[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fS4zr_QkFmTjbe5u3stYLEcwqiCUX5fGUpIUfVFX5ZCk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":49,"crawl_stats":38,"alternatives":55,"analysis":146,"fingerprints":310},"widgets-on-pages","Widgets on Pages","1.9.0","toddhalfpenny","https:\u002F\u002Fprofiles.wordpress.org\u002Ftoddhalfpenny\u002F","\u003Cp>The easiest, and highest rated way to Add Widgets to Posts and\u002For Pages. Create unlimited dynamic sidebars (widget areas) and insert these into a WordPress post or page.\u003C\u002Fp>\n\u003Cp>Create as many widget areas (Turbo Sidebars) from the settings menu, and these can be used multiple times.\u003C\u002Fp>\n\u003Cp>Each sidebar can be called independently by a shortcode, and you can call more than one per post\u002Fpage.\u003C\u002Fp>\n\u003Cp>Sidebars can be included in the post\u002Fpage by using a shortcode like the following, where \u003Ccode>x\u003C\u002Fcode> is the name of the sidebar.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[widgets_on_pages id=x]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cblockquote>\n\u003Cp>With the \u003Ca href=\"https:\u002F\u002Fdatamad.co.uk\u002Fwordpress-plugins\u002Fwidgets-on-pages\u002F\" rel=\"nofollow ugc\">PRO\u003C\u002Fa> version the widgets can be inserted simply with clicks-not-code using a wizard in the visual editor. This version also includes layout options to easily set the widgets in columns\u002Fgrid presentation.\u003C\u002Fp>\n\u003Cp>Pro version also supports the configurable option to automatically add widgets to all your posts and\u002For pages. Choose the layout options and whether to add the sidebar and widgets before or after the content. Ideal for adding lists of related posts to the end of every post. Each post and page can also be individually excluded from the auto-inclsion of the widgets.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fdatamad.co.uk\u002Fwordpress-plugins\u002Fwidgets-on-pages\u002F\" rel=\"nofollow ugc\">Pro version\u003C\u002Fa> key features\u003Cbr \u002F>\n  * Responsive Horizontal\u002FColumn\u002FGrid layout\u003Cbr \u002F>\n  * Auto insert in Header, Content, or Footer\u003Cbr \u002F>\n  * Priority Support\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>Basic In-Content Instructions\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create a Turbo Sidebar, these are your special widget containers\u003C\u002Fli>\n\u003Cli>Add widgets to the Turbo Sidebar in the same way as you do for normal sidebars\u003C\u002Fli>\n\u003Cli>If using the visual editor use the Add Turbo Sidebar button to add the Shortcode into your post or page where you’d like it to appear.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The sidebars can also be added to any theme, using template tags. This is an ace way to add widgets\u002Fsidebars to a theme’s header and footer (or any other part of a theme).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Demo Video\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fw2LfCihCqRI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Current Features Include\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Highest Rating – 122 5* Reviews\u003C\u002Fli>\n\u003Cli>No Coding needed\u003C\u002Fli>\n\u003Cli>Create unlimited sidebars\u003C\u002Fli>\n\u003Cli>Place them in posts\u002Fpages\u002Fcustom post types\u003C\u002Fli>\n\u003Cli>Add to themes using template tags\u003C\u002Fli>\n\u003Cli>Works with ALL widgets and themes (let us know if you have an issue)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Recent Reviews\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>∗ ∗ ∗ ∗ ∗\u003C\u002Fstrong>  Just purchased PRO version and well worth the money. – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fextremely-useful-plugin-19\u002F\" rel=\"ugc\">@artmuns\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>∗ ∗ ∗ ∗ ∗\u003C\u002Fstrong> Works as advertised + timely response to support request – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fworks-as-advertised-timely-response-to-support-request\u002F\" rel=\"ugc\">@3cstudio\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>∗ ∗ ∗ ∗ ∗\u003C\u002Fstrong> Saving me HOURS of work – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fsaving-me-hours-of-work\u002F\" rel=\"ugc\">@andynick\u003C\u002Fa>\u003C\u002Fp>\n","The easiest and highest rated way to Add Widgets or Sidebars to Posts and Pages using Visual editor,  shortcodes or template tags.",20000,670202,94,161,"2024-11-13T11:11:00.000Z","6.7.0","2.8","",[20,21,22,23,24],"pages","sidebar","widgets","widgets-in-page","widgets-in-post","https:\u002F\u002Fdatamad.co.uk\u002Fwordpress-plugins\u002Fwidgets-on-pages\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidgets-on-pages.zip",92,1,0,"2023-01-17 00:00:00","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2022-4488","widgets-on-pages-authenticated-contributor-stored-cross-site-scripting","Widgets on Pages \u003C= 1.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting","The Widgets on Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page",null,"\u003C=1.6.0","1.7.0","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-01-22 19:56:02",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F57be3e10-6920-4ad8-b9cf-cf5a703ca373?source=api-prod",371,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":50,"total_installs":51,"avg_security_score":52,"avg_patch_time_days":48,"trust_score":53,"computed_at":54},9,20590,89,71,"2026-04-03T21:30:13.599Z",[56,78,97,114,130],{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":66,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":59,"requires_php":18,"tags":70,"homepage":73,"download_link":74,"security_score":75,"vuln_count":76,"unpatched_count":76,"last_vuln_date":77,"fetched_at":31},"widgetize-pages-light","Widgetize Pages Light","3.0","OTWthemes","https:\u002F\u002Fprofiles.wordpress.org\u002Fotwthemes\u002F","\u003Cp>Widgetized pages in WordPress are very powerful tool. Have you ever wanted to drag and drop a widget in a page content area, but the only widgetized sections of your theme are usually sidebars and footers?\u003C\u002Fp>\n\u003Cp>Check on the Widgetize Pages Light:  \u003Ca href=\"http:\u002F\u002Fotwthemes.com\u002Fdemos\u002F1ts\u002F?item=Widgetize%20Pages%20Light&utm_source=wp.org&utm_medium=page&utm_content=demo&utm_campaign=wpl\" rel=\"nofollow ugc\">Demo site\u003C\u002Fa> | \u003Ca href=\"http:\u002F\u002Fotwthemes.com\u002Fonline-documentation-widgetize-pages-light\u002F?utm_source=wp.org&utm_medium=page&utm_content=docs&utm_campaign=wpl\" rel=\"nofollow ugc\">Documentation page\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>You can now easily widgetize a page and drop widgets in page or post content area or any template file. Adding widgets on pages is a very flexible way to build your own unique page layout. This is very easy and fun to do and requires no coding knowledge at all.\u003C\u002Fp>\n\u003Cp>Use the new OTW Grid Manager Light component to build your custom Responsive layout in no time. It is all done in a nice and easy interface. Add some rows and columns in the rows. Insert the sidebars in the columns.\u003C\u002Fp>\n\u003Cp>You can use as many widget areas (sidebars) in as many pages\u002Fposts as you need. Creating sidebars(widget areas) is unlimited.\u003C\u002Fp>\n\u003Cp>The plugin has very easy and intuitive administration area designed to fit into the core WordPress design. Check out the screenshots section or just download it and try it out.\u003C\u002Fp>\n\u003Cp>Upgrade to the full version of \u003Ca href=\"http:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fsidebar-widget-manager-for-wordpress\u002F2287447?ref=OTWthemes&utm_source=wp.org&utm_medium=page&utm_content=upgrade&utm_campaign=wpl\" rel=\"nofollow ugc\">Sidebar and Widget Manager\u003C\u002Fa> |\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fotwthemes.com\u002Fdemos\u002F1ts\u002F?item=Sidebar%20Widget%20Manager&utm_source=wp.org&utm_medium=page&utm_content=upgrade&utm_campaign=wpl\" rel=\"nofollow ugc\">Demo site\u003C\u002Fa> | \u003Ca href=\"http:\u002F\u002Fotwthemes.com\u002Fwidgetizing-pages-in-wordpress-can-be-even-easier-and-faster?utm_source=wp.org&utm_medium=page&utm_content=site&utm_campaign=wpl\" rel=\"nofollow ugc\">Create responsive layouts in minutes, drag & drop interface, feature rich\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>How Widgetize Pages Light works:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create a custom sidebar(widget area)\u003C\u002Fli>\n\u003Cli>Insert the sidebar shortcode in the page editor wherever in the content you need it – either use the Insert Sidebar Shortcode button in the editor or copy\u002Fpaste the sidebar shortcode.\u003C\u002Fli>\n\u003Cli>Go to your widgets section (Appearance -> Widgets) and drop some widgets in your new sidebar.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Advanced users:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Add any sidebar created with this plugin in any part of your wordpress site. To do that use the shortcode of the sidebar you want to add and the do_shortcode WordPress function in any of the template files of your theme.\u003C\u002Fli>\n\u003C\u002Ful>\n","Drop widgets in page or post content area. Widgetized pages. Build your custom Responsive page layout in no time. No coding, easy and fun!",3000,258114,84,32,"2022-05-07T14:26:00.000Z","5.9.13",[71,21,72,22,23],"custom-sidebar","widgetize-page","http:\u002F\u002Fotwthemes.com\u002F?utm_source=wp.org&utm_medium=admin&utm_content=site&utm_campaign=wpl","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidgetize-pages-light.zip",30,3,"2025-09-05 00:00:00",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":18,"short_description":84,"active_installs":85,"downloaded":86,"rating":66,"num_ratings":87,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":18,"tags":91,"homepage":94,"download_link":95,"security_score":96,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"per-page-sidebars","Per Page Sidebars","2.0.3","Brian Layman","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrianlayman\u002F","The Per Page Sidebars (PPS) plugin allows blog administrators to create a unique sidebar for each Page. No template editing is required.",1000,67740,10,"2018-03-14T19:32:00.000Z","4.9.29","3.1",[20,92,93,22],"posts","sidebars","http:\u002F\u002FTheCodeCave.com\u002Fplugins\u002Fper-page-sidebars","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fper-page-sidebars.zip",85,{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":66,"num_ratings":107,"last_updated":108,"tested_up_to":109,"requires_at_least":110,"requires_php":18,"tags":111,"homepage":112,"download_link":113,"security_score":96,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"per-page-widgets","Per Page Widgets","0.0.7","Internet123","https:\u002F\u002Fprofiles.wordpress.org\u002Finternet123\u002F","\u003Cp>Control widget areas on a per-page \u002F per-post basis.\u003C\u002Fp>\n\u003Cp>Gives you the ability to show or hide individual widget areas on each page \u002F post as well as completely substituting the widgets shown in a specific widget area on a specific page or post.\u003C\u002Fp>\n\u003Ch3>Compatibility\u003C\u002Fh3>\n\u003Cp>The plugin has not been tested below version 3.3.\u003C\u002Fp>\n","Control widget areas on a per-page \u002F per-post basis.",300,16944,5,"2012-07-02T14:07:00.000Z","3.4.2","3.3",[20,92,93,22],"http:\u002F\u002Fwww.i123.dk\u002Fwordpress-plugin-per-page-widgets","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fper-page-widgets.0.0.7.zip",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":87,"downloaded":122,"rating":29,"num_ratings":29,"last_updated":18,"tested_up_to":123,"requires_at_least":124,"requires_php":18,"tags":125,"homepage":18,"download_link":127,"security_score":128,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":129},"galaxius-custom-sidebars","Galaxius Custom Sidebars","1.1","galaxiusmons","https:\u002F\u002Fprofiles.wordpress.org\u002Fgalaxiusmons\u002F","\u003Cp>This allows you to quickly create a unique sidebar for any post, page, category page or for all posts belonging to a category. You simply enter a name for the sidebar when you create or edit a post, page or category. Browse to Appearance -> Widgets, find your new sidebar and add some widgets to it.\u003C\u002Fp>\n","Allows quick creation of unique sidebars for posts, pages and categories.",1806,"3.6.1","3.5.1",[126,20,92,93,22],"custom","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgalaxius-custom-sidebars.1.1.zip",100,"2026-03-15T10:48:56.248Z",{"slug":131,"name":132,"version":133,"author":134,"author_profile":135,"description":136,"short_description":137,"active_installs":29,"downloaded":128,"rating":29,"num_ratings":29,"last_updated":138,"tested_up_to":139,"requires_at_least":140,"requires_php":141,"tags":142,"homepage":144,"download_link":145,"security_score":128,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"dynaside-sidebars-dinamicas-por-pagina","DynaSide – Sidebars Dinâmicas por Página","2.6.1","Rafael Oliveira","https:\u002F\u002Fprofiles.wordpress.org\u002Fcaoszone\u002F","\u003Cp>\u003Cstrong>DynaSide creates dynamic sidebars that adapt to each page\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>No more generic sidebar content.\u003Cbr \u002F>\nDynaSide (Dynamic Sidebars) gives you full control over widget areas, allowing you to create truly contextual sidebar experiences on a page-by-page basis.\u003C\u002Fp>\n\u003Ch4>Why choose DynaSide?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>🎯 \u003Cstrong>Precision:\u003C\u002Fstrong> Display relevant content tailored to each individual page\u003C\u002Fli>\n\u003Cli>🚀 \u003Cstrong>Simplicity:\u003C\u002Fstrong> Intuitive interface, no coding required\u003C\u002Fli>\n\u003Cli>🛡️ \u003Cstrong>Security:\u003C\u002Fstrong> Built following WordPress coding standards and best practices\u003C\u002Fli>\n\u003Cli>🔧 \u003Cstrong>Flexibility:\u003C\u002Fstrong> Create and manage unlimited sidebars\u003C\u002Fli>\n\u003Cli>📱 \u003Cstrong>Compatibility:\u003C\u002Fstrong> Works seamlessly with any properly built WordPress theme\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>DynaSide is ideal for websites that need to show different sidebar content depending on context — such as promotions on product pages, forms on contact pages, or contextual widgets in articles.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Bulk Creation:\u003C\u002Fstrong> Create multiple sidebars at once by separating names with commas.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Edit and Reorder:\u003C\u002Fstrong> Rename sidebars with a single click and reorder them easily using drag-and-drop.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Per-Page Assignment:\u003C\u002Fstrong> Assign a sidebar directly from the page editor via a dedicated sidebar panel.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bulk Page Assignment:\u003C\u002Fstrong> From the plugin panel, search and select multiple pages to associate them with a sidebar in one action.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Backup and Restore:\u003C\u002Fstrong> Export all sidebars and page assignments to a JSON file and import them on another site or as a backup.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Access Control:\u003C\u002Fstrong> Destructive actions such as “Reset” and “Delete Sidebar” are restricted to specific administrators only.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Safe and Reliable:\u003C\u002Fstrong> Uses nonces, sanitization, and proper capability checks.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fully Internationalized:\u003C\u002Fstrong> 100% translatable and available in English and Portuguese.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Getting Started\u003C\u002Fh3>\n\u003Ch4>Method 1: Page Editor (Fastest)\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Edit a page and locate the \u003Cstrong>“Dynamic Area”\u003C\u002Fstrong> panel in the editor sidebar.\u003C\u002Fli>\n\u003Cli>Select the sidebar you want to display on that page.\u003C\u002Fli>\n\u003Cli>Save or update the page.\u003C\u002Fli>\n\u003Cli>Done! If you need a new sidebar, the panel provides a direct link to the plugin management page.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Method 2: Plugin Management Panel\u003C\u002Fh4>\n\u003Cp>After activation, a new \u003Cstrong>“Sidebars”\u003C\u002Fstrong> menu will appear under \u003Cstrong>Appearance\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>Create Areas:\u003C\u002Fstrong> Enter one or more sidebar names separated by commas (e.g., “Contact Sidebar, News Sidebar”) and click “Create new area”.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Select Pages:\u003C\u002Fstrong> In the “Assign Pages” field, start typing a page title or slug and select it. Repeat as needed.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Assign:\u003C\u002Fstrong> Choose the desired sidebar from the dropdown and click “Assign Pages”.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Add Widgets:\u003C\u002Fstrong> Go to \u003Ccode>Appearance > Widgets\u003C\u002Fcode> or click the provided shortcut link to start adding widgets.\u003C\u002Fli>\n\u003C\u002Fol>\n","Create dynamic sidebars and assign widgets per page using an intuitive editor panel or a centralized management screen.","2026-01-15T14:16:00.000Z","6.9.4","6.0","7.4",[71,143,20,22],"dynamic-sidebar","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdynaside-sidebars-dinamicas-por-pagina\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdynaside-sidebars-dinamicas-por-pagina.2.6.1.zip",{"attackSurface":147,"codeSignals":247,"taintFlows":297,"riskAssessment":298,"analyzedAt":309},{"hooks":148,"ajaxHandlers":231,"restRoutes":240,"shortcodes":241,"cronEvents":246,"entryPointCount":76,"unprotectedCount":28},[149,155,160,164,168,171,175,179,183,187,190,194,198,203,206,208,210,213,215,220,224,228],{"type":150,"name":151,"callback":152,"priority":87,"file":153,"line":154},"filter","plugin_row_meta","wop_register_plugins_links","admin\\class-widgets-on-pages-admin.php",58,{"type":156,"name":157,"callback":158,"file":153,"line":159},"action","admin_menu","wop_add_options_page",64,{"type":156,"name":161,"callback":162,"file":153,"line":163},"admin_init","wop_register_settings",65,{"type":156,"name":165,"callback":166,"file":153,"line":167},"widgets_init","wop_register_sidebar",66,{"type":156,"name":157,"callback":169,"file":153,"line":170},"wop_remove_hidden_meta",67,{"type":156,"name":172,"callback":173,"file":153,"line":174},"load-post.php","wop_load_post_hook",69,{"type":156,"name":176,"callback":177,"file":153,"line":178},"admin_head","wop_add_my_tc_button",72,{"type":156,"name":180,"callback":181,"file":153,"line":182},"admin_footer","twd_cpt_list",74,{"type":156,"name":184,"callback":185,"file":153,"line":186},"add_meta_boxes","wop_add_free_custom_meta",77,{"type":156,"name":184,"callback":188,"file":153,"line":189},"wop_add_edit_only_custom_meta",214,{"type":150,"name":191,"callback":192,"file":153,"line":193},"mce_external_plugins","wop_add_tinymce_plugin",598,{"type":150,"name":195,"callback":196,"file":153,"line":197},"mce_buttons","wop_register_my_tc_button",599,{"type":156,"name":199,"callback":200,"file":201,"line":202},"plugins_loaded","anonymous","includes\\class-widgets-on-pages.php",144,{"type":156,"name":204,"callback":200,"file":201,"line":205},"admin_enqueue_scripts",159,{"type":156,"name":204,"callback":200,"file":201,"line":207},160,{"type":156,"name":209,"callback":200,"file":201,"line":14},"init",{"type":156,"name":211,"callback":200,"file":201,"line":212},"wp_enqueue_scripts",176,{"type":156,"name":211,"callback":200,"file":201,"line":214},177,{"type":150,"name":216,"callback":217,"file":218,"line":219},"the_content","maybe_insert_with_content__premium_only","public\\class-widgets-on-pages-public.php",59,{"type":150,"name":221,"callback":222,"file":218,"line":223},"custom-header","maybe_insert_with_header__premium_only",60,{"type":150,"name":225,"callback":226,"priority":87,"file":227,"line":186},"connect_message_on_update","wop_fs_custom_connect_message_on_update","widgets_on_pages.php",{"type":156,"name":199,"callback":229,"file":227,"line":230},"wop_plugin_check_version",124,[232,237],{"action":181,"nopriv":233,"callback":234,"hasNonce":235,"hasCapCheck":233,"file":153,"line":236},false,"twd_list_ajax",true,73,{"action":238,"nopriv":233,"callback":238,"hasNonce":233,"hasCapCheck":233,"file":239,"line":96},"wop_maybe_insert_with_header","includes\\class-functions.php",[],[242],{"tag":243,"callback":244,"file":218,"line":245},"widgets_on_pages","widgets_on_page",56,[],{"dangerousFunctions":248,"sqlUsage":249,"outputEscaping":251,"fileOperations":29,"externalRequests":29,"nonceChecks":28,"capabilityChecks":288,"bundledLibraries":289},[],{"prepared":29,"raw":29,"locations":250},[],{"escaped":252,"rawEcho":253,"locations":254},4,16,[255,258,260,262,264,266,268,270,272,273,275,277,279,282,284,286],{"file":153,"line":256,"context":257},272,"raw output",{"file":153,"line":259,"context":257},276,{"file":153,"line":261,"context":257},277,{"file":153,"line":263,"context":257},278,{"file":153,"line":265,"context":257},280,{"file":153,"line":267,"context":257},283,{"file":153,"line":269,"context":257},285,{"file":153,"line":271,"context":257},299,{"file":153,"line":105,"context":257},{"file":153,"line":274,"context":257},664,{"file":153,"line":276,"context":257},690,{"file":153,"line":278,"context":257},705,{"file":280,"line":281,"context":257},"admin\\partials\\widgets-on-pages-admin-display.php",37,{"file":280,"line":283,"context":257},52,{"file":239,"line":285,"context":257},21,{"file":239,"line":287,"context":257},78,2,[290,293],{"name":291,"version":38,"knownCves":292},"TinyMCE",[],{"name":294,"version":295,"knownCves":296},"Freemius","1.0",[],[],{"summary":299,"deductions":300},"The \"widgets-on-pages\" plugin version 1.9.0 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and implementing nonce and capability checks on its entry points.  There are no observed critical or high severity taint flows, nor are there any file operations or external HTTP requests, which generally reduce the risk of complex vulnerabilities. The absence of bundled outdated libraries, apart from Freemius which is a common licensing SDK, is also a positive indicator.\n\nHowever, significant concerns remain due to the presence of an unprotected AJAX handler. This represents a direct entry point for potential attacks that can be executed without proper authentication, making it a prime target for malicious actors. Furthermore, the low percentage of properly escaped output (20%) suggests a high likelihood of cross-site scripting (XSS) vulnerabilities, which could allow attackers to inject malicious scripts into pages managed by the plugin. The plugin also has a history of medium-severity vulnerabilities, specifically related to XSS, indicating a recurring pattern that warrants attention.\n\nIn conclusion, while \"widgets-on-pages\" demonstrates some commendable security measures, the unprotected AJAX handler and widespread output escaping deficiencies create substantial risks. The plugin's past vulnerability history reinforces the need for careful security auditing and prompt patching. Addressing the unauthenticated AJAX endpoint and improving output escaping are critical steps to enhance the plugin's overall security.",[301,304,307],{"reason":302,"points":303},"Unprotected AJAX handler",8,{"reason":305,"points":306},"Low output escaping percentage",6,{"reason":308,"points":107},"Medium severity XSS vulnerability history","2026-03-16T17:31:56.031Z",{"wat":311,"direct":324},{"assetPaths":312,"generatorPatterns":317,"scriptPaths":318,"versionParams":319},[313,314,315,316],"\u002Fwp-content\u002Fplugins\u002Fwidgets-on-pages\u002Fadmin\u002Fcss\u002Fwidgets-on-pages-admin.css","\u002Fwp-content\u002Fplugins\u002Fwidgets-on-pages\u002Fadmin\u002Fjs\u002Fwidgets-on-pages-admin.js","\u002Fwp-content\u002Fplugins\u002Fwidgets-on-pages\u002Fpublic\u002Fcss\u002Fwidgets-on-pages-public.css","\u002Fwp-content\u002Fplugins\u002Fwidgets-on-pages\u002Fpublic\u002Fjs\u002Fwidgets-on-pages-public.js",[],[314,316],[320,321,322,323],"widgets-on-pages\u002Fadmin\u002Fcss\u002Fwidgets-on-pages-admin.css?ver=","widgets-on-pages\u002Fadmin\u002Fjs\u002Fwidgets-on-pages-admin.js?ver=","widgets-on-pages\u002Fpublic\u002Fcss\u002Fwidgets-on-pages-public.css?ver=","widgets-on-pages\u002Fpublic\u002Fjs\u002Fwidgets-on-pages-public.js?ver=",{"cssClasses":325,"htmlComments":327,"htmlAttributes":334,"restEndpoints":336,"jsGlobals":338,"shortcodeOutput":341},[326],"wop-widget-select",[328,329,330,331,332,333],"\u003C!-- Widget Options -->","\u003C!-- Turbo Sidebar Settings -->","\u003C!-- Turbo Sidebar CPT Options -->","\u003C!-- Turbo Sidebar PRO-feature Custom Meta -->","\u003C!-- Turbo Sidebar Custom Meta -->","\u003C!-- Turbo Sidebar CPT List -->",[335],"data-wop-meta",[337],"\u002Fwp-json\u002Fwidgets-on-pages\u002Fv1\u002Fget-widget-data",[339,340],"WOP_Admin","WOP_Public",[]]