Does Pages In Widgets have any unpatched vulnerabilities?

No. All known vulnerabilities in Pages In Widgets have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Pages In Widgets compatible with WordPress 5.3.21?

According to WordPress.org data, Pages In Widgets 1.9.4 has been tested up to WordPress 5.3.21. Check the plugin's changelog for the latest compatibility information.

How often is Pages In Widgets updated?

Pages In Widgets was last updated on Mar 5, 2020. Frequent updates are generally a positive security signal.

What is Pages In Widgets's security score?

Pages In Widgets has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Pages In Widgets Security & Risk Analysis

wordpress.org/plugins/pages-in-widgets

Pages In Widgets is a simple plugin that allows you to insert a the content of a page created in the normal WordPress pages interface into a widget.

4K active installs v1.9.4 PHP + WP 3.5+ Updated Mar 5, 2020

custom-home-pagejayden-majorpagepages-on-widgetswidgets

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Pages In Widgets Safe to Use in 2026?

Generally Safe

Score 85/100

Pages In Widgets has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago

Risk Assessment

The "pages-in-widgets" plugin v1.9.4 exhibits a generally good security posture based on the provided static analysis and vulnerability history. The absence of known CVEs and recorded vulnerabilities is a strong positive indicator. Furthermore, the code analysis reveals no dangerous functions, raw SQL queries, file operations, or external HTTP requests, which are common vectors for attacks.

However, there are significant areas of concern. The plugin has a very low rate of properly escaped output (9%), with 92 total outputs. This indicates a high potential for Cross-Site Scripting (XSS) vulnerabilities, as user-supplied or dynamic data may be rendered directly into the HTML without proper sanitization. Additionally, the lack of any identified nonce checks or capability checks on potential entry points, coupled with zero protected entry points, suggests that if any vulnerabilities were to be introduced, they could be easily exploited. The taint analysis showing zero flows is good, but this could be a reflection of the limited scope or the plugin's simple functionality, and doesn't negate the output escaping issue.

In conclusion, while the plugin is free of known historical vulnerabilities and avoids several risky coding practices, the severe deficiency in output escaping presents a substantial risk. Developers should prioritize addressing the output sanitization to mitigate potential XSS attacks. The absence of entry points with authentication checks is a concern, though the current lack of exploitable code makes it less critical than the output escaping issue.

Key Concerns

Poor output escaping (9%)
No capability checks on entry points
No nonce checks on entry points

Vulnerabilities

None known

Pages In Widgets Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Pages In Widgets Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

8 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

9% escaped92 total outputs

Attack Surface

Pages In Widgets Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 3

actionplugins_loadedgeneral\init.php:18

actionwidgets_initwidgets\pages-widget.php:7

actionwidgets_initwidgets\posts-widget.php:7

Maintenance & Trust

Pages In Widgets Maintenance & Trust

Maintenance Signals

WordPress version tested5.3.21

Last updatedMar 5, 2020

PHP min version

Downloads61K

Community Trust

Rating92/100

Number of ratings9

Active installs4K

Alternatives

Pages In Widgets Alternatives

HT Mega Addons for Elementor – Elementor Widgets & Template Builder

ht-mega-for-elementor

Elementor addon offering 135+ widgets — Mega Menu, Ready Templates, Page Builder, Slider, Gallery, Post Grid, AI Writer & more.

80K 32 CVEs

Livemesh Addons by Elementor

addons-for-elementor

Elementor Addons that saves time with multiple ready-to-use drag and drop styles for 30+ essential widgets built for Elementor page builder.

40K 18 CVEs

UiCore Elements – Free widgets and templates for Elementor

uicore-elements

Enhance your website with UiCore Elements – a free plugin offering diverse widgets for effortless design enrichment.

40K 3 CVEs

WDesignKit – Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder

wdesignkit

3000+ Elementor Templates, Gutenberg Templates, Widgets Builder for Elementor, Gutenberg & Bricks, Cloud Workspace & Figma Files, 160+ Widgets Library

30K 3 CVEs

Apollo13 Framework Extensions

apollo13-framework-extensions

Adds custom post types, shortcodes and some features that are used in themes built on Apollo13 Framework.

20K 6 CVEs

Developer Profile

Pages In Widgets Developer Profile

Jayden Major

2 plugins · 4K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Pages In Widgets

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/pages-in-widgets/css/style.css/wp-content/plugins/pages-in-widgets/js/main.js/wp-content/plugins/pages-in-widgets/js/jquery.simple-scroll-to.min.js

Script Paths

/wp-content/plugins/pages-in-widgets/js/main.js/wp-content/plugins/pages-in-widgets/js/jquery.simple-scroll-to.min.js

Version Parameters

pages-in-widgets/css/style.css?ver=pages-in-widgets/js/main.js?ver=pages-in-widgets/js/jquery.simple-scroll-to.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

pages-in-widgets-content

FAQ