Plugin: widget-logic

Audits (1)

Malicious Audit #10 baseline 5.10.4 → head 6.0.0 suspect widgetlogics 10d ago

Verdict: malicious. Confirmed supply-chain compromise matching the disclosed attack at anchor.host/how-i-caught-a-wordpress-plugin-supply-chain-attack and covered by TheNextWeb, Yahoo Tech, BigGo, byteiota, and others.

Read full audit →

Alerts (0)

No open alerts.

Show 6 resolved alerts

High version_compare_trap Resolved · audit:malicious 2026-04-27 11:03:09 (5d ago)

Slug widget-logic

Active traps

Trap version	Trap released	Blocked by	Blocked on
`6.02`	2024-08-28 16:44:46	`6.0.3`	2024-09-27 08:54:19
`6.07`	2026-01-07 15:33:10	`6.0.9`	2026-01-15 09:43:08
`6.08`	2026-01-12 13:03:54	`6.0.9`	2026-01-15 09:43:08

Explanation Plugin released 6.02 (parses as higher than canonical X.0.N series), then later released 6.0.3 which parses LOWER — users who installed the trap version cannot auto-update to the canonical release.

View raw JSON

{
    "slug": "widget-logic",
    "active_traps": [
        {
            "trap_version": "6.02",
            "trap_released": "2024-08-28 16:44:46",
            "blocked_by": "6.0.3",
            "blocked_on": "2024-09-27 08:54:19"
        },
        {
            "trap_version": "6.07",
            "trap_released": "2026-01-07 15:33:10",
            "blocked_by": "6.0.9",
            "blocked_on": "2026-01-15 09:43:08"
        },
        {
            "trap_version": "6.08",
            "trap_released": "2026-01-12 13:03:54",
            "blocked_by": "6.0.9",
            "blocked_on": "2026-01-15 09:43:08"
        }
    ],
    "explanation": "Plugin released 6.02 (parses as higher than canonical X.0.N series), then later released 6.0.3 which parses LOWER \u2014 users who installed the trap version cannot auto-update to the canonical release."
}

High domain_younger_than_plugin Resolved · no_longer_matches 2026-04-27 00:52:28 (5d ago)

Slug	widget-logic
Domain	`widgetlogic.org`
Domain source	`c2_http_call`
Domain registered at	2024-06-06
Plugin earliest commit	2008-02-27 17:09:03
Plugin latest release	2026-04-14 16:15:34
Gap days	5,943
Domain age at release	677
Active installs	100,000

View raw JSON

{
    "slug": "widget-logic",
    "domain": "widgetlogic.org",
    "domain_source": "c2_http_call",
    "domain_registered_at": "2024-06-06",
    "plugin_earliest_commit": "2008-02-27 17:09:03",
    "plugin_latest_release": "2026-04-14 16:15:34",
    "gap_days": 5943,
    "domain_age_at_release": 677,
    "active_installs": 100000
}

Critical code_scan_match Resolved · audit:malicious 2026-04-25 20:27:09 (6d ago)

Slug widget-logic

Finding count 27

Findings

Pattern	Kind	File	Line	Snippet	Confidence
`widgetlogic.org`	`ioc:domain`	`widget_logic.php`	9	Author URI: https://widgetlogic.org	`high`
`wpconfig_write`	`builtin`	`widget/test-widget-logic.php`	310	`run_test_case(29, 'file_get_contents("wp-config.php")', false, true);`	`medium`
`widgetlogic.org`	`ioc:domain`	`widget_cfg.php`	29	'base' => getenv_docker('WORDPRESS_PLUGIN_WGL_BASE_URL', 'https://widgetlogic.org')	`high`
`WORDPRESS_PLUGIN_WGL_BASE_URL`	`ioc:code_pattern`	`widget_cfg.php`	29	'base' => getenv_docker('WORDPRESS_PLUGIN_WGL_BASE_URL', 'https://widgetlogic.org')	`high`
`widget_logic_getServiceVersion`	`ioc:code_pattern`	`widget_cfg.php`	18	`if (!function_exists('widget_logic_getServiceVersion')) {`	`high`
`widget_logic_getServiceVersion`	`ioc:code_pattern`	`widget_cfg.php`	19	`function widget_logic_getServiceVersion()`	`high`
`widget_logic_getServiceVersion`	`ioc:code_pattern`	`widget_cfg.php`	28	`'ver' => widget_logic_getServiceVersion(),`	`high`
`widgetlogic.org`	`ioc:domain`	`WidgetLogicAdminConfig.php`	72	* Also you can add our built-in widgets like Live Match and other that can refer to <a href="https://widgetlogic.org">widgetlogic.org</a> data <br/>	`high`
`live_match_widget`	`ioc:code_pattern`	`block_widget/index.php`	7	`register_logic_live_match_widget_service();`	`medium`
`remote_enqueue`	`builtin`	`widget.php`	93	wp_register_script( 'widget-logic_live_match_widget', "{$url}{$ver}/js/data.js?t={$t}", array(), '6.0.9', true);	`medium`
`widget-logic_live_match_widget`	`ioc:code_pattern`	`widget.php`	43	`wp_enqueue_script('widget-logic_live_match_widget');`	`high`
`widget-logic_live_match_widget`	`ioc:code_pattern`	`widget.php`	86	`if (!wp_script_is('widget-logic_live_match_widget', 'registered')) {`	`high`
`widget-logic_live_match_widget`	`ioc:code_pattern`	`widget.php`	93	wp_register_script( 'widget-logic_live_match_widget', "{$url}{$ver}/js/data.js?t={$t}", array(), '6.0.9', true);	`high`
`live_match_widget`	`ioc:code_pattern`	`widget.php`	4	`class Widget_Logic_Live_Match_Widget extends WP_Widget {`	`medium`
`live_match_widget`	`ioc:code_pattern`	`widget.php`	12	`'classname' => 'live_match_widget',`	`medium`

View raw JSON

{
    "slug": "widget-logic",
    "finding_count": 27,
    "findings": [
        {
            "pattern": "widgetlogic.org",
            "kind": "ioc:domain",
            "file": "widget_logic.php",
            "line": 9,
            "snippet": "Author URI:  https://widgetlogic.org",
            "confidence": "high"
        },
        {
            "pattern": "wpconfig_write",
            "kind": "builtin",
            "file": "widget/test-widget-logic.php",
            "line": 310,
            "snippet": "run_test_case(29, 'file_get_contents(\"wp-config.php\")', false, true);",
            "confidence": "medium"
        },
        {
            "pattern": "widgetlogic.org",
            "kind": "ioc:domain",
            "file": "widget_cfg.php",
            "line": 29,
            "snippet": "'base' => getenv_docker('WORDPRESS_PLUGIN_WGL_BASE_URL', 'https://widgetlogic.org')",
            "confidence": "high"
        },
        {
            "pattern": "WORDPRESS_PLUGIN_WGL_BASE_URL",
            "kind": "ioc:code_pattern",
            "file": "widget_cfg.php",
            "line": 29,
            "snippet": "'base' => getenv_docker('WORDPRESS_PLUGIN_WGL_BASE_URL', 'https://widgetlogic.org')",
            "confidence": "high"
        },
        {
            "pattern": "widget_logic_getServiceVersion",
            "kind": "ioc:code_pattern",
            "file": "widget_cfg.php",
            "line": 18,
            "snippet": "if (!function_exists('widget_logic_getServiceVersion')) {",
            "confidence": "high"
        },
        {
            "pattern": "widget_logic_getServiceVersion",
            "kind": "ioc:code_pattern",
            "file": "widget_cfg.php",
            "line": 19,
            "snippet": "function widget_logic_getServiceVersion()",
            "confidence": "high"
        },
        {
            "pattern": "widget_logic_getServiceVersion",
            "kind": "ioc:code_pattern",
            "file": "widget_cfg.php",
            "line": 28,
            "snippet": "'ver' => widget_logic_getServiceVersion(),",
            "confidence": "high"
        },
        {
            "pattern": "widgetlogic.org",
            "kind": "ioc:domain",
            "file": "WidgetLogicAdminConfig.php",
            "line": 72,
            "snippet": "* Also you can add our built-in widgets like Live Match and other that can refer to <a href=\"https://widgetlogic.org\">widgetlogic.org</a> data <br/>",
            "confidence": "high"
        },
        {
            "pattern": "live_match_widget",
            "kind": "ioc:code_pattern",
            "file": "block_widget/index.php",
            "line": 7,
            "snippet": "register_logic_live_match_widget_service();",
            "confidence": "medium"
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "widget.php",
            "line": 93,
            "snippet": "wp_register_script( 'widget-logic_live_match_widget', \"{$url}{$ver}/js/data.js?t={$t}\", array(), '6.0.9', true);",
            "confidence": "medium"
        },
        {
            "pattern": "widget-logic_live_match_widget",
            "kind": "ioc:code_pattern",
            "file": "widget.php",
            "line": 43,
            "snippet": "wp_enqueue_script('widget-logic_live_match_widget');",
            "confidence": "high"
        },
        {
            "pattern": "widget-logic_live_match_widget",
            "kind": "ioc:code_pattern",
            "file": "widget.php",
            "line": 86,
            "snippet": "if (!wp_script_is('widget-logic_live_match_widget', 'registered')) {",
            "confidence": "high"
        },
        {
            "pattern": "widget-logic_live_match_widget",
            "kind": "ioc:code_pattern",
            "file": "widget.php",
            "line": 93,
            "snippet": "wp_register_script( 'widget-logic_live_match_widget', \"{$url}{$ver}/js/data.js?t={$t}\", array(), '6.0.9', true);",
            "confidence": "high"
        },
        {
            "pattern": "live_match_widget",
            "kind": "ioc:code_pattern",
            "file": "widget.php",
            "line": 4,
            "snippet": "class Widget_Logic_Live_Match_Widget extends WP_Widget {",
            "confidence": "medium"
        },
        {
            "pattern": "live_match_widget",
            "kind": "ioc:code_pattern",
            "file": "widget.php",
            "line": 12,
            "snippet": "'classname' => 'live_match_widget',",
            "confidence": "medium"
        }
    ]
}

High version_compare_trap Resolved · no_longer_matches 2026-04-25 12:19:25 (7d ago)

Slug widget-logic

Active traps

Trap version	Trap released	Blocked by	Blocked on
`6.02`	2024-08-28 16:44:46	`6.0.3`	2024-09-27 08:54:19
`6.07`	2026-01-07 15:33:10	`6.0.9`	2026-01-15 09:43:08
`6.08`	2026-01-12 13:03:54	`6.0.9`	2026-01-15 09:43:08

Explanation Plugin released 6.02 (parses as higher than canonical X.0.N series), then later released 6.0.3 which parses LOWER — users who installed the trap version cannot auto-update to the canonical release.

View raw JSON

{
    "slug": "widget-logic",
    "active_traps": [
        {
            "trap_version": "6.02",
            "trap_released": "2024-08-28 16:44:46",
            "blocked_by": "6.0.3",
            "blocked_on": "2024-09-27 08:54:19"
        },
        {
            "trap_version": "6.07",
            "trap_released": "2026-01-07 15:33:10",
            "blocked_by": "6.0.9",
            "blocked_on": "2026-01-15 09:43:08"
        },
        {
            "trap_version": "6.08",
            "trap_released": "2026-01-12 13:03:54",
            "blocked_by": "6.0.9",
            "blocked_on": "2026-01-15 09:43:08"
        }
    ],
    "explanation": "Plugin released 6.02 (parses as higher than canonical X.0.N series), then later released 6.0.3 which parses LOWER \u2014 users who installed the trap version cannot auto-update to the canonical release."
}

Critical new_committer_young_account Resolved · audit:malicious 2026-04-22 02:50:47 (10d ago)

Slug	widget-logic
Committer	widgetlogics
Display name	`Widgetlogic.org`
Member since	2024-08-01
First commit at	2024-08-06 08:08:31
Account age at first commit	5
Commit count	12
Active installs	100,000

View raw JSON

{
    "slug": "widget-logic",
    "committer": "widgetlogics",
    "display_name": "Widgetlogic.org",
    "member_since": "2024-08-01",
    "first_commit_at": "2024-08-06 08:08:31",
    "account_age_at_first_commit": 5,
    "commit_count": 12,
    "active_installs": 100000
}

Critical new_committer_young_account Resolved · deduped 2026-04-21 18:24:41 (10d ago)

Slug	widget-logic
Committer	widgetlogics
Display name	`Widgetlogic.org`
Member since	2024-08-01
First commit at	2024-08-06 08:08:31
Account age at first commit	5
Commit count	12
Active installs	100,000

View raw JSON

{
    "slug": "widget-logic",
    "committer": "widgetlogics",
    "display_name": "Widgetlogic.org",
    "member_since": "2024-08-01",
    "first_commit_at": "2024-08-06 08:08:31",
    "account_age_at_first_commit": 5,
    "commit_count": 12,
    "active_installs": 100000
}

SVN committers (5)

Accounts with actual commit access to widget-logic on plugins.svn.wordpress.org, reconstructed from svn log. This is the list that matters for ownership changes — not the readme contributors.

Committer	Member since	Commits	First commit	Latest commit
alanft	2006-08-07	112	2008-02-28 · r33295	2015-04-13 · r1133957
WPChef	2016-06-23	18	2017-02-06 · r1590154	2019-07-03 · r2116998
Widgetlogic.org Young account	2024-08-01	12	2024-08-06 · r3131425	2026-01-15 · r3440192
Francisco Torres	2012-02-08	1	2026-04-14 · r3506247	2026-04-14 · r3506247
plugin-master	2007-03-09	1	2008-02-27 · r33155	2008-02-27 · r33155

Readme contributors (1)

Names the plugin's readme declares as contributors. A soft signal — anyone can be listed. The SVN access column is the ground-truth cross-reference: does this contributor actually commit code?

Contributor	Member since	SVN access	Status
Widgetlogic.org	2024-08-01	12 commits	Active

Versions (41 most recent)

Version	Released	Download
6.9	2026-04-14 · 17d ago	—
6.0.9	2026-01-15 · 3mo ago	—
6.08	2026-01-12 · 3mo ago	—
6.07	2026-01-07 · 3mo ago	—
6.0.6	2025-07-17 · 9mo ago	—
6.0.5	2025-03-21 · 1y ago	—
6.0.4	2024-10-14 · 1y ago	—
6.0.3	2024-09-27 · 1y ago	—
6.02	2024-08-28 · 1y ago	—
6.0.1	2024-08-14 · 1y ago	—
6.0.0	2024-08-06 · 1y ago	—
5.10.4	2019-07-03 · 6y ago	—
5.10.3	2019-07-01 · 6y ago	—
5.10.2	2019-06-26 · 6y ago	—
5.9.0	2017-11-14 · 8y ago	—
5.8.2	2017-06-12 · 8y ago	—
5.8.1	2017-05-17 · 8y ago	—
5.8.0	2017-05-17 · 8y ago	—
5.7.4	2017-04-26 · 9y ago	—
5.7.3	2017-04-25 · 9y ago	—
5.7.2	2017-02-09 · 9y ago	—
5.7.1	2017-02-08 · 9y ago	—
5.7.0	2017-02-06 · 9y ago	—
0.57	2015-02-16 · 11y ago	—
0.56	2013-01-06 · 13y ago	—
0.55	2013-01-06 · 13y ago	—
0.54	2012-12-20 · 13y ago	—
0.52	2012-05-01 · 14y ago	—
0.51	2011-12-28 · 14y ago	—
0.50	2011-12-28 · 14y ago	—
0.48	2011-04-02 · 15y ago	—
0.47	2011-02-06 · 15y ago	—
0.46	2010-01-12 · 16y ago	—
0.45	2009-02-08 · 17y ago	—
0.44	2009-01-13 · 17y ago	—
0.43	2009-01-06 · 17y ago	—
0.42	2008-05-19 · 17y ago	—
0.4	2008-04-20 · 18y ago	—
0.31	2008-04-03 · 18y ago	—
0.3	2008-02-29 · 18y ago	—
0.2	2008-02-29 · 18y ago	—

Widget Logic

Audits (1)

Alerts (0)

SVN committers (5)

Readme contributors (1)

Versions (41 most recent)