WP-Safety

Lightweight Sidebar Manager Security & Risk Analysis

wordpress.org/plugins/sidebar-manager

Create new sidebar areas and display them conditionally on certain pages. Works with all themes.

90K active installs v2.0.0 PHP + WP 4.0+ Updated Dec 1, 2025
conditional-sidebarcustom-sidebarcustom-widget-areassidebar-managerwidgets
100
A · Safe
CVEs total1
Unpatched0
Last CVESep 16, 2020
Plugin page Download
Safety Verdict

Is Lightweight Sidebar Manager Safe to Use in 2026?

Generally Safe

Score 100/100

Lightweight Sidebar Manager has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Sep 16, 2020Updated 5mo ago
Risk Assessment

The "sidebar-manager" plugin version 2.0.0 demonstrates a generally good security posture based on the provided static analysis. The plugin has a minimal attack surface, with only one AJAX handler, and importantly, this handler is protected by authentication checks. The code signals are also positive, showing a high percentage of properly escaped outputs and a good use of prepared statements for SQL queries. The presence of nonce and capability checks further reinforces its defensive coding practices. Taint analysis revealing no unsanitized paths or critical/high severity flows is also a very encouraging sign. The plugin's vulnerability history indicates one previously disclosed medium severity vulnerability, which is now patched, suggesting a proactive approach to security fixes. Overall, this version appears robust.

Key Concerns

  • One medium severity CVE in history
  • One file operation found
  • One external HTTP request found
  • Bundled library (Select2)
Vulnerabilities
1 published

Lightweight Sidebar Manager Security Vulnerabilities

CVEs by Year

1 CVE in 2020
2020
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2020-36747medium · 4.3Cross-Site Request Forgery (CSRF)

Lightweight Sidebar Manager <= 1.1.4 - Cross-Site Request Forgery Bypass

Sep 16, 2020 Patched in 1.1.5 (1224d)
Version History

Lightweight Sidebar Manager Release Timeline

v2.0.0Current
v1.1.9
v1.1.8
v1.1.7
v1.1.6
v1.1.5
v1.1.41 CVE
CVE-2020-36747
v1.1.31 CVE
CVE-2020-36747
v1.1.21 CVE
CVE-2020-36747
v1.1.11 CVE
CVE-2020-36747
v1.1.01 CVE
CVE-2020-36747
v1.0.21 CVE
CVE-2020-36747
v1.0.11 CVE
CVE-2020-36747
v1.0.01 CVE
CVE-2020-36747
Code Analysis
Analyzed Mar 16, 2026

Lightweight Sidebar Manager Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
3 prepared
Unescaped Output
3
38 escaped
Nonce Checks
3
Capability Checks
4
File Operations
1
External Requests
1
Bundled Libraries
1

Bundled Libraries

Select2

SQL Query Safety

75% prepared4 total queries

Output Escaping

93% escaped41 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

1 flows
<class-bsf-sb-metabox> (classes\class-bsf-sb-metabox.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Lightweight Sidebar Manager Attack Surface

Entry Points1
Unprotected0

AJAX Handlers 1

authwp_ajax_bsf_sb_get_posts_by_queryclasses\modules\target-rule\class-bsf-sb-target-rules-fields.php:94
WordPress Hooks 25
actioninitadmin\bsf-analytics\class-bsf-analytics-loader.php:68
actionadmin_initadmin\bsf-analytics\class-bsf-analytics.php:55
actionadmin_noticesadmin\bsf-analytics\class-bsf-analytics.php:56
actioninitadmin\bsf-analytics\class-bsf-analytics.php:57
actionadmin_initadmin\bsf-analytics\class-bsf-analytics.php:61
actionplugins_loadedclasses\class-bsf-sb-loader.php:40
filterenter_title_hereclasses\class-bsf-sb-metabox.php:39
actionadmin_menuclasses\class-bsf-sb-metabox.php:42
actionsave_postclasses\class-bsf-sb-metabox.php:45
actioninitclasses\class-bsf-sb-post-type.php:48
actionadmin_menuclasses\class-bsf-sb-post-type.php:49
actionadmin_headclasses\class-bsf-sb-post-type.php:50
actionmanage_bsf-sidebar_posts_custom_columnclasses\class-bsf-sb-post-type.php:53
filtermanage_bsf-sidebar_posts_columnsclasses\class-bsf-sb-post-type.php:55
actionwidgets_initclasses\class-bsf-sb-sidebar.php:56
actionget_headerclasses\class-bsf-sb-sidebar.php:59
filtersidebars_widgetsclasses\class-bsf-sb-sidebar.php:100
filterall_pluginsclasses\class-bsf-sb-white-label.php:56
filterastra_addon_branding_optionsclasses\class-bsf-sb-white-label.php:57
actionastra_pro_white_label_add_formclasses\class-bsf-sb-white-label.php:58
filterplugin_row_metaclasses\class-bsf-sb-white-label.php:62
actionadmin_action_editclasses\modules\target-rule\class-bsf-sb-target-rules-fields.php:92
actionadmin_enqueue_scriptsclasses\modules\target-rule\class-bsf-sb-target-rules-fields.php:93
filterposts_searchclasses\modules\target-rule\class-bsf-sb-target-rules-fields.php:347
actionadmin_noticesclasses\modules\target-rule\class-bsf-sb-target-rules-fields.php:1396
Maintenance & Trust

Lightweight Sidebar Manager Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 1, 2025
PHP min version
Downloads1.1M

Community Trust

Rating84/100
Number of ratings21
Active installs90K
Alternatives

Lightweight Sidebar Manager Alternatives

Custom Sidebars – Dynamic Sidebar Classic Widget Area Manager

Custom Sidebars – Dynamic Sidebar Classic Widget Area Manager

custom-sidebars

A
98

Flexible sidebars for custom classic widget configurations on any page or post. Create custom sidebars with ease!

100K 3 CVEs
Content Aware Sidebars – Fastest Widget Area Plugin

Content Aware Sidebars – Fastest Widget Area Plugin

content-aware-sidebars

A
99

Display new sidebars on any post, page, category etc. Works with Classic Widgets, Block Widgets, and all themes!

30K 1 CVE
Simple Page Sidebars

Simple Page Sidebars

simple-page-sidebars

A
92

Easily assign custom, widget-enabled sidebars to any page.

20K No CVEs
Widgetize Pages Light

Widgetize Pages Light

widgetize-pages-light

D
30

Drop widgets in page or post content area. Widgetized pages. Build your custom Responsive page layout in no time. No coding, easy and fun!

3K 3 unpatched
Custom Sidebars by ProteusThemes

Custom Sidebars by ProteusThemes

custom-sidebars-by-proteusthemes

C
63

Allows you to create custom sidebars. Replace sidebars for specific posts and pages.

1K 1 unpatched
Developer Profile

Lightweight Sidebar Manager Developer Profile

Brainstorm Force

34 plugins · 8.8M total installs

78
trust score
Avg Security Score
98/100
Avg Patch Time
185 days
View full developer profile
Detection Fingerprints

How We Detect Lightweight Sidebar Manager

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/sidebar-manager/admin/bsf-analytics/assets/css/minified/style.min.css
Version Parameters
sidebar-manager/style.css?ver=sidebar-manager/script.js?ver=

HTML / DOM Fingerprints

CSS Classes
branding-formast-white-label-branding-wrapbsf-analytics-optin-notice
Data Attributes
name="ast_white_label[bsf-lw-sb][name]"name="ast_white_label[bsf-lw-sb][description]"data-bsf-analytics-optindata-bsf-analytics-optoutdata-bsf-analytics-nonce
JS Globals
bsf_analytics_paramsBSF_Analytics_Loader
REST Endpoints
/wp-json/bsf-core/v1/analytics/
FAQ

Frequently Asked Questions about Lightweight Sidebar Manager