WP-Safety

Biblia Catolica Widget Security & Risk Analysis

wordpress.org/plugins/wp-biblia-catolica-widget

Ofereça a Bíblia Católica aos seus visitantes. Acesso rápido a todos os 73 livros da Bíblia Sagrada...

10 active installs v1.0.0.6 PHP + WP 2.0.2+ Updated Dec 3, 2011
biblebibliacatolicaescriturasevangelho
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Biblia Catolica Widget Safe to Use in 2026?

Generally Safe

Score 85/100

Biblia Catolica Widget has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 14yr ago
Risk Assessment

The wp-biblia-catolica-widget v1.0.0.6 plugin exhibits a mixed security posture. On the positive side, the plugin has a remarkably small attack surface with no detected AJAX handlers, REST API routes, shortcodes, or cron events that are directly accessible or unprotected. Furthermore, it demonstrates good practices by exclusively using prepared statements for all SQL queries and showing no signs of dangerous function usage, file operations, external HTTP requests, or bundled libraries. The absence of any recorded vulnerabilities or CVEs in its history is a strong indicator of a well-maintained codebase or limited exposure to security testing.

However, a significant concern arises from the complete lack of output escaping, which is a critical security oversight. With 5 total outputs and 0% properly escaped, this presents a substantial risk of Cross-Site Scripting (XSS) vulnerabilities. Any user-provided data displayed by the widget could be maliciously crafted to execute arbitrary JavaScript in the user's browser, leading to session hijacking, defacement, or other harmful actions. The absence of nonce and capability checks on any potential entry points (though none were identified as unprotected) also leaves a theoretical gap, but this is mitigated by the current lack of detected entry points. The total lack of taint analysis results is neutral, suggesting either no taint flows were found or the analysis was not comprehensive enough to detect them.

Key Concerns

  • Unescaped output detected
  • Missing nonce checks
  • Missing capability checks
Vulnerabilities
None known

Biblia Catolica Widget Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Biblia Catolica Widget Release Timeline

No version history available.
Code Analysis
Analyzed Mar 17, 2026

Biblia Catolica Widget Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
5
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

0% escaped5 total outputs
Attack Surface

Biblia Catolica Widget Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 1
actionplugins_loadedwp-bibliacatolica.php:187
Maintenance & Trust

Biblia Catolica Widget Maintenance & Trust

Maintenance Signals

WordPress version tested3.3.0
Last updatedDec 3, 2011
PHP min version
Downloads4K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Biblia Catolica Widget Alternatives

Bible Search and Audio / Biblia y Concordancia con Audio

Bible Search and Audio / Biblia y Concordancia con Audio

biblia-y-concordancia

A
100

Este plugin permite buscar en varias versiones de la Biblia e incluye audio.

100 No CVEs
Versiculo del dia

Versiculo del dia

versiculo-del-dia

A
100

Este plugin muestra un versículo diario de la Santa Palabra de Dios, la Biblia, por Bibliatodo.com.

50 No CVEs
WP-Bible

WP-Bible

wp-bible

A
85

Plugin finds Bible references in your posts and changes them for the actual Bible text from any of 38 different translations in 14 languages.

40 No CVEs
Bible Post

Bible Post

bible-post

A
85

Es una necesidad para todo conocedor de lo que Dios quiere en nuestras vidas el impartir el conocimiento que nos fue dado. Es por ello

10 No CVEs
Bible Verses References

Bible Verses References

bible-verses-references

A
85

This plugin fetches all the biblical references present in your posts and pages and adds the text of the verse in a floating window when the user hove …

10 No CVEs
Developer Profile

Biblia Catolica Widget Developer Profile

wcpinho

2 plugins · 20 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Biblia Catolica Widget

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-biblia-catolica-widget/css/style.css/wp-content/plugins/wp-biblia-catolica-widget/js/bibliaCatolicaWidget.js
Script Paths
/wp-content/plugins/wp-biblia-catolica-widget/js/bibliaCatolicaWidget.js
Version Parameters
wp-biblia-catolica-widget/css/style.css?ver=wp-biblia-catolica-widget/js/bibliaCatolicaWidget.js?ver=

HTML / DOM Fingerprints

CSS Classes
bibliacatolicaWidgettextoformfrases
Data Attributes
name="bibliacatolicaBooks"name="bibliacatolicaChapters"class="btnReadChapter"
JS Globals
bibliacatolicaBooksbibliacatolicaChaptersbibliacatolicaRandomVerse
Shortcode Output
<div id="bibliacatolicaWidget" align="center"><table class="texto" style="margin-bottom: 12px; text-align: left;" border="0" cellspacing="0" cellpadding="4" align="center"><form name="formBibliaCatolica" id="formBibliaCatolica"><select name="bibliacatolicaBooks" style="width: 162px;" class="form">
FAQ

Frequently Asked Questions about Biblia Catolica Widget