[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fF8Iypa0MxsP7mXhqSDCjKRH9cfMx4ceNLA1SgZwqwyw":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":39,"analysis":139,"fingerprints":294},"easy-profile-widget","Easy Profile Widget","1.3","Jeffrey Carandang","https:\u002F\u002Fprofiles.wordpress.org\u002Fphpbits\u002F","\u003Ch3>Display About Me Section easily on your WordPress sidebar widgets\u003C\u002Fh3>\n\u003Cp>Easy Profile Widget is used to display a user profile section with avatar and custom read more link. It can be used in any widget area, such as a sidebar or a footer.\u003C\u002Fp>\n\u003Ch3>Easy Setup\u003C\u002Fh3>\n\u003Cp>After plugin activation ‘Easy Profile’ widget will be available under \u003Cstrong>Appearance > Widgets\u003C\u002Fstrong>, just drag and drop to any desired widget area.\u003C\u002Fp>\n\u003Ch3>SiteOrigin Page Builder Compatible\u003C\u002Fh3>\n\u003Cp>Widgetized plugins cannot be completed without SiteOrigin compatibility! If you are using SiteOrigin Page Builder and you want to easily add About Me or Profile Section on your content, Easy Profile Widget is what you’re looking for! Go ahead and try it 🙂\u003C\u002Fp>\n\u003Ch3>Premium Add-on available\u003C\u002Fh3>\n\u003Ch4>Easy Profile Widget Cards Add-on\u003C\u002Fh4>\n\u003Cp>a feature-rich plugin to maximize your About & Profile section’s capabilities. With this plugin you will have to full control of the widget’s unlimited possibilities.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Card Layouts\u003C\u002Fli>\n\u003Cli>Layout Alignment\u003C\u002Fli>\n\u003Cli>Color Scheme & Styling\u003C\u002Fli>\n\u003Cli>Custom avatar and cover image\u003C\u002Fli>\n\u003Cli>Tagline\u003C\u002Fli>\n\u003Cli>Social Icons\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fphpbits.net\u002Fplugin\u002Feasy-profile-cards\u002F\" rel=\"nofollow ugc\">Click here for more info and demo.\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Translators\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>French (fr_FR) – \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fjptwf\" rel=\"nofollow ugc\">JP – TWF\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Display User Profile Section with Gravatar on your sidebar widgets easily.",500,20876,96,76,"2017-01-05T06:54:00.000Z","4.7.32","4.0","",[20,21,22,23,24],"about-me","about-me-widget","profile-widget","widget","widgets","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feasy-profile-widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-profile-widget.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":27,"computed_at":38},"phpbits",7,4840,87,30,"2026-04-04T06:00:36.593Z",[40,61,82,100,117],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":28,"num_ratings":28,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":58,"download_link":59,"security_score":60,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"rs-author-info-box","RS Author Info Box","2.2.0","RS WP THEMES","https:\u002F\u002Fprofiles.wordpress.org\u002Frswpthemes\u002F","\u003Cp>RS Author Info Box is a functional WordPress plugin designed to easily display professional author profiles within your website’s sidebar or widget-ready areas. This simple tool empowers website administrators to build trust and connect with readers by giving a face and brief introduction to the content creators.\u003C\u002Fp>\n\u003Cp>Key features include:\u003Cbr \u002F>\n* Display author name and professional title.\u003Cbr \u002F>\n* Include a short biographical description.\u003Cbr \u002F>\n* Upload an author profile picture and banner image seamlessly via the WordPress media library.\u003Cbr \u002F>\n* Add common social media profiles (Facebook, Twitter, Instagram, LinkedIn, Pinterest, Goodreads, Wattpad).\u003Cbr \u002F>\n* Option to hide the widget conditionally to suit your theme layouts.\u003C\u002Fp>\n\u003Cp>Lightweight and flexible, it simply requires adding the widget to your targeted widget area and configuring the straightforward form.\u003C\u002Fp>\n","A simple and lightweight widget to display an author's name, profile image, short description, and social media links in any sidebar or widget area.",2000,28013,"2026-03-04T04:39:00.000Z","6.7.5","4.9","7.4",[21,55,56,57],"author-profile","author-widget","bio-widget","https:\u002F\u002Frswpthemes.com\u002Fhow-to-add-about-me-widget-on-wordpress-step-by-step-guide\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frs-author-info-box.2.2.0.zip",100,{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":60,"num_ratings":71,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":74,"tags":75,"homepage":79,"download_link":80,"security_score":81,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"kantbtrue-about-me","Kantbtrue about me","1.2.11","Shashikant Yadav","https:\u002F\u002Fprofiles.wordpress.org\u002Fkantbtrue\u002F","\u003Cp>An elegant sidebar widget plugin to beautify your about me section at the sidebar of your wordpress blog. With this plugin you can add title, description with links, profile image and social links.\u003C\u002Fp>\n\u003Cp>It is a about me widget plugin which is also called as profile widget, about widget, author info box, author box, or just simple sidebar about section. What ever you call it, it will make your about section stand out and attract user’s attention.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fkantbtrue.gumroad.com\u002Fl\u002Faboutmepro\" rel=\"nofollow ugc\">Get PRO version\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>::\u003Cbr \u002F>\n– Fields: Title, Bio, Image, Social Links\u003Cbr \u002F>\n– Text Alignment Options: Left, Right, Center\u003Cbr \u002F>\n– Image Styles: Round, Square\u003Cbr \u002F>\n– Social Support: Facebook, Twitter, Instagram, Pinterest, Youtube, Bloglovin Personal Website\u003C\u002Fp>\n\u003Cp>\u003Cstrong>PRO version features\u003C\u002Fstrong>:\u003Cbr \u002F>\n– Signature field: You can add your signature in the widget.\u003C\u002Fp>\n","An elegant about me widget and profile widget for blogs. With this plugin you can add title, description with links, profile image and social links.",400,6490,2,"2024-11-28T09:05:00.000Z","5.8.13","5.0",[76,20,21,77,78],"about-author","about-widget","author-box","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fkantbtrue-about-me\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkantbtrue-about-me.1.2.11.zip",92,{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":90,"downloaded":91,"rating":28,"num_ratings":28,"last_updated":92,"tested_up_to":93,"requires_at_least":94,"requires_php":18,"tags":95,"homepage":98,"download_link":99,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"ah-about-widget","AH About Widget","1.0.1","Andreas Hecht","https:\u002F\u002Fprofiles.wordpress.org\u002Fahecht\u002F","\u003Cp>Easy to use “About me” profile widget with several settings, which is using your Author Bio, Description and Author Gravatar. You can also link to your “About me” page.\u003C\u002Fp>\n\u003Cp>Gravatar can have alignment right, left and none. See Screenshots for more information. The Gravatar can have four different sizes: 45, 65, 85 and 125px.\u003C\u002Fp>\n\u003Cp>Alignment none plus Gravatar 125px will center the Gravatar and makes him round. CSS is tested on Twenty Sixteen, Twenty Fifteen, Twenty Fourteen and some other Themes.\u003C\u002Fp>\n","Easy to use \"About me\" profile widget with several settings, which is using your Author Bio, Description and Author Gravatar.",10,2453,"2017-09-23T17:17:00.000Z","4.8.28","4.6",[96,20,21,97,23],"about","profile","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fah-about-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fah-about-widget.1.0.1.zip",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":28,"downloaded":108,"rating":28,"num_ratings":28,"last_updated":109,"tested_up_to":110,"requires_at_least":111,"requires_php":112,"tags":113,"homepage":115,"download_link":116,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"minimal-profile-widget","Minimal Profile Widget","1.0","Ibrahim Hasnat","https:\u002F\u002Fprofiles.wordpress.org\u002Fibrahimhasnat\u002F","\u003Cp>Minimal Profile Widget is very much clean and simple widget plugin. It helps anyone to show their minimal overview of theme self.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Name and Designation\u003C\u002Fli>\n\u003Cli>Cover Image\u003C\u002Fli>\n\u003Cli>Profile Image\u003C\u002Fli>\n\u003Cli>Short Description\u003C\u002Fli>\n\u003Cli>3 Different Medium link to contact\u003C\u002Fli>\n\u003Cli>There is an email option for direct email contact\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin is very light and easy to use. After installation, anyone can see what to do or not to do.\u003C\u002Fp>\n","A simple minimal profile widget plugin for WordPress",1022,"2019-06-01T23:16:00.000Z","5.1.22","3.0","5.2.4",[97,114,22,23,24],"profile-sidebar","http:\u002F\u002Fcodiov.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fminimal-profile-widget.zip",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":125,"downloaded":126,"rating":127,"num_ratings":128,"last_updated":129,"tested_up_to":130,"requires_at_least":52,"requires_php":131,"tags":132,"homepage":137,"download_link":138,"security_score":60,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"classic-widgets","Classic Widgets","0.3","Tonya Mork","https:\u002F\u002Fprofiles.wordpress.org\u002Fhellofromtonya\u002F","\u003Cp>Classic Widgets is an official plugin maintained by the WordPress team that restores the previous (“classic”) WordPress widgets settings screens. It will be supported and maintained to 2024, or as long as is necessary.\u003C\u002Fp>\n\u003Cp>Once activated and when using a classic (non-block) theme, this plugin restores the previous widgets settings screens and disables the block editor from managing widgets. There is no other configuration, the classic widgets settings screens are enabled or disabled by either enabling or disabling this plugin.\u003C\u002Fp>\n","Enables the previous \"classic\" widgets settings screens in Appearance - Widgets and the Customizer. Disables the block editor from managing widgets.",2000000,7214667,98,262,"2025-12-08T10:52:00.000Z","6.9.4","5.6",[118,133,134,135,136],"disable","disable-gutenberg","editor","gutenberg","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fclassic-widgets\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclassic-widgets.0.3.zip",{"attackSurface":140,"codeSignals":175,"taintFlows":281,"riskAssessment":282,"analyzedAt":293},{"hooks":141,"ajaxHandlers":165,"restRoutes":171,"shortcodes":172,"cronEvents":173,"entryPointCount":174,"unprotectedCount":174},[142,148,152,156,160],{"type":143,"name":144,"callback":145,"file":146,"line":147},"action","admin_enqueue_scripts","admin_enqueue_easy_profile_scripts","core\\functions.enqueue.php",16,{"type":143,"name":149,"callback":150,"file":146,"line":151},"wp_enqueue_scripts","enqueue_easy_profile_scripts",21,{"type":143,"name":153,"callback":154,"file":155,"line":90},"admin_notices","admin_messages","core\\functions.notices.php",{"type":143,"name":157,"callback":158,"file":155,"line":159},"plugins_loaded","plugin_loaded",13,{"type":143,"name":161,"callback":162,"file":163,"line":164},"widgets_init","register_easy_profile_widget","core\\functions.widget.php",237,[166],{"action":167,"nopriv":168,"callback":169,"hasNonce":168,"hasCapCheck":168,"file":155,"line":170},"easy_profile_widget_hideRating",false,"hide_rating",12,[],[],[],1,{"dangerousFunctions":176,"sqlUsage":177,"outputEscaping":179,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":174,"bundledLibraries":280},[],{"prepared":28,"raw":28,"locations":178},[],{"escaped":180,"rawEcho":181,"locations":182},9,55,[183,186,188,190,192,194,196,198,200,202,203,205,206,207,209,211,213,215,217,219,221,222,224,226,228,230,232,234,235,237,239,241,243,245,247,248,250,252,254,256,258,260,261,262,263,265,266,267,268,270,271,273,275,277,278],{"file":155,"line":184,"context":185},29,"raw output",{"file":155,"line":187,"context":185},48,{"file":163,"line":189,"context":185},44,{"file":163,"line":191,"context":185},47,{"file":163,"line":193,"context":185},57,{"file":163,"line":195,"context":185},58,{"file":163,"line":197,"context":185},71,{"file":163,"line":199,"context":185},74,{"file":163,"line":201,"context":185},82,{"file":163,"line":27,"context":185},{"file":163,"line":204,"context":185},99,{"file":163,"line":60,"context":185},{"file":163,"line":60,"context":185},{"file":163,"line":208,"context":185},104,{"file":163,"line":210,"context":185},105,{"file":163,"line":212,"context":185},107,{"file":163,"line":214,"context":185},111,{"file":163,"line":216,"context":185},113,{"file":163,"line":218,"context":185},124,{"file":163,"line":220,"context":185},125,{"file":163,"line":220,"context":185},{"file":163,"line":223,"context":185},126,{"file":163,"line":225,"context":185},127,{"file":163,"line":227,"context":185},128,{"file":163,"line":229,"context":185},129,{"file":163,"line":231,"context":185},132,{"file":163,"line":233,"context":185},133,{"file":163,"line":233,"context":185},{"file":163,"line":236,"context":185},134,{"file":163,"line":238,"context":185},135,{"file":163,"line":240,"context":185},136,{"file":163,"line":242,"context":185},137,{"file":163,"line":244,"context":185},140,{"file":163,"line":246,"context":185},141,{"file":163,"line":246,"context":185},{"file":163,"line":249,"context":185},142,{"file":163,"line":251,"context":185},143,{"file":163,"line":253,"context":185},144,{"file":163,"line":255,"context":185},149,{"file":163,"line":257,"context":185},151,{"file":163,"line":259,"context":185},152,{"file":163,"line":259,"context":185},{"file":163,"line":259,"context":185},{"file":163,"line":259,"context":185},{"file":163,"line":264,"context":185},153,{"file":163,"line":264,"context":185},{"file":163,"line":264,"context":185},{"file":163,"line":264,"context":185},{"file":163,"line":269,"context":185},154,{"file":163,"line":269,"context":185},{"file":163,"line":272,"context":185},156,{"file":163,"line":274,"context":185},168,{"file":163,"line":276,"context":185},169,{"file":163,"line":276,"context":185},{"file":163,"line":279,"context":185},175,[],[],{"summary":283,"deductions":284},"The 'easy-profile-widget' plugin version 1.3 exhibits a mixed security posture. While it demonstrates strengths in avoiding dangerous functions, raw SQL queries, file operations, and external HTTP requests, significant concerns arise from its attack surface and output escaping practices.  The presence of a single AJAX handler without any authentication checks represents a critical vulnerability, allowing unauthenticated users to potentially interact with plugin functionality in unintended ways. This is further exacerbated by a concerningly low rate of properly escaped output, suggesting a high risk of cross-site scripting (XSS) vulnerabilities across many of its output points.\n\nThe vulnerability history for this plugin is clean, with no recorded CVEs. This absence of past vulnerabilities, combined with the lack of critical findings in taint analysis, could be interpreted as positive. However, it is important to recognize that the identified issues in the static analysis – particularly the unauthenticated AJAX endpoint and poor output escaping – are fundamental security flaws that can be exploited even without prior CVEs. Therefore, while the plugin has no known past exploits, the current static analysis reveals significant potential for new, exploitable vulnerabilities. The plugin's overall security is currently compromised by its exposed attack surface and inadequate output sanitization.",[285,287,290],{"reason":286,"points":90},"Unprotected AJAX handler",{"reason":288,"points":289},"Low percentage of properly escaped output",8,{"reason":291,"points":292},"No nonce checks on AJAX handler",5,"2026-03-16T19:40:49.925Z",{"wat":295,"direct":306},{"assetPaths":296,"generatorPatterns":300,"scriptPaths":301,"versionParams":302},[297,298,299],"\u002Fwp-content\u002Fplugins\u002Feasy-profile-widget\u002Fassets\u002Fcss\u002Feasy-profile-admin.css","\u002Fwp-content\u002Fplugins\u002Feasy-profile-widget\u002Fassets\u002Fjs\u002Feasy-profile.js","\u002Fwp-content\u002Fplugins\u002Feasy-profile-widget\u002Fassets\u002Fcss\u002Feasy-profile-widget.css",[],[],[303,304,305],"easy-profile-widget\u002Fassets\u002Fcss\u002Feasy-profile-admin.css?ver=","easy-profile-widget\u002Fassets\u002Fjs\u002Feasy-profile.js?ver=","easy-profile-widget\u002Fassets\u002Fcss\u002Feasy-profile-widget.css?ver=",{"cssClasses":307,"htmlComments":309,"htmlAttributes":310,"restEndpoints":311,"jsGlobals":312,"shortcodeOutput":313},[308,4],"easy-profile-widget-admin",[],[],[],[],[]]