Does Desire Page Widget have any unpatched vulnerabilities?

No. All known vulnerabilities in Desire Page Widget have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Desire Page Widget compatible with WordPress 4.7.32?

According to WordPress.org data, Desire Page Widget 1.0.1.2 has been tested up to WordPress 4.7.32. Check the plugin's changelog for the latest compatibility information.

How often is Desire Page Widget updated?

Desire Page Widget was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Desire Page Widget's security score?

Desire Page Widget has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Desire Page Widget Security & Risk Analysis

wordpress.org/plugins/desire-page-widget

This plugin allows adding a single a widget zone in your contents via shortcode.

10 active installs v1.0.1.2 PHP + WP 3.5+ Updated Unknown

layoutone-pagepagesingle-pagewidget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Desire Page Widget Safe to Use in 2026?

Generally Safe

Score 100/100

Desire Page Widget has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The desire-page-widget plugin version 1.0.1.2 exhibits a mixed security posture. On the positive side, it demonstrates good practices in handling database interactions by exclusively using prepared statements and does not engage in file operations or external HTTP requests. Furthermore, its vulnerability history is clean, with no recorded CVEs, suggesting a generally stable and well-maintained codebase or a lack of previous security scrutiny.

However, significant concerns arise from the static code analysis. The presence of the `create_function` function is a critical security risk, as it can be exploited for arbitrary code execution if improperly handled. Additionally, a low percentage of output escaping (17%) indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into the website.

While the attack surface appears small and protected by a capability check for its single shortcode, the identified code quality issues (dangerous function, insufficient output escaping) outweigh the absence of known vulnerabilities and a protected attack surface. The plugin would benefit from thorough code auditing and remediation of these specific findings to improve its overall security.

Key Concerns

Use of dangerous function create_function
Low percentage of output escaping
Lack of nonce checks on entry points

Vulnerabilities

None known

Desire Page Widget Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Desire Page Widget Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

create_functionadd_action( 'widgets_init', create_function( '', 'register_widget( "DesireWidget" );' ) );DesirePageWidget.php:29

Output Escaping

17% escaped24 total outputs

Attack Surface

Desire Page Widget Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[desire_widget_sidebar] DesirePageWidget.php:32

WordPress Hooks 2

actionwidgets_initDesirePageWidget.php:28

actionwidgets_initDesirePageWidget.php:29

Maintenance & Trust

Desire Page Widget Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.32

Last updatedUnknown

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Desire Page Widget Alternatives

Chromeless Widgets Page

chromeless-widgets-page

Chromeless Widgets Page is a framework for building a specific-use page at a custom URL. Once you specify the URL slug, you can add widgets to the pag …

10 No CVEs

Shapely Companion

shapely-companion

100

Shapely Companion is a companion plugin for Shapely WordPress theme by Colorlib.com.

10K 1 CVE

Add to Cart Redirect for WooCommerce

add-to-cart-direct-checkout-for-woocommerce

100

Features offered: Add to cart redirect, Quick purchase button, Buy now button, Quick View product, option to change quantity on checkout page.

9K 1 CVE

One page checkout and layouts for woocommerce

custom-checkout-layouts-for-woocommerce

100

One Page Checkout and Layouts streamlines the entire checkout process by combining the cart and checkout into a single page.

4K No CVEs

Awesome Checkout Templates

awesome-checkout-templates

100

Awesome checkout templates is an add on for woocommerce based websites where you can control your checkout pages by changing their layout, color, fiel …

80 No CVEs

Developer Profile

Desire Page Widget Developer Profile

desirelabs

2 plugins · 20 total installs

trust score

Avg Security Score

93/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Desire Page Widget

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Shortcode Output

desire_widget_sidebar

FAQ