[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fFte775LNMZTI0YybARuTsy-a0kSomgIGZz93yg9MRQc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":38,"analysis":133,"fingerprints":232},"wikipedia-widget","Wikipedia Widget","0.13.12","asimeon","https:\u002F\u002Fprofiles.wordpress.org\u002Fasimeon\u002F","\u003Cp>The \u003Cstrong>Wikipedia Widget\u003C\u002Fstrong> shows a Wikipedia search-formular and its search results for the current post or page on your sidebar. On other sites (like category or front-page) it can defined any default search-keywords or other input-field.\u003C\u002Fp>\n\u003Cp>The search results were Ajax-based fetched from the \u003Ca href=\"http:\u002F\u002Fen.wikipedia.org\u002Fw\u002Fapi.php\" rel=\"nofollow ugc\">Wikipedia-API\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Main Features: \u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Define a default search string or get the current post title\u003C\u002Fli>\n\u003Cli>Show or hide the search form or define an alternative search form within the page\u003C\u002Fli>\n\u003Cli>Use cache for the search results for better speed \u003C\u002Fli>\n\u003Cli>Results are clear formatted, with links and pictures\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Be free for testing and suggest improvements.\u003C\u002Fp>\n\u003Ch3>Tickets\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Check given Wikipedia-URL at backend\u003C\u002Fli>\n\u003Cli>plugin page at a-simeon.de\u003C\u002Fli>\n\u003Cli>improve faq\u003C\u002Fli>\n\u003C\u002Ful>\n","Shows a simple Ajax based Wikipedia search-formular and the results for the current post\u002Fpage title or default keywords.",10,4249,80,1,"2015-05-13T07:49:00.000Z","4.2.39","3.5","",[20,21,22,23,24],"knowledge","search","sidebar","widget","wikipedia","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwikipedia-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwikipedia-widget.0.13.12.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":27,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},2,40,30,84,"2026-04-04T15:08:50.712Z",[39,60,75,93,108],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":18,"tags":54,"homepage":56,"download_link":57,"security_score":58,"vuln_count":14,"unpatched_count":14,"last_vuln_date":59,"fetched_at":30},"search-google","Search by Google","1.9","webvitaly","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebvitaly\u002F","\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"http:\u002F\u002Fweb-profile.net\u002Fwordpress\u002Fplugins\u002Fsearch-google\u002F\" title=\"Search by Google\" rel=\"nofollow ugc\">Search by Google\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"http:\u002F\u002Fweb-profile.net\u002Fdonate\u002F\" title=\"Donate\" rel=\"nofollow ugc\">Donate\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"http:\u002F\u002Fweb-profile.net\u002Fwordpress\u002Fplugins\u002F\" title=\"WordPress plugins\" rel=\"nofollow ugc\">WordPress plugins\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>“Search by Google” plugin adds Google search form widget. It helps user to search on site using Google.\u003C\u002Fp>\n\u003Ch4>Widget options:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>“Title” (title of the widget);\u003C\u002Fli>\n\u003Cli>“Submit button text” (if left blank than “Google search” text will be used);\u003C\u002Fli>\n\u003Cli>“Search on site” (if left blank than Google will search on current site);\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Useful:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpage-list\u002F\" title=\"list of pages with shortcodes\" rel=\"ugc\">“Page-list” – show list of pages with shortcodes\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fiframe\u002F\" title=\"embed content\" rel=\"ugc\">“Iframe” – embed content\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fweb-profile.net\u002Fwordpress\u002Fplugins\u002F\" title=\"WordPress Pro plugins\" rel=\"nofollow ugc\">WordPress Pro plugins\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Search by Google widget.",100,29317,96,9,"2020-09-05T15:27:00.000Z","5.5.18","3.0",[55,21,22,23],"google","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsearch-google\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsearch-google.1.9.zip",63,"2025-09-05 00:00:00",{"slug":61,"name":62,"version":63,"author":18,"author_profile":64,"description":65,"short_description":66,"active_installs":34,"downloaded":67,"rating":28,"num_ratings":28,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":18,"tags":71,"homepage":73,"download_link":74,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"live-search-popup","Live Search Popup","1.4.7","https:\u002F\u002Fprofiles.wordpress.org\u002Fschimmi\u002F","\u003Cp>This plugin adds Spotlight ™ like live search with an ajax popup to\u003Cbr \u002F>\nthe default search box. See the screenshot.\u003C\u002Fp>\n\u003Cp>It can be used as a widget or directly as a PHP call in the theme.\u003C\u002Fp>\n\u003Cp>The Live Search Plugin is heavily based on John Nunemaker’s\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fwww.wp-plugins-db.org\u002Fplugin\u002Faddicted-to-live-search\u002F\" rel=\"nofollow ugc\">Addicted To Live Search\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Changelog\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>1.4.7 Fix by Tony for “With mouseover on result in IE, there is no background image or color”.\u003C\u002Fli>\n\u003Cli>1.4.6 Added livesearchpopup_resultsbox(width) to put the popup below a search box of your choice, e.g. from a theme.\u003C\u002Fli>\n\u003Cli>1.4.5 Do not initialize if no livesearchpopup_results is found. In contrast to the original live search this plugin does not make sense without the popup anyway. This fixes a JavaScript bug in IE7.\u003C\u002Fli>\n\u003Cli>1.4.4 Use wpurl instead of siteurl to allow installations of WordPress at different addresses (thanks to Draco)\u003C\u002Fli>\n\u003Cli>1.4.3 Use \u003C?php instead of \u003C? in live-search-popup.php\u003C\u002Fli>\n\u003Cli>1.4.2 Force update script to update the plugin.\u003C\u002Fli>\n\u003Cli>1.4.1 Switched to the_post instead of the deprecated wp_start().\u003C\u002Fli>\n\u003Cli>1.4 Finally permalinks work together with this plugin. In addition a “Show all” links was added at the bottom for the case that there are more posts than shown in the popup (thanks to Marco Luthe).\u003C\u002Fli>\n\u003Cli>1.3.4 Moved the placeholder and autocomplete attributes of the search box to JavaScript as they are not XHTML valid (thanks to Marco Luthe)\u003C\u002Fli>\n\u003Cli>1.3.3 Added some print commands in front of get_bloginfos (thanks to upekshapriya who noticed that)\u003C\u002Fli>\n\u003Cli>1.3.2 Force update script to update the plugin.\u003C\u002Fli>\n\u003Cli>1.3.1 Relative paths in css to allow installation which are not at the domain root.\u003C\u002Fli>\n\u003Cli>1.3 Fixed behaviour for change and blur events of the search box. This fixes the “click-through” bug.\u003C\u002Fli>\n\u003Cli>1.2.1 Updated to reflect that it works with 2.3 as well.\u003C\u002Fli>\n\u003Cli>1.2 Bugfixes\u003C\u002Fli>\n\u003Cli>1.1 Bugfixes\u003C\u002Fli>\n\u003Cli>1.0 First release\u003C\u002Fli>\n\u003C\u002Ful>\n","Spotlight (tm) like live search with an ajax popup",28002,"2008-04-11T07:35:00.000Z","2.5","2.0.2",[72,21,22,23],"ajax","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Flive-search-popup","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flive-search-popup.1.4.7.zip",{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":35,"downloaded":83,"rating":84,"num_ratings":33,"last_updated":85,"tested_up_to":86,"requires_at_least":87,"requires_php":18,"tags":88,"homepage":91,"download_link":92,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"enhanced-search-form","Enhanced Search Form","0.5","Ono Oogami","https:\u002F\u002Fprofiles.wordpress.org\u002Fono-oogami\u002F","\u003Cp>WordPress has a build-in search system which actually allows searching posts in certain one or mutiple category(s), month archive(s) and tag(s). However, by default you must manually add extra GET\u002F POST parameter to search query to enable these features.\u003C\u002Fp>\n\u003Cp>This plugin enhanced the wordpress search form so visitors can submit a more advanced search query via XHTML visual Form, allowing setting conditions that posts should be in some category(s), publish in which month, having some tag(s) and other conditions. Mutiple conditions are allowed and connected by AND Boolean operation.\u003C\u002Fp>\n\u003Cp>Go to “Installation” tab to see how to install and use this plugin. Goto “Screenshots” tab to see what enhanced search form likes.\u003C\u002Fp>\n\u003Ch4>Translation\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Russian (ru_RU)\u003C\u002Fli>\n\u003C\u002Ful>\n","Enhance wordpress search form to allow searching posts in certain category(s), month archive(s) or tag(s).",14704,60,"2014-12-03T15:04:00.000Z","4.0.38","2.8",[89,90,21,22,23],"enhanced-search-form-plugin","form","http:\u002F\u002Foogami.name\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fenhanced-search-form.0.5.zip",{"slug":94,"name":95,"version":96,"author":97,"author_profile":98,"description":99,"short_description":100,"active_installs":11,"downloaded":101,"rating":47,"num_ratings":14,"last_updated":102,"tested_up_to":103,"requires_at_least":104,"requires_php":18,"tags":105,"homepage":18,"download_link":107,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"search-storm","Multiple Category Search Storm","1.5","imseosrl","https:\u002F\u002Fprofiles.wordpress.org\u002Fimseosrl\u002F","\u003Cp>Search Storm allows you to search for an article by combining multiple categories\u003Cbr \u002F>\nSearch Storm allows you to search:\u003Cbr \u002F>\n1) entering a keyword without selecting a category\u003Cbr \u002F>\n2) entering a keyword and selecting one or more categories\u003C\u002Fp>\n\u003Ch3>Requirements\u003C\u002Fh3>\n","Search Storm allows you to search for an article by combining multiple categories",3071,"2016-04-11T13:38:00.000Z","4.4.34","1.0",[90,21,22,106,23],"storm","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsearch-storm.1.5.zip",{"slug":109,"name":110,"version":111,"author":112,"author_profile":113,"description":114,"short_description":115,"active_installs":116,"downloaded":117,"rating":118,"num_ratings":119,"last_updated":120,"tested_up_to":121,"requires_at_least":122,"requires_php":123,"tags":124,"homepage":128,"download_link":129,"security_score":130,"vuln_count":131,"unpatched_count":28,"last_vuln_date":132,"fetched_at":30},"custom-sidebars","Custom Sidebars – Dynamic Sidebar Classic Widget Area Manager","3.38","WebFactory","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebfactory\u002F","\u003Cp>\u003Cstrong>Manage and replace sidebars and other classic widget areas on your site with Custom Sidebars, a flexible widget area manager.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Make custom sidebar configurations and be able to choose what classic widgets display on each page or post of your site.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Need to make a \u003Cstrong>widget sticky\u003C\u002Fstrong> or fixed? Try our free \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsticky-menu-or-anything-on-scroll\u002F\" rel=\"ugc\">WP Sticky Anything\u003C\u002Fa> plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Custom Sidebars works ONLY with the classic widgets screen that was used in WordPress before version 5.8. If you want to use it with version 5.8 (and above) you have to install the official \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fclassic-widgets\u002F\" rel=\"ugc\">Classic Widgets\u003C\u002Fa> plugin, or enable the classic widgets interface yourself. Once the classic widgets screen is activated the plugin will work the same as before.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Having problems setting up SSL or generating an SSL certificate? Install the free \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-force-ssl\u002F\" rel=\"ugc\">WP Force SSL\u003C\u002Fa> plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Display Different Sidebars on Pages and Posts\u003C\u002Fh4>\n\u003Cp>Custom Sidebars allows you to dynamically display custom widget configurations on any page, post, category, post type, or archive page.\u003C\u002Fp>\n\u003Cp>★★★★★\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>“Custom Sidebars will go on my “essential plugins” list from now on. I am pleased by how easy it was to figure out and by how many options are available in the free version.” – \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmonkeyhateclean\" rel=\"nofollow ugc\">monkeyhateclean\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>★★★★★\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>“This plugin does exactly what it says. It’s light, integrates well into WordPress and gives you tons of possibilities.” – \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fdarknova11\" rel=\"nofollow ugc\">DarkNova\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>Every part of Custom Sidebars integrates seamlessly with the Widgets menu for simplicity and control. No confusing settings pages or added menu items, just simple core integration.\u003C\u002Fp>\n\u003Ch4>A Simple Flexible Sidebar Manager\u003C\u002Fh4>\n\u003Cp>** Custom Sidebars Includes: **\u003Cbr \u002F>\n* Unlimited custom widget configurations\u003Cbr \u002F>\n* Set custom widgets for individual posts and pages, categories, post types, and archives\u003Cbr \u002F>\n* Seamless integration with the WordPress Widgets menu\u003Cbr \u002F>\n* Works with well-coded themes and doesn’t slow down your site\u003Cbr \u002F>\n* Set individual widget visibility – for guests, by user role, by post type, for special pages or categories\u003Cbr \u002F>\n* Author specific sidebars – display a custom sidebar for each of your authors\u003Cbr \u002F>\n* Clone and sync widget settings – quickly edit complex configurations\u003Cbr \u002F>\n* Import and export custom sidebars – backup and share sidebars\u003C\u002Fp>\n\u003Cp>Install Custom Sidebars and see for yourself why it’s the most popular widget extension plugin available for WordPress with over 200,000 active installs.\u003C\u002Fp>\n\u003Ch3>Contact and Credits\u003C\u002Fh3>\n\u003Cp>Original development completed by \u003Ca href=\"http:\u002F\u002Fmarquex.es\u002F\" rel=\"nofollow ugc\">Javier Marquez\u003C\u002Fa>.\u003C\u002Fp>\n","Flexible sidebars for custom classic widget configurations on any page or post. Create custom sidebars with ease!",100000,5193767,94,1028,"2025-12-03T19:20:00.000Z","6.9.4","4.6","5.6",[125,126,127,22,23],"classic-widgets","custom-sidebar","dynamic-widgets","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcustom-sidebars\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-sidebars.3.38.zip",98,3,"2017-10-04 00:00:00",{"attackSurface":134,"codeSignals":158,"taintFlows":217,"riskAssessment":218,"analyzedAt":231},{"hooks":135,"ajaxHandlers":146,"restRoutes":155,"shortcodes":156,"cronEvents":157,"entryPointCount":33,"unprotectedCount":33},[136,142],{"type":137,"name":138,"callback":139,"file":140,"line":141},"action","wp_enqueue_scripts","initScripts","wikipedia-widget.php",33,{"type":137,"name":143,"callback":144,"file":140,"line":145},"widgets_init","anonymous",236,[147,152],{"action":148,"nopriv":149,"callback":150,"hasNonce":149,"hasCapCheck":149,"file":140,"line":151},"wikipedia_request",false,"ajax_wikipedia_search_request",36,{"action":148,"nopriv":153,"callback":150,"hasNonce":149,"hasCapCheck":149,"file":140,"line":154},true,37,[],[],[],{"dangerousFunctions":159,"sqlUsage":163,"outputEscaping":165,"fileOperations":28,"externalRequests":14,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":216},[160],{"fn":161,"file":140,"line":145,"context":162},"create_function","add_action( 'widgets_init', create_function( '', 'register_widget( \"wikipedia_widget\" );' ) );",{"prepared":28,"raw":28,"locations":164},[],{"escaped":166,"rawEcho":35,"locations":167},6,[168,171,173,174,175,177,178,180,182,183,185,187,188,189,190,192,194,196,197,199,200,202,204,206,207,208,210,212,213,214],{"file":140,"line":169,"context":170},73,"raw output",{"file":140,"line":172,"context":170},76,{"file":140,"line":13,"context":170},{"file":140,"line":13,"context":170},{"file":140,"line":176,"context":170},83,{"file":140,"line":36,"context":170},{"file":140,"line":179,"context":170},115,{"file":140,"line":181,"context":170},116,{"file":140,"line":181,"context":170},{"file":140,"line":184,"context":170},119,{"file":140,"line":186,"context":170},120,{"file":140,"line":186,"context":170},{"file":140,"line":186,"context":170},{"file":140,"line":186,"context":170},{"file":140,"line":191,"context":170},121,{"file":140,"line":193,"context":170},130,{"file":140,"line":195,"context":170},131,{"file":140,"line":195,"context":170},{"file":140,"line":198,"context":170},134,{"file":140,"line":198,"context":170},{"file":140,"line":201,"context":170},135,{"file":140,"line":203,"context":170},138,{"file":140,"line":205,"context":170},139,{"file":140,"line":205,"context":170},{"file":140,"line":205,"context":170},{"file":140,"line":209,"context":170},142,{"file":140,"line":211,"context":170},143,{"file":140,"line":211,"context":170},{"file":140,"line":211,"context":170},{"file":140,"line":215,"context":170},230,[],[],{"summary":219,"deductions":220},"The \"wikipedia-widget\" plugin v0.13.12 exhibits a concerning security posture primarily due to its unprotected entry points. While the plugin demonstrates good practices by exclusively using prepared statements for SQL queries and avoiding file operations and bundled libraries, the presence of two AJAX handlers without any authentication or capability checks creates a significant attack surface. This means any authenticated user, regardless of their role or permissions, could potentially trigger these handlers, leading to unintended actions or information disclosure.\n\nThe static analysis also flags the use of the \"create_function\" dangerous function, which is a known security risk due to its ability to execute arbitrary code. While taint analysis found no specific unsanitized paths, the absence of proper output escaping for a substantial portion of the plugin's output (83%) is a clear vulnerability. This could lead to Cross-Site Scripting (XSS) attacks, where malicious scripts are injected into the user's browser.\n\nAdding to the concerns, the plugin lacks nonce checks on its AJAX handlers, further exacerbating the risk of unauthorized actions. The complete absence of recorded vulnerabilities in its history might suggest it hasn't been extensively targeted or audited, but this should not be mistaken for inherent security. The combination of unprotected AJAX handlers, the dangerous \"create_function\", and insufficient output escaping presents a high risk, outweighing the positive aspects of its SQL handling.",[221,223,225,228],{"reason":222,"points":11},"Unprotected AJAX handlers",{"reason":224,"points":11},"Dangerous function create_function",{"reason":226,"points":227},"Insufficient output escaping",8,{"reason":229,"points":230},"Missing nonce checks on AJAX",5,"2026-03-17T00:35:29.043Z",{"wat":233,"direct":242},{"assetPaths":234,"generatorPatterns":237,"scriptPaths":238,"versionParams":239},[235,236],"\u002Fwp-content\u002Fplugins\u002Fwikipedia-widget\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fwikipedia-widget\u002Fscript.js",[],[236],[240,241],"wikipedia-widget\u002Fstyle.css?ver=","wikipedia-widget\u002Fscript.js?ver=",{"cssClasses":243,"htmlComments":249,"htmlAttributes":250,"restEndpoints":251,"jsGlobals":253,"shortcodeOutput":255},[244,245,246,247,248],"wikipedia_widget-search_form","wikipedia_widget-search","wikipedia_widget-default_search","wikipedia_widget-loader","wikipedia_widget-result",[],[245,246,247,248,244],[252],"\u002Fwp-json\u002Fwikipedia_widget\u002Fv1\u002Fsearch",[254],"wikipedia_widget_script",[]]