[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fjKHxXYeeS34l4KnBfWAzuOcv9GhHvgb5DyS_LCc1Zf0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":38,"analysis":116,"fingerprints":193},"gpp-about-you-widget","GPP About You Widget","1.0","Thad Allender","https:\u002F\u002Fprofiles.wordpress.org\u002Fendortrails\u002F","\u003Cp>\u003Cem>GPP About You Widget\u003C\u002Fem> is a plugin that adds a widget for easily creating an about you section to any widgetized region in your theme.\u003C\u002Fp>\n\u003Cp>This plugin is for \u003Cstrong>WordPress 3.0+ only\u003C\u002Fstrong>.\u003C\u002Fp>\n","Adds a widget for easily creating an about your section to any widgetized region in your theme.",90,13388,0,"2011-01-15T18:25:00.000Z","3.1.4","3.0.4","",[19,20,21,22,23],"custom","hooks","welcome","widget","widgets","http:\u002F\u002Fgraphpaperpress.com\u002Fplugins\u002Fgpp-about-you-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgpp-about-you-widget.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"endortrails",7,1350,82,30,81,"2026-04-04T15:36:21.632Z",[39,50,62,77,90],{"slug":40,"name":41,"version":6,"author":7,"author_profile":8,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":13,"num_ratings":13,"last_updated":46,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":47,"homepage":48,"download_link":49,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"gpp-welcome-message","GPP Welcome Message Widget","\u003Cp>\u003Cem>GPP Welcome Message Widget\u003C\u002Fem> is a plugin that adds a widget for easily creating prominent welcome messages.\u003C\u002Fp>\n\u003Cp>This plugin is for \u003Cstrong>WordPress 3.0+ only\u003C\u002Fstrong>.\u003C\u002Fp>\n","Adds a widget for easily creating prominent welcome messages.",50,12140,"2011-01-15T14:06:00.000Z",[19,20,21,22,23],"http:\u002F\u002Fgraphpaperpress.com\u002Fplugins\u002Fgpp-welcome-message-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgpp-welcome-message.zip",{"slug":51,"name":52,"version":53,"author":7,"author_profile":8,"description":54,"short_description":55,"active_installs":11,"downloaded":56,"rating":13,"num_ratings":13,"last_updated":57,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":58,"homepage":60,"download_link":61,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"gpp-base-hook-widgets","GPP Base Hook Widgets","1.2","\u003Cp>\u003Cem>GPP Base Hook Widgets\u003C\u002Fem> is a plugin that creates new widget areas for the \u003Ca href=\"http:\u002F\u002Fgraphpaperpress.com\u002Fthemes\u002Fbase\u002F\" rel=\"nofollow ugc\">Base theme\u003C\u002Fa> by \u003Ca href=\"http:\u002F\u002Fgraphpaperpress.com\" rel=\"nofollow ugc\">Graph Paper Press\u003C\u002Fa> and attaches them to the theme’s action hooks.  Basically, it allows you to add widgets pretty much anywhere.\u003C\u002Fp>\n\u003Cp>Typically, to add extra stuff to the theme, you must use one of \u003Cem>Base’s\u003C\u002Fem> action hooks.  This can be quite confusing to some users.  This plugin was created mainly for those users without much PHP knowledge.  It allows them to take advantage of \u003Cem>Base’s\u003C\u002Fem> hook system without the need to understand how it works.  Of course, even advanced users can take advantage of this, especially when dealing with client work.\u003C\u002Fp>\n\u003Cp>This plugin is for \u003Cstrong>WordPress 3.0+ only\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>You must have the \u003Ca href=\"http:\u002F\u002Fgraphpaperpress.com\u002Fthemes\u002Fbase\u002F\" rel=\"nofollow ugc\">Base theme\u003C\u002Fa> installed to use it.\u003C\u002Fp>\n","Adds 12 new widget areas to the Base WordPress theme framework using its action hooks.",15676,"2011-04-08T02:17:00.000Z",[19,59,20,22,23],"graphpaperpress","http:\u002F\u002Fgraphpaperpress.com\u002Fplugins\u002Fgpp-base-hook-widgets","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgpp-base-hook-widgets.1.2.zip",{"slug":63,"name":64,"version":65,"author":66,"author_profile":67,"description":68,"short_description":69,"active_installs":70,"downloaded":71,"rating":13,"num_ratings":13,"last_updated":72,"tested_up_to":73,"requires_at_least":73,"requires_php":17,"tags":74,"homepage":75,"download_link":76,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"hybrid-hook-widgets","Hybrid Hook Widgets","0.1","Justin Tadlock","https:\u002F\u002Fprofiles.wordpress.org\u002Fgreenshady\u002F","\u003Cp>\u003Cem>Hybrid Hook Widgets\u003C\u002Fem> is a plugin that creates new widget areas for the \u003Ca href=\"http:\u002F\u002Fthemehybrid.com\u002Fthemes\u002Fhybrid\" rel=\"nofollow ugc\">Hybrid theme\u003C\u002Fa> and attaches them to the theme’s action hooks.  Basically, it allows you to add widgets pretty much anywhere.\u003C\u002Fp>\n\u003Cp>Typically, to add extra stuff to the theme, you must use one of \u003Cem>Hybrid’s\u003C\u002Fem> action hooks.  This can be quite confusing to some users.  This plugin was created mainly for those users without much XHTML and PHP knowledge.  It allows them to take advantage of \u003Cem>Hybrid’s\u003C\u002Fem> advanced hook system without the need to understand how it works.  Of course, even advanced users can take advantage of this, especially when dealing with client work.\u003C\u002Fp>\n\u003Cp>This plugin is for \u003Cstrong>WordPress 2.8+ only\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>You must have the \u003Ca href=\"http:\u002F\u002Fthemehybrid.com\u002Fthemes\u002Fhybrid\" rel=\"nofollow ugc\">Hybrid theme\u003C\u002Fa> installed to use it.\u003C\u002Fp>\n\u003Cp>Full instructions for use can be found in the plugin’s \u003Ccode>readme.html\u003C\u002Fcode> file, which is included with the plugin download.\u003C\u002Fp>\n","Adds 11 new widget areas to the Hybrid WordPress theme framework using its action hooks.",80,14281,"2009-06-10T04:48:00.000Z","2.8",[19,20,22,23],"http:\u002F\u002Fthemehybrid.com\u002Fthemes\u002Fhybrid\u002Fhybrid-hook-widgets","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhybrid-hook-widgets.0.1.zip",{"slug":78,"name":79,"version":80,"author":7,"author_profile":8,"description":81,"short_description":82,"active_installs":83,"downloaded":84,"rating":13,"num_ratings":13,"last_updated":85,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":86,"homepage":88,"download_link":89,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"gpp-testimonials-widget","GPP Testimonials Widgets","1.2.1","\u003Cp>Adds a new Testimonials widget to the Widgets panel.\u003C\u002Fp>\n","Adds a new Testimonials widget to the Widgets panel.",60,17623,"2011-02-08T19:57:00.000Z",[19,20,87,22,23],"testimonial","http:\u002F\u002Fgraphpaperpress.com\u002Fplugins\u002Fgpp-testimonials-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgpp-testimonials-widget.zip",{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":98,"downloaded":99,"rating":100,"num_ratings":101,"last_updated":102,"tested_up_to":103,"requires_at_least":104,"requires_php":105,"tags":106,"homepage":111,"download_link":112,"security_score":113,"vuln_count":114,"unpatched_count":13,"last_vuln_date":115,"fetched_at":28},"custom-sidebars","Custom Sidebars – Dynamic Sidebar Classic Widget Area Manager","3.38","WebFactory","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebfactory\u002F","\u003Cp>\u003Cstrong>Manage and replace sidebars and other classic widget areas on your site with Custom Sidebars, a flexible widget area manager.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Make custom sidebar configurations and be able to choose what classic widgets display on each page or post of your site.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Need to make a \u003Cstrong>widget sticky\u003C\u002Fstrong> or fixed? Try our free \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsticky-menu-or-anything-on-scroll\u002F\" rel=\"ugc\">WP Sticky Anything\u003C\u002Fa> plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Custom Sidebars works ONLY with the classic widgets screen that was used in WordPress before version 5.8. If you want to use it with version 5.8 (and above) you have to install the official \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fclassic-widgets\u002F\" rel=\"ugc\">Classic Widgets\u003C\u002Fa> plugin, or enable the classic widgets interface yourself. Once the classic widgets screen is activated the plugin will work the same as before.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Having problems setting up SSL or generating an SSL certificate? Install the free \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-force-ssl\u002F\" rel=\"ugc\">WP Force SSL\u003C\u002Fa> plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Display Different Sidebars on Pages and Posts\u003C\u002Fh4>\n\u003Cp>Custom Sidebars allows you to dynamically display custom widget configurations on any page, post, category, post type, or archive page.\u003C\u002Fp>\n\u003Cp>★★★★★\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>“Custom Sidebars will go on my “essential plugins” list from now on. I am pleased by how easy it was to figure out and by how many options are available in the free version.” – \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmonkeyhateclean\" rel=\"nofollow ugc\">monkeyhateclean\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>★★★★★\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>“This plugin does exactly what it says. It’s light, integrates well into WordPress and gives you tons of possibilities.” – \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fdarknova11\" rel=\"nofollow ugc\">DarkNova\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>Every part of Custom Sidebars integrates seamlessly with the Widgets menu for simplicity and control. No confusing settings pages or added menu items, just simple core integration.\u003C\u002Fp>\n\u003Ch4>A Simple Flexible Sidebar Manager\u003C\u002Fh4>\n\u003Cp>** Custom Sidebars Includes: **\u003Cbr \u002F>\n* Unlimited custom widget configurations\u003Cbr \u002F>\n* Set custom widgets for individual posts and pages, categories, post types, and archives\u003Cbr \u002F>\n* Seamless integration with the WordPress Widgets menu\u003Cbr \u002F>\n* Works with well-coded themes and doesn’t slow down your site\u003Cbr \u002F>\n* Set individual widget visibility – for guests, by user role, by post type, for special pages or categories\u003Cbr \u002F>\n* Author specific sidebars – display a custom sidebar for each of your authors\u003Cbr \u002F>\n* Clone and sync widget settings – quickly edit complex configurations\u003Cbr \u002F>\n* Import and export custom sidebars – backup and share sidebars\u003C\u002Fp>\n\u003Cp>Install Custom Sidebars and see for yourself why it’s the most popular widget extension plugin available for WordPress with over 200,000 active installs.\u003C\u002Fp>\n\u003Ch3>Contact and Credits\u003C\u002Fh3>\n\u003Cp>Original development completed by \u003Ca href=\"http:\u002F\u002Fmarquex.es\u002F\" rel=\"nofollow ugc\">Javier Marquez\u003C\u002Fa>.\u003C\u002Fp>\n","Flexible sidebars for custom classic widget configurations on any page or post. Create custom sidebars with ease!",100000,5193767,94,1028,"2025-12-03T19:20:00.000Z","6.9.4","4.6","5.6",[107,108,109,110,22],"classic-widgets","custom-sidebar","dynamic-widgets","sidebar","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcustom-sidebars\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-sidebars.3.38.zip",98,3,"2017-10-04 00:00:00",{"attackSurface":117,"codeSignals":129,"taintFlows":185,"riskAssessment":186,"analyzedAt":192},{"hooks":118,"ajaxHandlers":125,"restRoutes":126,"shortcodes":127,"cronEvents":128,"entryPointCount":13,"unprotectedCount":13},[119],{"type":120,"name":121,"callback":122,"file":123,"line":124},"action","widgets_init","about_you_load_widgets","about-you.php",19,[],[],[],[],{"dangerousFunctions":130,"sqlUsage":131,"outputEscaping":133,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":184},[],{"prepared":13,"raw":13,"locations":132},[],{"escaped":13,"rawEcho":35,"locations":134},[135,138,140,142,144,146,148,150,151,152,154,156,158,159,160,162,164,165,166,168,170,171,172,174,176,177,178,180,182,183],{"file":123,"line":136,"context":137},69,"raw output",{"file":123,"line":139,"context":137},75,{"file":123,"line":141,"context":137},79,{"file":123,"line":143,"context":137},83,{"file":123,"line":145,"context":137},108,{"file":123,"line":147,"context":137},143,{"file":123,"line":149,"context":137},144,{"file":123,"line":149,"context":137},{"file":123,"line":149,"context":137},{"file":123,"line":153,"context":137},149,{"file":123,"line":155,"context":137},153,{"file":123,"line":157,"context":137},155,{"file":123,"line":157,"context":137},{"file":123,"line":157,"context":137},{"file":123,"line":161,"context":137},161,{"file":123,"line":163,"context":137},162,{"file":123,"line":163,"context":137},{"file":123,"line":163,"context":137},{"file":123,"line":167,"context":137},167,{"file":123,"line":169,"context":137},168,{"file":123,"line":169,"context":137},{"file":123,"line":169,"context":137},{"file":123,"line":173,"context":137},173,{"file":123,"line":175,"context":137},174,{"file":123,"line":175,"context":137},{"file":123,"line":175,"context":137},{"file":123,"line":179,"context":137},179,{"file":123,"line":181,"context":137},180,{"file":123,"line":181,"context":137},{"file":123,"line":181,"context":137},[],[],{"summary":187,"deductions":188},"The \"gpp-about-you-widget\" v1.0 plugin exhibits a generally strong security posture based on the static analysis provided. The absence of any AJAX handlers, REST API routes, shortcodes, or cron events with unprotected entry points is a significant strength, indicating a minimal attack surface. Furthermore, the lack of dangerous functions, file operations, external HTTP requests, and bundled libraries reduces potential exploit vectors. The consistent use of prepared statements for SQL queries is commendable and prevents common SQL injection vulnerabilities.\n\nHowever, a critical concern arises from the 100% of output being unescaped. This means that any data displayed by the widget, if it originates from an untrusted source or contains user-supplied content, is vulnerable to Cross-Site Scripting (XSS) attacks. The absence of any recorded vulnerabilities in its history is positive, suggesting a lack of known exploits. Nevertheless, the unescaped output represents a significant and potentially exploitable weakness that needs immediate attention.\n\nIn conclusion, while the plugin boasts a clean history and a well-restricted attack surface, the pervasive lack of output escaping creates a serious XSS risk. This oversight significantly undermines the otherwise good practices observed in the code. Addressing the output escaping issue should be the highest priority to mitigate this critical vulnerability.",[189],{"reason":190,"points":191},"All output is unescaped (XSS risk)",15,"2026-03-16T21:15:44.504Z",{"wat":194,"direct":199},{"assetPaths":195,"generatorPatterns":196,"scriptPaths":197,"versionParams":198},[],[],[],[],{"cssClasses":200,"htmlComments":206,"htmlAttributes":207,"restEndpoints":209,"jsGlobals":210,"shortcodeOutput":211},[201,202,203,204,205],"about_you_widget","about_you_widget clearfix","email","phone","link",[],[208],"id=\"about-you-widget\"",[],[],[]]