[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f4V-Rd4ZDNhqpxonpznZhrMtRGEAAUQpBllzTVtgd1Jo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":143,"fingerprints":206},"wp-master-widget","WP Master Widget","1.0.0","WebSPI","https:\u002F\u002Fprofiles.wordpress.org\u002Fdevcon1\u002F","\u003Cp>Supports vertical ordering of images, icons, texts, titles, and more using a simple drag and drop ordering feature. Users can dynamically add any number of elements to the WP Master Widget and each element can be styled differently from the “Widgets” page. All widgets can be configured as a hyperlink to any destination with styling options.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Image widget allows using hover animation based on pure CSS.\u003C\u002Fli>\n\u003Cli>Text Widget allows using shortcodes and simple styling available from the user interface.\u003C\u002Fli>\n\u003Cli>Icon Widget loads FontAwesome icons library with style settings.\u003C\u002Fli>\n\u003Cli>All Widgets can be configured with hyperlink with options to open from a new window and styling.\u003C\u002Fli>\n\u003C\u002Ful>\n","WP Master Widget is an advanced WordPress widget that allows easy styling and organization for text, fontawesome icon, image, and more types of elemen &hellip;",20,2860,0,"2017-08-22T22:54:00.000Z","4.8.28","3.0.1","",[19,20,21,22,23],"advanced-widget","custom-widget","image-widget","text-widget","widget-with-custom-class","\u002F\u002Fwpmaster.com\u002Fplugins\u002Fwp-master-widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-master-widget.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":26,"computed_at":36},"devcon1",7,460,87,30,"2026-04-04T21:22:47.297Z",[38,57,77,100,121],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":17,"tags":53,"homepage":55,"download_link":56,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"call-to-action-widget","Call to Action Widget","1.1","Charlie Strickler","https:\u002F\u002Fprofiles.wordpress.org\u002Fcharliestricklergmailcom\u002F","\u003Cp>A modified version of the standard WordPress text widget.  In addition to a title and textarea\u002Fhtml field the CTA widget includes an image URL that can be positioned above or below the title, a button text field and a button URL field.  CTA widget is short for “Call to Action” widget.  We frequently see website designs with 3 columns of widgets on the home page.  Frequently these buckets or widgets utilize an image, title, description, and call to action button.  This widget makes it easier for beginners to change the content of these blocks without editing HTML.\u003C\u002Fp>\n\u003Cp>Read more about this widget on \u003Ca href=\"http:\u002F\u002Fwordpress.boomvisibility.com\u002Fcta-widget\u002F\" rel=\"nofollow ugc\">wordpress.boomvisibility.com\u003C\u002Fa>\u003C\u002Fp>\n","A simple text widget with Title, Image URL, A text\u002Fhtml area, Link Text and Link URL.  This simple widget is often used for a call to action widget.",200,13953,94,6,"2013-12-10T00:00:00.000Z","3.7.41","3.0.2",[39,54,21,22],"cta-widget","http:\u002F\u002Fwww.boomvisibility.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcall-to-action-widget.zip",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":67,"num_ratings":68,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":17,"tags":72,"homepage":75,"download_link":76,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wp-shaper-image-and-text","WP Shaper Image and Text","1.0","wpshaper","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpshaper\u002F","\u003Cp>WP Shaper Image and Text is a dynamic image & text widget plugin for display sidebar or any where in your site.\u003C\u002Fp>\n\u003Cp>The plugin is designed for any dynamic image & text widget. “WP Shaper Image and Text” is a free wordpress plugin. Any developer can change Or modify this plugin without author permission.\u003C\u002Fp>\n","WP Shaper Image and Text is a dynamic image & text widget plugin for display sidebar or any where in your site.",90,5384,100,2,"2015-01-06T06:44:00.000Z","4.1.42","4.0",[73,21,22,74],"dynamic-image","wp-shaper","http:\u002F\u002Fwww.wpshaper.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-shaper-image-and-text.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":87,"num_ratings":88,"last_updated":89,"tested_up_to":90,"requires_at_least":71,"requires_php":17,"tags":91,"homepage":96,"download_link":97,"security_score":67,"vuln_count":98,"unpatched_count":13,"last_vuln_date":99,"fetched_at":28},"sidebar-manager","Lightweight Sidebar Manager","2.0.0","Brainstorm Force","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrainstormforce\u002F","\u003Cp>Normally you have a sidebar that appears throughout the website. However, sometimes it is necessary to display a relevant, different sidebar on certain pages on the website. For an example: on WooCommerce pages, a sidebar with related or top seller products would be more relevant than the latest comments, blog posts right?\u003C\u002Fp>\n\u003Cp>This plugin helps you solve that problem as it allows you to create new sidebars and display them conditionally on certain locations of the website easily. Once the sidebar is created and displayed on pages you like, you can add relevant widgets in it.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fbsf.io\u002Fsidebar-manager-demo\" rel=\"nofollow ugc\">Try it out on a free dummy site\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Some of the Features:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Create unlimited sidebars\u003C\u002Fli>\n\u003Cli>Place them any location your theme has defined (Footer Widgets \u002F Left or Right Sidebar)\u003C\u002Fli>\n\u003Cli>Works with any theme\u003C\u002Fli>\n\u003Cli>Conditionally display sidebars on specific posts, pages, taxonomies or custom post types\u003C\u002Fli>\n\u003Cli>Display sidebars based on user roles\u003C\u002Fli>\n\u003C\u002Fol>\n","Create new sidebar areas and display them conditionally on certain pages. Works with all themes.",90000,1089070,84,21,"2025-12-01T09:44:00.000Z","6.9.4",[92,93,94,78,95],"conditional-sidebar","custom-sidebar","custom-widget-areas","widgets","http:\u002F\u002Fwww.brainstormforce.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsidebar-manager.2.0.0.zip",1,"2020-09-16 00:00:00",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":65,"num_ratings":110,"last_updated":111,"tested_up_to":112,"requires_at_least":113,"requires_php":17,"tags":114,"homepage":119,"download_link":120,"security_score":67,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"simple-image-widget","Simple Image Widget","4.4.2","Cedaro","https:\u002F\u002Fprofiles.wordpress.org\u002Fcedaro\u002F","\u003Cp>Simple Image Widget is what the name implies — the easiest way to add images to your sidebars. Display advertisements, calls-to-action, or even build a slider based on image widgets.\u003C\u002Fp>\n\u003Cp>Despite its simplicity, Simple Image Widget is built with extensibility in mind, making it super easy to spin off new image-based widgets, or customize the widget ouput using the available template hierarchy.\u003C\u002Fp>\n\u003Ch3>Additional Resources\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fsimple-image-widget#postform\" rel=\"ugc\">Write a review\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcedaro\u002Fsimple-image-widget\" rel=\"nofollow ugc\">Contribute on GitHub\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fcedaroco\" rel=\"nofollow ugc\">Follow @cedaroco\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.cedaro.com\u002F?utm_source=wordpress.org&utm_medium=link&utm_content=simple-image-widget-readme&utm_campaign=plugins\" rel=\"nofollow ugc\">Visit Cedaro\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","A simple widget that makes it a breeze to add images to your sidebars.",10000,854415,39,"2025-07-20T14:44:00.000Z","6.8.5","4.9",[21,115,116,117,118],"media","media-manager","sidebar","widget","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsimple-image-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-image-widget.4.4.2.zip",{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":129,"downloaded":130,"rating":65,"num_ratings":131,"last_updated":132,"tested_up_to":90,"requires_at_least":133,"requires_php":134,"tags":135,"homepage":140,"download_link":141,"security_score":67,"vuln_count":98,"unpatched_count":13,"last_vuln_date":142,"fetched_at":28},"wp-categories-widget","WP Categories Widget","2.8.1","WP-EXPERTS.IN","https:\u002F\u002Fprofiles.wordpress.org\u002Findia-web-developer\u002F","\u003Cp>The “WP Categories Widget” is a simple plugin to display the list of categories for any taxonomies type (WooCommerce Product Category, Blog Category, Project Category…etc) on your wordpress website. Using WP Categries Widget you can display list of categories anywhere on your website. And also you can disable the widget block editor and enable the classic widget layut to edit the sidebar.\u003C\u002Fp>\n\u003Cp>Note : please don’t forget to leave your valuable feedback and suggestions.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Send your query to \u003Ca href=\"mailto:info@wp-experts.in\" rel=\"nofollow ugc\">AUTHOR\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Video Tutorial :\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FpbsnErpu_8U?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>`Features`\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Disable Widget Block Editor \u003C\u002Fli>\n\u003Cli>Display Categories Post Count \u003C\u002Fli>\n\u003Cli>Hide Child Categories\u003C\u002Fli>\n\u003Cli>Hide Widget Title\u003C\u002Fli>\n\u003Cli>Show Categories for Any Taxonomies Type\u003C\u002Fli>\n\u003Cli>Exclude\u002FInclude Categories\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Addon Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Display Category as Drop Down\u003C\u002Fli>\n\u003Cli>Display Category Posts\u003C\u002Fli>\n\u003Cli>Manage WP Widget Style (Background Color, Text Color, Border Style & Color)\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Add Custom CSS for every Widget\u003C\u002Fp>\n\u003Ch3>\u003Ca href=\"https:\u002F\u002Fwww.wp-experts.in\u002Fproducts\u002Fwp-categories-widget-addon\u002F?utm_source=wordpress.org&utm_medium=free-plugin&utm_campaign=wcw-paid\" rel=\"nofollow ugc\">Downalod Add-on\u003C\u002Fa>.\u003C\u002Fh3>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Display the list of categories for any taxonomies type (WooCommerce Product Category, Blog Category, Project Category...etc) in sidebar",7000,116450,27,"2026-02-16T14:20:00.000Z","6.0","8.0",[136,20,137,138,139],"category-widget","posts-widget","product-categories-widget","taxonomy-widget","https:\u002F\u002Fwww.wp-experts.in\u002Fproducts\u002Fwp-categories-widget-addon\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-categories-widget.zip","2023-08-10 00:00:00",{"attackSurface":144,"codeSignals":175,"taintFlows":193,"riskAssessment":194,"analyzedAt":205},{"hooks":145,"ajaxHandlers":167,"restRoutes":172,"shortcodes":173,"cronEvents":174,"entryPointCount":98,"unprotectedCount":98},[146,152,155,157,160,164],{"type":147,"name":148,"callback":149,"file":150,"line":151},"action","plugins_loaded","anonymous","includes\\class-wp-master-widget.php",143,{"type":147,"name":153,"callback":149,"file":150,"line":154},"admin_enqueue_scripts",159,{"type":147,"name":153,"callback":149,"file":150,"line":156},160,{"type":147,"name":158,"callback":149,"file":150,"line":159},"widgets_init",161,{"type":161,"name":162,"callback":149,"file":150,"line":163},"filter","widget_text",163,{"type":147,"name":165,"callback":149,"file":150,"line":166},"wp_enqueue_scripts",177,[168],{"action":169,"nopriv":170,"callback":149,"hasNonce":170,"hasCapCheck":170,"file":150,"line":171},"wpmw_ajax_make_widget_object",false,162,[],[],[],{"dangerousFunctions":176,"sqlUsage":177,"outputEscaping":179,"fileOperations":13,"externalRequests":13,"nonceChecks":98,"capabilityChecks":13,"bundledLibraries":192},[],{"prepared":13,"raw":13,"locations":178},[],{"escaped":180,"rawEcho":180,"locations":181},4,[182,186,188,190],{"file":183,"line":184,"context":185},"widgets\\class-wp-master-widget-widget.php",31,"raw output",{"file":183,"line":187,"context":185},302,{"file":183,"line":189,"context":185},304,{"file":183,"line":191,"context":185},749,[],[],{"summary":195,"deductions":196},"The wp-master-widget plugin v1.0.0 exhibits a mixed security posture. On the positive side, it demonstrates good practices in several areas. The absence of known CVEs and a clean vulnerability history suggest a lack of previously discovered weaknesses. Crucially, all SQL queries are performed using prepared statements, and there are no file operations or external HTTP requests, significantly reducing common attack vectors. The presence of a nonce check is also a positive indicator.\n\nHowever, a significant concern arises from the attack surface. The plugin exposes a single AJAX handler that lacks any authentication checks. This unprotected entry point is a prime target for attackers, as it allows for direct interaction without verifying user permissions. Furthermore, the static analysis reveals that only 50% of output is properly escaped, indicating a potential for Cross-Site Scripting (XSS) vulnerabilities in the unescaped outputs. The absence of capability checks on the AJAX handler further exacerbates this risk. While taint analysis shows no immediate critical or high-severity flows, the identified attack surface and output escaping issues present tangible risks that require attention.\n\nIn conclusion, while the plugin benefits from a clean history and sound practices in SQL handling and external interactions, the unprotected AJAX endpoint and partially unescaped output represent significant vulnerabilities. These weaknesses, if exploited, could lead to unauthorized actions or data exposure. Addressing the unprotected AJAX handler and improving output escaping should be the immediate priorities for enhancing the plugin's security.",[197,200,202],{"reason":198,"points":199},"AJAX handler without auth check",8,{"reason":201,"points":49},"Partially unescaped output",{"reason":203,"points":204},"AJAX handler without capability check",5,"2026-03-16T22:53:24.584Z",{"wat":207,"direct":223},{"assetPaths":208,"generatorPatterns":215,"scriptPaths":216,"versionParams":217},[209,210,211,212,213,214],"\u002Fwp-content\u002Fplugins\u002Fwp-master-widget\u002Fadmin\u002Fcss\u002Fwp-master-widget-admin.css","\u002Fwp-content\u002Fplugins\u002Fwp-master-widget\u002Fadmin\u002Fcss\u002Fjquery-ui.min.css","\u002Fwp-content\u002Fplugins\u002Fwp-master-widget\u002Fadmin\u002Fcss\u002Fjquery-ui.theme.min.css","\u002Fwp-content\u002Fplugins\u002Fwp-master-widget\u002Fcommon\u002Fcss\u002Ffont-awesome.css","\u002Fwp-content\u002Fplugins\u002Fwp-master-widget\u002Fadmin\u002Fjs\u002Fwp-master-widget-admin.js","\u002Fwp-content\u002Fplugins\u002Fwp-master-widget\u002Fadmin\u002Fjs\u002Fwp-color-picker-alpha.min.js",[],[213,214],[218,219,220,221,222],"wp-master-widget\u002Fcss\u002Fwp-master-widget-admin.css?ver=","wp-master-widget\u002Fcss\u002Fjquery-ui.min.css?ver=","wp-master-widget\u002Fcss\u002Fjquery-ui.theme.min.css?ver=","wp-master-widget\u002Fjs\u002Fwp-master-widget-admin.js?ver=","wp-master-widget\u002Fjs\u002Fwp-color-picker-alpha.min.js?ver=",{"cssClasses":224,"htmlComments":225,"htmlAttributes":226,"restEndpoints":228,"jsGlobals":229,"shortcodeOutput":231},[4],[],[227],"data-nonce",[],[230],"wpmw_widget",[]]