Does Page 2 Widget have any unpatched vulnerabilities?

No. All known vulnerabilities in Page 2 Widget have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Page 2 Widget compatible with WordPress 4.0.38?

According to WordPress.org data, Page 2 Widget 1.0 has been tested up to WordPress 4.0.38. Check the plugin's changelog for the latest compatibility information.

How often is Page 2 Widget updated?

Page 2 Widget was last updated on Sep 26, 2014. Frequent updates are generally a positive security signal.

What is Page 2 Widget's security score?

Page 2 Widget has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Page 2 Widget Security & Risk Analysis

wordpress.org/plugins/page2widget

Simple widget that can render page.

10 active installs v1.0 PHP + WP 3.0+ Updated Sep 26, 2014

embedpageswidget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Page 2 Widget Safe to Use in 2026?

Generally Safe

Score 85/100

Page 2 Widget has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The "page2widget" plugin version 1.0 exhibits a generally strong security posture based on the provided static analysis. The absence of any identified entry points like AJAX handlers, REST API routes, or shortcodes, combined with zero reported vulnerabilities (CVEs), suggests a minimal attack surface and a history of secure development. The plugin also demonstrates good practices by exclusively using prepared statements for SQL queries.

However, a significant concern arises from the output escaping. With only 25% of the 8 outputs being properly escaped, there's a high likelihood of Cross-Site Scripting (XSS) vulnerabilities if any of the unescaped outputs contain user-supplied data. The lack of nonces and capability checks on potential (though not explicitly identified as present) entry points could also be a risk if the attack surface were to expand in future versions or if the plugin's functionality implicitly creates such points. Overall, while the current version appears stable and free from known exploits, the unescaped output is a critical weakness that needs immediate attention to prevent potential XSS attacks.

Key Concerns

Low percentage of properly escaped output
No nonce checks present
No capability checks present

Vulnerabilities

None known

Page 2 Widget Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Page 2 Widget Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

2 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

25% escaped8 total outputs

Attack Surface

Page 2 Widget Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 1

actionwidgets_initpage2widget.php:12

Maintenance & Trust

Page 2 Widget Maintenance & Trust

Maintenance Signals

WordPress version tested4.0.38

Last updatedSep 26, 2014

PHP min version

Downloads2K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

Page 2 Widget Alternatives

Spotlight Social Feeds – Block, Shortcode, and Widget

spotlight-social-photo-feeds

Instagram feeds made easy. Responsive, customizable, accessible, and SEO-friendly out of the box. Includes Instagram blocks & oEmbed support.

60K 3 CVEs

Insert Pages

insert-pages

Insert Pages lets you embed any WordPress content (e.g., pages, posts, custom post types) into other WordPress content using the Shortcode API.

40K 4 CVEs

Widgets on Pages

widgets-on-pages

The easiest and highest rated way to Add Widgets or Sidebars to Posts and Pages using Visual editor, shortcodes or template tags.

20K 1 CVE

Essential Widgets

essential-widgets

Essential Widgets is a WordPress plugin for widgets that allows you to create and add amazing widgets with high customization option

10K 2 CVEs

Widget Responsive for Youtube

youtube-widget-responsive

Widgets + ShortCode responsive to embed youtube in your sidebar or in your content [youtube video=...] or in WPBakery Page Builder, with SEO http://sc …

8K 1 CVE

Developer Profile

Page 2 Widget Developer Profile

dimitrov.adrian

5 plugins · 200 total installs

trust score

Avg Security Score

88/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Page 2 Widget

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

page2widget

Data Attributes

id="widget-widget2page"name="widget-widget2page"

FAQ