WP-Safety

WP Widget Clipboard – Duplicate widgets intuitively Security & Risk Analysis

wordpress.org/plugins/wp-widget-clipboard

Duplicate multiple widgets by drag & drop.

800 active installs v1.2.15 PHP + WP 3.3+ Updated Nov 28, 2019
clonecopy-widgetsduplicate-widget-pluginduplicate-widgetswidget-duplicator
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is WP Widget Clipboard – Duplicate widgets intuitively Safe to Use in 2026?

Generally Safe

Score 85/100

WP Widget Clipboard – Duplicate widgets intuitively has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago
Risk Assessment

The "wp-widget-clipboard" v1.2.15 plugin exhibits a generally good security posture based on the provided static analysis. The absence of AJAX handlers, REST API routes, shortcodes, cron events, and external HTTP requests significantly limits the potential attack surface. Furthermore, all identified SQL queries utilize prepared statements, and there are no recorded vulnerabilities, including CVEs, which suggests a history of secure development or effective patching. The lack of taint analysis results also indicates no detected critical or high-severity unsanitized data flows.

However, a significant concern arises from the output escaping analysis. With 32 total outputs and 0% properly escaped, this plugin presents a high risk of Cross-Site Scripting (XSS) vulnerabilities. Any data rendered to the user interface that originates from untrusted sources or is not meticulously sanitized before display could be exploited by attackers. The absence of capability checks and nonce checks, while not immediately indicative of a risk in this specific analysis due to the limited attack surface, could become vulnerabilities if new entry points were introduced in future versions without proper authorization and security checks.

In conclusion, while the plugin benefits from a minimal attack surface and secure database practices, the widespread failure to properly escape output is a critical weakness. This suggests that while the plugin may not have historically suffered from exploitable vulnerabilities, the current code is highly susceptible to XSS attacks. The absence of capability and nonce checks, though not a direct issue here, is a general best practice that is being overlooked.

Key Concerns

  • Unescaped output detected
  • Missing capability checks
  • Missing nonce checks
Vulnerabilities
None known

WP Widget Clipboard – Duplicate widgets intuitively Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

WP Widget Clipboard – Duplicate widgets intuitively Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
32
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

0% escaped32 total outputs
Attack Surface

WP Widget Clipboard – Duplicate widgets intuitively Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 6
actionadmin_menuwp-widget-clipboard.php:61
actionadmin_enqueue_scriptswp-widget-clipboard.php:62
actionadmin_headwp-widget-clipboard.php:70
actionadmin_headwp-widget-clipboard.php:71
filterinitwp-widget-clipboard.php:718
actionplugins_loadedwp-widget-clipboard.php:719
Maintenance & Trust

WP Widget Clipboard – Duplicate widgets intuitively Maintenance & Trust

Maintenance Signals

WordPress version tested5.3.21
Last updatedNov 28, 2019
PHP min version
Downloads9K

Community Trust

Rating100/100
Number of ratings5
Active installs800
Alternatives

WP Widget Clipboard – Duplicate widgets intuitively Alternatives

Duplicate Widgets

Duplicate Widgets

duplicate-widgets

A
85

Simple plugin that lets you duplicate your existing widgets in just one click.

3K No CVEs
Simple clone widget

Simple clone widget

simple-clone-widget

A
85

Simple clone widget plugin add a 'Clone this!'' link of every widget. Simply click 'Clone it!' to make a copy of the widget.

30 No CVEs
All-in-One WP Migration and Backup

All-in-One WP Migration and Backup

all-in-one-wp-migration

A
90

Trusted by 60M+ sites: The gold standard for WordPress migration and backup. Migrate, backup, and restore your WordPress site with one click.

5.0M 13 CVEs
Yoast Duplicate Post

Yoast Duplicate Post

duplicate-post

A
90

The go-to tool for cloning posts and pages, including the powerful Rewrite & Republish feature.

4.0M 4 CVEs
WPvivid — Backup, Migration & Staging

WPvivid — Backup, Migration & Staging

wpvivid-backuprestore

B
75

Migrate, staging, backup WordPress, all in one.

900K 26 CVEs
Developer Profile

WP Widget Clipboard – Duplicate widgets intuitively Developer Profile

owlwpplugins

1 plugin · 800 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect WP Widget Clipboard – Duplicate widgets intuitively

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-widget-clipboard/css/clipboard.css/wp-content/plugins/wp-widget-clipboard/css/widget.css/wp-content/plugins/wp-widget-clipboard/webfonts/style.css/wp-content/plugins/wp-widget-clipboard/css/jquery-ui.css/wp-content/plugins/wp-widget-clipboard/css/guide.css
Version Parameters
wp-widget-clipboard/css/clipboard.css?ver=wp-widget-clipboard/css/widget.css?ver=wp-widget-clipboard/webfonts/style.css?ver=wp-widget-clipboard/css/jquery-ui.css?ver=wp-widget-clipboard/css/guide.css?ver=

HTML / DOM Fingerprints

CSS Classes
wpwc_manual_headerwpwc_share_buttonssharerlink_tabswpwc_usage_contentwpwc_upgrade_contentwpwc_donate_contentwpwc_manual_tabs
Data Attributes
data-sharerdata-titledata-urldata-web
JS Globals
jQuery
FAQ

Frequently Asked Questions about WP Widget Clipboard – Duplicate widgets intuitively