[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fLMdz6qK02af1jJjtbr1s9qX97m0j5Js74o2ORLK0_Og":3},{"slug":4,"display_name":5,"profile_url":6,"plugin_count":7,"total_installs":8,"avg_security_score":9,"avg_patch_time_days":10,"trust_score":11,"computed_at":12,"plugins":13},"digitaldive","Digitaldive","https:\u002F\u002Fprofiles.wordpress.org\u002Fdigitaldive\u002F",4,0,100,30,94,"2026-04-03T23:34:10.380Z",[14,35,49,65],{"slug":15,"name":16,"version":17,"author":5,"author_profile":6,"description":18,"short_description":19,"active_installs":8,"downloaded":20,"rating":8,"num_ratings":8,"last_updated":21,"tested_up_to":22,"requires_at_least":23,"requires_php":24,"tags":25,"homepage":31,"download_link":32,"security_score":9,"vuln_count":8,"unpatched_count":8,"last_vuln_date":33,"fetched_at":34},"blocdash-backend-dashboard-toolkit","Blocdash – Backend Dashboard Toolkit","1.0.1","\u003Cp>Blocdash is a modular dashboard framework for WordPress block themes. Enable only the features you need and control access by role. It includes frontend login\u002Fregister\u002Fprofile forms, an announcements feed with likes and replies, and optional Google OAuth login.\u003C\u002Fp>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin can connect to Google services when the optional Google Login and\u002For One Tap features are enabled.\u003C\u002Fp>\n\u003Cp>Service: Google OAuth \u002F Google Identity Services (One Tap)\u003Cbr \u002F>\nWhat it is used for: Allow users to authenticate with their Google account on the front-end login flow.\u003Cbr \u002F>\nWhat data is sent and when:\u003Cbr \u002F>\n– When a user initiates Google Login or One Tap, their browser loads Google’s Identity Services script and is directed to Google for authentication.\u003Cbr \u002F>\n– The site sends the OAuth authorization code, client ID, and client secret to Google’s token endpoint to obtain an access token.\u003Cbr \u002F>\n– The access token is then sent to Google’s userinfo endpoint to retrieve the user’s profile details (such as email address, name, and Google user ID) required to sign them in or create a WordPress account.\u003C\u002Fp>\n\u003Cp>Terms of service: https:\u002F\u002Fpolicies.google.com\u002Fterms\u003Cbr \u002F>\nPrivacy policy: https:\u002F\u002Fpolicies.google.com\u002Fprivacy\u003C\u002Fp>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>If Google Login or One Tap is enabled, the plugin sends requests to Google OAuth endpoints to authenticate users. No other external services are contacted by default.\u003C\u002Fp>\n","Blocdash provides a modular frontend dashboard with announcements, login\u002Fregister\u002Fprofile forms, and optional Google login for block themes.",106,"2026-02-01T16:32:00.000Z","6.9.4","5.8","7.4",[26,27,28,29,30],"announcements","block","dashboard","login","register","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblocdash-backend-dashboard-toolkit.1.0.1.zip",null,"2026-03-15T15:16:48.613Z",{"slug":36,"name":37,"version":38,"author":5,"author_profile":6,"description":39,"short_description":40,"active_installs":8,"downloaded":41,"rating":8,"num_ratings":8,"last_updated":42,"tested_up_to":22,"requires_at_least":23,"requires_php":24,"tags":43,"homepage":31,"download_link":48,"security_score":9,"vuln_count":8,"unpatched_count":8,"last_vuln_date":33,"fetched_at":34},"digitadive-login-with-google-one-tap","DigitaDive Login with Google One Tap","1.1.1","\u003Cp>DigitaDive Login with Google One Tap adds a modern, monochrome Google sign-in experience to WordPress. It supports the One Tap prompt for logged-out visitors and a shortcode for placing the Google button anywhere.\u003C\u002Fp>\n\u003Cp>Google is a trademark of Google LLC. This plugin is not affiliated with or endorsed by Google.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>One Tap prompt across your site (optional)\u003C\u002Fli>\n\u003Cli>Shortcode button: \u003Ccode>[ddgot_google_login]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Login button on WordPress\u002FWooCommerce login and registration forms\u003C\u002Fli>\n\u003Cli>New user creation controls and role assignment\u003C\u002Fli>\n\u003Cli>Admin access restrictions for non-admin users\u003C\u002Fli>\n\u003Cli>Google avatar support\u003C\u002Fli>\n\u003Cli>Optional admin bar hiding for non-admin users\u003C\u002Fli>\n\u003Cli>Optional email domain allowlist\u003C\u002Fli>\n\u003Cli>Optional email allowlist and prompt exclusions\u003C\u002Fli>\n\u003Cli>Optional failure logging and session-based prompt control\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin integrates with Google Identity Services (Google One Tap) to allow users to sign in with their Google account.\u003C\u002Fp>\n\u003Cp>When the One Tap prompt or button is enabled, the user’s browser loads Google’s Identity Services JavaScript from https:\u002F\u002Faccounts.google.com\u002Fgsi\u002Fclient.\u003C\u002Fp>\n\u003Cp>When a user signs in, the plugin sends the Google ID token to Google’s token verification endpoint at https:\u002F\u002Foauth2.googleapis.com\u002Ftokeninfo to validate the token before logging the user in.\u003C\u002Fp>\n\u003Cp>Data sent includes the ID token and request metadata (such as IP address and user agent) required to complete these requests.\u003C\u002Fp>\n\u003Cp>All plugin CSS\u002FJS assets are bundled locally; the only external resources used are Google’s Identity Services script and the token verification endpoint described above.\u003C\u002Fp>\n\u003Cp>Site owners must create a Google OAuth Client ID in Google Cloud Console to use this service, and end users need a Google account to sign in.\u003C\u002Fp>\n\u003Cp>Terms of Service: https:\u002F\u002Fdevelopers.google.com\u002Fterms\u003Cbr \u002F>\nPrivacy Policy: https:\u002F\u002Fpolicies.google.com\u002Fprivacy\u003C\u002Fp>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>This plugin does not store Google passwords. It creates or updates WordPress user accounts using the profile data returned in the ID token and stores the Google avatar URL if provided.\u003C\u002Fp>\n","Secure login with Google One Tap and a button for WordPress with a shortcode and site-wide prompt.",126,"2026-01-19T23:40:00.000Z",[44,29,45,46,47],"google","oauth","one-tap","sso","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdigitadive-login-with-google-one-tap.1.1.1.zip",{"slug":50,"name":51,"version":52,"author":5,"author_profile":6,"description":53,"short_description":54,"active_installs":8,"downloaded":55,"rating":8,"num_ratings":8,"last_updated":56,"tested_up_to":22,"requires_at_least":23,"requires_php":57,"tags":58,"homepage":31,"download_link":64,"security_score":9,"vuln_count":8,"unpatched_count":8,"last_vuln_date":33,"fetched_at":34},"digitaldive-edge-cache-cloudflare","DigitalDive Edge Cache for Cloudflare","1.1.2","\u003Cp>DigitalDive Edge Cache for Cloudflare is a WordPress plugin that adds conservative, SEO-friendly Cloudflare full-page edge caching. It creates and manages Cloudflare cache rules and headers so eligible pages are served from the Cloudflare edge while preserving normal WordPress behavior and compatibility. Faster, more consistent delivery can support performance metrics like Core Web Vitals, page speed, and SEO.\u003C\u002Fp>\n\u003Cp>This plugin is not affiliated with or endorsed by Cloudflare.\u003C\u002Fp>\n\u003Cp>Built by DigitalDive (https:\u002F\u002Fdigitaldive.pro).\u003C\u002Fp>\n\u003Cp>Highlights:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Cloudflare edge caching with safe defaults for logged-in users, POST requests, and common ecommerce flows.\u003C\u002Fli>\n\u003Cli>Simple controls for cache rules, TTL, and exclusions.\u003C\u002Fli>\n\u003Cli>Manual purge tools for entire cache, homepage, or specific URLs.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin connects to the Cloudflare API (https:\u002F\u002Fapi.cloudflare.com\u002Fclient\u002Fv4\u002F) to manage Cloudflare cache rules, purge cache, and fetch cache analytics for your zone.\u003C\u002Fp>\n\u003Cp>It sends:\u003Cbr \u002F>\n– Your Cloudflare account email address and Global API Key (entered in the plugin settings) in request headers.\u003Cbr \u002F>\n– Your Cloudflare Zone ID (entered in the plugin settings) in request URLs.\u003Cbr \u002F>\n– Cache rule definitions (including your site domain and any exclusion paths you configure) when you deploy rules.\u003Cbr \u002F>\n– URLs to purge when you use the purge tools, and when the plugin triggers automatic purges (for example on post publish, approved comments, menu updates, theme switches, or some WooCommerce stock events).\u003C\u002Fp>\n\u003Cp>This service is provided by Cloudflare:\u003Cbr \u002F>\n– Terms of Service: https:\u002F\u002Fwww.cloudflare.com\u002Fterms\u002F\u003Cbr \u002F>\n– Privacy Policy: https:\u002F\u002Fwww.cloudflare.com\u002Fprivacypolicy\u002F\u003C\u002Fp>\n\u003Ch4>YouTube (optional)\u003C\u002Fh4>\n\u003Cp>If you enable “Smart YouTube Previews”, the plugin loads a thumbnail from https:\u002F\u002Fi.ytimg.com\u002F and loads the YouTube embed from https:\u002F\u002Fwww.youtube.com\u002F when a visitor clicks the preview. These requests are made by the visitor’s browser on pages that contain YouTube embeds.\u003C\u002Fp>\n\u003Cp>This service is provided by YouTube (Google):\u003Cbr \u002F>\n– Terms of Service: https:\u002F\u002Fwww.youtube.com\u002Ft\u002Fterms\u003Cbr \u002F>\n– Privacy Policy: https:\u002F\u002Fpolicies.google.com\u002Fprivacy\u003C\u002Fp>\n\u003Ch4>Google Ad services (optional)\u003C\u002Fh4>\n\u003Cp>If you enable “Boost AdSense RPM”, the plugin adds preconnect and dns-prefetch hints for Google ad domains to speed up ad loading. This may cause the visitor’s browser to connect to:\u003Cbr \u002F>\n– https:\u002F\u002Fgoogleads.g.doubleclick.net\u003Cbr \u002F>\n– https:\u002F\u002Fpagead2.googlesyndication.com\u003Cbr \u002F>\n– https:\u002F\u002Ftpc.googlesyndication.com\u003Cbr \u002F>\n– https:\u002F\u002Fadservice.google.com\u003C\u002Fp>\n\u003Cp>This service is provided by Google:\u003Cbr \u002F>\n– Terms: https:\u002F\u002Fpolicies.google.com\u002Fterms\u003Cbr \u002F>\n– Privacy Policy: https:\u002F\u002Fpolicies.google.com\u002Fprivacy\u003C\u002Fp>\n","Conservative Cloudflare full-page edge caching for WordPress with safe defaults.",132,"2026-02-15T17:45:00.000Z","7.0",[59,60,61,62,63],"caching","cdn","cloudflare","core-web-vitals","performance","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdigitaldive-edge-cache-cloudflare.1.1.2.zip",{"slug":66,"name":67,"version":17,"author":5,"author_profile":6,"description":68,"short_description":69,"active_installs":8,"downloaded":70,"rating":8,"num_ratings":8,"last_updated":71,"tested_up_to":22,"requires_at_least":72,"requires_php":57,"tags":73,"homepage":31,"download_link":77,"security_score":9,"vuln_count":8,"unpatched_count":8,"last_vuln_date":33,"fetched_at":34},"oauth2-account-login","OAuth2 Account Login","\u003Cp>WP OAuth2 adds “Login with WordPress.com” (OAuth2) to your WordPress login screen and a connect\u002Fdisconnect widget on user profile pages. It’s designed for agencies and teams managing multiple sites who want a consistent WordPress.com login without installing Jetpack.\u003C\u002Fp>\n\u003Cp>External Service: WordPress.com OAuth2 API\u003Cbr \u002F>\n– Service purpose: Authenticate users with their WordPress.com accounts.\u003Cbr \u002F>\n– Data sent: Client ID, redirect URI, OAuth authorization code, and standard HTTP request metadata during the OAuth flow.\u003Cbr \u002F>\n– Data received: WordPress.com user ID, email, and display name to link or create WordPress users.\u003Cbr \u002F>\n– Service terms: https:\u002F\u002Fwordpress.com\u002Ftos\u002F\u003Cbr \u002F>\n– Privacy policy: https:\u002F\u002Fautomattic.com\u002Fprivacy\u002F\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WordPress.com login (OAuth2 “auth” scope).\u003C\u002Fli>\n\u003Cli>Link or unlink WordPress users to WordPress.com accounts.\u003C\u002Fli>\n\u003Cli>Auto-create users when no matching email exists (optional).\u003C\u002Fli>\n\u003Cli>Allowlist by email domain or WordPress.com user ID (optional).\u003C\u002Fli>\n\u003Cli>Audit log of the last 20 OAuth attempts (optional).\u003C\u002Fli>\n\u003Cli>Stores only WordPress.com user ID in user meta (no access tokens stored).\u003C\u002Fli>\n\u003Cli>Short-lived OAuth state with HttpOnly cookie + transient for CSRF protection.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Setup requires creating a WordPress.com application and adding the redirect URI shown in the plugin settings. Feature toggles let you enable or disable the login button, profile widget, auto-create users, admin notices, allowlists, and the audit log.\u003C\u002Fp>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>This plugin connects to WordPress.com to authenticate users. It stores the WordPress.com user ID in WordPress user meta to link accounts. OAuth access tokens are used during the login flow and are not stored. A short-lived HttpOnly cookie and transient are used for OAuth state validation and expire automatically. If the audit log is enabled, the last 20 OAuth attempts are stored (time, status, IP address, and basic details) in a non-autoloaded option. WordPress.com service terms: https:\u002F\u002Fwordpress.com\u002Ftos\u002F and privacy policy: https:\u002F\u002Fautomattic.com\u002Fprivacy\u002F.\u003C\u002Fp>\n","Add WordPress.com OAuth2 login to WordPress. Let teams sign in with WordPress.com, link accounts, and avoid Jetpack. Not affiliated with Automattic.",187,"2026-02-24T21:08:00.000Z","5.2",[29,74,47,75,76],"oauth2","user-management","wordpress-com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Foauth2-account-login.1.0.1.zip"]