[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fQqMv8W7lb-ZU_zfY3k75YCeHupkB9AgFVD8yr_BkSoY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":33,"analysis":124,"fingerprints":192},"cumulonimbus","Cumulonimbus","0.20","beeender","https:\u002F\u002Fprofiles.wordpress.org\u002Fbeeender\u002F","\u003Cp>This is a similar plugin with WP-Cumulus (https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwp-cumulus\u002F) but implemented with HTML5.\u003C\u002Fp>\n\u003Cp>This plugin requires the modern browsers which support HTML5.\u003C\u002Fp>\n","Cumulonimbus allows you to display your site's tags on the surface of a rotating sphere.",20,3015,0,"2013-06-02T07:13:00.000Z","3.5.2","2.3","",[19,20,21],"sidebar","tags","widget","https:\u002F\u002Fgithub.com\u002Fbeeender\u002Fcumulonimbus","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcumulonimbus.0.20.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":11,"avg_security_score":24,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},1,30,84,"2026-04-05T02:07:50.136Z",[34,58,79,92,112],{"slug":35,"name":36,"version":37,"author":38,"author_profile":39,"description":40,"short_description":41,"active_installs":42,"downloaded":43,"rating":44,"num_ratings":45,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":49,"tags":50,"homepage":17,"download_link":54,"security_score":55,"vuln_count":56,"unpatched_count":13,"last_vuln_date":57,"fetched_at":26},"widget-logic","Widget Logic","6.0.9","Widgetlogic.org","https:\u002F\u002Fprofiles.wordpress.org\u002Fwidgetlogics\u002F","\u003Cp>This plugin gives every widget an extra control field called “Widget logic” that lets you control the pages that the widget will appear on. The text field lets you use WP’s \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FConditional_Tags\" rel=\"nofollow ugc\">Conditional Tags\u003C\u002Fa>, or any general PHP code.\u003C\u002Fp>\n\u003Cp>The configuring and options are in the usual widget admin interface.\u003C\u002Fp>\n\u003Cp>BIG UPDATE:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Now you can control widget in Gutenberg Widgets editor as well as in Classic Editor. It is just as easy as before but also in gutenberg view.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Pre-installed widgets let you add special widget with one click of the mouse. First pre-installed widget is Live Match that let you add widget of one random live football game with real time score updates (teams logos, livescore, minute of the match, tournament name). And more interesting widgets to come!\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>NOTE ON DEFAULT FUNCTIONS:\u003C\u002Fstrong> Widget Logic includes a whitelist of common WordPress conditional tags and safe functions. If you need additional WordPress functions that are not currently whitelisted, please create a topic in our \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwidget-logic\u002F\" rel=\"ugc\">support forum\u003C\u002Fa> to request them. We regularly add commonly requested functions in new releases.\u003C\u002Fp>\n\u003Ch4>Configuration\u003C\u002Fh4>\n\u003Cp>Aside from logic against your widgets, there are three options added to the foot of the widget admin page (see screenshots).\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Use ‘wp_reset_query’ fix — Many features of WP, as well as the many themes and plugins out there, can mess with the conditional tags, such that is_home is NOT true on the home page. This can often be fixed with a quick wp_reset_query() statement just before the widgets are called, and this option puts that in for you rather than having to resort to code editing\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Load logic — This option allows you to set the point in the page load at which your widget logic if first checked. Pre v.50 it was when the ‘wp_head’ trigger happened, ie during the creation of the HTML’s HEAD block. Many themes didn’t call wp_head, which was a problem. From v.50 it happens, by default, as early as possible, which is as soon as the plugin loads. You can now specify these ‘late load’ points (in chronological order):\u003C\u002Fp>\n\u003Cul>\n\u003Cli>after the theme loads (after_setup_theme trigger)\u003C\u002Fli>\n\u003Cli>when all PHP loaded (wp_loaded trigger)\u003C\u002Fli>\n\u003Cli>after query variables set (parse_query) – this is the default\u003C\u002Fli>\n\u003Cli>during page header (wp_head trigger)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You may need to delay the load if your logic depends on functions defined, eg in the theme functions.php file. Conversely you may want the load early so that the widget count is calculated correctly, eg to show an alternative layour or content when a sidebar has no widgets.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Don’t cache widget logic results — From v .58 the widget logic code should only execute once, but that might cause unexpected results with some themes, so this option is here to turn that behaviour off. (The truth\u002Ffalse of the code will be evaluated every time the sidebars_widgets filter is called.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Custom PHP Functions — From v.6.0.6 you can use the \u003Ccode>widget_logic_allowed_functions\u003C\u002Fcode> filter to add custom PHP functions that will be allowed in Widget Logic fields. By default, only WordPress conditional tags and a whitelist of safe functions are available. This filter allows you to extend the functionality and use your own custom functions.\u003C\u002Fp>\n\u003Cp>To add a custom function, add the following code to your theme’s \u003Ccode>functions.php\u003C\u002Fcode> file:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>`add_filter('widget_logic_allowed_functions', 'my_allowed_functions');\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>function my_allowed_functions($functions) {\u003Cbr \u002F>\n    $functions[] = ‘\u003Cem>my_custom_function_name\u003C\u002Fem>‘;\u003Cbr \u002F>\n    return $functions;\u003Cbr \u002F>\n}`\u003C\u002Fp>\n\u003Cp>You can add multiple functions by using one wrapper function:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>`add_filter('widget_logic_allowed_functions', 'my_allowed_functions');\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>function my_allowed_functions($functions) {\u003Cbr \u002F>\n    $functions[] = ‘is_special_page’;\u003Cbr \u002F>\n    $functions[] = ‘is_user_verified’;\u003Cbr \u002F>\n    $functions[] = ‘get_sidebar_title’;\u003Cbr \u002F>\n    return $functions;\u003Cbr \u002F>\n}`\u003C\u002Fp>\n\u003Cp>\u003Cstrong>IMPORTANT NOTE ON VARIABLES:\u003C\u002Fstrong> Widget Logic is designed to work with simple data types (strings, numbers, booleans). If you need to use complex variables, global state, or conditional logic that depends on many factors, create a custom function in your theme’s \u003Ccode>functions.php\u003C\u002Fcode> file and call it from Widget Logic:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Good approach (in functions.php):\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>`function is_special_page() {\nglobal $post;\n$special_ids = array(5, 10, 15);\n$conditions = some_complex_function();\n\nreturn is_page() && in_array($post->ID, $special_ids) && $conditions;\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>}`\u003C\u002Fp>\n\u003Cp>Then in Widget Logic field, simply use: \u003Ccode>is_special_page()\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Less ideal approach (in Widget Logic field):\u003C\u002Fstrong>\u003Cbr \u002F>\nAvoid putting complex logic directly in the Widget Logic field. Keep it simple and let your custom function handle the complexity. This keeps your widget settings clean and maintainable.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Interaction with External Services\u003C\u002Fh4>\n\u003Cp>Widget Logic uses the external service to obtain up-to-date information about the results of football matches. \u003Ca href=\"https:\u002F\u002Fwidgetlogic.org\" rel=\"nofollow ugc\">widgetlogic.org\u003C\u002Fa> is a source of sports information, that provides a wide range of information about football, including various leagues, tournaments, and championships from around the world.\u003C\u002Fp>\n\u003Cp>The functioning of the \u003Ca href=\"https:\u002F\u002Fwidgetlogic.org\" rel=\"nofollow ugc\">widgetlogic.org\u003C\u002Fa> service is based on delivering real-time data about selected matches without the need to refresh the page. This means that data is automatically updated without requiring page reload. This approach ensures users quick and uninterrupted access to the latest sports data without the effort of manually updating information, allowing them to stay informed about ongoing events in real-time.\u003C\u002Fp>\n\u003Ch3>Writing Logic Code\u003C\u002Fh3>\n\u003Cp>The text in the ‘Widget logic’ field can be full PHP code and should return ‘true’ when you need the widget to appear. If there is no ‘return’ in the text, an implicit ‘return’ is added to the start and a ‘;’ is added on the end. (This is just to make single statements like is_home() more convenient.)\u003C\u002Fp>\n\u003Ch4>The Basics\u003C\u002Fh4>\n\u003Cp>Make good use of \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FConditional_Tags\" rel=\"nofollow ugc\">WP’s own conditional tags\u003C\u002Fa>. You can vary and combine code using:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>!\u003C\u002Fcode> (NOT) to \u003Cstrong>reverse\u003C\u002Fstrong> the logic, eg \u003Ccode>!is_home()\u003C\u002Fcode> is TRUE when this is NOT the home page.\u003C\u002Fli>\n\u003Cli>\u003Ccode>||\u003C\u002Fcode> (OR) to \u003Cstrong>combine\u003C\u002Fstrong> conditions. \u003Ccode>X OR Y\u003C\u002Fcode> is TRUE when either X is true or Y is true.\u003C\u002Fli>\n\u003Cli>\u003Ccode>&&\u003C\u002Fcode> (AND) to make conditions \u003Cstrong>more specific\u003C\u002Fstrong>. \u003Ccode>X AND Y\u003C\u002Fcode> is TRUE when both X is true and Y is true.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>There are lots of great code examples on the WP forums, and on WP sites across the net. But the WP Codex is also full of good examples to adapt, such as \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FTemplate_Tags\u002Fin_category#Testing_if_a_post_is_in_a_descendant_category\" rel=\"nofollow ugc\">Test if post is in a descendent category\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Examples\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ccode>is_home()\u003C\u002Fcode> — just the main blog page\u003C\u002Fli>\n\u003Cli>\u003Ccode>!is_page('about')\u003C\u002Fcode> — everywhere EXCEPT this specific WP ‘page’\u003C\u002Fli>\n\u003Cli>\u003Ccode>!is_user_logged_in()\u003C\u002Fcode> — shown when a user is not logged in\u003C\u002Fli>\n\u003Cli>\u003Ccode>is_category(array(5,9,10,11))\u003C\u002Fcode> — category page of one of the given category IDs\u003C\u002Fli>\n\u003Cli>\u003Ccode>is_single() && in_category('baked-goods')\u003C\u002Fcode> — single post that’s in the category with this slug\u003C\u002Fli>\n\u003Cli>\u003Ccode>current_user_can('level_10')\u003C\u002Fcode> — admin only widget\u003C\u002Fli>\n\u003Cli>\u003Ccode>strpos($_SERVER['HTTP_REFERER'], \"google.com\")!=false\u003C\u002Fcode> — widget to show when clicked through from a google search\u003C\u002Fli>\n\u003Cli>\u003Ccode>is_category() && custom_function_to_check_the_category()\u003C\u002Fcode> — category page that’s a descendent of category 5\u003C\u002Fli>\n\u003Cli>\u003Ccode>custom_function_from_functions_php_to_check_the_page()\u003C\u002Fcode> — WP page that is a child of page 77\u003C\u002Fli>\n\u003Cli>\u003Ccode>custom_function_from_functions_php_to_check_the_page_child_of(13)\u003C\u002Fcode> — home page OR the page that’s a child of page 13\u003C\u002Fli>\n\u003C\u002Ful>\n","Widget Logic lets you control on which pages widgets appear using WP's conditional tags.",100000,3242040,88,188,"2026-01-15T09:43:00.000Z","6.9.4","3.0","5.4",[51,52,53,19,21],"blocks","conditional-tags","gutenberg-widgets","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-logic.6.0.9.zip",95,2,"2025-06-09 00:00:00",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":68,"num_ratings":69,"last_updated":70,"tested_up_to":47,"requires_at_least":71,"requires_php":72,"tags":73,"homepage":76,"download_link":77,"security_score":78,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"tag-dropdown-widget","Taxonomy Dropdown Widget","2.3.3","Erick Hitter","https:\u002F\u002Fprofiles.wordpress.org\u002Fethitter\u002F","\u003Cp>Creates dropdown lists of non-hierarchical taxonomies (such as \u003Ccode>post tags\u003C\u002Fcode>) as an alternative to term (tag) clouds. Multiple widgets can be used, each with its own set of options.\u003C\u002Fp>\n\u003Cp>Numerous formatting options are provided, including maximum numbers of terms, term order, truncating of term names, and more.\u003C\u002Fp>\n\u003Cp>Using the \u003Ccode>taxonomy_dropdown_widget()\u003C\u002Fcode> function, users can generate dropdowns for use outside of the included widget.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Only use version 2.2 or higher with WordPress 4.2 and later releases.\u003C\u002Fstrong> WordPress 4.2 changed how taxonomy information is stored in the database, which directly impacts this plugin’s include\u002Fexclude term functionality.\u003C\u002Fp>\n\u003Cp>This plugin was formerly known as the \u003Ccode>Tag Dropdown Widget\u003C\u002Fcode>. It was completely rewritten for version 2.0.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Follow and contribute to development on GitHub at https:\u002F\u002Fgithub.com\u002Fethitter\u002FTaxonomy-Dropdown-Widget.\u003C\u002Fstrong>\u003C\u002Fp>\n","Creates a dropdown list of non-hierarchical taxonomies as an alternative to the term (tag) cloud. Formerly known as Tag Dropdown Widget.",2000,58652,94,9,"2026-01-19T21:37:00.000Z","2.8","5.6",[19,74,20,75,21],"tag","taxonomy","https:\u002F\u002Fethitter.com\u002Fplugins\u002Ftaxonomy-dropdown-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftag-dropdown-widget.2.3.3.zip",100,{"slug":80,"name":81,"version":82,"author":62,"author_profile":63,"description":83,"short_description":84,"active_installs":66,"downloaded":85,"rating":86,"num_ratings":87,"last_updated":88,"tested_up_to":47,"requires_at_least":71,"requires_php":17,"tags":89,"homepage":90,"download_link":91,"security_score":78,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"tag-list-widget","Taxonomy List Widget","1.3.2","\u003Cp>Creates lists of non-hierarchical taxonomies (such as \u003Ccode>post tags\u003C\u002Fcode>) as an alternative to term (tag) clouds. Multiple widgets can be used, each with its own set of options.\u003C\u002Fp>\n\u003Cp>Numerous formatting options are provided, including maximum numbers of terms, term order, truncating of term names, and more. List styles are fully customizable, with built-in support for bulleted lists and numbered lists.\u003C\u002Fp>\n\u003Cp>Using the \u003Ccode>taxonomy_list_widget\u003C\u002Fcode> function, users can generate lists for use outside of the included widget.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Only use version 1.2 or higher with WordPress 4.2 and later releases.\u003C\u002Fstrong> WordPress 4.2 changed how taxonomy information is stored in the database, which directly impacts this plugin’s include\u002Fexclude term functionality.\u003C\u002Fp>\n\u003Cp>This plugin was formerly known as the \u003Ccode>Tag List Widget\u003C\u002Fcode>. It was completely rewritten for version 1.0.\u003C\u002Fp>\n","Creates a list (bulleted, number, or custom) of non-hierarchical taxonomies as an alternative to the term (tag) cloud. Formerly known as Tag List Widg &hellip;",57691,86,12,"2026-01-19T21:46:00.000Z",[19,74,20,75,21],"https:\u002F\u002Fethitter.com\u002Fplugins\u002Ftaxonomy-list-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftag-list-widget.1.3.2.zip",{"slug":93,"name":94,"version":95,"author":96,"author_profile":97,"description":98,"short_description":99,"active_installs":100,"downloaded":101,"rating":102,"num_ratings":103,"last_updated":104,"tested_up_to":105,"requires_at_least":106,"requires_php":17,"tags":107,"homepage":110,"download_link":111,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"categorized-tag-cloud","Categorized Tag Cloud","1.2.25","whiletrue","https:\u002F\u002Fprofiles.wordpress.org\u002Fwhiletrue\u002F","\u003Cp>“Categorized Tag Cloud” is a free plugin for WordPress, developed by the Whiletrue.it staff to generate a cloud with the website’s most used tags, in a sidebar widget.\u003C\u002Fp>\n\u003Cp>The words inside the cloud are filtered by category, so you can better match your content by removing the unnecessary tag ids.\u003C\u002Fp>\n\u003Ch4>Options\u003C\u002Fh4>\n\u003Cp>The following options are customizable:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>category filters\u003C\u002Fli>\n\u003Cli>number of tags shown\u003C\u002Fli>\n\u003Cli>tag colors (fixed or random)\u003C\u002Fli>\n\u003Cli>tag hover color\u003C\u002Fli>\n\u003Cli>smallest and biggest font size\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Reference\u003C\u002Fh4>\n\u003Cp>For more informations:  \u003Ca href=\"https:\u002F\u002Fwww.whiletrue.it\u002Fcategorized-tag-cloud-widget-wordpress\u002F\" title=\"www.whiletrue.it\" rel=\"nofollow ugc\">www.whiletrue.it\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Do you like this plugin? Give a chance to our other works:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.whiletrue.it\u002Fit\u002Freally-simple-share-wordpress-plugin\u002F\" title=\"Good Old Share\" rel=\"nofollow ugc\">Good Old Share\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.whiletrue.it\u002Fmost-and-least-read-posts-widget-for-wordpress\u002F\" title=\"Most and Least Read Posts\" rel=\"nofollow ugc\">Most and Least Read Posts\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.whiletrue.it\u002Freading-time-for-wordpress\u002F\" title=\"Reading Time\" rel=\"nofollow ugc\">Reading Time\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Translators\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Serbian translation by Ogi Djuraskovic ( firstsiteguide.com )\u003C\u002Fli>\n\u003C\u002Ful>\n","A cloud with the most used tags in a sidebar widget, filtered by post category.",1000,58749,76,10,"2024-03-22T09:45:00.000Z","6.5.8","2.9",[108,19,109,20,21],"categories","tag-sidebar","https:\u002F\u002Fwww.whiletrue.it\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcategorized-tag-cloud.1.2.25.zip",{"slug":113,"name":114,"version":115,"author":96,"author_profile":97,"description":116,"short_description":117,"active_installs":78,"downloaded":118,"rating":86,"num_ratings":119,"last_updated":120,"tested_up_to":105,"requires_at_least":106,"requires_php":121,"tags":122,"homepage":110,"download_link":123,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"tilted-tag-cloud-widget","Tilted Tag Cloud Widget","1.3.19","\u003Cp>“Tilted Tag Cloud Widget” is a free plugin for WordPress, developed by the Whiletrue.it staff to generate a cloud with the website’s most used tags.\u003C\u002Fp>\n\u003Cp>The words inside the cloud are overlapping and tilted, creating a cluster.\u003C\u002Fp>\n\u003Ch4>Options\u003C\u002Fh4>\n\u003Cp>The following options are customizable:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>number of tags shown\u003C\u002Fli>\n\u003Cli>link to tag page\u003C\u002Fli>\n\u003Cli>tag color (random if none inserted)\u003C\u002Fli>\n\u003Cli>smallest and biggest font size\u003C\u002Fli>\n\u003Cli>horizontal and vertical spread\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin displays the most used tags in a sidebar widget.\u003C\u002Fp>\n\u003Ch4>Reference\u003C\u002Fh4>\n\u003Cp>For more info on this plugin:  \u003Ca href=\"https:\u002F\u002Fwww.whiletrue.it\u002Ftilted-tag-cloud-widget-per-wordpress\u002F\" title=\"www.whiletrue.it\" rel=\"nofollow ugc\">www.whiletrue.it\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Do you like this plugin? Give a chance to our other works:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.whiletrue.it\u002Freally-simple-share-wordpress-plugin\u002F\" title=\"Really Simple Share\" rel=\"nofollow ugc\">Really Simple Share\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.whiletrue.it\u002Freally-simple-twitter-feed-widget-for-wordpress\u002F\" title=\"Really Simple Twitter Feed Widget\" rel=\"nofollow ugc\">Really Simple Twitter Feed Widget\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.whiletrue.it\u002Fmost-and-least-read-posts-widget-for-wordpress\u002F\" title=\"Most and Least Read Posts\" rel=\"nofollow ugc\">Most and Least Read Posts\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.whiletrue.it\u002Freading-time-for-wordpress\u002F\" title=\"Reading Time\" rel=\"nofollow ugc\">Reading Time\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Shows a tilted cloud with the most used tags in a sidebar widget.",25972,3,"2024-03-21T15:49:00.000Z","7.0",[19,74,109,20,21],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftilted-tag-cloud-widget.1.3.19.zip",{"attackSurface":125,"codeSignals":137,"taintFlows":184,"riskAssessment":185,"analyzedAt":191},{"hooks":126,"ajaxHandlers":133,"restRoutes":134,"shortcodes":135,"cronEvents":136,"entryPointCount":13,"unprotectedCount":13},[127],{"type":128,"name":129,"callback":130,"file":131,"line":132},"action","widgets_init","init_cumulonimbus_widget","cumulonimbus.php",192,[],[],[],[],{"dangerousFunctions":138,"sqlUsage":139,"outputEscaping":141,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":183},[],{"prepared":13,"raw":13,"locations":140},[],{"escaped":56,"rawEcho":142,"locations":143},19,[144,147,149,151,153,155,157,159,161,163,165,167,169,171,173,175,177,179,181],{"file":131,"line":145,"context":146},127,"raw output",{"file":131,"line":148,"context":146},128,{"file":131,"line":150,"context":146},129,{"file":131,"line":152,"context":146},130,{"file":131,"line":154,"context":146},131,{"file":131,"line":156,"context":146},132,{"file":131,"line":158,"context":146},133,{"file":131,"line":160,"context":146},134,{"file":131,"line":162,"context":146},151,{"file":131,"line":164,"context":146},152,{"file":131,"line":166,"context":146},153,{"file":131,"line":168,"context":146},156,{"file":131,"line":170,"context":146},161,{"file":131,"line":172,"context":146},166,{"file":131,"line":174,"context":146},174,{"file":131,"line":176,"context":146},175,{"file":131,"line":178,"context":146},176,{"file":131,"line":180,"context":146},177,{"file":131,"line":182,"context":146},182,[],[],{"summary":186,"deductions":187},"The static analysis of Cumulonimbus v0.20 reveals a seemingly robust security posture with no identified attack surface, dangerous functions, or file operations. The plugin exclusively uses prepared statements for its SQL queries, which is a strong indicator of good practice in preventing SQL injection vulnerabilities. However, the analysis flags a significant concern regarding output escaping, with only 10% of the 21 identified outputs being properly escaped. This indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities, as user-supplied data might be directly reflected in the output without adequate sanitization.\n\nThe lack of any recorded vulnerability history, including CVEs, is a positive sign, suggesting the plugin has not been a target for known exploits or has a history of secure development. Coupled with the absence of external HTTP requests and bundled libraries, this further contributes to a generally low-risk profile. Nonetheless, the low percentage of properly escaped output remains a critical weakness that could be easily exploited by attackers. The absence of nonce checks and capability checks on the identified entry points (even though zero) could become a risk if the attack surface expands in future versions without proper security considerations.\n\nIn conclusion, Cumulonimbus v0.20 exhibits strengths in its handling of SQL queries and lack of external dependencies or known vulnerabilities. However, the severe deficiency in output escaping presents a substantial risk of XSS attacks. Future development should prioritize addressing this output escaping issue to solidify the plugin's security. The current version, despite its lack of known vulnerabilities, carries a demonstrable risk due to potential XSS flaws.",[188],{"reason":189,"points":190},"Low percentage of properly escaped output",8,"2026-03-16T23:07:23.852Z",{"wat":193,"direct":200},{"assetPaths":194,"generatorPatterns":197,"scriptPaths":198,"versionParams":199},[195,196],"\u002Fwp-content\u002Fplugins\u002Fcumulonimbus\u002Ftagboard.js","\u002Fwp-content\u002Fplugins\u002Fcumulonimbus\u002Fsphereboard.js",[],[195,196],[],{"cssClasses":201,"htmlComments":202,"htmlAttributes":203,"restEndpoints":205,"jsGlobals":206,"shortcodeOutput":211},[],[],[204],"id='cumulonimbusCanvas'",[],[207,208,209,210],"addTag","Options","createTagBoard","start",[212,213],"\u003Cdiv id='tagcloud' style='display:none'>","\u003Ccanvas id='cumulonimbusCanvas'"]