[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fFC5TsiO5KxPTYSM1nBvUaBEmjGzE-KYv32Ipnvii7zY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":34,"analysis":123,"fingerprints":172},"featured-comments-widget","Featured Comments","1.0","andreu","https:\u002F\u002Fprofiles.wordpress.org\u002Fandreu\u002F","\u003Cp>This plugin provides a widget that let you select the comments you want to display as featured or important.\u003C\u002Fp>\n\u003Cp>Go to the Widgets page and you will find a new widget named Featued Comments. Just active it and enjoy!\u003C\u002Fp>\n\u003Ch4>Available languages\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Spanish (es_ES)\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin provides a widget that let you select the comments you want to display as featured or important.",10,1815,0,"2012-10-18T18:18:00.000Z","3.4.2","3.0","",[19,20,21,22],"comments","featured","sidebar","widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffeatured-comments-widget.1.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":24,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},2,40,30,84,"2026-04-04T14:38:08.194Z",[35,53,73,90,107],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":31,"downloaded":43,"rating":44,"num_ratings":29,"last_updated":45,"tested_up_to":46,"requires_at_least":47,"requires_php":17,"tags":48,"homepage":51,"download_link":52,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"featured-comment-widget","Featured Comment Widget","1.7","Jenn Schiffer","https:\u002F\u002Fprofiles.wordpress.org\u002Fjennschiffer\u002F","\u003Cp>The Featured Comment Widget gives you the ability to shine a spotlight on some of your favorite comments on the site.\u003C\u002Fp>\n\u003Cp>Installing this plugin adds the Featured Comment Widget to your list of available widgets in the ‘Widgets’ submenu (which you can find under ‘Appearance’ in your WordPress dashboard). Every comment has an numeric ID, and putting that ID in the widget form results in the that comment (or commentS if you enter multiple IDs), along with the name and Gravatar of its commenter, showing in the sidebar.  The Gravatar and username is automatically a link to that comment in its respective post.\u003C\u002Fp>\n\u003Ch3>Widget CSS\u003C\u002Fh3>\n\u003Cp>The following are the classes and explanations of them for those of you who want to style your widget in the custom.css file:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>.featuredComment-comment – a single comment block containing the content and citation, default: { margin: 20px auto; }\u003C\u002Fli>\n\u003Cli>.featuredComment-comment-content – the comment text, default: { margin: 3px auto 5px;}\u003C\u002Fli>\n\u003Cli>.featuredComment-cite – the citation that includes gravatar and author name, default: { display: block; text-align: left; line-height: 1em;}\u003C\u002Fli>\n\u003Cli>.featuredComment-gravatar – the gravatar image within citation, default: {float: right; padding: 0px 5px;}\u003C\u002Fli>\n\u003Cli>.featuredComment-author – the “posted by …” author link within citation, default: {float: right;}\u003C\u002Fli>\n\u003C\u002Ful>\n","The Featured Comment Widget gives you the ability to shine a spotlight on some of your favorite comments on the site.",6866,100,"2015-09-16T21:22:00.000Z","4.3.34","2.3",[49,50,19,20,21],"comment","comment-widget","http:\u002F\u002Fgithub.com\u002Fjennschiffer\u002Ffeatured-comment-widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffeatured-comment-widget.1.7.zip",{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":44,"num_ratings":63,"last_updated":64,"tested_up_to":65,"requires_at_least":66,"requires_php":17,"tags":67,"homepage":71,"download_link":72,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"feature-a-page-widget","Feature A Page Widget","2.2.0","mrwweb","https:\u002F\u002Fprofiles.wordpress.org\u002Fmrwweb\u002F","\u003Cp>Feature A Page Widget provides a “just works” solution for showcasing a Page, Post, or custom post type in any widget area (aka sidebar). It leverages core WordPress features, a \u003Cem>simple\u003C\u002Fem> set of options, and a sleek UI for selecting one of three widget layouts.\u003C\u002Fp>\n\u003Ch4>How to Use the Widget\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Install and activate the plugin.\u003C\u002Fli>\n\u003Cli>Edit the page you want to feature.\u003C\u002Fli>\n\u003Cli>Fill out the \u003Ca href=\"http:\u002F\u002Fen.support.wordpress.com\u002Fsplitting-content\u002Fexcerpts\u002F#creating-excerpts\" rel=\"nofollow ugc\">Excerpt\u003C\u002Fa> and select a \u003Ca href=\"http:\u002F\u002Fen.support.wordpress.com\u002Ffeatured-images\u002F#setting-a-featured-image\" rel=\"nofollow ugc\">Featured Image\u003C\u002Fa> on that page.\u003C\u002Fli>\n\u003Cli>Go to Appearance > Widgets or Customize > Widgets.\u003C\u002Fli>\n\u003Cli>Add an instance of the “Feature a Page Widget” to the widget area (Sidebar, Footer, etc.) of your choosing.\u003C\u002Fli>\n\u003Cli>Select the page, choose a layout, and optionally give the widget a title.\u003C\u002Fli>\n\u003Cli>Save the widget!\u003C\u002Fli>\n\u003Cli>Admire your handiwork.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>This plugin enables Featured Images (aka “Post Thumbnails”) and Excerpts for Pages and Posts (by default) with the ability to support custom post types. If you don’t see one or both of those fields, they may be hidden in the “Screen Options” (top-right corner) while editing a Page or Post.\u003C\u002Fp>\n\u003Ch4>Important Note: Image Sizes\u003C\u002Fh4>\n\u003Cp>This plugin creates multiple custom image sizes. If you use images that were uploaded to the  media library before you installed this plugin, you may need to use a plugin like \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fregenerate-thumbnails\u002F\" rel=\"ugc\">Regenerate Thumbnails\u003C\u002Fa> to create the correctly-sized images.\u003C\u002Fp>\n\u003Ch4>Customizing the Widget\u003C\u002Fh4>\n\u003Cp>There are multiple ways to modify the widget based on your needs:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Prewritten CSS selectors in \u003Ccode>\u002Fcss\u002Ffpw_starter_styles.css\u003C\u002Fcode> to help you get started with custom CSS styles in a child theme or the Custom CSS Customizer field\u003C\u002Fli>\n\u003Cli>Three default overridable templates and the ability to create custom templates\u003C\u002Fli>\n\u003Cli>Eight filters to modify most parts of the widget output (Title, Read More, Image sizes, etc.)\u003C\u002Fli>\n\u003Cli>Interested in commissioning a custom layout just for your site? \u003Ca href=\"https:\u002F\u002Fmrwweb.com\u002Fcontact\u002F\" rel=\"nofollow ugc\">Get in touch.\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>See \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffeature-a-page-widget\u002Ffaq\u002F\" rel=\"ugc\">the FAQs\u003C\u002Fa> for links to code snippets with inline documentation.\u003C\u002Fp>\n\u003Ch4>Like the Plugin?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Ffeature-a-page-widget\" rel=\"ugc\">We love 5-star ratings!\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.paypal.me\u002Frootwiley\" rel=\"nofollow ugc\">Donations accepted\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Available Languages\u003C\u002Fh4>\n\u003Cp>Please \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Ffeature-a-page-widget\" rel=\"nofollow ugc\">help translate Feature A Page Widget\u003C\u002Fa>. Users have contributed translations in the following languages:\u003C\u002Fp>\n\u003Cp>English (default), German (\u003Ccode>de_DE\u003C\u002Fcode>), Serbian (\u003Ccode>sr_RS\u003C\u002Fcode>), Polish (\u003Ccode>pl_PL\u003C\u002Fcode>), Spanish (\u003Ccode>es_ES\u003C\u002Fcode>), Italian (\u003Ccode>it_IT\u003C\u002Fcode>), Dutch (\u003Ccode>nl_NL\u003C\u002Fcode>)\u003C\u002Fp>\n\u003Ch4>Other Plugins by @MRWweb\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmrw-web-design-simple-tinymce\u002F\" rel=\"ugc\">MRW Web Design Simple TinyMCE\u003C\u002Fa> – Get rid of bad and obscure TinyMCE buttons. Move the rest to a single top row. Comes with a bit of help for adding custom CSS classes too.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpost-status-menu-items\u002F\" rel=\"ugc\">Post Status Menu Items\u003C\u002Fa> – Adds post status links–e.g. “Draft” (7)–to post type admin menus.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpost-type-archive-descriptions\u002F\" rel=\"ugc\">Post Type Archive Description\u003C\u002Fa> – Enables an editable description for a post type to display at the top of the post type archive page.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhawaiian-characters\u002F\" rel=\"ugc\">Hawaiian Characters\u003C\u002Fa> – Adds the correct characters with diacriticals to the WordPress editor Character Map for Hawaiian\u003C\u002Fli>\n\u003C\u002Ful>\n","A widget to display an attractive summary of any page in any widget area.",3000,165965,29,"2020-08-12T18:51:00.000Z","5.5.18","3.9",[68,69,21,22,70],"featured-page","featured-post","widgets","http:\u002F\u002Fmrwweb.com\u002Fwordpress-plugins\u002Ffeature-a-page-widget\u002Fversion-2-documentation\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffeature-a-page-widget.2.2.0.zip",{"slug":74,"name":75,"version":76,"author":77,"author_profile":78,"description":79,"short_description":80,"active_installs":81,"downloaded":82,"rating":83,"num_ratings":11,"last_updated":84,"tested_up_to":46,"requires_at_least":16,"requires_php":17,"tags":85,"homepage":17,"download_link":89,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"widget-builder","Widget Builder","1.6.2","Modern Tribe, Inc.","https:\u002F\u002Fprofiles.wordpress.org\u002Fmoderntribe\u002F","\u003Cp>Widget Builder uses native WordPress editing interface to provide a unique tool to build custom widgets for your site(s).\u003C\u002Fp>\n\u003Cul>\n\u003Cli>MU Compatible\u003C\u002Fli>\n\u003Cli>Create admin dashboard widgets \u003Cstrong>NEW!\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Link the image\u003C\u002Fli>\n\u003Cli>Title and Description\u003C\u002Fli>\n\u003Cli>Customize “Read More” link text\u003C\u002Fli>\n\u003Cli>Very versatile. All fields are optional.\u003C\u002Fli>\n\u003Cli>Supports override of template so that you can override the template for your theme!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Tested on PHP 5.2.17, 5.3.14 & 5.4.4 and WP 3.3 & 3.4.\u003C\u002Fp>\n\u003Cp>This plugin is actively supported and we will do our best to help you. In return we simply as 3 things:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Help Out. If you see a question on the forum you can help with or have a great idea and want to code it up and submit a patch, that would be just plain awesome and we will shower you with praise. Might even be a good way to get to know us and lead to some paid work if you freelance.  Also, we are happy to post translations if you provide them.\u003C\u002Fli>\n\u003Cli>Donate – if this is generating enough revenue to support our time it makes all the difference in the world\u003Cbr \u002F>\nhttps:\u002F\u002Fwww.paypal.com\u002Fcgi-bin\u002Fwebscr?cmd=_s-xclick&hosted_button_id=R8H3DD84PWAQ2\u003C\u002Fli>\n\u003Cli>Support us by buying our Premium plugins. In particular, check out our Events Calendar Pro http:\u002F\u002Ftri.be\u002Fwordpress-events-calendar-pro\u002F\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Note: gear vector art used in the WordPress.org banner were created by http:\u002F\u002Fwww.opengraphicdesign.com\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Ch4>Dashboard Widgets\u003C\u002Fh4>\n\u003Cp>Select ‘Available As Dashboard Widget’ in the widget editor to enable a widget as a dashboard widget. If you do not want this widget showing in the available widgets list for sidebar placement, select ‘Disable Sidebar Widget’.\u003C\u002Fp>\n\u003Ch4>Default vs. Custom Templates\u003C\u002Fh4>\n\u003Cp>The built in template can be overridden by files within your template.\u003C\u002Fp>\n\u003Cp>The Widget Builder comes with a default template for the widget output. If you would like to alter the widget display code, create a new folder called “tribe_widget_builder” in your template directory and copy over the “views\u002Fwidget.php” file.\u003C\u002Fp>\n\u003Cp>Edit the new file to your hearts content. Please do not edit the one in the plugin folder as that will cause conflicts when you update the plugin to the latest release.\u003C\u002Fp>\n\u003Cp>Alternatively you can point to a path of your choosing using the filter ‘tribe_widget_builder_widget.php’.\u003C\u002Fp>\n\u003Ch4>Filter widget query args\u003C\u002Fh4>\n\u003Cp>Filter your query arguments or get_posts altogether for granular fine tuning your listing of widgets or in the case of MU install restricting the builder to one site.\u003C\u002Fp>\n\u003Cp>The following filters are available for override\u003Cbr \u002F>\n    ‘tribe_widget_builder_get_posts_args’ \u002F\u002F customize the widget query parameters\u003Cbr \u002F>\n    ‘tribe_widget_builder_get_posts’ \u002F\u002F change the get_posts() query\u003C\u002Fp>\n","Widget Builder uses native WordPress editing interface to provide a unique tool to build custom widgets for your site(s).",600,43832,74,"2015-08-21T16:35:00.000Z",[86,87,21,88,22],"admin","featured-image","simple","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-builder.1.6.2.zip",{"slug":91,"name":92,"version":76,"author":93,"author_profile":94,"description":95,"short_description":96,"active_installs":97,"downloaded":98,"rating":30,"num_ratings":99,"last_updated":100,"tested_up_to":101,"requires_at_least":102,"requires_php":17,"tags":103,"homepage":105,"download_link":106,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"most-popular-posts","Most Popular Posts","wesg","https:\u002F\u002Fprofiles.wordpress.org\u002Fwesg\u002F","\u003Cp>Most Popular Posts is a basic widget for your sidebar that creates a list of links to the top posts on your blog according to the number of comments on the post. You can customize many aspects of the plugin to fit in your blog.\u003C\u002Fp>\n\u003Cp>Updates include including and excluding categories, reverse the order of comments and incorporation of WordPress widget standards.\u003C\u002Fp>\n\u003Cp>For a complete list of the changes from each version, please visit \u003Ca href=\"http:\u002F\u002Fwww.wesg.ca\u002F2008\u002F08\u002Fwordpress-widget-most-popular\u002F#changelog\" rel=\"nofollow ugc\">the plugin homepage\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>For examples and tips on using the plugin, please check \u003Ca href=\"http:\u002F\u002Fwww.wesg.ca\u002F2008\u002F08\u002Fwordpress-widget-most-popular\u002F#examples\" rel=\"nofollow ugc\">the examples\u003C\u002Fa> on the plugin homepage.\u003C\u002Fp>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>Used exclusively as a widget at the current time.\u003C\u002Fp>\n","This is a very simple widget that displays a link to the top commented posts on your blog.",300,51094,1,"2013-02-14T04:23:00.000Z","3.5.2","2.8",[19,104,21,22],"most-popular","http:\u002F\u002Fwww.wesg.ca\u002F2008\u002F08\u002Fwordpress-widget-most-popular\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmost-popular-posts.1.6.2.zip",{"slug":108,"name":109,"version":38,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":114,"downloaded":115,"rating":44,"num_ratings":29,"last_updated":116,"tested_up_to":117,"requires_at_least":102,"requires_php":17,"tags":118,"homepage":121,"download_link":122,"security_score":44,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"top-commentators-widget","Top Commentators Widget","Lorna Timbah","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebgrrrl\u002F","\u003Cp>This plugin creates a widget to show the top commentators in your WP site. Always go back to the Widget settings after each version update to Save your settings. Demo can be found at http:\u002F\u002Fdemo.webgrrrl.net\u003C\u002Fp>\n\u003Cp>The Top Commentators Widget plugin is adapted from Show Top Commentators plugin at Personal Financial Advice, this widget is easier to manage via the control form (no need to edit the PHP file); additional options are also available to make it more flexible. Read the FAQ section on how to customize the widget. Read the Changelog as well as http:\u002F\u002Fwebgrrrl.net\u002Ftags\u002Ftcw for the latest news on this widget.\u003C\u002Fp>\n\u003Cp>This widget is extensively tested with the following settings: Google Chrome 13.0.782.215 m, PHP 5.2.13, Apache 2.2.15 (Win32), MySQL 5.0.51a, WordPress 3.2.1. Further testing and bug report on this widget is greatly welcomed and appreciated.\u003C\u002Fp>\n","Adds a sidebar widget to show the top commentators in your WP site. Demo: http:\u002F\u002Fdemo.webgrrrl.net",200,156008,"2025-12-20T13:00:00.000Z","6.6.5",[19,119,120,21,22],"gravatar","seo","http:\u002F\u002Fwebgrrrl.net\u002Farchives\u002Fmy-top-commentators-widget-quick-dirty.htm","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftop-commentators-widget.1.7.zip",{"attackSurface":124,"codeSignals":136,"taintFlows":160,"riskAssessment":161,"analyzedAt":171},{"hooks":125,"ajaxHandlers":132,"restRoutes":133,"shortcodes":134,"cronEvents":135,"entryPointCount":13,"unprotectedCount":13},[126],{"type":127,"name":128,"callback":129,"file":130,"line":131},"action","init","featured_comments_textdomain","featured-comments-widget.php",35,[],[],[],[],{"dangerousFunctions":137,"sqlUsage":138,"outputEscaping":140,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":159},[],{"prepared":13,"raw":13,"locations":139},[],{"escaped":29,"rawEcho":11,"locations":141},[142,145,147,149,151,152,154,155,156,158],{"file":130,"line":143,"context":144},65,"raw output",{"file":130,"line":146,"context":144},66,{"file":130,"line":148,"context":144},68,{"file":130,"line":150,"context":144},69,{"file":130,"line":150,"context":144},{"file":130,"line":153,"context":144},73,{"file":130,"line":83,"context":144},{"file":130,"line":83,"context":144},{"file":130,"line":157,"context":144},81,{"file":130,"line":157,"context":144},[],[],{"summary":162,"deductions":163},"The \"featured-comments-widget\" plugin v1.0 exhibits a generally positive security posture based on the provided static analysis.  The complete absence of identified entry points, dangerous functions, raw SQL queries, file operations, external HTTP requests, and vulnerabilities in its history are strong indicators of good development practices.  The use of prepared statements for SQL queries, if any were present, would further bolster its security.\n\nHowever, a significant concern arises from the extremely low percentage of properly escaped output (17%). This indicates a high probability of cross-site scripting (XSS) vulnerabilities, where user-supplied data could be injected into the output without proper sanitization, leading to potential exploitation.  The lack of nonce and capability checks across all observed code signals also means that if any entry points were introduced in future versions or through unforeseen interactions, they might not be adequately protected against unauthorized access or manipulation.\n\nWhile the plugin's history is clean, the current static analysis reveals a critical weakness in output escaping. The absence of vulnerabilities so far might be due to a limited attack surface or a lack of targeted auditing.  The plugin's strengths lie in its limited attack surface and the apparent avoidance of common high-risk coding patterns. Its primary weakness is the insufficient output escaping, which poses a significant XSS risk that needs immediate attention.",[164,166,169],{"reason":165,"points":11},"Low output escaping (17%)",{"reason":167,"points":168},"No nonce checks observed",5,{"reason":170,"points":168},"No capability checks observed","2026-03-17T01:21:27.649Z",{"wat":173,"direct":178},{"assetPaths":174,"generatorPatterns":175,"scriptPaths":176,"versionParams":177},[],[],[],[],{"cssClasses":179,"htmlComments":181,"htmlAttributes":182,"restEndpoints":183,"jsGlobals":184,"shortcodeOutput":185},[180],"widget_featured_comments",[],[],[],[],[]]