[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fgByELo8YlWGiX0fSD6EDb4OifAOsyUYKS8tJ2g3-7ms":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":37,"analysis":58,"fingerprints":179},"camoo-sso","CAMOO SSO","1.5.8","Camoo Sarl","https:\u002F\u002Fprofiles.wordpress.org\u002Fcamoo\u002F","\u003Cp>Camoo.Hosting Single sign On for Managed WordPress sites,\u003Cbr \u002F>\nThis plugin allows signing in Camoo.Hosting users via SSO to your managed WordPress without having to remember any password of your website.\u003Cbr \u002F>\nPlease note that the user information and role mappings are updated each time the user logs in via SSO. If you do not want to sync the roles from your existing system to WordPress, you can disable the functionality via the settings page.\u003C\u002Fp>\n","Camoo.Hosting Single sign On for WordPress websites.",200,5821,0,"2025-12-31T09:54:00.000Z","6.9.4","5.6","7.4",[19,20,21,22],"camoo-sso-integration","camoo-hosting","hebergement-web-avec-sso","managed-hosting-with-sso","https:\u002F\u002Fgithub.com\u002Fcamoo\u002Fwp-camoo-sso","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcamoo-sso.1.5.8.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"camoo",4,310,96,30,91,"2026-04-04T14:43:22.326Z",[38],{"slug":39,"name":40,"version":41,"author":7,"author_profile":8,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":13,"num_ratings":13,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":49,"tags":50,"homepage":55,"download_link":56,"security_score":57,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"camoo-cdn","CAMOO CDN","2.0.3","\u003Cp>Camoo.Hosting Automatic Integration with CDN for websites. This plugin allows you to easily use CDN on your WordPress and accelerate website loading in any country, handling any load on your service. For optimal performance, CAMOO CDN requires WP Super Cache to be installed and activated on your WordPress site.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Replace static links with CDN links\u003C\u002Fli>\n\u003C\u002Ful>\n","Camoo.Hosting Automatic Integration with CDN for WordPress websites.",60,2292,"2024-11-17T14:00:00.000Z","6.7.5","6.4.3","8.0",[51,20,52,53,54],"camoo-cdn-integration","hebergement-web-avec-cdn","managed-hosting-with-cdn","wordpress-caching","https:\u002F\u002Fgithub.com\u002Fcamoo\u002Fwp-camoo-cdn","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcamoo-cdn.2.0.3.zip",92,{"attackSurface":59,"codeSignals":150,"taintFlows":168,"riskAssessment":169,"analyzedAt":178},{"hooks":60,"ajaxHandlers":141,"restRoutes":142,"shortcodes":143,"cronEvents":148,"entryPointCount":149,"unprotectedCount":13},[61,67,70,74,76,81,85,90,94,98,102,106,110,114,118,122,125,128,133,137],{"type":62,"name":63,"callback":64,"file":65,"line":66},"action","admin_notices","closure","camoo-sso.php",25,{"type":62,"name":68,"callback":64,"file":65,"line":69},"plugins_loaded",36,{"type":62,"name":71,"callback":64,"file":72,"line":73},"init","src\\Bootstrap.php",31,{"type":62,"name":71,"callback":64,"file":72,"line":75},172,{"type":77,"name":78,"callback":79,"file":72,"line":80},"filter","all_plugins","modifyPluginDescription",174,{"type":62,"name":82,"callback":83,"file":72,"line":84},"login_form","addCamooSsoButton",178,{"type":62,"name":86,"callback":87,"file":88,"line":89},"admin_init","initAdmin","src\\Controller\\AdminController.php",38,{"type":62,"name":91,"callback":92,"file":88,"line":93},"admin_menu","addPage",39,{"type":62,"name":68,"callback":95,"file":96,"line":97},"initActions","src\\Services\\Integration.php",44,{"type":77,"name":99,"callback":100,"file":96,"line":101},"login_body_class","addClassBody",69,{"type":62,"name":103,"callback":104,"file":96,"line":105},"wp_loaded","registerSsoFiles",70,{"type":77,"name":107,"callback":108,"file":96,"line":109},"login_headertext","wrapLoginFormStart",71,{"type":62,"name":111,"callback":112,"file":96,"line":113},"login_enqueue_scripts","provideSsoStyle",72,{"type":62,"name":115,"callback":116,"file":96,"line":117},"login_footer","wrapLoginFormEnd",73,{"type":62,"name":119,"callback":120,"file":96,"line":121},"login_init","disablePasswordLogin",74,{"type":62,"name":86,"callback":123,"file":96,"line":124},"ensureAdminCapability",75,{"type":62,"name":126,"callback":64,"file":96,"line":127},"login_form_login",156,{"type":77,"name":129,"callback":130,"file":131,"line":132},"rewrite_rules_array","createRewriteRules","src\\Services\\RewriteService.php",26,{"type":77,"name":134,"callback":135,"file":131,"line":136},"query_vars","addQueryVariables",27,{"type":62,"name":138,"callback":139,"file":131,"line":140},"template_redirect","interceptRedirect",28,[],[],[144],{"tag":145,"callback":146,"file":72,"line":147},"sso_button","generateSsoButton",181,[],1,{"dangerousFunctions":151,"sqlUsage":157,"outputEscaping":159,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":161,"bundledLibraries":167},[152],{"fn":153,"file":154,"line":155,"context":156},"assert","src\\Services\\TokenService.php",64,"assert($this->token instanceof UnencryptedToken);",{"prepared":13,"raw":13,"locations":158},[],{"escaped":160,"rawEcho":161,"locations":162},40,2,[163,165],{"file":65,"line":132,"context":164},"raw output",{"file":72,"line":166,"context":164},99,[],[],{"summary":170,"deductions":171},"The Camoo SSO plugin version 1.5.8 exhibits a generally strong security posture, with several good practices in place. The static analysis reveals a minimal attack surface, with only one shortcode identified as an entry point, and critically, no unprotected AJAX handlers or REST API routes were found. The plugin also demonstrates a commitment to secure coding by utilizing prepared statements for all SQL queries and properly escaping a high percentage of its outputs. The absence of file operations and external HTTP requests further contributes to its secure design.\n\nDespite these strengths, a few areas warrant attention. The presence of the 'assert' dangerous function is a notable concern, as it can be misused for debugging or even as an indirect attack vector if not handled with extreme care. While no direct taint flows were identified, the potential for issues remains if user-supplied data eventually reaches this function without proper sanitization. The lack of nonce checks on its sole entry point (the shortcode) is a potential weakness, as it could be susceptible to CSRF attacks if the shortcode performs any sensitive actions. The plugin's vulnerability history is clean, with no recorded CVEs, which is a positive sign, but it also means there's less historical data to assess long-term security trends or past developer responsiveness.\n\nIn conclusion, Camoo SSO version 1.5.8 is well-developed from a security perspective, particularly in its handling of common web vulnerabilities like SQL injection and output escaping. However, the 'assert' function and the absence of nonce checks on its shortcode represent specific, albeit potentially minor, risks that could be mitigated. The clean vulnerability history is encouraging, but vigilance is always advised.",[172,175],{"reason":173,"points":174},"Dangerous function (assert) found",8,{"reason":176,"points":177},"Missing nonce check on shortcode",7,"2026-03-16T20:22:59.909Z",{"wat":180,"direct":189},{"assetPaths":181,"generatorPatterns":184,"scriptPaths":185,"versionParams":186},[182,183],"\u002Fwp-content\u002Fplugins\u002Fcamoo-sso\u002Fassets\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fcamoo-sso\u002Fassets\u002Fjs\u002Fadmin.js",[],[183],[187,188],"camoo-sso\u002Fassets\u002Fcss\u002Fadmin.css?ver=","camoo-sso\u002Fassets\u002Fjs\u002Fadmin.js?ver=",{"cssClasses":190,"htmlComments":194,"htmlAttributes":195,"restEndpoints":201,"jsGlobals":202,"shortcodeOutput":203},[191,192,193],"camoo-sso-settings-table","camoo-sso-options-table","td-camoo-sso-options",[],[196,197,198,199,200],"name=\"camoo-sso[redirect_to_dashboard]\"","name=\"camoo-sso[sync_roles]\"","name=\"camoo-sso[show_sso_button_login_page]\"","name=\"camoo-sso[allow_login_account]\"","name=\"camoo-sso[disable_username_password_login]\"",[],[],[]]