[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fEkbjiFlmWmsn_WG2q3EQuMA6SoKUkkWS84O6rmjuleg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":36,"analysis":142,"fingerprints":223},"widget-posts-by-category","Posts By Category Widget","1.0.4","volfro","https:\u002F\u002Fprofiles.wordpress.org\u002Fvolfro\u002F","\u003Cp>This widget displays posts in the category, order, and quantity of your choosing. It supports custom templates!\u003C\u002Fp>\n\u003Cp>After installation, drag-and-drop the new “Category Widget” to a widget area, choose the categories you wish to display, and tell it the order and quantity in which you wish to display them.\u003C\u002Fp>\n\u003Ch3>Templates\u003C\u002Fh3>\n\u003Cp>The default template is just plain-ol’ HTML5, without any CSS; it’s meant to fit right into any theme without modification.\u003C\u002Fp>\n\u003Cp>However, if you’re a theme developer and you wish to use custom markup or WP functions inside your template, here’s how to customize it:\u003C\u002Fp>\n\u003Col>\n\u003Cli>In the root of your theme’s directory, create a new file called \u003Ccode>catswidget.php\u003C\u002Fcode> (or copy \u003Ccode>template.php\u003C\u002Fcode> from \u003Ccode>posts-by-cat-widget\u002Fviews\u003C\u002Fcode> to your theme’s root, and rename it \u003Ccode>catswidget.php\u003C\u002Fcode>, if you’d rather use the default as a starting point).\u003C\u002Fli>\n\u003Cli>Craft your loop. Just make sure you use the \u003Ccode>$posts\u003C\u002Fcode> variable, like this:\u003Ccode>if ( $posts -> have_posts() ) :\u003Cbr \u002F>\n        while ( $posts -> have_posts() ) :\u003Cbr \u002F>\n            $posts -> the_post(); ?>\u003Cbr \u002F>\n            \u002F\u002F Your markup here\u003Cbr \u002F>\n        endwhile;\u003Cbr \u002F>\n    endif;\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>The widget is just a simple custom loop, so you’ll have access to whatever data WP_Query has access to inside the loop.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>TODO\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Perhaps we could use it to query custom post types\u002Ftaxonomies, not just Posts\u003C\u002Fli>\n\u003Cli>Add hooks\u002Ffilters\u003C\u002Fli>\n\u003Cli>Add ability to extend admin\u003C\u002Fli>\n\u003C\u002Ful>\n","A simple, themeable widget which displays posts in the category, order, and quantity of your choosing.",80,5504,100,2,"2013-12-17T00:10:00.000Z","3.7.41","3.7","",[20,21,22,23],"category","posts","themeable","widget","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwidget-posts-by-category\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-posts-by-category.1.0.4.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},1,30,84,"2026-04-04T14:40:55.034Z",[37,62,82,102,123],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":59,"download_link":60,"security_score":13,"vuln_count":32,"unpatched_count":27,"last_vuln_date":61,"fetched_at":29},"wp-categories-widget","WP Categories Widget","2.8.1","WP-EXPERTS.IN","https:\u002F\u002Fprofiles.wordpress.org\u002Findia-web-developer\u002F","\u003Cp>The “WP Categories Widget” is a simple plugin to display the list of categories for any taxonomies type (WooCommerce Product Category, Blog Category, Project Category…etc) on your wordpress website. Using WP Categries Widget you can display list of categories anywhere on your website. And also you can disable the widget block editor and enable the classic widget layut to edit the sidebar.\u003C\u002Fp>\n\u003Cp>Note : please don’t forget to leave your valuable feedback and suggestions.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Send your query to \u003Ca href=\"mailto:info@wp-experts.in\" rel=\"nofollow ugc\">AUTHOR\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Video Tutorial :\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FpbsnErpu_8U?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>`Features`\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Disable Widget Block Editor \u003C\u002Fli>\n\u003Cli>Display Categories Post Count \u003C\u002Fli>\n\u003Cli>Hide Child Categories\u003C\u002Fli>\n\u003Cli>Hide Widget Title\u003C\u002Fli>\n\u003Cli>Show Categories for Any Taxonomies Type\u003C\u002Fli>\n\u003Cli>Exclude\u002FInclude Categories\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Addon Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Display Category as Drop Down\u003C\u002Fli>\n\u003Cli>Display Category Posts\u003C\u002Fli>\n\u003Cli>Manage WP Widget Style (Background Color, Text Color, Border Style & Color)\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Add Custom CSS for every Widget\u003C\u002Fp>\n\u003Ch3>\u003Ca href=\"https:\u002F\u002Fwww.wp-experts.in\u002Fproducts\u002Fwp-categories-widget-addon\u002F?utm_source=wordpress.org&utm_medium=free-plugin&utm_campaign=wcw-paid\" rel=\"nofollow ugc\">Downalod Add-on\u003C\u002Fa>.\u003C\u002Fh3>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Display the list of categories for any taxonomies type (WooCommerce Product Category, Blog Category, Project Category...etc) in sidebar",7000,116450,90,27,"2026-02-16T14:20:00.000Z","6.9.4","6.0","8.0",[54,55,56,57,58],"category-widget","custom-widget","posts-widget","product-categories-widget","taxonomy-widget","https:\u002F\u002Fwww.wp-experts.in\u002Fproducts\u002Fwp-categories-widget-addon\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-categories-widget.zip","2023-08-10 00:00:00",{"slug":63,"name":64,"version":65,"author":66,"author_profile":67,"description":68,"short_description":69,"active_installs":70,"downloaded":71,"rating":72,"num_ratings":73,"last_updated":74,"tested_up_to":75,"requires_at_least":76,"requires_php":18,"tags":77,"homepage":80,"download_link":81,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"latest-posts","Latest Posts","1.4.4","ShapedPlugin LLC","https:\u002F\u002Fprofiles.wordpress.org\u002Fshapedplugin\u002F","\u003Cp>Latest Posts is a very powerful widget plugin for WordPress which displays your most recent or latest posts, category based with thumbnails, date. This is perfect for simple blogs & online magazines. Widgets come with highly-customizable control panels. Easy to use and support multi-widget even in the same sidebar.\u003C\u002Fp>\n\u003Ch3>Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>100% Responsive & Mobile Ready\u003C\u002Fli>\n\u003Cli>Super Easy Installation\u003C\u002Fli>\n\u003Cli>Minimalist & Lightweight\u003C\u002Fli>\n\u003Cli>Easily Customizable\u003C\u002Fli>\n\u003Cli>All Major Browsers Supported\u003C\u002Fli>\n\u003Cli>Coded with Pure HTML & CSS\u003C\u002Fli>\n\u003C\u002Ful>\n","Latest posts widget to display recent posts from category.",5000,85359,92,7,"2024-01-25T13:33:00.000Z","6.4.8","4.0",[78,63,79,56,23],"category-posts","latest-posts-widget","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flatest-posts\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flatest-posts.zip",{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":90,"downloaded":91,"rating":92,"num_ratings":93,"last_updated":94,"tested_up_to":95,"requires_at_least":96,"requires_php":18,"tags":97,"homepage":18,"download_link":101,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"recent-posts-by-category-widget","Recent Posts by Category Widget","1.3","Ross Cornell","https:\u002F\u002Fprofiles.wordpress.org\u002Frossc\u002F","\u003Cp>This plugin adds a simple widget that allows you to display a number of recent blog posts from a specific category. You have the options to choose a title, category, number of posts and whether or not to show the post date. The posts will be ordered by date just like the default Recent Posts widget included with WordPress.\u003C\u002Fp>\n","Just like the default Recent Posts widget except you can choose a category to pull posts from.",4000,33251,94,12,"2017-11-28T16:45:00.000Z","4.2.39","3.0.1",[98,20,99,100,23],"categories","recent-posts","sidebar","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frecent-posts-by-category-widget.zip",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":112,"num_ratings":113,"last_updated":114,"tested_up_to":115,"requires_at_least":116,"requires_php":18,"tags":117,"homepage":121,"download_link":122,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"tw-recent-posts-widget","TW Recent Posts Widget","1.0.5","tweetysha","https:\u002F\u002Fprofiles.wordpress.org\u002Ftweetysha\u002F","\u003Cp>TW Recent Posts Widget is advanced version of the WordPress Recent Posts widget allowing increased customization to display recent posts from category you define.\u003C\u002Fp>\n\u003Cp>Output will depend on your settings, and you may define to set post title, post date, featured image and post excerpt.\u003C\u002Fp>\n\u003Cp>If you set to display featured image, than you will be able to define image width and height in px.\u003C\u002Fp>\n\u003Cp>If you set to display excerpt, than you will be able to define how many characters to print and also you may add custom \u003Ccode>read more\u003C\u002Fcode> text.\u003C\u002Fp>\n","A simple and flexible widget for WordPress which will show recent posts from selected category allowing increased customization to display recent post &hellip;",1000,69153,88,15,"2017-11-28T16:18:00.000Z","4.4.34","3.0",[118,119,20,99,120],"advanced-recent-posts","advanced-recent-posts-widget","recent-posts-widget","http:\u002F\u002Fvuckovic.biz\u002Fwordpress-plugins\u002Ftw-recent-posts-widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftw-recent-posts-widget.zip",{"slug":124,"name":125,"version":126,"author":66,"author_profile":67,"description":127,"short_description":128,"active_installs":110,"downloaded":129,"rating":130,"num_ratings":131,"last_updated":132,"tested_up_to":133,"requires_at_least":134,"requires_php":18,"tags":135,"homepage":138,"download_link":139,"security_score":140,"vuln_count":32,"unpatched_count":27,"last_vuln_date":141,"fetched_at":29},"widget-post-slider","Widget Post Slider","1.3.6","\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F5uf55sLb4V0?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>If you want to add a widget to show posts images with caption in a carousel\u002Fslider Widget Post Slider is for you. This plugin brings all the post images with the title from blog posts. You can show limited slider too. It It’s light weight and simple install activate plugin. It’s user option is so simple to use. It loads very fast. It’s fully responsive that adapts to any device like tablet and mobile. You don’t need to add any extra jQuery or css, just install and active\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Plugin Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Slider on Widget\u003C\u002Fli>\n\u003Cli>Unlimited post slider\u003C\u002Fli>\n\u003Cli>Limiting slider with option\u003C\u002Fli>\n\u003Cli>Fully Responsive\u003C\u002Fli>\n\u003C\u002Ful>\n","Widget Post Slider to display posts image in a slider from category.",62292,86,6,"2024-04-10T12:07:00.000Z","6.5.8","4.3",[136,137,56,23,124],"category-posts-slider","latest-posts-widget-slider","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwidget-post-slider\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-post-slider.zip",91,"2024-04-22 00:00:00",{"attackSurface":143,"codeSignals":159,"taintFlows":206,"riskAssessment":207,"analyzedAt":222},{"hooks":144,"ajaxHandlers":155,"restRoutes":156,"shortcodes":157,"cronEvents":158,"entryPointCount":27,"unprotectedCount":27},[145,151],{"type":146,"name":147,"callback":148,"file":149,"line":150},"action","init","posts_by_cat_widget_textdomain","catswidget.php",26,{"type":146,"name":152,"callback":153,"file":149,"line":154},"widgets_init","anonymous",273,[],[],[],[],{"dangerousFunctions":160,"sqlUsage":171,"outputEscaping":173,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":205},[161,165,168],{"fn":162,"file":149,"line":163,"context":164},"unserialize",60,"$post_category\t= unserialize($instance['post_category']);",{"fn":162,"file":149,"line":166,"context":167},151,"$selected_cats\t= ($instance['post_category'] != '') ? unserialize($instance['post_category']) : FALS",{"fn":169,"file":149,"line":154,"context":170},"create_function","add_action( 'widgets_init', create_function( '', 'register_widget(\"Cats_Loop_Widget\");' ) );",{"prepared":27,"raw":27,"locations":172},[],{"escaped":174,"rawEcho":175,"locations":176},13,16,[177,180,182,184,186,188,191,192,193,194,195,197,199,201,202,204],{"file":149,"line":178,"context":179},55,"raw output",{"file":149,"line":181,"context":179},89,{"file":149,"line":183,"context":179},101,{"file":149,"line":185,"context":179},209,{"file":149,"line":187,"context":179},212,{"file":189,"line":190,"context":179},"views\\admin.php",8,{"file":189,"line":190,"context":179},{"file":189,"line":93,"context":179},{"file":189,"line":174,"context":179},{"file":189,"line":174,"context":179},{"file":189,"line":196,"context":179},19,{"file":189,"line":198,"context":179},20,{"file":189,"line":200,"context":179},37,{"file":189,"line":200,"context":179},{"file":189,"line":203,"context":179},46,{"file":189,"line":203,"context":179},[],[],{"summary":208,"deductions":209},"The \"widget-posts-by-category\" plugin, version 1.0.4, presents a mixed security picture. On the positive side, it demonstrates good practices by not exposing any AJAX handlers, REST API routes, shortcodes, or cron events without proper authentication or permission checks, resulting in a zero attack surface. Furthermore, all its SQL queries are handled using prepared statements, and it avoids file operations and external HTTP requests. The absence of known vulnerabilities in its history is also a strong positive indicator.\n\nHowever, the static analysis reveals significant concerns. The presence of dangerous functions like `unserialize` and `create_function` is a major red flag. `unserialize` can lead to remote code execution if untrusted data is unserialized, and `create_function` is deprecated and can also be a security risk due to its ability to execute arbitrary code. The low percentage of properly escaped output (45%) is another critical weakness, suggesting a high likelihood of cross-site scripting (XSS) vulnerabilities, especially when combined with the lack of nonce checks and capability checks. The absence of taint analysis results could be misleading if the complex interactions of these dangerous functions were not fully captured.\n\nIn conclusion, while the plugin has a clean vulnerability history and a contained attack surface, the identified dangerous functions and significant output escaping deficiencies pose substantial risks. The potential for RCE via `unserialize` and XSS vulnerabilities due to unescaped output are serious concerns that overshadow its positive attributes. Users should exercise extreme caution until these issues are addressed.",[210,212,215,217,220],{"reason":211,"points":113},"Presence of dangerous function: unserialize",{"reason":213,"points":214},"Presence of dangerous function: create_function",10,{"reason":216,"points":190},"Low output escaping percentage (45%)",{"reason":218,"points":219},"Missing nonce checks",5,{"reason":221,"points":219},"Missing capability checks","2026-03-16T21:24:53.620Z",{"wat":224,"direct":231},{"assetPaths":225,"generatorPatterns":228,"scriptPaths":229,"versionParams":230},[226,227],"\u002Fwp-content\u002Fplugins\u002Fwidget-posts-by-category\u002Fviews\u002Fadmin.php","\u002Fwp-content\u002Fplugins\u002Fwidget-posts-by-category\u002Fviews\u002Ftemplate.php",[],[],[],{"cssClasses":232,"htmlComments":234,"htmlAttributes":235,"restEndpoints":237,"jsGlobals":238,"shortcodeOutput":239},[233],"cats-loop-widget",[],[236],"id=\"category--1\"",[],[],[]]