WP-Safety

Widgets Bundle Security & Risk Analysis

wordpress.org/plugins/widgets-bundle

The Widgets Bundle plugin allows you to add powerful collection of beautifully crafted widgets to your website.

20 active installs v2.0.5 PHP 5.6+ WP 4.8+ Updated Apr 9, 2020
widgetswordpress-widgetswp-widgetswp-widgets-plugin
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Widgets Bundle Safe to Use in 2026?

Generally Safe

Score 85/100

Widgets Bundle has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago
Risk Assessment

The static analysis of widgets-bundle v2.0.5 reveals a generally strong security posture. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the plugin's attack surface. The code signals also indicate good development practices, with 100% of SQL queries using prepared statements and a high percentage of outputs being properly escaped. The presence of nonce and capability checks further reinforces secure coding. The plugin's vulnerability history is clean, with no recorded CVEs, which suggests a commitment to security or a lack of previously discovered vulnerabilities.

However, the single external HTTP request warrants a minor concern. While not inherently a vulnerability, it represents a potential point of failure or a vector for dependency confusion if not handled securely. The taint analysis showing zero flows, while positive, could be a result of the limited attack surface or simply not enough complex flows to trigger the analysis. A deeper dive into the external HTTP request would be beneficial to confirm its security.

Overall, widgets-bundle v2.0.5 appears to be a well-secured plugin. The strengths in secure coding practices and lack of historical vulnerabilities far outweigh the minor concern of an external HTTP request. This suggests that the plugin is developed with security in mind, making it a relatively safe choice. Further investigation into the nature of the external HTTP request is recommended for complete peace of mind.

Key Concerns

  • External HTTP request present
Vulnerabilities
None known

Widgets Bundle Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Widgets Bundle Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
51
511 escaped
Nonce Checks
1
Capability Checks
1
File Operations
0
External Requests
1
Bundled Libraries
0

Output Escaping

91% escaped562 total outputs
Attack Surface

Widgets Bundle Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 8
actionadmin_menuinc\class-admin.php:24
actionadmin_enqueue_scriptsinc\class-admin.php:25
filterplugin_row_metainc\class-admin.php:29
actionadmin_enqueue_scriptsinc\class-admin.php:79
actionwp_enqueue_scriptsinc\class-front.php:24
actionplugins_loadedwidgets-bundle.php:37
actionplugins_loadedwidgets-bundle.php:38
actionwidgets_initwidgets-bundle.php:52
Maintenance & Trust

Widgets Bundle Maintenance & Trust

Maintenance Signals

WordPress version tested5.4.19
Last updatedApr 9, 2020
PHP min version5.6
Downloads4K

Community Trust

Rating0/100
Number of ratings0
Active installs20
Alternatives

Widgets Bundle Alternatives

WPB Widgets Accordion for WooCommerce

WPB Widgets Accordion for WooCommerce

wpb-woocommerce-widgets-accordion

A
100

WPB Widgets Accordion for WooCommerce will allow you to show your widgets in an accordion.

70 No CVEs
Nebula Forge Addons for Elementor

Nebula Forge Addons for Elementor

nebula-forge-addons-for-elementor

A
100

22 free Elementor widgets and 4 professional-grade extensions for heroes, pricing, FAQs, forms, and more. No Elementor Pro required.

0 No CVEs
WP Widget Styler

WP Widget Styler

wp-widget-styler

A
85

Power-up your WordPress widgets using these awesome styler configurations.

0 No CVEs
Classic Widgets

Classic Widgets

classic-widgets

A
100

Enables the previous "classic" widgets settings screens in Appearance - Widgets and the Customizer. Disables the block editor from managing widgets.

2.0M No CVEs
ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor

ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor

elementskit-lite

A
89

Join millions who empower their websites with ElementsKit Elementor Addons. Get templates, & 100+ widgets like header-footer, mega menu, custom widget

2.0M 21 CVEs
Developer Profile

Widgets Bundle Developer Profile

Akshit Sethi

3 plugins · 40 total installs

87
trust score
Avg Security Score
90/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Widgets Bundle

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/widgets-bundle/assets/css/widgets-bundle.css/wp-content/plugins/widgets-bundle/assets/js/widgets-bundle.js/wp-content/plugins/widgets-bundle/assets/js/widgets-bundle-admin.js
Script Paths
/wp-content/plugins/widgets-bundle/assets/js/widgets-bundle.js/wp-content/plugins/widgets-bundle/assets/js/widgets-bundle-admin.js
Version Parameters
widgets-bundle/assets/css/widgets-bundle.css?ver=widgets-bundle/assets/js/widgets-bundle.js?ver=widgets-bundle/assets/js/widgets-bundle-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
as-wb-adsas-wb-ads--imageas-wb-uploadas-wb-previewas-wb-appendwp-block-widgets-bundle-testimonialwp-block-widgets-bundle-testimonial__contentwp-block-widgets-bundle-testimonial__author+4 more
HTML Comments
<!-- .as-wb-ads--image --><!-- .as-wb-ads --><!-- .wp-block-widgets-bundle-testimonial --><!-- .wp-block-widgets-bundle-testimonial__content -->+5 more
Data Attributes
data-widget-type="ads"data-widget-type="testimonial"data-widget-type="facebook-page-plugin"
JS Globals
widgetsBundleAdminwindow.widgetsBundleAdmin
REST Endpoints
/wp-json/widgets-bundle/v1/settings
FAQ

Frequently Asked Questions about Widgets Bundle