Title: Widget Options Plugin <= 4.1.0 – Arbitrary Code Execution vulnerability Last modified: February 12, 2025 --- # Widget Options Plugin <= 4.1.0 – Arbitrary Code Execution vulnerability * Resolved [hanmedia](https://wordpress.org/support/users/hanmedia/) * (@hanmedia) * [1 year, 3 months ago](https://wordpress.org/support/topic/widget-options-plugin-4-1-0-arbitrary-code-execution-vulnerability/) * HI, * WordPress Toolkit show this message: * WordPress Widget Options Plugin <= 4.1.0 – Arbitrary Code Execution vulnerability Arbitrary Code Execution vulnerability discovered by Tran Nguyen Bao Khanh in WordPress Plugin Widget Options (versions <= 4.1.0) * Regards Olaf Viewing 2 replies - 1 through 2 (of 2 total) * Plugin Author [Mej de Castro](https://wordpress.org/support/users/mej/) * (@mej) * [1 year, 3 months ago](https://wordpress.org/support/topic/widget-options-plugin-4-1-0-arbitrary-code-execution-vulnerability/#post-18301109) * Hi [@hanmedia](https://wordpress.org/support/users/hanmedia/), * Thanks for the update! The Patchstack team has also informed us and our dev team is actively working on a patch as soon as possible. * Please stay tune for update. * Kind Regards, Mej, Widget Options Team * Plugin Author [Mej de Castro](https://wordpress.org/support/users/mej/) * (@mej) * [1 year, 3 months ago](https://wordpress.org/support/topic/widget-options-plugin-4-1-0-arbitrary-code-execution-vulnerability/#post-18313537) * Hi [@hanmedia](https://wordpress.org/support/users/hanmedia/), * The new version has been released, which includes a patch for the vulnerability reported by Patchstack. Please update at your convenience. * Thank you for your patience, and feel free to reach out if you need any further assistance! * Kind Regards, Mej, Widget Options Team Viewing 2 replies - 1 through 2 (of 2 total) The topic ‘Widget Options Plugin <= 4.1.0 – Arbitrary Code Execution vulnerability’ is closed to new replies. * ![](https://ps.w.org/widget-options/assets/icon-256x256.gif?rev=2513739) * [Widget Options – Advanced Conditional Visibility for Gutenberg Blocks & Classic Widgets](https://wordpress.org/plugins/widget-options/) * [Frequently Asked Questions](https://wordpress.org/plugins/widget-options/#faq) * [Support Threads](https://wordpress.org/support/plugin/widget-options/) * [Active Topics](https://wordpress.org/support/plugin/widget-options/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/widget-options/unresolved/) * [Reviews](https://wordpress.org/support/plugin/widget-options/reviews/) * 3 replies * 2 participants * Last reply from: [Mej de Castro](https://wordpress.org/support/users/mej/) * Last activity: [1 year, 3 months ago](https://wordpress.org/support/topic/widget-options-plugin-4-1-0-arbitrary-code-execution-vulnerability/#post-18313537) * Status: resolved