[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f6craXS5-TuLHLSmb7anMtqkHIyG79ur4_g8y_LaSU-Y":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":109,"crawl_stats":38,"alternatives":115,"analysis":214,"fingerprints":419},"enhanced-text-widget","Enhanced Text Widget","1.6.7","cl272","https:\u002F\u002Fprofiles.wordpress.org\u002Fcl272\u002F","\u003Cp>\u003Cstrong>Try it out on your free dummy site: Click here => \u003Ca href=\"https:\u002F\u002Fdemo.tastewp.com\u002Fenhanced-text-widget\" rel=\"nofollow ugc\">https:\u002F\u002Ftastewp.com\u002Fplugins\u002Fenhanced-text-widget\u003C\u002Fa>.\u003C\u002Fstrong>\u003Cbr \u002F>\n(this trick works for all plugins in the WP repo – just replace “wordpress” with “tastewp” in the URL)\u003C\u002Fp>\n\u003Cp>Note: This is a \u003Cstrong>classic widget\u003C\u002Fstrong> type, in order for it to work on the latest version of WordPress you will need \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fclassic-widgets\u002F\" rel=\"ugc\">Classic Widgets\u003C\u002Fa> plugin installed on your site.\u003C\u002Fp>\n\u003Cp>UPDATE: Plugin ownership changed for this plugin. We are currently evaluating possible enhancements for it. Stay tuned! If you have any suggestions yourself, please let us know in the Support Forum.\u003C\u002Fp>\n\u003Cp>An enhanced version of the default text widget where you may have Text, HTML, CSS, JavaScript, Flash, Shortcodes and\u002For PHP as content with linkable widget title.\u003C\u002Fp>\n\u003Ch4>Options\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Title\u003C\u002Fli>\n\u003Cli>Title URL\u003C\u002Fli>\n\u003Cli>Widget CSS class\u003C\u002Fli>\n\u003Cli>Content supports Text, HTML, CSS, JavaScript, Flash, Shortcodes, and PHP\u003C\u002Fli>\n\u003Cli>Option to not display a title\u003C\u002Fli>\n\u003Cli>Option to open Title URL in new window\u003C\u002Fli>\n\u003Cli>Option to automatically add paragraphs to content\u003C\u002Fli>\n\u003Cli>Option to not output before\u002Fafter_widget\u002Ftitle (bare widget)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For questions, please ask in the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fenhanced-text-widget\u002F\" rel=\"ugc\">support forum\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>Enjoy this plugin? \u003Ca href=\"https:\u002F\u002Fsellcodes.com\u002F5U4SICyc\" rel=\"nofollow ugc\">Send a tip to support development\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>This plugin is part of the Inisev product family – \u003Ca href=\"https:\u002F\u002Finisev.com\" rel=\"nofollow ugc\">check out our other products\u003C\u002Fa>.\u003C\u002Fp>\n","An enhanced version of the text widget that supports Text, HTML, CSS, JavaScript, Flash, Shortcodes and PHP with linkable widget title.",30000,849126,98,50,"2024-07-17T01:21:00.000Z","6.6.5","3.6","",[20,21,22,23,24],"clickable","linkable","linked-title","text","widget","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fenhanced-text-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fenhanced-text-widget.1.6.7.zip",89,6,0,"2024-04-10 00:00:00","2026-03-15T15:16:48.613Z",[33,49,64,78,91,98],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2024-31435","inisev-analyst-module-various-versions-missing-authorization","Inisev Analyst Module \u003C= Various Versions - Missing Authorization","Multiple plugins and\u002For themes by Inisev for WordPress are vulnerable to unauthorized access due to a missing capability check on several functions in various versions. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform unauthorized actions.",null,"\u003C=1.6.4","1.6.5","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2024-04-30 00:53:05",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ffee47bb5-5af9-426c-8760-193276e046ea?source=api-prod",20,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":54,"patched_in_version":55,"severity":41,"cvss_score":56,"cvss_vector":57,"vuln_type":58,"published_date":59,"updated_date":60,"references":61,"days_to_patch":63},"CVE-2024-0559","enhanced-text-widget-authenticated-administrator-stored-cross-site-scripting","Enhanced Text Widget \u003C= 1.6.5 - Authenticated (Administrator+) Stored Cross-Site Scripting","The Enhanced Text Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widget options in all versions up to, and including, 1.6.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.","\u003C=1.6.5","1.6.6",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-02-20 00:00:00","2024-02-21 15:53:35",[62],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F4f42b59e-42a3-4c1d-805d-dfe8c692223e?source=api-prod",2,{"id":65,"url_slug":66,"title":67,"description":68,"plugin_slug":4,"theme_slug":38,"affected_versions":69,"patched_in_version":70,"severity":41,"cvss_score":71,"cvss_vector":72,"vuln_type":44,"published_date":73,"updated_date":74,"references":75,"days_to_patch":77},"CVE-2023-49192","enhanced-text-widget-missing-authorization-via-etwhideadminnotificationcallback","Enhanced Text Widget \u003C= 1.6.3 - Missing Authorization via etw_hide_admin_notification_callback","The Enhanced Text Widget plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the etw_hide_admin_notification_callback function in versions up to, and including, 1.6.3. This makes it possible for unauthenticated attackers to hide admin notifications.","\u003C=1.6.3","1.6.4",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","2023-12-01 00:00:00","2024-01-22 19:56:02",[76],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F25122475-fc2c-4a8c-90d3-f4a85fb3a8cc?source=api-prod",53,{"id":79,"url_slug":80,"title":81,"description":82,"plugin_slug":4,"theme_slug":38,"affected_versions":83,"patched_in_version":84,"severity":41,"cvss_score":42,"cvss_vector":85,"vuln_type":86,"published_date":87,"updated_date":74,"references":88,"days_to_patch":90},"CVE-2023-3977","inisev-plugins-various-versions-cross-site-request-forgery-on-handleinstallation-function","Inisev Plugins (Various Versions) - Cross-Site Request Forgery on handle_installation function","Several plugins for WordPress by Inisev are vulnerable to Cross-Site Request Forgery to unauthorized installation of plugins due to a missing nonce check on the handle_installation function that is called via the inisev_installation AJAX aciton in various versions. This makes it possible for unauthenticated attackers to install plugins from the limited list via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","\u003C=1.5.7","1.5.8","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2023-07-27 00:00:00",[89],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fab7c8926-c762-49b1-bc97-4b7a2f4f97fc?source=api-prod",180,{"id":92,"url_slug":93,"title":94,"description":95,"plugin_slug":4,"theme_slug":38,"affected_versions":83,"patched_in_version":84,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":87,"updated_date":74,"references":96,"days_to_patch":90},"CVE-2023-0958","inisev-plugins-various-versions-missing-authorization-on-handleinstallation-function","Inisev Plugins (Various Versions) - Missing Authorization on handle_installation function","Several plugins for WordPress by Inisev are vulnerable to unauthorized installation of plugins due to a missing capability check on the handle_installation function that is called via the inisev_installation AJAX aciton in various versions. This makes it possible for authenticated attackers with minimal permissions, such as subscribers, to install select plugins from Inisev on vulnerable sites. CVE-2023-38514 appears to be a duplicate of this vulnerability.",[97],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fcf7bdd0e-f3b3-4be5-8a30-2c6d9cb783a3?source=api-prod",{"id":99,"url_slug":100,"title":101,"description":102,"plugin_slug":4,"theme_slug":38,"affected_versions":103,"patched_in_version":104,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":105,"updated_date":74,"references":106,"days_to_patch":108},"CVE-2023-23823","enhanced-text-widget-missing-authorization","Enhanced Text Widget \u003C= 1.5.8 - Missing Authorization","The Enhanced Text Widget plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on one of its functions in versions up to, and including, 1.5.8. This makes it possible for authenticated attackers, with subscriber-level access and above, to make use of this functionality.","\u003C=1.5.8","1.5.9","2023-06-30 00:00:00",[107],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F7487f72c-9852-4651-a848-239d4882bbf8?source=api-prod",207,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":63,"total_installs":110,"avg_security_score":111,"avg_patch_time_days":112,"trust_score":113,"computed_at":114},40000,91,93,73,"2026-04-04T09:19:00.394Z",[116,134,155,176,195],{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":124,"downloaded":125,"rating":126,"num_ratings":28,"last_updated":127,"tested_up_to":128,"requires_at_least":129,"requires_php":18,"tags":130,"homepage":131,"download_link":132,"security_score":133,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"linkable-title-html-and-php-widget","Linkable Title Html and Php Widget","1.2.6","peplamb","https:\u002F\u002Fprofiles.wordpress.org\u002Fpeplamb\u002F","\u003Cp>Using this wordpress plugin you may have Text, HTML, Javascript, Flash and\u002For Php as content in this widget with linkable\u002Fclickable widget titles, so this is a plus compared to the default wordpress’ text widget.\u003C\u002Fp>\n\u003Ch4>NEW\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Added Plugin Options Page (Settings -> Linkable Title Html and Php Widget ).\u003C\u002Fli>\n\u003Cli>Added “Open the Title link\u002Furl in a new window” support.\u003C\u002Fli>\n\u003Cli>Added “Title Text Color” support as Katie, Slips, Jim, Gary and John Herfindal request.\u003C\u002Fli>\n\u003Cli>Added support to remove Text Content Div Tag if needed.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Donate\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>This plugin is a personal open source project. Started in 2009, I have put considerable amount of hours adding, refining, tuning, fixing, maintaining the plugin with the goal to make it useful and add to WordPress community. I need your help to achieve this.\u003C\u002Fp>\n\u003Cp>\u003Ca href='https:\u002F\u002Fpledgie.com\u002Fcampaigns\u002F23211' rel=\"nofollow ugc\">Donate\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>More plugins by PepLamb:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fpeplamb.com\u002Fgoogle-analytics-visits\u002F\" rel=\"nofollow ugc\">Google Analytics Visits\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fpeplamb.com\u002Fcustom-field-cookie\u002F\" rel=\"nofollow ugc\">Custom Field Cookie\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","A widget where you may have Text, HTML, Javascript, Flash and\u002For Php as content with linkable\u002Fclickable widget title.",700,71053,74,"2014-01-04T22:28:00.000Z","3.7.41","2.8.0",[20,21,22,120,24],"http:\u002F\u002Fpeplamb.com\u002Flinkable-title-html-and-php-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flinkable-title-html-and-php-widget.zip",85,{"slug":135,"name":136,"version":137,"author":138,"author_profile":139,"description":140,"short_description":141,"active_installs":110,"downloaded":142,"rating":143,"num_ratings":144,"last_updated":145,"tested_up_to":16,"requires_at_least":146,"requires_php":147,"tags":148,"homepage":152,"download_link":153,"security_score":154,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"widget-context","Widget Context","1.3.3","Kaspars","https:\u002F\u002Fprofiles.wordpress.org\u002Fkasparsd\u002F","\u003Cp>Use \u003Ca href=\"https:\u002F\u002Fwidgetcontext.com\" rel=\"nofollow ugc\">Widget Context\u003C\u002Fa> to show and hide widgets on certain sections of your site — front page, posts, pages, archives, search, etc. Use targeting by URLs (with wildcard support) for maximum flexibility.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FrEHvqsWoXAE?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>Premium Support\u003C\u002Fh4>\n\u003Cp>Subscribe to our \u003Ca href=\"https:\u002F\u002Fwidgetcontext.com\u002Fpro\" rel=\"nofollow ugc\">Premium Support service\u003C\u002Fa> and get the PRO 🚀 version of the plugin for free when it’s launched! Your support enables consistent maintenance and new feature development, and is greatly appreciated.\u003C\u002Fp>\n\u003Ch4>Contribute\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Suggest code improvements \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fkasparsd\u002Fwidget-context-wporg\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Report bugs and suggestions on \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwidget-context\" rel=\"ugc\">WordPress.org forums\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fwidget-context\" rel=\"nofollow ugc\">Help translate\u003C\u002Fa> to your language.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Documentation\u003C\u002Fh4>\n\u003Cp>Widget visibility can be configured under individual widget settings under “Appearance \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Widgets” in your WordPress administration area or through the widget editing interface in the Customizer.\u003C\u002Fp>\n\u003Ch4>Target by URL\u003C\u002Fh4>\n\u003Cp>The “Target by URL” is a powerful feature for targeting sections of your website based on the request URLs. It was inspired by a similar feature in the \u003Ca href=\"https:\u002F\u002Fwww.drupal.org\" rel=\"nofollow ugc\">Drupal CMS\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Use relative URLs such as \u003Ccode>page\u002Fsub-page\u003C\u002Fcode> instead of absolute URLs \u003Ccode>https:\u002F\u002Fexample.com\u002Fpage\u002Fsub-page\u003C\u002Fcode> because relative URLs are more flexible and make the logic portable between different domains and server environments.\u003C\u002Fp>\n\u003Ch4>Wildcards\u003C\u002Fh4>\n\u003Cp>Use the wildcard symbol \u003Ccode>*\u003C\u002Fcode> for matching dynamic parts of the URL. For example:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Ccode>topic\u002Fwidgets\u002F*\u003C\u002Fcode> to match all posts in the widgets category, if your permalink structure is set to \u003Ccode>\u002Ftopic\u002F%category%\u002F%postname%\u003C\u002Fcode>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>page-slug\u002F*\u003C\u002Fcode> to match all child pages of the page-slug parent page.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Use a trailing \u003Ccode>?*\u003C\u002Fcode> to capture URL with all query arguments such as \u003Ccode>utm_source\u003C\u002Fcode>, etc. For example, for every \u003Ccode>blog\u002Fpost-slug\u003C\u002Fcode> also include \u003Ccode>blog\u002Fpost-slug?*\u003C\u002Fcode>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Exclude by URL\u003C\u002Fh4>\n\u003Cp>Specify URLs to ignore even if they’re matched by any of the other context rules. For example, enter \u003Ccode>example\u002Fsub-page\u003C\u002Fcode> to hide a widget on this page even when “All Posts” is selected under “Global Sections”.\u003C\u002Fp>\n","Show and hide widgets on specific posts, pages and sections of your site.",966699,90,96,"2024-08-31T11:02:00.000Z","3.0","5.6",[149,150,24,135,151],"context","logic","widgets","https:\u002F\u002Fwidgetcontext.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-context.1.3.3.zip",92,{"slug":156,"name":157,"version":158,"author":159,"author_profile":160,"description":161,"short_description":162,"active_installs":163,"downloaded":164,"rating":154,"num_ratings":165,"last_updated":166,"tested_up_to":167,"requires_at_least":168,"requires_php":18,"tags":169,"homepage":174,"download_link":175,"security_score":133,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"wp-editor-widget","WP Editor Widget","0.6.0","feedmeastraycat","https:\u002F\u002Fprofiles.wordpress.org\u002Ffeedmeastraycat\u002F","\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> This plugin still works but it doesn’t really contain any major features that the native Text widget is missing. The plugin is no longer in active developement.\u003C\u002Fp>\n\u003Cp>This plugin adds a rich text widget where the content is edited using the standard WordPress visual editor which most users already are familiar with.\u003Cbr \u002F>\nIt uses the WP core function wp_editor() without adding a custom post type post for each widget making the widget quicker and simpler to edit.\u003C\u002Fp>\n\u003Cp>Feel free to help with developement or issue reporting on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffeedmeastraycat\u002Fwp-editor-widget\" rel=\"nofollow ugc\">Github\u003C\u002Fa>!\u003C\u002Fp>\n\u003Ch4>Languages\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Swedish\u003C\u002Fli>\n\u003Cli>German\u003C\u002Fli>\n\u003Cli>Danish\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fwp-editor-widget\" rel=\"nofollow ugc\">More translations\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","WP Editor Widget adds a rich text widget where the content is edited using the standard WordPress visual editor.",10000,153242,18,"2020-11-07T22:20:00.000Z","5.5.18","3.5.1",[170,171,24,172,173],"editor","rich-text","wpml","wysiwyg","https:\u002F\u002Fgithub.com\u002Ffeedmeastraycat\u002Fwp-editor-widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-editor-widget.0.6.0.zip",{"slug":177,"name":178,"version":179,"author":180,"author_profile":181,"description":182,"short_description":183,"active_installs":163,"downloaded":184,"rating":144,"num_ratings":185,"last_updated":186,"tested_up_to":187,"requires_at_least":188,"requires_php":189,"tags":190,"homepage":192,"download_link":193,"security_score":194,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"wysiwyg-widgets","Widget Content Blocks","2.3.11","Danny van Kooten","https:\u002F\u002Fprofiles.wordpress.org\u002Fdvankooten\u002F","\u003Ch4>WYSIWYG Widgets or rich text widgets\u003C\u002Fh4>\n\u003Cp>This plugin adds so called “Widget Blocks” to your website which you can easily display in your widget areas.\u003C\u002Fp>\n\u003Cp>You can create or edit the widget blocks just like you would edit any post or page, with all the default WordPress editing functions enabled. This way, you can use the visual editor that comes with WordPress to format your widgets. You can even use media uploading to insert images and so forth.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create beautiful widgets without having to write HTML code\u003C\u002Fli>\n\u003Cli>Easily insert media into your widget content\u003C\u002Fli>\n\u003Cli>Add headings, lists, blockquotes and other HTML elements to your widgets using the WordPress visual editor\u003C\u002Fli>\n\u003Cli>Use WP Links dialog to easily link to any of your pages or posts from a widget\u003C\u002Fli>\n\u003Cli>Use shortcodes inside your widgets\u003C\u002Fli>\n\u003Cli>Translation ready\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Translators\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Dutch (nl_NL) – \u003Ca href=\"https:\u002F\u002Fdannyvankooten.com\u002F\" rel=\"nofollow ugc\">Danny van Kooten\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Spanish (es_ES) – \u003Ca href=\"http:\u002F\u002Fwebhostinghub.com\u002F\" rel=\"nofollow ugc\">Maria Ramos – WebHostingHub\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Italian (it_IT) – \u003Ca href=\"http:\u002F\u002Fwww.dangelos.it\u002F\" rel=\"nofollow ugc\">Tiziano D’Angelo – Studio D’Angelo\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>German (de_DE) – \u003Ca href=\"http:\u002F\u002Fatelier.tag-eins.de\u002F\" rel=\"nofollow ugc\">Christian Günther\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you have created your own language pack, or have an update of an existing one, you can send \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FTranslating_WordPress\" rel=\"nofollow ugc\">gettext PO and MO files\u003C\u002Fa> to me so that I can bundle it into WYSIWYG Widgets. You can \u003Ca href=\"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwysiwyg-widgets\u002Ftrunk\u002Flanguages\u002Fwysiwyg-widgets.po\" rel=\"nofollow ugc\">download the latest PO file here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>More information\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdannyvankooten.com\u002Fwordpress-plugins\u002Fwysiwyg-widgets\u002F\" rel=\"nofollow ugc\">WYSIWYG Widgets\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Other \u003Ca href=\"https:\u002F\u002Fdannyvankooten.com\u002Fwordpress-plugins\u002F\" rel=\"nofollow ugc\">WordPress plugins\u003C\u002Fa> by the same author\u003C\u002Fli>\n\u003C\u002Ful>\n","Edit widget content using the default WordPress visual editor and media uploading functionality. Create widgets like you would create posts or pages.",335364,60,"2026-02-27T12:48:00.000Z","6.9.4","4.1","7.4",[171,191,24,151,173],"visual-editor","https:\u002F\u002Fdannyvankooten.com\u002Fwordpress-plugins\u002Fwysiwyg-widgets\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwysiwyg-widgets.2.3.11.zip",100,{"slug":196,"name":197,"version":198,"author":199,"author_profile":200,"description":201,"short_description":202,"active_installs":203,"downloaded":204,"rating":194,"num_ratings":205,"last_updated":206,"tested_up_to":207,"requires_at_least":18,"requires_php":18,"tags":208,"homepage":18,"download_link":213,"security_score":194,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"podium","Podium","2.0.9","Developer Podium","https:\u002F\u002Fprofiles.wordpress.org\u002Fpodiumsupport\u002F","\u003Cp>Podium Web Suite offers a collection of tools designed to help local businesses optimize their websites for conversion and connect with their customers through the channel they prefer — text.\u003C\u002Fp>\n\u003Cp>After connecting your website to Podium, local businesses are empowered to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Generate more conversations with potential customers using \u003Cstrong>Webchat\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Build a text marketing list with simple, high-converting \u003Cstrong>Website Pop-Ups\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Delight website visitors with a modern customer experience\u003C\u002Fli>\n\u003C\u002Ful>\n","Add and customize Podium's Web Suite tools to your WordPress website",5000,61971,4,"2025-04-17T16:48:00.000Z","6.8.5",[209,196,210,211,212],"chat-widget","podium-webchat","texting","webchat","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpodium.zip",{"attackSurface":215,"codeSignals":309,"taintFlows":404,"riskAssessment":405,"analyzedAt":418},{"hooks":216,"ajaxHandlers":284,"restRoutes":306,"shortcodes":307,"cronEvents":308,"entryPointCount":28,"unprotectedCount":63},[217,223,226,230,232,235,241,243,248,251,254,258,261,263,268,271,275,278],{"type":218,"name":219,"callback":220,"file":221,"line":222},"action","init","closure","analyst\\main.php",65,{"type":218,"name":219,"callback":220,"file":224,"line":225},"analyst\\src\\Analyst.php",80,{"type":218,"name":227,"callback":220,"file":228,"line":229},"admin_footer","analyst\\src\\Mutator.php",56,{"type":218,"name":231,"callback":220,"file":228,"line":126},"admin_notices",{"type":218,"name":233,"callback":220,"file":228,"line":234},"admin_enqueue_scripts",86,{"type":218,"name":236,"callback":237,"priority":238,"file":239,"line":240},"ins_global_print_carrousel","_print",1,"banner\\misc.php",135,{"type":218,"name":227,"callback":237,"priority":238,"file":239,"line":242},139,{"type":218,"name":244,"callback":245,"file":246,"line":247},"widgets_init","enhanced_text_widget_init","enhanced-text-widget.php",215,{"type":218,"name":249,"callback":220,"file":246,"line":250},"admin_init",217,{"type":218,"name":231,"callback":252,"file":246,"line":253},"etw_flush_admin_notice__warning",222,{"type":218,"name":255,"callback":256,"file":246,"line":257},"admin_print_footer_scripts","etw_admin_footer_js",249,{"type":218,"name":259,"callback":220,"file":246,"line":260},"plugins_loaded",293,{"type":218,"name":227,"callback":220,"file":246,"line":262},313,{"type":218,"name":264,"callback":265,"file":266,"line":267},"in_admin_footer","tryItOutScript","modules\\tryOutPlugins\\tryOutPlugins.php",64,{"type":218,"name":231,"callback":269,"file":266,"line":270},"informativeAdminNoticeHandler",68,{"type":218,"name":272,"callback":273,"file":266,"line":274},"admin_head","noticeStyles",69,{"type":218,"name":264,"callback":276,"file":266,"line":277},"noticeScripts",70,{"type":279,"name":280,"callback":281,"priority":282,"file":266,"line":283},"filter","plugin_install_action_links","actionButtonHandler",10,361,[285,288,292,295,299,302],{"action":286,"nopriv":287,"callback":220,"hasNonce":287,"hasCapCheck":287,"file":228,"line":194},"analyst_notification_dismiss",false,{"action":289,"nopriv":287,"callback":290,"hasNonce":291,"hasCapCheck":291,"file":239,"line":222},"inisev_installation","handle_installation",true,{"action":293,"nopriv":287,"callback":290,"hasNonce":291,"hasCapCheck":291,"file":239,"line":294},"inisev_installation_widget",66,{"action":296,"nopriv":287,"callback":297,"hasNonce":291,"hasCapCheck":287,"file":246,"line":298},"etw_hide_admin_notification","etw_hide_admin_notification_callback",269,{"action":300,"nopriv":287,"callback":220,"hasNonce":287,"hasCapCheck":287,"file":246,"line":301},"tifm_save_decision",346,{"action":303,"nopriv":287,"callback":304,"hasNonce":291,"hasCapCheck":287,"file":266,"line":305},"tifm_notice_actions","noticeAjax",36,[],[],[],{"dangerousFunctions":310,"sqlUsage":316,"outputEscaping":318,"fileOperations":29,"externalRequests":63,"nonceChecks":28,"capabilityChecks":402,"bundledLibraries":403},[311],{"fn":312,"file":313,"line":314,"context":315},"unserialize","analyst\\src\\Cache\\DatabaseCache.php",47,"$this->values = is_array($raw) ? $raw : @unserialize($raw);",{"prepared":29,"raw":29,"locations":317},[],{"escaped":319,"rawEcho":314,"locations":320},30,[321,324,326,328,329,332,333,335,337,339,342,344,346,348,350,352,354,355,357,359,360,362,364,365,367,369,370,371,373,374,375,377,378,379,381,382,384,386,387,388,390,391,392,394,396,398,400],{"file":322,"line":28,"context":323},"analyst\\templates\\forms\\deactivate.php","raw output",{"file":322,"line":325,"context":323},11,{"file":327,"line":238,"context":323},"analyst\\templates\\forms\\install.php",{"file":327,"line":28,"context":323},{"file":330,"line":331,"context":323},"analyst\\templates\\notice.php",3,{"file":330,"line":205,"context":323},{"file":330,"line":334,"context":323},7,{"file":336,"line":28,"context":323},"analyst\\templates\\optout.php",{"file":239,"line":338,"context":323},205,{"file":340,"line":341,"context":323},"banner\\views\\index.php",59,{"file":340,"line":343,"context":323},81,{"file":340,"line":345,"context":323},103,{"file":340,"line":347,"context":323},126,{"file":340,"line":349,"context":323},150,{"file":246,"line":351,"context":323},158,{"file":246,"line":353,"context":323},159,{"file":246,"line":353,"context":323},{"file":246,"line":356,"context":323},163,{"file":246,"line":358,"context":323},164,{"file":246,"line":358,"context":323},{"file":246,"line":361,"context":323},168,{"file":246,"line":363,"context":323},169,{"file":246,"line":363,"context":323},{"file":246,"line":366,"context":323},173,{"file":246,"line":368,"context":323},174,{"file":246,"line":368,"context":323},{"file":246,"line":368,"context":323},{"file":246,"line":372,"context":323},178,{"file":246,"line":372,"context":323},{"file":246,"line":372,"context":323},{"file":246,"line":376,"context":323},182,{"file":246,"line":376,"context":323},{"file":246,"line":376,"context":323},{"file":246,"line":380,"context":323},186,{"file":246,"line":380,"context":323},{"file":246,"line":383,"context":323},187,{"file":246,"line":385,"context":323},191,{"file":246,"line":385,"context":323},{"file":246,"line":385,"context":323},{"file":246,"line":389,"context":323},195,{"file":246,"line":389,"context":323},{"file":246,"line":389,"context":323},{"file":246,"line":393,"context":323},236,{"file":246,"line":395,"context":323},259,{"file":246,"line":397,"context":323},260,{"file":246,"line":399,"context":323},320,{"file":266,"line":401,"context":323},179,8,[],[],{"summary":406,"deductions":407},"The \"enhanced-text-widget\" plugin v1.6.7 presents a mixed security posture. While it demonstrates good practices in using prepared statements for SQL queries and implementing nonces and capability checks for its entry points, several concerning areas exist. The static analysis reveals a significant attack surface with 6 AJAX handlers, of which 2 lack proper authorization checks. This is a direct pathway for unauthenticated users to interact with potentially sensitive plugin functionality, increasing the risk of unauthorized actions. Additionally, the plugin uses the `unserialize` function, which is notoriously dangerous if not handled with extreme care to prevent object injection vulnerabilities. The output escaping is also a concern, with only 39% of outputs being properly escaped, indicating a moderate risk of Cross-Site Scripting (XSS) vulnerabilities.\n\nThe vulnerability history shows a pattern of 6 past medium-severity CVEs, predominantly related to XSS, Missing Authorization, and CSRF. While there are currently no unpatched vulnerabilities, this history suggests a recurring tendency for these types of security flaws to be present in the plugin's codebase. The recent vulnerability in April 2024 further emphasizes the need for ongoing vigilance. Overall, the plugin has strengths in its SQL handling and some security checks, but the unauthenticated AJAX handlers, risky `unserialize` usage, and poor output escaping, combined with its past vulnerability record, warrant a cautious approach.",[408,410,413,415],{"reason":409,"points":282},"Unprotected AJAX handlers",{"reason":411,"points":412},"Usage of unserialize()",15,{"reason":414,"points":402},"Low percentage of properly escaped output",{"reason":416,"points":417},"History of medium severity vulnerabilities",12,"2026-03-16T17:23:12.419Z",{"wat":420,"direct":425},{"assetPaths":421,"generatorPatterns":422,"scriptPaths":423,"versionParams":424},[],[],[],[],{"cssClasses":426,"htmlComments":428,"htmlAttributes":429,"restEndpoints":432,"jsGlobals":433,"shortcodeOutput":434},[4,427],"widget_text",[],[430,431],"id=\"enhanced-text-widget-admin-css\"","id=\"etw-credits-style-css\"",[],[],[]]