[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$faEkoRP8CedqpjOYCi7xCrPscXGfEJr76I4I81MyCkjc":3},{"slug":4,"display_name":4,"profile_url":5,"plugin_count":6,"total_installs":7,"avg_security_score":8,"avg_patch_time_days":7,"trust_score":9,"computed_at":10,"plugins":11},"jwz","https:\u002F\u002Fprofiles.wordpress.org\u002Fjwz\u002F",2,30,100,94,"2026-04-04T15:11:41.709Z",[12,33],{"slug":13,"name":14,"version":15,"author":4,"author_profile":5,"description":16,"short_description":17,"active_installs":18,"downloaded":19,"rating":8,"num_ratings":20,"last_updated":21,"tested_up_to":22,"requires_at_least":23,"requires_php":24,"tags":25,"homepage":28,"download_link":29,"security_score":8,"vuln_count":30,"unpatched_count":30,"last_vuln_date":31,"fetched_at":32},"mirror-gravatar","Mirror Gravatar","1.5","\u003Cp>Locally mirrors commenters’ Gravatar, Libravatar and Mastodon avatars and serves them from your site, rather than loading them from a third-party web site upon each page load.\u003C\u002Fp>\n\u003Cp>This has several effects:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>If most of the comments on a post have no avatar, those turn into \u003Cem>one\u003C\u002Fem> load of a shared image, instead of one for each comment, that happens to return the same “mystery” image.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>You will be serving more (small) images.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>If a commenter’s URL looks like a link to a Mastodon \u002F ActivityPub profile, their Mastodon account’s avatar will be displayed.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>When commenting, a live preview of the avatar tracks the contents of the “Email” field.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.gravatar.com\u002F\" rel=\"nofollow ugc\">gravatar.com\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwww.libravatar.org\u002F\" rel=\"nofollow ugc\">libravatar.org\u003C\u002Fa> no longer have a web-bug on your blog that is loaded by each viewer.  Instead of being loaded at every page view, the avatar is loaded just once, on the server-side, at the time each new comment is posted.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>If someone changes or deletes their avatar, your site continues displaying the image that was their avatar at the time that they last posted.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Likewise, the user’s Gravatar or Mastodon profile is saved along with their comment, viewable by admins even if they later change or delete it.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Security and Privacy\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.libravatar.org\u002F\" rel=\"nofollow ugc\">Libravatar\u003C\u002Fa> is open source. Gravatar is \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FGravatar\" rel=\"nofollow ugc\">owned by WordPress\u003C\u002Fa>, and their \u003Ca href=\"https:\u002F\u002Fautomattic.com\u002Fprivacy\u002F\" rel=\"nofollow ugc\">privacy policy\u003C\u002Fa> says that they don’t monetize that info.  But hey, corporate policies change, subpoenas exist, and domain names get sold.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Should you trust Gravatar with user data? Well, in 2024, Gravatar announced that they are \u003Ca href=\"https:\u002F\u002Fjwz.org\u002Fb\u002FykXF\" rel=\"nofollow ugc\">pivoting to blockchain\u003C\u002Fa>, whatever that means, so that’s fairly disqualifying. See also \u003Ca href=\"https:\u002F\u002Fjwz.org\u002Fb\u002FykPk\" rel=\"nofollow ugc\">WordPress “growth hacking”\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fjwz.org\u002Fb\u002FykNg\" rel=\"nofollow ugc\">WordPress sells users’ data to train AI tools\u003C\u002Fa>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>There used to be a potential issue due to \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FGravatar#Security_concerns_and_data_breaches\" rel=\"nofollow ugc\">Gravatars using MD5 hashes\u003C\u002Fa>, but these days they use SHA256, so I assume that’s no longer a problem.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Locally mirror commenters' Gravatar or Mastodon profile images.",20,1723,1,"2025-07-31T00:10:00.000Z","6.8.5","2.7","",[26,27],"comments","gravatar","https:\u002F\u002Fwww.jwz.org\u002Fmirror-gravatar\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmirror-gravatar.1.5.zip",0,null,"2026-03-15T15:16:48.613Z",{"slug":34,"name":35,"version":36,"author":4,"author_profile":5,"description":37,"short_description":38,"active_installs":39,"downloaded":40,"rating":30,"num_ratings":30,"last_updated":24,"tested_up_to":22,"requires_at_least":23,"requires_php":24,"tags":41,"homepage":43,"download_link":44,"security_score":8,"vuln_count":30,"unpatched_count":30,"last_vuln_date":31,"fetched_at":45},"base64-shortlinks","Base64 Shortlinks","1.7","\u003Cp>The default WordPress “shortlink” URLs look like this: \u003Ccode>http:\u002F\u002Fwww.example.com\u002Fblog\u002F?p=123\u003C\u002Fcode>, where “\u003Ccode>123\u003C\u002Fcode>” is actually a 7+ digit decimal number. This plugin shrinks your shortlinks by encoding that number into only 4 characters, and using the abbreviated URL prefix of your choice.\u003C\u002Fp>\n\u003Cp>On my site, the default shortlinks are 35 bytes long, even though I have a very short domain name. This plugin shrinks them to 21 total bytes, which is comparable to most public URL-shortener services, and better than many.\u003C\u002Fp>\n\u003Cp>E.g., this: \u003Ccode>http:\u002F\u002Fwww.jwz.org\u002Fblog\u002F?p=13240780\u003C\u002Fcode>\u003Cbr \u002F>\nbecomes: \u003Ccode>http:\u002F\u002Fjwz.org\u002Fb\u002FygnM\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>This doesn’t affect your (long) permalinks: those can still be in whatever format you like.\u003C\u002Fp>\n","This plugin makes your shortlinks shorter!",10,3736,[42],"shortlinks","https:\u002F\u002Fwww.jwz.org\u002Fbase64-shortlinks\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbase64-shortlinks.1.7.zip","2026-03-15T10:48:56.248Z"]