[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fuL91wS-NOIrL97sGwMx5XUy8OZTx0cybUYloApnx9I4":3,"$flb1Wwcl6W63jAfsywglvkCyHW4TWGJOAf0MN0C7QL5s":101,"$fu1lCFsqj_8NcThFnzpi365SdKvoeIxtcrC4cVsiIfuU":106},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":20,"download_link":21,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24,"discovery_status":25,"vulnerabilities":26,"developer":27,"crawl_stats":23,"alternatives":34,"analysis":35,"fingerprints":84},"remove-widget-title-inventivo","Remove Widget Title | inventivo","1.0.2","Nils Harder","https:\u002F\u002Fprofiles.wordpress.org\u002Finventivode\u002F","\u003Cp>NOTE: INSTALLING THIS PLUGIN ALONE DOES NOT MAKE YOUR SITE GDPR COMPLIANT. PLEASE CONSULT A LAWER IF YOU ARE NOT SURE WHAT TO DO.\u003C\u002Fp>\n\u003Cp>Remove Widget Title – WordPress Plugin\u003C\u002Fp>\n\u003Cp>This plugin allows you to remove a specific widget title by writing ! into the widget’s title field.\u003C\u002Fp>\n\u003Cp>Visit our \u003Ca href=\"https:\u002F\u002Fwww.inventivo.de\u002Fwordpress-agentur\u002Fwordpress-plugins\" rel=\"nofollow ugc\">website\u003C\u002Fa> in order to find more handy and free WordPress plugins.\u003C\u002Fp>\n\u003Cp>Our plugin are small and simple:\u003Cbr \u002F>\n– Responsive – fits to all screens\u003Cbr \u002F>\n– Easy configuration\u003Cbr \u002F>\n– Lighweight code\u003C\u002Fp>\n\u003Cp>Remove Widget Title Plugin now!\u003C\u002Fp>\n\u003Cp>How it works:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Upload the Plugin\u003C\u002Fli>\n\u003Cli>Activate the Plugin\u003C\u002Fli>\n\u003Cli>Insert an ! into the widget’s title field to hide it.\u003C\u002Fli>\n\u003C\u002Fol>\n","Remove a specific widget title in WordPress.",40,1451,0,"2021-04-30T12:56:00.000Z","5.7.15","3.0","",[19],"remove-widget-title","https:\u002F\u002Fwww.inventivo.de\u002Fwordpress-agentur\u002Fwordpress-plugins","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fremove-widget-title-inventivo.1.0.2.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":22,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"inventivode",7,290,30,84,"2026-05-20T09:29:11.200Z",[],{"attackSurface":36,"codeSignals":60,"taintFlows":71,"riskAssessment":72,"analyzedAt":83},{"hooks":37,"ajaxHandlers":56,"restRoutes":57,"shortcodes":58,"cronEvents":59,"entryPointCount":13,"unprotectedCount":13},[38,44,48,52],{"type":39,"name":40,"callback":41,"file":42,"line":43},"action","widget_title","invRemoveWidgetTitle","inventivo-remove-widget-title.php",41,{"type":39,"name":45,"callback":46,"file":42,"line":47},"admin_notices","admin_notice_get_pro",42,{"type":39,"name":49,"callback":50,"file":42,"line":51},"admin_enqueue_scripts","inv_admin_style",43,{"type":39,"name":53,"callback":54,"file":42,"line":55},"admin_init","notice_dismissed",44,[],[],[],[],{"dangerousFunctions":61,"sqlUsage":62,"outputEscaping":64,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":70},[],{"prepared":13,"raw":13,"locations":63},[],{"escaped":13,"rawEcho":65,"locations":66},1,[67],{"file":42,"line":68,"context":69},60,"raw output",[],[],{"summary":73,"deductions":74},"The plugin 'remove-widget-title-inventivo' v1.0.2 exhibits a generally strong security posture based on the provided static analysis. The absence of any detected AJAX handlers, REST API routes, shortcodes, or cron events with unprotected entry points is a significant positive. Furthermore, the lack of dangerous functions, file operations, external HTTP requests, and the 100% usage of prepared statements for SQL queries indicate good development practices in these critical areas.  The plugin also has no recorded vulnerability history, which is a very positive sign of its stability and security over time.\n\nHowever, a notable concern is the complete lack of output escaping. With one total output and 0% properly escaped, this represents a significant risk. Any data rendered by the plugin to the user could be vulnerable to cross-site scripting (XSS) attacks. Additionally, the absence of nonce and capability checks, while not directly tied to a specific entry point in this analysis, is a general weakness. If any entry points were to be introduced or discovered later, these missing checks would leave them unprotected. The taint analysis revealing no flows is positive, but this is in conjunction with the limited attack surface.\n\nIn conclusion, while the plugin demonstrates excellent security hygiene in many core areas and has no historical vulnerabilities, the complete failure to escape output presents a tangible and potentially severe risk. The lack of nonce and capability checks also represents a potential gap that could be exploited if the attack surface were to expand. Developers should prioritize implementing proper output escaping to mitigate XSS vulnerabilities.",[75,78,81],{"reason":76,"points":77},"Unescaped output detected",8,{"reason":79,"points":80},"Missing nonce checks",5,{"reason":82,"points":80},"Missing capability checks","2026-04-16T11:15:58.124Z",{"wat":85,"direct":92},{"assetPaths":86,"generatorPatterns":88,"scriptPaths":89,"versionParams":90},[87],"\u002Fwp-content\u002Fplugins\u002Fremove-widget-title-inventivo\u002Fadmin\u002Fcss\u002Fadmin-styles.css",[],[],[91],"\u002Fremove-widget-title-inventivo\u002Fadmin\u002Fcss\u002Fadmin-styles.css?ver=",{"cssClasses":93,"htmlComments":96,"htmlAttributes":97,"restEndpoints":98,"jsGlobals":99,"shortcodeOutput":100},[94,95],"hreflang-x-default-tag-for-wpml-inventivo-wrapper","hreflang-x-default-tag-for-wpml-inventivo-element",[],[],[],[],[],{"error":102,"url":103,"statusCode":104,"statusMessage":105,"message":105},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fremove-widget-title-inventivo\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":80,"versions":107},[108,114,121,128,135],{"version":6,"download_url":21,"svn_tag_url":109,"released_at":23,"has_diff":110,"diff_files_changed":111,"diff_lines":23,"trac_diff_url":112,"vulnerabilities":113,"is_current":102},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fremove-widget-title-inventivo\u002Ftags\u002F1.0.2\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fremove-widget-title-inventivo%2Ftags%2F1.0.1&new_path=%2Fremove-widget-title-inventivo%2Ftags%2F1.0.2",[],{"version":115,"download_url":116,"svn_tag_url":117,"released_at":23,"has_diff":110,"diff_files_changed":118,"diff_lines":23,"trac_diff_url":119,"vulnerabilities":120,"is_current":110},"1.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fremove-widget-title-inventivo.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fremove-widget-title-inventivo\u002Ftags\u002F1.0.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fremove-widget-title-inventivo%2Ftags%2F1.0.0&new_path=%2Fremove-widget-title-inventivo%2Ftags%2F1.0.1",[],{"version":122,"download_url":123,"svn_tag_url":124,"released_at":23,"has_diff":110,"diff_files_changed":125,"diff_lines":23,"trac_diff_url":126,"vulnerabilities":127,"is_current":110},"1.0.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fremove-widget-title-inventivo.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fremove-widget-title-inventivo\u002Ftags\u002F1.0.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fremove-widget-title-inventivo%2Ftags%2F0.0.2&new_path=%2Fremove-widget-title-inventivo%2Ftags%2F1.0.0",[],{"version":129,"download_url":130,"svn_tag_url":131,"released_at":23,"has_diff":110,"diff_files_changed":132,"diff_lines":23,"trac_diff_url":133,"vulnerabilities":134,"is_current":110},"0.0.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fremove-widget-title-inventivo.0.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fremove-widget-title-inventivo\u002Ftags\u002F0.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fremove-widget-title-inventivo%2Ftags%2F0.0.1&new_path=%2Fremove-widget-title-inventivo%2Ftags%2F0.0.2",[],{"version":136,"download_url":137,"svn_tag_url":138,"released_at":23,"has_diff":110,"diff_files_changed":139,"diff_lines":23,"trac_diff_url":23,"vulnerabilities":140,"is_current":110},"0.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fremove-widget-title-inventivo.0.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fremove-widget-title-inventivo\u002Ftags\u002F0.0.1\u002F",[],[]]