[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f92o6PzJflZ8rr87rTSIqJO9rAgbD56ZN1bxFb_Nxx38":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":38,"analysis":132,"fingerprints":255},"xbooster-advanced-text-widget","xBooster Advanced Text Widget","1.0","acbaltaci","https:\u002F\u002Fprofiles.wordpress.org\u002Facbaltaci\u002F","\u003Cp>xBooster Advanced Text Widget is extremely useful if you have deep  category structure and different page templates for different type of posts.\u003C\u002Fp>\n\u003Cp>Do you need show some sidebar banners on some pages and hide on some?\u003C\u002Fp>\n\u003Cp>Do you want to show a custom HTML on specific pages?\u003C\u002Fp>\n\u003Cp>Do you want to hide a custom HTML on specific posts etc?\u003C\u002Fp>\n\u003Cp>This is the plugin you are looking for.\u003C\u002Fp>\n\u003Cp>Please visit http:\u002F\u002Fwww.allthemesnulled.com see our plugins in action.\u003C\u002Fp>\n\u003Cp>Detailed documentation is \u003Ca href=\"http:\u002F\u002Fallthemesnulled.com\u002Fxbooster-advanced-text-widget\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>\u003C\u002Fp>\n","Easy to use Advanced Text Widget. It is possible to show\u002Fhide widget on any pages\u002Fposts\u002Fcategories you want including homepage.",10,2586,100,1,"2013-12-17T07:42:00.000Z","3.7.41","3.0.1","",[20,21,22,23,24],"advanced-text-widget","hide-on-categories","hide-on-pages","show-on-pages","text-widget","http:\u002F\u002Fwww.allthemesnulled.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fxbooster-advanced-text-widget.zip",85,0,null,"2026-03-15T14:54:45.397Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":27,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},2,20,30,84,"2026-04-04T16:10:54.430Z",[39,57,74,96,114],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":34,"downloaded":47,"rating":13,"num_ratings":14,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":18,"tags":51,"homepage":54,"download_link":55,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":56},"pro-text-widget","Pro Text Widget","1.1","Shambhu Patnaik","https:\u002F\u002Fprofiles.wordpress.org\u002Fshambhu-patnaik\u002F","\u003Cp>Pro Text Widget plugin.You have choice to text widget show only specific Post\u002Fcategory\u002FPage.\u003C\u002Fp>\n\u003Ch4>Features :\u003C\u002Fh4>\n\u003Col>\n\u003Cli>You have choice to specific to widget show only  posts\u002Fpages\u002Fcategories.\u003C\u002Fli>\n\u003Cli>Multiple post\u002Fcategory\u002Fpage option(comma separated).\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>More detail : http:\u002F\u002Fsocialcms.wordpress.com\u002F\u003C\u002Fp>\n","Pro Text Widget plugin.You have choice to text widget show only specific Post\u002Fcategory\u002FPage.",3095,"2016-01-03T13:20:00.000Z","4.4.34","2.9",[20,52,40,24,53],"custom-text-widget","widget","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpro-text-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpro-text-widget.zip","2026-03-15T15:16:48.613Z",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":13,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":18,"tags":71,"homepage":18,"download_link":73,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":56},"classic-text-widget","Classic Text Widget","1.0.1","Victor Font","https:\u002F\u002Fprofiles.wordpress.org\u002Fvfontj\u002F","\u003Cp>Brings back the classic WordPress text widget without TinyMCE. This is based on the code from WordPress Ver. 4.7.5\u003C\u002Fp>\n\u003Cp>Functionality is exactly the same as the pre-version 4.8 text widget. Additional default functionality includes shortcode execution and custom class filter.\u003C\u002Fp>\n\u003Cp>Note: This widget uses PHP namespaces to prevent conflicts with other widgets of a similar nature. PHP namespaces are only supported in PHP Version 5.3.0 and higher. If your site uses a PHP version earlier than 5.3.0, do not install this widget unless your PHP version is upgraded first.\u003C\u002Fp>\n","The classic pre-WordPress version 4.8 text widget",2000,20397,15,"2019-04-29T17:05:00.000Z","5.2.24","4.8",[58,72,24],"text","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclassic-text-widget.1.0.2.zip",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":84,"num_ratings":85,"last_updated":86,"tested_up_to":87,"requires_at_least":88,"requires_php":18,"tags":89,"homepage":94,"download_link":95,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":56},"gabfire-widget-pack","Gabfire Widget Pack","1.4.14","Gabfire","https:\u002F\u002Fprofiles.wordpress.org\u002Fgabfire\u002F","\u003Cp>The Gabfire Widget Pack is a feature-packed plugin that adds the most commonly used widgets to your site. Rather than having to download several plugins by various authors, this plugin bundles together the most popular widgets.\u003C\u002Fp>\n\u003Cp>It is maintained by the folks over at http:\u002F\u002Fwww.gabfirethemes.com\u003C\u002Fp>\n\u003Cp>Below are the steps required to install, activate, and configure the Gabfire Widget Pack.\u003C\u002Fp>\n\u003Ch4>Widget: Video Slider\u003C\u002Fh4>\n\u003Cp>Get most recent videos addedto your site and display it in a widget zone with a nicely formed slider\u003C\u002Fp>\n\u003Ch4>Widget: Simple Banner\u003C\u002Fh4>\n\u003Cp>A very easy way to add banners into widget zones.\u003C\u002Fp>\n\u003Ch4>Widget: Archive Search\u003C\u002Fh4>\n\u003Cp>Give your users the option to search to their heart’s content. This powerful widget provides 3 methods to search:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>By Archive Month\u003C\u002Fli>\n\u003Cli>By Category\u003C\u002Fli>\n\u003Cli>By Keyword using Google Search\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This is great widget for content-heavy sites.\u003C\u002Fp>\n\u003Ch4>Widget: Search\u003C\u002Fh4>\n\u003Cp>Your visitors need a search function to explore your site. Luckily, this widget gives you two functional styles to choose from that can be placed into any widget zone.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Set your label\u003C\u002Fli>\n\u003Cli>Set your style and background\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Search is not dead!\u003C\u002Fp>\n\u003Ch4>Widget: Post Tabs\u003C\u002Fh4>\n\u003Cp>A sleek Ajax tabs widget that offers a convenient way to showcase your content. You can choose from 3 types of tabs:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Recent Posts\u003C\u002Fli>\n\u003Cli>Recent Comments\u003C\u002Fli>\n\u003Cli>Popular Posts (based on tags)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>In addition, the Post Tabs widget offers a light and dark color scheme, ability to show post meta details and avatars, and choose the number of posts to display.\u003C\u002Fp>\n\u003Ch4>Widget: Author Badge\u003C\u002Fh4>\n\u003Cp>Give credit where it’s due with this unique Author Badge that showcases the following details neatly: author’s bio, a link to their posts, as well as their social media pages.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Author’s Bio\u003C\u002Fli>\n\u003Cli>Author’s Gravatar (if any)\u003C\u002Fli>\n\u003Cli>Author’s social media links\u003C\u002Fli>\n\u003Cli>Link to Author’s Posts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Author badge shows at single post and author pages only. This badge will not shown if Author bio is left empty. Go to User profile page to enter Facebook, Twitter, Google+, and Author website URL details.\u003C\u002Fp>\n\u003Ch4>Widget: Related Posts\u003C\u002Fh4>\n\u003Cp>Enhance your site’s page views by adding related posts to your articles. This widget uses tags to identify related posts and provides you the option to display them with thumbnails, or as a list.\u003C\u002Fp>\n\u003Ch4>Widget: Text+ Widget\u003C\u002Fh4>\n\u003Cp>A slight twist on the original. This text widget gives you the ability to have an icon and button that links to any post or page of your choice.\u003C\u002Fp>\n\u003Cp>For more details, visit \u003Ca href=\"http:\u002F\u002Fwww.gabfirethemes.com\" title=\"Best WordPress Themes\" rel=\"nofollow ugc\">Gabfire Themes\u003C\u002Fa>.\u003C\u002Fp>\n","The Gabfire Widget Pack contains over a dozen useful widgets to extend your WordPress site. It is a free plugin that will work with ANY theme.",700,96102,88,13,"2021-02-15T22:57:00.000Z","5.6.17","5.1",[90,91,92,93,24],"about-us","author-badge","post-tabs","related-posts","https:\u002F\u002Fwww.gabfire.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgabfire-widget-pack.zip",{"slug":97,"name":98,"version":42,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":103,"downloaded":104,"rating":105,"num_ratings":106,"last_updated":107,"tested_up_to":16,"requires_at_least":108,"requires_php":18,"tags":109,"homepage":112,"download_link":113,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":56},"call-to-action-widget","Call to Action Widget","Charlie Strickler","https:\u002F\u002Fprofiles.wordpress.org\u002Fcharliestricklergmailcom\u002F","\u003Cp>A modified version of the standard WordPress text widget.  In addition to a title and textarea\u002Fhtml field the CTA widget includes an image URL that can be positioned above or below the title, a button text field and a button URL field.  CTA widget is short for “Call to Action” widget.  We frequently see website designs with 3 columns of widgets on the home page.  Frequently these buckets or widgets utilize an image, title, description, and call to action button.  This widget makes it easier for beginners to change the content of these blocks without editing HTML.\u003C\u002Fp>\n\u003Cp>Read more about this widget on \u003Ca href=\"http:\u002F\u002Fwordpress.boomvisibility.com\u002Fcta-widget\u002F\" rel=\"nofollow ugc\">wordpress.boomvisibility.com\u003C\u002Fa>\u003C\u002Fp>\n","A simple text widget with Title, Image URL, A text\u002Fhtml area, Link Text and Link URL.  This simple widget is often used for a call to action widget.",200,13953,94,6,"2013-12-10T00:00:00.000Z","3.0.2",[97,110,111,24],"cta-widget","image-widget","http:\u002F\u002Fwww.boomvisibility.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcall-to-action-widget.zip",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":13,"downloaded":122,"rating":13,"num_ratings":33,"last_updated":123,"tested_up_to":124,"requires_at_least":125,"requires_php":18,"tags":126,"homepage":130,"download_link":131,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":56},"allow-javascript-in-text-widgets","Allow Javascript in Text Widgets","0.3","Philip John","https:\u002F\u002Fprofiles.wordpress.org\u002Fphilipjohn\u002F","\u003Cp>Replaces the default text widget with one that allows Javascript so you can do basic things like add Google Ads to your sidebar without using other plugins.\u003C\u002Fp>\n\u003Cp>Important: It’s only intended for Multisite. If you use it in standard WordPress and it doesn’t work or breaks something don’t expect any sympathy.\u003C\u002Fp>\n","Replaces the default text widget with one that allows Javascript so you can do basic things like add Google Ads to your sidebar without using other pl &hellip;",11242,"2014-09-03T20:15:00.000Z","4.0.38","3.2.1",[127,128,129,24,53],"filter","javascript","kses","http:\u002F\u002Fphilipjohn.co.uk\u002F#pj-better-multisite-text-widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fallow-javascript-in-text-widgets.0.3.zip",{"attackSurface":133,"codeSignals":145,"taintFlows":237,"riskAssessment":238,"analyzedAt":254},{"hooks":134,"ajaxHandlers":141,"restRoutes":142,"shortcodes":143,"cronEvents":144,"entryPointCount":28,"unprotectedCount":28},[135],{"type":136,"name":137,"callback":138,"file":139,"line":140},"action","widgets_init","anonymous","xbooster_advanced_text_widget.php",319,[],[],[],[],{"dangerousFunctions":146,"sqlUsage":150,"outputEscaping":152,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":236},[147],{"fn":148,"file":139,"line":140,"context":149},"create_function","add_action('widgets_init', create_function('', 'return register_widget(\"xbooster_advanced_text_widge",{"prepared":28,"raw":28,"locations":151},[],{"escaped":153,"rawEcho":154,"locations":155},11,51,[156,159,161,162,163,165,167,168,169,171,173,174,175,177,179,180,181,183,184,185,186,188,190,191,192,194,196,197,198,200,202,203,204,206,208,209,210,212,214,215,216,218,220,221,222,224,226,228,230,232,234],{"file":139,"line":157,"context":158},53,"raw output",{"file":139,"line":160,"context":158},54,{"file":139,"line":160,"context":158},{"file":139,"line":160,"context":158},{"file":139,"line":164,"context":158},66,{"file":139,"line":166,"context":158},67,{"file":139,"line":166,"context":158},{"file":139,"line":166,"context":158},{"file":139,"line":170,"context":158},78,{"file":139,"line":172,"context":158},79,{"file":139,"line":172,"context":158},{"file":139,"line":172,"context":158},{"file":139,"line":176,"context":158},89,{"file":139,"line":178,"context":158},90,{"file":139,"line":178,"context":158},{"file":139,"line":178,"context":158},{"file":139,"line":182,"context":158},93,{"file":139,"line":105,"context":158},{"file":139,"line":105,"context":158},{"file":139,"line":105,"context":158},{"file":139,"line":187,"context":158},104,{"file":139,"line":189,"context":158},105,{"file":139,"line":189,"context":158},{"file":139,"line":189,"context":158},{"file":139,"line":193,"context":158},108,{"file":139,"line":195,"context":158},109,{"file":139,"line":195,"context":158},{"file":139,"line":195,"context":158},{"file":139,"line":199,"context":158},120,{"file":139,"line":201,"context":158},121,{"file":139,"line":201,"context":158},{"file":139,"line":201,"context":158},{"file":139,"line":205,"context":158},124,{"file":139,"line":207,"context":158},125,{"file":139,"line":207,"context":158},{"file":139,"line":207,"context":158},{"file":139,"line":211,"context":158},129,{"file":139,"line":213,"context":158},130,{"file":139,"line":213,"context":158},{"file":139,"line":213,"context":158},{"file":139,"line":217,"context":158},143,{"file":139,"line":219,"context":158},144,{"file":139,"line":219,"context":158},{"file":139,"line":219,"context":158},{"file":139,"line":223,"context":158},209,{"file":139,"line":225,"context":158},236,{"file":139,"line":227,"context":158},240,{"file":139,"line":229,"context":158},271,{"file":139,"line":231,"context":158},275,{"file":139,"line":233,"context":158},307,{"file":139,"line":235,"context":158},311,[],[],{"summary":239,"deductions":240},"The plugin \"xbooster-advanced-text-widget\" v1.0 exhibits a mixed security posture. On the positive side, there are no recorded vulnerabilities (CVEs), no observed file operations, external HTTP requests, or bundled libraries, which are common sources of security issues. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the potential attack surface. Furthermore, all observed SQL queries utilize prepared statements, which is a strong security practice. However, there are significant concerns. The presence of the `create_function` dangerous function is a major red flag, as it can lead to arbitrary code execution if user-supplied input is passed to it without proper sanitization. Additionally, a low percentage of output escaping (18%) suggests a high risk of Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into the website through the plugin's output. The complete lack of nonce and capability checks, coupled with zero taint analysis, means that any potential vulnerabilities arising from these weaknesses would go undetected by the static analysis, and are not being protected against.\n\nWhile the lack of historical vulnerabilities is encouraging, it cannot mitigate the inherent risks identified in the code analysis. The reliance on `create_function` and the insufficient output escaping present immediate and serious threats. The absence of protective measures like nonce and capability checks further exacerbates these risks. The plugin's strengths lie in its limited attack surface and secure database practices, but these are overshadowed by critical code-level weaknesses that require immediate attention to prevent potential exploitation.",[241,243,246,249,251],{"reason":242,"points":67},"Dangerous function: create_function used",{"reason":244,"points":245},"Low percentage of output escaping",7,{"reason":247,"points":248},"No nonce checks",5,{"reason":250,"points":248},"No capability checks",{"reason":252,"points":253},"No taint analysis performed",3,"2026-03-16T23:35:05.739Z",{"wat":256,"direct":261},{"assetPaths":257,"generatorPatterns":258,"scriptPaths":259,"versionParams":260},[],[],[],[],{"cssClasses":262,"htmlComments":263,"htmlAttributes":264,"restEndpoints":265,"jsGlobals":266,"shortcodeOutput":267},[],[],[],[],[],[]]