[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fMM9QGo4-fuSVMZMftuNTh8AtOALMo7oj5RsygpsggSo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":14,"unpatched_count":14,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":44,"crawl_stats":35,"alternatives":52,"analysis":148,"fingerprints":289},"wpb-image-widget","WPB Image Widget","1.1","WPBean","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpbean\u002F","\u003Cp>A simple widget for showing responsive image in sidebar area. It’s using WordPress’s new media uploader.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fdemo1.wpbean.com\u002F\" rel=\"nofollow ugc\">DEMO\u003C\u002Fa>  |  \u003Ca href=\"https:\u002F\u002Fwpbean.com\u002Fsupport\u002F\" rel=\"nofollow ugc\">Support\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch3>👋 Need expert WordPress & WooCommerce development help?\u003C\u002Fh3>\n\u003Cp>I’m currently available for hire — WordPress and WooCommerce development, custom features, bug fixing, speed optimization, performance tuning, SEO improvements, and more.\u003Cbr \u002F>\nWith over 10 years of experience building high-quality WordPress solutions, I can help you take your website to the next level.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwpbean.com\u002Fweb-development-services\u002F?utm_source=WordPress&utm_medium=desc-link&utm_campaign=available-for-hire&utm_content=WPB+Image+Widget\" rel=\"nofollow ugc\">\u003Cstrong>Contact me here \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan>\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Plugin Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Showing image in sidebar by widget.\u003C\u002Fli>\n\u003Cli>Linking image to large image or cutom link.\u003C\u002Fli>\n\u003Cli>Image size.\u003C\u002Fli>\n\u003Cli>Image alt text.\u003C\u002Fli>\n\u003Cli>Image bellow text.\u003C\u002Fli>\n\u003Cli>Image alignment.\u003C\u002Fli>\n\u003Cli>Nice animation on mouse hover.\u003C\u002Fli>\n\u003Cli>Easy to use.\u003C\u002Fli>\n\u003Cli>Clean code & easy to customize.\u003C\u002Fli>\n\u003C\u002Ful>\n","A simple widget for showing responsive image in sidebar area. It's using WordPress's new media uploader.",100,4210,80,1,"2025-06-08T22:21:00.000Z","6.8.5","3.6","",[20,21,22,23,4],"image","image-widget","upload-image-in-widget","widget","http:\u002F\u002Fwpbean.com\u002Fwpb-image-widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpb-image-widget.1.1.zip",78,"2025-09-05 00:00:00","2026-03-15T15:16:48.613Z",[30],{"id":31,"url_slug":32,"title":33,"description":34,"plugin_slug":4,"theme_slug":35,"affected_versions":36,"patched_in_version":35,"severity":37,"cvss_score":38,"cvss_vector":39,"vuln_type":40,"published_date":27,"updated_date":41,"references":42,"days_to_patch":35},"CVE-2025-58858","wpb-image-widget-authenticated-contributor-stored-cross-site-scripting","WPB Image Widget \u003C= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting","The WPB Image Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=1.1","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-09-11 14:03:46",[43],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fbcd25ec7-e594-4261-a743-174ceb130cf5?source=api-prod",{"slug":45,"display_name":7,"profile_url":8,"plugin_count":46,"total_installs":47,"avg_security_score":48,"avg_patch_time_days":49,"trust_score":50,"computed_at":51},"wpbean",25,39970,96,20,91,"2026-04-04T02:13:18.084Z",[53,74,92,112,129],{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":63,"num_ratings":64,"last_updated":65,"tested_up_to":16,"requires_at_least":66,"requires_php":18,"tags":67,"homepage":71,"download_link":72,"security_score":11,"vuln_count":73,"unpatched_count":73,"last_vuln_date":35,"fetched_at":28},"simple-image-widget","Simple Image Widget","4.4.2","Cedaro","https:\u002F\u002Fprofiles.wordpress.org\u002Fcedaro\u002F","\u003Cp>Simple Image Widget is what the name implies — the easiest way to add images to your sidebars. Display advertisements, calls-to-action, or even build a slider based on image widgets.\u003C\u002Fp>\n\u003Cp>Despite its simplicity, Simple Image Widget is built with extensibility in mind, making it super easy to spin off new image-based widgets, or customize the widget ouput using the available template hierarchy.\u003C\u002Fp>\n\u003Ch3>Additional Resources\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fsimple-image-widget#postform\" rel=\"ugc\">Write a review\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcedaro\u002Fsimple-image-widget\" rel=\"nofollow ugc\">Contribute on GitHub\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fcedaroco\" rel=\"nofollow ugc\">Follow @cedaroco\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.cedaro.com\u002F?utm_source=wordpress.org&utm_medium=link&utm_content=simple-image-widget-readme&utm_campaign=plugins\" rel=\"nofollow ugc\">Visit Cedaro\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","A simple widget that makes it a breeze to add images to your sidebars.",10000,854415,90,39,"2025-07-20T14:44:00.000Z","4.9",[21,68,69,70,23],"media","media-manager","sidebar","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsimple-image-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-image-widget.4.4.2.zip",0,{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":84,"num_ratings":85,"last_updated":86,"tested_up_to":16,"requires_at_least":87,"requires_php":18,"tags":88,"homepage":90,"download_link":91,"security_score":11,"vuln_count":73,"unpatched_count":73,"last_vuln_date":35,"fetched_at":28},"image-widget-rb","Image Widget","1.0.12","rbplugins","https:\u002F\u002Fprofiles.wordpress.org\u002Frbplugins\u002F","\u003Cp>With Image Widget plugin you can in few simple steps publish images grid on sidebar of your blog page or post. For management of the images implemented set of simple and smart options. It’s not gonna take to much time to manage your media resources. Configuration of the gallery widget it’s very simple task with our image widget.\u003Cbr \u002F>\nImage Widget have few functionality modes. You can easily change view of the image widget thumbnails layout. Upload images to the image widget take just few minutes and few clicks. You can use external plugins which have integration with Image Widget RB as source of the settings for the gallery and images sets.\u003Cbr \u002F>\nConfigure styles and view in external gallery plugin, select required gallery elements and publish it in image widget, as target content.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features Image Widget\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Simple image widget interface;\u003C\u002Fli>\n\u003Cli>Simple image management tools;\u003C\u002Fli>\n\u003Cli>Media resources could be upload in few clicks;\u003C\u002Fli>\n\u003Cli>Multi columns image widget configuration;\u003C\u002Fli>\n\u003Cli>Unlimited images amount;\u003C\u002Fli>\n\u003Cli>Image grid widget view;\u003C\u002Fli>\n\u003Cli>Import of the image widget content from the external integrated plugins;\u003C\u002Fli>\n\u003Cli>No limits for image widgets amount on page;\u003C\u002Fli>\n\u003Cli>No limits for image widgets on sidebar;\u003C\u002Fli>\n\u003Cli>Additional parameters for images in image widget media manager;\u003C\u002Fli>\n\u003Cli>Image widget with lightbox;\u003C\u002Fli>\n\u003Cli>Fast navigation in lightbox;\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It’s not require any special skills or code modifications to image widget on your website. Just install image widget plugin on your website, open settings to enable main functionality. Just install plugin from the directory and activate image widget function in widget settings.\u003C\u002Fp>\n\u003Cp>If you have some ideas of new functionality or options for this image widget plugin please drop a line to our contact form or support section.\u003C\u002Fp>\n","Image Widget - most simple and fast way to create image widget to your sidebar",4000,54014,60,2,"2025-09-25T07:24:00.000Z","3.1",[89,20,21,70,23],"gallery-widget","https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fimage-widget-rb","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fimage-widget-rb.1.0.12.zip",{"slug":93,"name":94,"version":95,"author":96,"author_profile":97,"description":98,"short_description":99,"active_installs":100,"downloaded":101,"rating":102,"num_ratings":103,"last_updated":104,"tested_up_to":105,"requires_at_least":106,"requires_php":18,"tags":107,"homepage":109,"download_link":110,"security_score":111,"vuln_count":73,"unpatched_count":73,"last_vuln_date":35,"fetched_at":28},"hw-image-widget","HW Image Widget","4.4","Håkan Wennerberg","https:\u002F\u002Fprofiles.wordpress.org\u002Fpuffythepirateboy\u002F","\u003Cp>This widget requires WordPress 3.5 or newer.\u003C\u002Fp>\n\u003Cp>Primary features of HW Image Widget:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Allow you to choose responsive or fixed behavior.\u003C\u002Fli>\n\u003Cli>Fixed sized images allow you to define width\u002Fheight with, or without kept aspect ratio.\u003C\u002Fli>\n\u003Cli>Responsive sized images will allow you to define “fill width” or not.\u003C\u002Fli>\n\u003Cli>Uses TinyMCE for rich text editing of the image text field.\u003C\u002Fli>\n\u003Cli>Allow you to create a custom widget HTML-template in the active theme to override the default layout.\u003C\u002Fli>\n\u003Cli>Default settings can be overridden using filter.\u003C\u002Fli>\n\u003Cli>Works with Carrington Build.\u003C\u002Fli>\n\u003Cli>Works with the theme customizer.\u003C\u002Fli>\n\u003Cli>Available in English and Swedish.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For more info, visit http:\u002F\u002Fwebartisan.se\u002Fhw-image-widget\u002F\u003C\u002Fp>\n","Image widget that will allow you to choose responsive or fixed sized behavior. Includes TinyMCE rich text editing of the text description.",1000,39559,88,14,"2017-11-28T19:47:00.000Z","4.2.39","3.5",[20,21,108,23],"responsive","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fhw-image-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhw-image-widget.4.4.zip",85,{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":100,"downloaded":120,"rating":11,"num_ratings":121,"last_updated":122,"tested_up_to":123,"requires_at_least":106,"requires_php":18,"tags":124,"homepage":127,"download_link":128,"security_score":111,"vuln_count":73,"unpatched_count":73,"last_vuln_date":35,"fetched_at":28},"swifty-image-widget","Swifty Image Widget","1.1.1","Goran87","https:\u002F\u002Fprofiles.wordpress.org\u002Fgoran87\u002F","\u003Cp>Super simple but powerful widget that allows adding single or multiple images to your widget positions, using native media uploader. You can add caption for each image to act as testimonial, or you can use it as banner advertising module because its not being blocked with Ad Blocker. It doesn’t load any javascript on front end so its super fast. Use drag and drop to rearrange images.\u003C\u002Fp>\n\u003Cp>Check out demo in sidebar \u003Ca href=\"http:\u002F\u002Fitsgoran.com\u002Fwp\u002Fswifty-image-widget\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Major features in Swifty Image Widget include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easily select image from your media collection\u003C\u002Fli>\n\u003Cli>Add one or add multiple images\u003C\u002Fli>\n\u003Cli>Chose full size, one from registered sizes by your theme or define your custom size\u003C\u002Fli>\n\u003Cli>Add caption that will show below image (optional)\u003C\u002Fli>\n\u003Cli>Add link (optional)\u003C\u002Fli>\n\u003Cli>Enable\u002Fdisable rel nofollow\u003C\u002Fli>\n\u003Cli>Drag and Drop to rearrange images\u003C\u002Fli>\n\u003Cli>Arrange images\u002Fbanners next to each other or below each other\u003C\u002Fli>\n\u003Cli>Not being blocked by AdBlocker\u003C\u002Fli>\n\u003Cli>Just one css file (0.5kb) called for front styling, no scripts.\u003C\u002Fli>\n\u003Cli>Super Light and Super Fast\u003C\u002Fli>\n\u003Cli>Responsive\u003C\u002Fli>\n\u003Cli>Secure and written with best practices\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Check my other plugins at www.wpgens.com\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you have any suggestions\u002Ffeedback to improve Swifty Image Widget, please get in touch with me via email goran@wpgens.com .\u003C\u002Fp>\n\u003Cp>Also be sure to check out \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fswifty-bar\u002F\" rel=\"ugc\">Swifty Bar\u003C\u002Fa>. Plugin that you will fall in love with 🙂\u003C\u002Fp>\n","Super simple but powerful widget that allows adding single or multiple images to your widget positions, using native media uploader.",26632,12,"2023-08-09T13:13:00.000Z","6.3.8",[125,21,126,70,23],"image-list","resize","https:\u002F\u002Fwww.wpgens.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fswifty-image-widget.1.1.1.zip",{"slug":130,"name":131,"version":132,"author":133,"author_profile":134,"description":135,"short_description":136,"active_installs":137,"downloaded":138,"rating":73,"num_ratings":73,"last_updated":139,"tested_up_to":140,"requires_at_least":141,"requires_php":18,"tags":142,"homepage":146,"download_link":147,"security_score":111,"vuln_count":73,"unpatched_count":73,"last_vuln_date":35,"fetched_at":28},"wpc-image-widget","Image Widget by Angie Makes","1.7","Chris Baldelomar","https:\u002F\u002Fprofiles.wordpress.org\u002Fcbaldelomar\u002F","\u003Cp>See the \u003Ca href=\"http:\u002F\u002Fhallie.angiemakes.com\u002Fblog\u002F\" rel=\"nofollow ugc\">‘Image Widget’ in action\u003C\u002Fa>\u003C\u002Fp>\n","This plugin allows for the addition of a drag \u002F drop image widget to the existing widgets in your Wordpress theme. Easily upload, and link images to t &hellip;",500,20505,"2017-05-12T20:37:00.000Z","4.7.32","4.2.4",[20,21,143,144,145],"photo","picture","picture-widget","http:\u002F\u002Fangiemakes.com\u002Ffeminine-wordpress-blog-themes-women\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpc-image-widget.zip",{"attackSurface":149,"codeSignals":180,"taintFlows":273,"riskAssessment":274,"analyzedAt":288},{"hooks":150,"ajaxHandlers":172,"restRoutes":173,"shortcodes":174,"cronEvents":179,"entryPointCount":14,"unprotectedCount":73},[151,157,161,167],{"type":152,"name":153,"callback":154,"file":155,"line":156},"action","admin_enqueue_scripts","upload_scripts","admin\\wpb_iw_widget.php",30,{"type":152,"name":158,"callback":159,"file":155,"line":160},"widgets_init","register_wpb_iw_widget",227,{"type":152,"name":162,"callback":163,"priority":164,"file":165,"line":166},"wp_enqueue_scripts","wpb_iw_adding_style",11,"inc\\wpb_iw_functions.php",19,{"type":152,"name":168,"callback":169,"file":170,"line":171},"init","wpb_iw_internationalization","main.php",34,[],[],[175],{"tag":4,"callback":176,"file":177,"line":178},"wpb_iw_shortcode","inc\\wpb_iw_shortcode.php",16,[],{"dangerousFunctions":181,"sqlUsage":182,"outputEscaping":184,"fileOperations":73,"externalRequests":73,"nonceChecks":73,"capabilityChecks":73,"bundledLibraries":272},[],{"prepared":73,"raw":73,"locations":183},[],{"escaped":121,"rawEcho":185,"locations":186},50,[187,190,192,194,196,198,200,201,203,204,205,207,208,210,211,213,215,216,218,220,221,223,225,226,228,230,232,233,235,237,239,240,242,244,246,247,249,251,252,254,256,257,259,261,262,264,266,267,269,270],{"file":155,"line":188,"context":189},46,"raw output",{"file":155,"line":191,"context":189},49,{"file":155,"line":193,"context":189},53,{"file":155,"line":195,"context":189},55,{"file":155,"line":197,"context":189},82,{"file":155,"line":199,"context":189},83,{"file":155,"line":199,"context":189},{"file":155,"line":202,"context":189},87,{"file":155,"line":102,"context":189},{"file":155,"line":102,"context":189},{"file":155,"line":206,"context":189},94,{"file":155,"line":206,"context":189},{"file":155,"line":209,"context":189},98,{"file":155,"line":209,"context":189},{"file":155,"line":212,"context":189},102,{"file":155,"line":214,"context":189},103,{"file":155,"line":214,"context":189},{"file":155,"line":217,"context":189},107,{"file":155,"line":219,"context":189},108,{"file":155,"line":219,"context":189},{"file":155,"line":222,"context":189},112,{"file":155,"line":224,"context":189},113,{"file":155,"line":224,"context":189},{"file":155,"line":227,"context":189},114,{"file":155,"line":229,"context":189},119,{"file":155,"line":231,"context":189},120,{"file":155,"line":231,"context":189},{"file":155,"line":234,"context":189},127,{"file":155,"line":236,"context":189},128,{"file":155,"line":238,"context":189},129,{"file":155,"line":238,"context":189},{"file":155,"line":241,"context":189},136,{"file":155,"line":243,"context":189},137,{"file":155,"line":245,"context":189},138,{"file":155,"line":245,"context":189},{"file":155,"line":248,"context":189},142,{"file":155,"line":250,"context":189},143,{"file":155,"line":250,"context":189},{"file":155,"line":253,"context":189},150,{"file":155,"line":255,"context":189},151,{"file":155,"line":255,"context":189},{"file":155,"line":258,"context":189},158,{"file":155,"line":260,"context":189},159,{"file":155,"line":260,"context":189},{"file":177,"line":263,"context":189},63,{"file":177,"line":265,"context":189},66,{"file":177,"line":265,"context":189},{"file":177,"line":268,"context":189},69,{"file":177,"line":268,"context":189},{"file":177,"line":271,"context":189},77,[],[],{"summary":275,"deductions":276},"The \"wpb-image-widget\" v1.1 plugin exhibits a mixed security posture. While the static analysis reveals no overtly dangerous functions, raw SQL queries, or file operations, significant concerns arise from the low percentage of properly escaped output (19%). This suggests a high likelihood of Cross-Site Scripting (XSS) vulnerabilities, especially given the plugin's vulnerability history, which includes a recent medium-severity XSS flaw.\n\nThe lack of nonce checks and capability checks, combined with the limited number of entry points being unprotected, is a positive sign for direct unauthorized access vectors. However, the presence of one shortcode without explicit authorization checks implies a potential avenue for exploitation if the XSS vulnerabilities are leveraged. The vulnerability history, particularly the recurring XSS pattern and a recent unpatched medium-severity issue, strongly indicates a lack of robust input sanitization and output escaping practices.\n\nIn conclusion, while the plugin avoids common pitfalls like raw SQL or dangerous functions, the severe under-escaping of output and a documented history of XSS vulnerabilities are critical weaknesses. The unpatched medium-severity CVE is a significant risk that needs immediate attention. The plugin's strengths lie in its limited attack surface and the absence of certain risky code patterns, but these are overshadowed by the ongoing threat of XSS due to poor output handling.",[277,280,283,286],{"reason":278,"points":279},"Unescaped output detected (19% proper)",10,{"reason":281,"points":282},"Unpatched medium severity CVE",15,{"reason":284,"points":285},"No nonce checks detected",5,{"reason":287,"points":285},"No capability checks detected","2026-03-16T21:12:26.247Z",{"wat":290,"direct":297},{"assetPaths":291,"generatorPatterns":294,"scriptPaths":295,"versionParams":296},[292,293],"\u002Fwp-content\u002Fplugins\u002Fwpb-image-widget\u002Fadmin\u002Fcss\u002Fwpb-image-widget-admin.css","\u002Fwp-content\u002Fplugins\u002Fwpb-image-widget\u002Fadmin\u002Fjs\u002Fwpb-image-widget-admin.js",[],[293],[],{"cssClasses":298,"htmlComments":304,"htmlAttributes":306,"restEndpoints":307,"jsGlobals":308,"shortcodeOutput":310},[299,300,301,302,303],"wpb_iw_uploaded_image","wpb_iw_show_image","wpb_iw_upload_image","wpb_iw_linking_type_","wpb_iw_custom_link_",[305],"WPB Image Widget\n    By WPBean",[299,300,301,302,303],[],[309],"WpbImageWidget",[311],"[wpb-image-widget"]