",0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":33,"avg_security_score":13,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"rgblab",50,30,94,"2026-04-04T02:41:52.266Z",[38,55,79,98,121],{"slug":21,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":13,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":51,"download_link":53,"security_score":54,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"Monster Widget","0.3","Automattic","https:\u002F\u002Fprofiles.wordpress.org\u002Fautomattic\u002F","\u003Cp>The Monster widget consolidates all 13 core widgets into a single widget enabling theme developers to create multiple instances with ease. It has been created to save time during theme development and review by minimizing the steps needed to populate a sidebar with widgets. The Monster widget is not designed for use in production.\u003C\u002Fp>\n","Provides a quick and easy method of adding all core widgets to a sidebar for testing purposes.",1000,160640,8,"2017-11-10T15:47:00.000Z","4.9.29","3.2.0","",[20,22,23],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmonster-widget.zip",85,{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":65,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":70,"tags":71,"homepage":75,"download_link":76,"security_score":65,"vuln_count":77,"unpatched_count":27,"last_vuln_date":78,"fetched_at":29},"dashboard-widgets-suite","Dashboard Widgets Suite","3.5","Jeff Starr","https:\u002F\u002Fprofiles.wordpress.org\u002Fspecialk\u002F","\u003Cp>1 Plugin. 9 Widgets. Awesome Dashboard.\u003C\u002Fp>\n\u003Cp>\u003Cem>Add new widgets to your WordPress Dashboard. Streamline your workflow and optimize productivity.\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Widgets\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Dashboard Widgets Suite provides awesome widgets that you can add to your Dashboard with a click:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Control Panel\u003C\u002Fstrong> – Control widgets directly from the Dashboard\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Notes\u003C\u002Fstrong>    – Add, edit, delete notes for any user role\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Feed Box\u003C\u002Fstrong>      – Display and customize any RSS Feed\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Social Box\u003C\u002Fstrong>    – Display social links from Twitter, Facebook, etc.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>List Box\u003C\u002Fstrong>      – Display custom lists created via the Menu screen\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Widget Box\u003C\u002Fstrong>    – Display any theme or WP widget (e.g., Search, Text)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>System Info\u003C\u002Fstrong>   – Display basic or advanced system information\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Debug Log\u003C\u002Fstrong>     – Display, customize, reset your WP debug log\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PHP Error Log\u003C\u002Fstrong> – Display, customize, reset your server error log\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Each widget includes its own set of options for customizing display 🙂\u003C\u002Fp>\n\u003Cp>The notes widget is super awesome, designed for serious note takers. You can choose from 3 note formats: Text, HTML, or Code. Check out \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdashboard-widgets-suite\u002F#installation\" rel=\"ugc\">Installation\u003C\u002Fa> for more about the User Notes Widget.\u003C\u002Fp>\n\u003Cp>\u003Cem>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fsupport\u002F#contact\" rel=\"nofollow ugc\">Suggest a widget!\u003C\u002Fa>\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Dashboard Widgets Suite provides a slick set of useful Dashboard widgets with some great features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Includes 9 awesome Dashboard widgets\u003C\u002Fli>\n\u003Cli>Easy to set up and customize options\u003C\u002Fli>\n\u003Cli>Regularly updated and “future proof”\u003C\u002Fli>\n\u003Cli>Secure, clean, error-free code\u003C\u002Fli>\n\u003Cli>Built with the WordPress API\u003C\u002Fli>\n\u003Cli>Lightweight, fast and flexible\u003C\u002Fli>\n\u003Cli>Focused on performance, loads only enabled widgets\u003C\u002Fli>\n\u003Cli>Enable\u002Fdisable widgets via Dashboard or plugin settings\u003C\u002Fli>\n\u003Cli>Option to restore 1-column display for the Dashboard\u003C\u002Fli>\n\u003Cli>Shortcodes to display widgets on the frontend\u003C\u002Fli>\n\u003Cli>Many options for customizing widget display\u003C\u002Fli>\n\u003Cli>Works perfectly with or without Gutenberg\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdashboard-widgets-suite\u002Fscreenshots\u002F\" rel=\"ugc\">Check out the Screenshots\u003C\u002Fa> for more details!\u003C\u002Fp>\n\u003Cp>\u003Cem>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fsupport\u002F#contact\" rel=\"nofollow ugc\">Suggest a feature!\u003C\u002Fa>\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Privacy\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin does not collect or store any user data. It does not set any cookies, and it does not connect to any third-party locations. Thus, this plugin does not affect user privacy in any way.\u003C\u002Fp>\n\u003Cp>Dashboard Widgets Suite is developed and maintained by \u003Ca href=\"https:\u002F\u002Fx.com\u002Fperishable\" rel=\"nofollow ugc\">Jeff Starr\u003C\u002Fa>, 15-year \u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002F\" rel=\"nofollow ugc\">WordPress developer\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fbooks.perishablepress.com\u002F\" rel=\"nofollow ugc\">book author\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Support development\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>I develop and maintain this free plugin with love for the WordPress community. To show support, you can \u003Ca href=\"https:\u002F\u002Fmonzillamedia.com\u002Fdonate.html\" rel=\"nofollow ugc\">make a donation\u003C\u002Fa> or purchase one of my books:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwp-tao.com\u002F\" rel=\"nofollow ugc\">The Tao of WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdigwp.com\u002F\" rel=\"nofollow ugc\">Digging into WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fhtaccessbook.com\u002F\" rel=\"nofollow ugc\">.htaccess made easy\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwp-tao.com\u002Fwordpress-themes-book\u002F\" rel=\"nofollow ugc\">WordPress Themes In Depth\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbooks.perishablepress.com\u002Fdownloads\u002Fwizards-collection-sql-recipes-wordpress\u002F\" rel=\"nofollow ugc\">Wizard’s SQL Recipes for WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>And\u002For purchase one of my premium WordPress plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fbbq-pro\u002F\" rel=\"nofollow ugc\">BBQ Pro\u003C\u002Fa> – Blazing fast WordPress firewall\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fblackhole-pro\u002F\" rel=\"nofollow ugc\">Blackhole Pro\u003C\u002Fa> – Automatically block bad bots\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fbanhammer-pro\u002F\" rel=\"nofollow ugc\">Banhammer Pro\u003C\u002Fa> – Monitor traffic and ban the bad guys\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fga-google-analytics-pro\u002F\" rel=\"nofollow ugc\">GA Google Analytics Pro\u003C\u002Fa> – Connect WordPress to Google Analytics\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fhead-meta-pro\u002F\" rel=\"nofollow ugc\">Head Meta Pro\u003C\u002Fa> – Ultimate Meta Tags for WordPress\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fsimple-ajax-chat-pro\u002F\" rel=\"nofollow ugc\">Simple Ajax Chat Pro\u003C\u002Fa> – Unlimited chat rooms\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fusp-pro\u002F\" rel=\"nofollow ugc\">USP Pro\u003C\u002Fa> – Unlimited front-end forms\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Links, tweets and likes also appreciated. Thank you! 🙂\u003C\u002Fp>\n","Adds 9 awesome widgets to your WP Dashboard. Includes User Notes, Social Buttons, System Info, Debug\u002FError Logs, and more!",4000,152523,98,36,"2026-01-28T20:06:00.000Z","6.9.4","4.7","5.6.20",[72,20,73,74,23],"dashboard","log","notes","https:\u002F\u002Fperishablepress.com\u002Fdashboard-widgets-suite\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdashboard-widgets-suite.3.5.zip",3,"2024-06-12 19:49:38",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":13,"downloaded":87,"rating":88,"num_ratings":89,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":51,"tags":93,"homepage":96,"download_link":97,"security_score":54,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"what-template-am-i-using","What Template Am I Using","0.2.0","webdeveric","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebdeveric\u002F","\u003Cp>This plugin is intended for theme developers to use. It shows the current template being used to render the page, current post type, and much more.\u003C\u002Fp>\n\u003Cp>The info is only displayed for users that have the edit_theme_options capability.\u003C\u002Fp>\n\u003Cp>Information displayed:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Current template\u003C\u002Fli>\n\u003Cli>General Information (post type, are you on the front page, etc.)\u003C\u002Fli>\n\u003Cli>Additional files used. For example, header.php or footer.php\u003C\u002Fli>\n\u003Cli>What sidebars are being used and what widgets are in them.\u003C\u002Fli>\n\u003Cli>List of enqueued scripts and styles.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>This plugin is intended for use by theme developers and it requires a standards compliant browser. This plugin will not work in IE8 or below.\u003C\u002Fstrong>\u003C\u002Fp>\n","This plugin is intended for theme developers to use. It shows the current template being used to render the page, current post type, and much more.",9190,96,13,"2015-12-08T05:17:00.000Z","4.4.0","3.1.0",[20,94,95,22],"server-information","template","http:\u002F\u002Fphplug.in\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwhat-template-am-i-using.0.2.0.zip",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":106,"downloaded":107,"rating":27,"num_ratings":27,"last_updated":108,"tested_up_to":109,"requires_at_least":110,"requires_php":51,"tags":111,"homepage":119,"download_link":120,"security_score":54,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"admins-debug-tool","Admin's Debug Tool","0.1","pantsonhead","https:\u002F\u002Fprofiles.wordpress.org\u002Fpantsonhead\u002F","\u003Cp>Admin’s Debug Tool allows administrators to analyze page execution without executing\u002Fdisplaying for non-admin users.\u003Cbr \u002F>\nThis can be useful when trying to track slow queries or badly performing plugins or widgets.\u003Cbr \u002F>\nThe admin-only nature of this plugin can also be useful when trying to track issues that only occur on production servers.\u003C\u002Fp>\n","Admin-only tool for checking execution times and error output of current theme\u002Fplugins",10,2766,"2015-08-08T02:00:00.000Z","4.2.39","3.0",[112,20,113,114,115,116,117,23,118],"admin","execution","hooks","monitor","queries","timer","wp_debug","http:\u002F\u002Fhttp:\u002F\u002Fmeasurablewins.blogspot.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmins-debug-tool.zip",{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":106,"downloaded":129,"rating":27,"num_ratings":27,"last_updated":130,"tested_up_to":51,"requires_at_least":51,"requires_php":51,"tags":131,"homepage":133,"download_link":134,"security_score":54,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"bbpress-monster-widget","bbPress Monster Widget","0.2","@mercime","https:\u002F\u002Fprofiles.wordpress.org\u002Fmercime\u002F","\u003Cp>Based on Monster Widget, this plugin consolidates all bbPress core widgets into a single widget enabling theme developers to create multiple instances with ease. It has been created to save time during theme development and review by minimizing the steps needed to populate a sidebar with widgets. This widget is not designed for use in production.\u003C\u002Fp>\n\u003Cp>bbPress widgets included:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Log in\u003C\u002Fli>\n\u003Cli>Forum Views\u003C\u002Fli>\n\u003Cli>Forum Search form\u003C\u002Fli>\n\u003Cli>Forums\u003C\u002Fli>\n\u003Cli>Forum Topics\u003C\u002Fli>\n\u003Cli>Forum Statistics\u003C\u002Fli>\n\u003Cli>Forum Replies\u003C\u002Fli>\n\u003C\u002Ful>\n","Provides a quick and easy method of adding all bbPress core widgets to a sidebar for testing purposes.",2461,"2016-07-31T08:42:00.000Z",[132,22,23],"bbpress","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fbbpress-monster\u002Fwidget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbbpress-monster-widget.zip",{"attackSurface":136,"codeSignals":170,"taintFlows":233,"riskAssessment":234,"analyzedAt":247},{"hooks":137,"ajaxHandlers":166,"restRoutes":167,"shortcodes":168,"cronEvents":169,"entryPointCount":27,"unprotectedCount":27},[138,144,149,154,159,163],{"type":139,"name":140,"callback":141,"priority":13,"file":142,"line":143},"action","plugins_loaded","init_plugin","block-widgets-monster.php",47,{"type":145,"name":146,"callback":147,"priority":106,"file":142,"line":148},"filter","plugin_row_meta","dashboard_links",69,{"type":139,"name":150,"callback":151,"priority":152,"file":142,"line":153},"admin_enqueue_scripts","enqueue_backend_assets",5,73,{"type":139,"name":155,"callback":156,"file":157,"line":158},"widgets_init","bwm_register_widget","class-bwm-widget.php",15,{"type":139,"name":160,"callback":161,"file":157,"line":162},"init","get_woo_product_category_id",57,{"type":139,"name":160,"callback":164,"file":157,"line":165},"get_woo_product_tag_id",58,[],[],[],[],{"dangerousFunctions":171,"sqlUsage":172,"outputEscaping":178,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":232},[],{"prepared":27,"raw":173,"locations":174},1,[175],{"file":157,"line":176,"context":177},455,"$wpdb->get_results() with variable interpolation",{"escaped":106,"rawEcho":179,"locations":180},31,[181,184,185,187,188,190,192,194,196,197,199,200,202,203,205,206,207,209,210,212,214,215,217,218,220,221,223,224,226,228,230],{"file":157,"line":182,"context":183},79,"raw output",{"file":157,"line":182,"context":183},{"file":157,"line":186,"context":183},80,{"file":157,"line":186,"context":183},{"file":157,"line":189,"context":183},82,{"file":157,"line":191,"context":183},84,{"file":157,"line":193,"context":183},86,{"file":157,"line":195,"context":183},91,{"file":157,"line":195,"context":183},{"file":157,"line":198,"context":183},92,{"file":157,"line":198,"context":183},{"file":157,"line":201,"context":183},93,{"file":157,"line":35,"context":183},{"file":157,"line":204,"context":183},95,{"file":157,"line":13,"context":183},{"file":157,"line":13,"context":183},{"file":157,"line":208,"context":183},101,{"file":157,"line":208,"context":183},{"file":157,"line":211,"context":183},102,{"file":157,"line":213,"context":183},106,{"file":157,"line":213,"context":183},{"file":157,"line":216,"context":183},107,{"file":157,"line":216,"context":183},{"file":157,"line":219,"context":183},110,{"file":157,"line":219,"context":183},{"file":157,"line":222,"context":183},111,{"file":157,"line":222,"context":183},{"file":157,"line":225,"context":183},112,{"file":157,"line":227,"context":183},144,{"file":157,"line":229,"context":183},145,{"file":157,"line":231,"context":183},146,[],[],{"summary":235,"deductions":236},"Based on the provided static analysis and vulnerability history, the 'block-widgets-monster' plugin v1.0.4 exhibits a generally good security posture with no identified critical vulnerabilities or known CVEs. The absence of an attack surface, dangerous functions, file operations, and external HTTP requests is highly commendable, indicating that the plugin is designed with security in mind. Taint analysis revealing no unsanitized paths further reinforces this positive outlook.\n\nHowever, there are a few areas for concern that prevent a perfect score. The most significant is the presence of a single SQL query that does not utilize prepared statements, posing a potential SQL injection risk if user input directly influences this query. Additionally, a concerningly low percentage of output escaping (24%) suggests that a substantial number of data outputs are not properly sanitized, creating opportunities for Cross-Site Scripting (XSS) vulnerabilities. The complete lack of nonce and capability checks, while not directly exploited due to the limited attack surface, represents a missed opportunity for robust access control and defense in depth.\n\nIn conclusion, while the plugin has a strong foundation with no known exploits and a minimal attack surface, the identified SQL query and significant unescaped output present tangible risks. Addressing these specific code-level weaknesses would greatly enhance the plugin's security. The absence of past vulnerabilities is a positive indicator, but it should not lead to complacency, especially given the unaddressed code quality issues.",[237,240,243,245],{"reason":238,"points":239},"SQL query not using prepared statements",7,{"reason":241,"points":242},"Low percentage of properly escaped output",6,{"reason":244,"points":152},"No nonce checks",{"reason":246,"points":152},"No capability checks","2026-03-16T22:09:28.805Z",{"wat":249,"direct":255},{"assetPaths":250,"generatorPatterns":252,"scriptPaths":253,"versionParams":254},[251],"\u002Fwp-content\u002Fplugins\u002Fblock-widgets-monster\u002Fassets\u002Fjs\u002Fbackend.min.js",[],[],[],{"cssClasses":256,"htmlComments":269,"htmlAttributes":270,"restEndpoints":271,"jsGlobals":272,"shortcodeOutput":273},[257,258,259,260,261,262,263,264,265,266,267,268],"widget_archive","widget_calendar","widget_categories","widget_pages","widget_meta","widget_nav_menu","widget_recent_comments","widget_recent_entries","widget_rss","widget_search","widget_text","widget_tag_cloud",[],[],[],[],[]]