Does Spectacu.la Page Widget have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Spectacu.la Page Widget compatible with WordPress 3.0.5?

According to WordPress.org data, Spectacu.la Page Widget 1.0.7 has been tested up to WordPress 3.0.5. Check the plugin's changelog for the latest compatibility information.

How often is Spectacu.la Page Widget updated?

Spectacu.la Page Widget was last updated on Jun 21, 2010. Frequent updates are generally a positive security signal.

What is Spectacu.la Page Widget's security score?

Spectacu.la Page Widget has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Spectacu.la Page Widget Security & Risk Analysis

wordpress.org/plugins/spectacula-page-widget

Widget that lets you output the content of a page in any place that'll accept a widget and allows you to hide said page from navigation (wp_list_ …

80 active installs v1.0.7 PHP + WP 2.8.0+ Updated Jun 21, 2010

pagesidebarwidget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Spectacu.la Page Widget Safe to Use in 2026?

Generally Safe

Score 85/100

Spectacu.la Page Widget has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 15yr ago

Risk Assessment

The "spectacula-page-widget" plugin, in version 1.0.7, exhibits a mixed security posture. On one hand, it demonstrates several good security practices, including 100% of its SQL queries using prepared statements and no recorded vulnerability history, suggesting a generally stable and well-maintained codebase. The absence of external HTTP requests and file operations further reduces potential attack vectors. However, significant concerns arise from the static analysis. The presence of two instances of the `create_function` dangerous function is a critical red flag, as this function is deprecated and known to be a potential source of security vulnerabilities, particularly for code injection. Furthermore, a strikingly low percentage of output escaping (18%) indicates a high likelihood of cross-site scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into pages rendered by the plugin.

Key Concerns

Dangerous function 'create_function' used
Low percentage of properly escaped output
No nonce checks on entry points
No capability checks on entry points

Vulnerabilities

None known

Spectacu.la Page Widget Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Spectacu.la Page Widget Release Timeline

v1.0.7Current

v1.0.6

v1.0.5

v1.0.4

v1.0.3

v1.0.2

v1.0.1

v1.0.0

Code Analysis

Analyzed Mar 16, 2026

Spectacu.la Page Widget Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

9 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

create_function$this->page_ids = array_map(create_function('$a', 'return $a->ID;'), $this->pages);spec-page-widget.php:50

create_functionadd_action('widgets_init', create_function('', 'return register_widget("spec_page_widget");'));spec-page-widget.php:273

Output Escaping

18% escaped49 total outputs

Attack Surface

Spectacu.la Page Widget Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 2

filterwp_list_pages_excludesspec-page-widget.php:53

actionwidgets_initspec-page-widget.php:273

Maintenance & Trust

Spectacu.la Page Widget Maintenance & Trust

Maintenance Signals

WordPress version tested3.0.5

Last updatedJun 21, 2010

PHP min version

Downloads9K

Community Trust

Rating0/100

Number of ratings0

Active installs80

Alternatives

Spectacu.la Page Widget Alternatives

Widgets on Pages

widgets-on-pages

The easiest and highest rated way to Add Widgets or Sidebars to Posts and Pages using Visual editor, shortcodes or template tags.

20K 1 CVE

Disable Author Pages

disable-author-pages

Disable the author pages

6K No CVEs

Feature A Page Widget

feature-a-page-widget

A widget to display an attractive summary of any page in any widget area.

3K No CVEs

Widgetize Pages Light

widgetize-pages-light

Drop widgets in page or post content area. Widgetized pages. Build your custom Responsive page layout in no time. No coding, easy and fun!

3K 3 unpatched

Per Page Sidebars

per-page-sidebars

The Per Page Sidebars (PPS) plugin allows blog administrators to create a unique sidebar for each Page. No template editing is required.

1K No CVEs

Developer Profile

Spectacu.la Page Widget Developer Profile

Spectacula

3 plugins · 160 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Spectacu.la Page Widget

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/spectacula-page-widget/css/widget.css/wp-content/plugins/spectacula-page-widget/js/widget.js

Script Paths

/wp-content/plugins/spectacula-page-widget/js/widget.js

HTML / DOM Fingerprints

CSS Classes

spec_page_widget

Data Attributes

data-id

JS Globals

f

FAQ