[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fBEEhrbGrUmcTvLh-DeW4Y3jPqegbxxe3cHVCnhMpY48":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":23,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":35,"analysis":143,"fingerprints":202},"category-post-widget","Category Post Widget","1.1","Teja Amilineni","https:\u002F\u002Fprofiles.wordpress.org\u002Fbhargavteja\u002F","\u003Cp>Category Post widget displays posts from a specific category. Number of posts to be displayed can be customized.\u003C\u002Fp>\n","Category Post widget displays posts from a specific category. Number of posts to be displayed can be customized.",300,21701,60,2,"2014-03-03T07:30:00.000Z","3.7.41","2.0.2","",[20,21,22],"category","posts","widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcategory-post-widget.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":31,"avg_security_score":24,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"bhargavteja",310,30,84,"2026-04-04T16:26:57.764Z",[36,63,83,103,124],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":58,"download_link":59,"security_score":60,"vuln_count":61,"unpatched_count":25,"last_vuln_date":62,"fetched_at":27},"wp-categories-widget","WP Categories Widget","2.8.1","WP-EXPERTS.IN","https:\u002F\u002Fprofiles.wordpress.org\u002Findia-web-developer\u002F","\u003Cp>The “WP Categories Widget” is a simple plugin to display the list of categories for any taxonomies type (WooCommerce Product Category, Blog Category, Project Category…etc) on your wordpress website. Using WP Categries Widget you can display list of categories anywhere on your website. And also you can disable the widget block editor and enable the classic widget layut to edit the sidebar.\u003C\u002Fp>\n\u003Cp>Note : please don’t forget to leave your valuable feedback and suggestions.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Send your query to \u003Ca href=\"mailto:info@wp-experts.in\" rel=\"nofollow ugc\">AUTHOR\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Video Tutorial :\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FpbsnErpu_8U?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>`Features`\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Disable Widget Block Editor \u003C\u002Fli>\n\u003Cli>Display Categories Post Count \u003C\u002Fli>\n\u003Cli>Hide Child Categories\u003C\u002Fli>\n\u003Cli>Hide Widget Title\u003C\u002Fli>\n\u003Cli>Show Categories for Any Taxonomies Type\u003C\u002Fli>\n\u003Cli>Exclude\u002FInclude Categories\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Addon Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Display Category as Drop Down\u003C\u002Fli>\n\u003Cli>Display Category Posts\u003C\u002Fli>\n\u003Cli>Manage WP Widget Style (Background Color, Text Color, Border Style & Color)\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Add Custom CSS for every Widget\u003C\u002Fp>\n\u003Ch3>\u003Ca href=\"https:\u002F\u002Fwww.wp-experts.in\u002Fproducts\u002Fwp-categories-widget-addon\u002F?utm_source=wordpress.org&utm_medium=free-plugin&utm_campaign=wcw-paid\" rel=\"nofollow ugc\">Downalod Add-on\u003C\u002Fa>.\u003C\u002Fh3>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Display the list of categories for any taxonomies type (WooCommerce Product Category, Blog Category, Project Category...etc) in sidebar",7000,116450,90,27,"2026-02-16T14:20:00.000Z","6.9.4","6.0","8.0",[53,54,55,56,57],"category-widget","custom-widget","posts-widget","product-categories-widget","taxonomy-widget","https:\u002F\u002Fwww.wp-experts.in\u002Fproducts\u002Fwp-categories-widget-addon\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-categories-widget.zip",100,1,"2023-08-10 00:00:00",{"slug":64,"name":65,"version":66,"author":67,"author_profile":68,"description":69,"short_description":70,"active_installs":71,"downloaded":72,"rating":73,"num_ratings":74,"last_updated":75,"tested_up_to":76,"requires_at_least":77,"requires_php":18,"tags":78,"homepage":81,"download_link":82,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"latest-posts","Latest Posts","1.4.4","ShapedPlugin LLC","https:\u002F\u002Fprofiles.wordpress.org\u002Fshapedplugin\u002F","\u003Cp>Latest Posts is a very powerful widget plugin for WordPress which displays your most recent or latest posts, category based with thumbnails, date. This is perfect for simple blogs & online magazines. Widgets come with highly-customizable control panels. Easy to use and support multi-widget even in the same sidebar.\u003C\u002Fp>\n\u003Ch3>Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>100% Responsive & Mobile Ready\u003C\u002Fli>\n\u003Cli>Super Easy Installation\u003C\u002Fli>\n\u003Cli>Minimalist & Lightweight\u003C\u002Fli>\n\u003Cli>Easily Customizable\u003C\u002Fli>\n\u003Cli>All Major Browsers Supported\u003C\u002Fli>\n\u003Cli>Coded with Pure HTML & CSS\u003C\u002Fli>\n\u003C\u002Ful>\n","Latest posts widget to display recent posts from category.",5000,85359,92,7,"2024-01-25T13:33:00.000Z","6.4.8","4.0",[79,64,80,55,22],"category-posts","latest-posts-widget","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flatest-posts\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flatest-posts.zip",{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":91,"downloaded":92,"rating":93,"num_ratings":94,"last_updated":95,"tested_up_to":96,"requires_at_least":97,"requires_php":18,"tags":98,"homepage":18,"download_link":102,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"recent-posts-by-category-widget","Recent Posts by Category Widget","1.3","Ross Cornell","https:\u002F\u002Fprofiles.wordpress.org\u002Frossc\u002F","\u003Cp>This plugin adds a simple widget that allows you to display a number of recent blog posts from a specific category. You have the options to choose a title, category, number of posts and whether or not to show the post date. The posts will be ordered by date just like the default Recent Posts widget included with WordPress.\u003C\u002Fp>\n","Just like the default Recent Posts widget except you can choose a category to pull posts from.",4000,33251,94,12,"2017-11-28T16:45:00.000Z","4.2.39","3.0.1",[99,20,100,101,22],"categories","recent-posts","sidebar","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frecent-posts-by-category-widget.zip",{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":111,"downloaded":112,"rating":113,"num_ratings":114,"last_updated":115,"tested_up_to":116,"requires_at_least":117,"requires_php":18,"tags":118,"homepage":122,"download_link":123,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"tw-recent-posts-widget","TW Recent Posts Widget","1.0.5","tweetysha","https:\u002F\u002Fprofiles.wordpress.org\u002Ftweetysha\u002F","\u003Cp>TW Recent Posts Widget is advanced version of the WordPress Recent Posts widget allowing increased customization to display recent posts from category you define.\u003C\u002Fp>\n\u003Cp>Output will depend on your settings, and you may define to set post title, post date, featured image and post excerpt.\u003C\u002Fp>\n\u003Cp>If you set to display featured image, than you will be able to define image width and height in px.\u003C\u002Fp>\n\u003Cp>If you set to display excerpt, than you will be able to define how many characters to print and also you may add custom \u003Ccode>read more\u003C\u002Fcode> text.\u003C\u002Fp>\n","A simple and flexible widget for WordPress which will show recent posts from selected category allowing increased customization to display recent post &hellip;",1000,69153,88,15,"2017-11-28T16:18:00.000Z","4.4.34","3.0",[119,120,20,100,121],"advanced-recent-posts","advanced-recent-posts-widget","recent-posts-widget","http:\u002F\u002Fvuckovic.biz\u002Fwordpress-plugins\u002Ftw-recent-posts-widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftw-recent-posts-widget.zip",{"slug":125,"name":126,"version":127,"author":67,"author_profile":68,"description":128,"short_description":129,"active_installs":111,"downloaded":130,"rating":131,"num_ratings":132,"last_updated":133,"tested_up_to":134,"requires_at_least":135,"requires_php":18,"tags":136,"homepage":139,"download_link":140,"security_score":141,"vuln_count":61,"unpatched_count":25,"last_vuln_date":142,"fetched_at":27},"widget-post-slider","Widget Post Slider","1.3.6","\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F5uf55sLb4V0?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>If you want to add a widget to show posts images with caption in a carousel\u002Fslider Widget Post Slider is for you. This plugin brings all the post images with the title from blog posts. You can show limited slider too. It It’s light weight and simple install activate plugin. It’s user option is so simple to use. It loads very fast. It’s fully responsive that adapts to any device like tablet and mobile. You don’t need to add any extra jQuery or css, just install and active\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Plugin Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Slider on Widget\u003C\u002Fli>\n\u003Cli>Unlimited post slider\u003C\u002Fli>\n\u003Cli>Limiting slider with option\u003C\u002Fli>\n\u003Cli>Fully Responsive\u003C\u002Fli>\n\u003C\u002Ful>\n","Widget Post Slider to display posts image in a slider from category.",62292,86,6,"2024-04-10T12:07:00.000Z","6.5.8","4.3",[137,138,55,22,125],"category-posts-slider","latest-posts-widget-slider","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwidget-post-slider\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-post-slider.zip",91,"2024-04-22 00:00:00",{"attackSurface":144,"codeSignals":156,"taintFlows":189,"riskAssessment":190,"analyzedAt":201},{"hooks":145,"ajaxHandlers":152,"restRoutes":153,"shortcodes":154,"cronEvents":155,"entryPointCount":25,"unprotectedCount":25},[146],{"type":147,"name":148,"callback":149,"file":150,"line":151},"action","widgets_init","anonymous","category-post.php",102,[],[],[],[],{"dangerousFunctions":157,"sqlUsage":161,"outputEscaping":163,"fileOperations":25,"externalRequests":25,"nonceChecks":25,"capabilityChecks":25,"bundledLibraries":188},[158],{"fn":159,"file":150,"line":151,"context":160},"create_function","add_action('widgets_init', create_function('', 'return register_widget(\"category_posts_widget\");'));",{"prepared":25,"raw":25,"locations":162},[],{"escaped":25,"rawEcho":164,"locations":165},16,[166,169,171,173,174,175,176,177,178,179,181,182,183,184,186,187],{"file":150,"line":167,"context":168},36,"raw output",{"file":150,"line":170,"context":168},40,{"file":150,"line":172,"context":168},52,{"file":150,"line":13,"context":168},{"file":150,"line":33,"context":168},{"file":150,"line":24,"context":168},{"file":150,"line":24,"context":168},{"file":150,"line":24,"context":168},{"file":150,"line":113,"context":168},{"file":150,"line":180,"context":168},89,{"file":150,"line":180,"context":168},{"file":150,"line":180,"context":168},{"file":150,"line":73,"context":168},{"file":150,"line":185,"context":168},93,{"file":150,"line":185,"context":168},{"file":150,"line":185,"context":168},[],[],{"summary":191,"deductions":192},"The security posture of the 'category-post-widget' plugin version 1.1 presents a mixed bag of good practices alongside significant concerns. On the positive side, the plugin demonstrates a complete absence of direct attack surface vectors like AJAX handlers, REST API routes, shortcodes, and cron events that are not properly authenticated. Furthermore, all SQL queries are executed using prepared statements, which is a crucial security measure against SQL injection.  The vulnerability history is also clean, with no recorded CVEs, indicating a lack of publicly known exploits.\n\nHowever, several critical code quality issues are present that introduce considerable risk. The use of `create_function` is a major red flag, as it can lead to arbitrary code execution vulnerabilities if not handled with extreme care, which is often not the case.  More concerning is the complete lack of output escaping for all identified output points. This means any data displayed by the widget, if it can be influenced by user input (even indirectly through categories or post titles), is susceptible to Cross-Site Scripting (XSS) attacks. The absence of nonce and capability checks also contributes to the risk, as it implies that actions within the plugin might not be properly authorized or verified.\n\nIn conclusion, while the plugin avoids common entry points and secures its database interactions, the identified code signals point to significant vulnerabilities, primarily in the form of potential XSS due to unescaped output and a high-risk function (`create_function`). The lack of fundamental security checks like nonces and capability checks further weakens its security.  Despite no historical vulnerabilities, these code-level weaknesses create substantial risk that should be addressed.",[193,195,197,199],{"reason":194,"points":114},"Dangerous function create_function found",{"reason":196,"points":164},"100% of output not properly escaped",{"reason":198,"points":74},"0 Nonce checks found",{"reason":200,"points":74},"0 Capability checks found","2026-03-16T19:56:54.767Z",{"wat":203,"direct":208},{"assetPaths":204,"generatorPatterns":205,"scriptPaths":206,"versionParams":207},[],[],[],[],{"cssClasses":209,"htmlComments":211,"htmlAttributes":212,"restEndpoints":215,"jsGlobals":216,"shortcodeOutput":217},[210],"category_posts_widget",[],[213,214],"id=\"category_posts_widget\"","name=\"category_posts_widget\"",[],[],[218],"\u003Cul>\n\t\u003Cli>\n        \t\t\u003Ca href=\""]