[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fJ0U2lIrlov0aPeKRBh0bXnLfW55860JShVnCjOWuOoM":3},{"slug":4,"name":4,"version":5,"author":6,"author_profile":7,"description":8,"short_description":9,"active_installs":10,"downloaded":11,"rating":12,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":22,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":32,"analysis":133,"fingerprints":210},"codoforum-sso","1.1","evnix","https:\u002F\u002Fprofiles.wordpress.org\u002Fevnix\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fcodoforum.com\" rel=\"nofollow ugc\">Codoforum\u003C\u002Fa> is a modern forum software built for better user engagement.\u003Cbr \u002F>\nwordpress-codoforum-sso plugin allows you to integrate this forum with your wordpress website.\u003Cbr \u002F>\nIt uses SSO, this means, users once logged into your website will be automatically logged into codoforum.\u003C\u002Fp>\n","Integrates Codoforum forum software with WordPress using SSO(Single Sign On)",10,4854,100,1,"2020-09-29T14:26:00.000Z","5.5.18","3.1","",[19,20,21],"codoforum","forum","sso","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcodoforum-sso.1.1.0.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":6,"display_name":6,"profile_url":7,"plugin_count":13,"total_installs":10,"avg_security_score":23,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},30,84,"2026-04-04T14:13:52.608Z",[33,57,74,90,114],{"slug":34,"name":35,"version":36,"author":37,"author_profile":38,"description":39,"short_description":40,"active_installs":41,"downloaded":42,"rating":43,"num_ratings":44,"last_updated":45,"tested_up_to":46,"requires_at_least":47,"requires_php":48,"tags":49,"homepage":52,"download_link":53,"security_score":54,"vuln_count":55,"unpatched_count":24,"last_vuln_date":56,"fetched_at":26},"wp-discourse","WP Discourse","2.6.1","scossar","https:\u002F\u002Fprofiles.wordpress.org\u002Fscossar\u002F","\u003Cp>The WP Discourse plugin acts as an interface between your WordPress site and your\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fwww.discourse.org\u002F\" rel=\"nofollow ugc\">Discourse\u003C\u002Fa> community.\u003C\u002Fp>\n\u003Ch3>Use Discourse for comments:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Automatically creates a forum topic for discussion when a new blog post is published.\u003C\u002Fli>\n\u003Cli>Associates WP author accounts with their respective Discourse accounts. Does not require DiscourseConnect.\u003C\u002Fli>\n\u003Cli>Replies from the forum discussion can be embedded in the WP blog post. Select which replies to display\u003Cbr \u002F>\nbased on post score and commenter “trust level” — see docs.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>See it live\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fblog.discourse.org\u002F\" rel=\"nofollow ugc\">blog.discourse.org\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fboingboing.net\u002F\" rel=\"nofollow ugc\">boingboing.net\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>DiscourseConnect\u003C\u002Fh3>\n\u003Cp>The plugin also comes with optional DiscourseConnect functionality which lets you use your WordPress site as the\u003Cbr \u002F>\nDiscourseConnect provider for your Discourse forum.\u003C\u002Fp>\n\u003Cp>This will override Discourse’s native (and powerful) login flow and is only recommended for use cases\u003Cbr \u002F>\nthat strictly require such a setup, e.g. a site that is already using WordPress for large scale user management.\u003C\u002Fp>\n\u003Ch3>Authentication from Discourse to WordPress\u003C\u002Fh3>\n\u003Cp>The plugin allows you to use Discourse as an authentication provider for your WordPress site.\u003C\u002Fp>\n\u003Ch3>Note\u003C\u002Fh3>\n\u003Cp>The WP Discourse plugin requires PHP version 5.4.0 and greater. If >=PHP-5.4.0 is not available, the plugin installation\u003Cbr \u002F>\nwill fail.\u003C\u002Fp>\n\u003Ch3>Contact\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>The plugin is being developed by \u003Ca href=\"https:\u002F\u002Fmeta.discourse.org\u002Fu\u002FSimon_Cossar\u002Fsummary\" rel=\"nofollow ugc\">Simon Cossar\u003C\u002Fa> on behalf of the Discourse team.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Bug reports and other developer inquiries should be directed at our GitHub Issues:\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fdiscourse\u002Fwp-discourse\u002Fissues\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Fdiscourse\u002Fwp-discourse\u002Fissues\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Please post support requests to our \u003Ca href=\"https:\u002F\u002Fmeta.discourse.org\u002Fc\u002Fsupport\u002Fwordpress\" rel=\"nofollow ugc\">dedicated support forum\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin allows you to use Discourse as a community engine for your WordPress website. The plugin is not a substitute for Disqus type commenting sy &hellip;",1000,124484,90,8,"2026-01-29T20:10:00.000Z","6.9.0","5.1","5.6",[50,51,20,21],"comments","discourse","https:\u002F\u002Fgithub.com\u002Fdiscourse\u002Fwp-discourse","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-discourse.2.6.1.zip",98,2,"2025-10-31 16:59:07",{"slug":58,"name":59,"version":5,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":10,"downloaded":64,"rating":65,"num_ratings":13,"last_updated":66,"tested_up_to":67,"requires_at_least":16,"requires_php":17,"tags":68,"homepage":72,"download_link":73,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26},"forumial-sso","Forumial – Cloud Forum Platform – SSO","chuyenim","https:\u002F\u002Fprofiles.wordpress.org\u002Fchuyenim\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fforumial.com?ref=wordpress\" rel=\"nofollow ugc\">Forumial\u003C\u002Fa> is a modern cloud forum built for better user engagement.\u003Cbr \u002F>\n“Forumial – Cloud Forum Platform – SSO” plugin allows you to integrate this forum with your wordpress website.\u003Cbr \u002F>\nIt uses SSO, this means, users once logged into your website will be automatically logged into Forumial.\u003C\u002Fp>\n\u003Ch3>User Data\u003C\u002Fh3>\n\u003Cp>This plugin helps you to share user information from your WordPress site with your \u003Ca href=\"https:\u002F\u002Fforumial.com\u002F?ref=wordpress\" rel=\"nofollow ugc\">Forumial forum\u003C\u002Fa>.\u003Cbr \u002F>\nMake sure you understand the terms of use here: https:\u002F\u002Fforumial.com\u002Fterms-conditions.html\u003C\u002Fp>\n","Integrates Forumial forum software with WordPress using SSO (Single Sign On)",1921,20,"2021-07-22T09:09:00.000Z","5.6.17",[69,20,70,71,21],"cloud-forum","forum-platform","forumail","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fforumial-sso","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fforumial-sso.1.1.zip",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":10,"downloaded":82,"rating":12,"num_ratings":83,"last_updated":84,"tested_up_to":85,"requires_at_least":86,"requires_php":17,"tags":87,"homepage":88,"download_link":89,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26},"pt-wp-discourse-sso","PrimeTime WordPress + Discourse SSO","0.2.3","etcio","https:\u002F\u002Fprofiles.wordpress.org\u002Fetcio\u002F","\u003Cp>Discourse is a fantastic new forum that can add another layer to your WordPress community. This plugin allows you to create a fluid experience by using your WordPress installation as the authentication server, creating a single-sign-on (SSO) for your users!\u003C\u002Fp>\n\u003Cp>Notes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The Discourse option “Staff must approve all new user accounts before they are allowed to access the site.” needs to be disabled for this to work properly.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Some Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Seamless integration into almost any WordPress installation.\u003C\u002Fli>\n\u003Cli>Get setup within minutes through 3 easy steps. Anyone can do it.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Coming Soon:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Only allow access with certain capabilities or roles.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Request processing adapted from Adam Capirola : https:\u002F\u002Fgist.github.com\u002Fadamcapriola\u002F11300529\u003C\u002Fli>\n\u003Cli>SSO methods adapted from ArmedGuy : https:\u002F\u002Fgithub.com\u002FArmedGuy\u002Fdiscourse_sso_php\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin provides single sign-on capabilities for Discourse using WordPress user authentication.",6411,6,"2015-05-04T20:03:00.000Z","4.2.39","3.6",[51,20,21],"http:\u002F\u002Fetc.io","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpt-wp-discourse-sso.0.2.3.zip",{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":98,"downloaded":99,"rating":100,"num_ratings":101,"last_updated":102,"tested_up_to":103,"requires_at_least":104,"requires_php":105,"tags":106,"homepage":110,"download_link":111,"security_score":112,"vuln_count":83,"unpatched_count":24,"last_vuln_date":113,"fetched_at":26},"bbpress","bbPress","2.6.14","John James Jacoby","https:\u002F\u002Fprofiles.wordpress.org\u002Fjohnjamesjacoby\u002F","\u003Cp>Are you looking for a timeless, elegant, and streamlined discussion board? bbPress is easy to integrate, easy to use, and is built to scale with your growing community.\u003C\u002Fp>\n\u003Cp>bbPress is intentionally simple yet infinitely powerful forum software, built by contributors to WordPress.\u003C\u002Fp>\n","bbPress is forum software for WordPress.",100000,9266210,78,343,"2025-07-02T15:44:00.000Z","6.9.4","6.0","5.6.20",[107,20,108,109],"discussion","forums","support","https:\u002F\u002Fbbpress.org","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbbpress.2.6.14.zip",91,"2025-03-04 00:00:00",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":122,"downloaded":123,"rating":12,"num_ratings":83,"last_updated":124,"tested_up_to":125,"requires_at_least":126,"requires_php":127,"tags":128,"homepage":131,"download_link":132,"security_score":12,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26},"blossomthemes-toolkit","BlossomThemes Toolkit","2.2.7","Blossom Themes","https:\u002F\u002Fprofiles.wordpress.org\u002Fblossomthemes\u002F","\u003Cp>BlossomThemes Toolkit is a lightweight and safe plugin that generates 12 much-necessary custom widgets. This plugin is optimized for BlossomTheme’s themes but also works great with other themes.\u003C\u002Fp>\n\u003Ch4>Widgets included in  BlossomThemes Toolkit\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Blossom: Advertisement– This widget lets you add advertisements on your website.\u003C\u002Fli>\n\u003Cli>Blossom: Author Bio– You can place the author bio on sidebars using this widget.\u003C\u002Fli>\n\u003Cli>Blossom: Custom Categories– You can add images to the categories and also display post counts of the selected category using this widget.\u003C\u002Fli>\n\u003Cli>Blossom: Facebook Page– This widget allows you to show your Facebook page on your WordPress website.\u003C\u002Fli>\n\u003Cli>Blossom: Image Text– You can add your favorite image with caption and link with this widget.\u003C\u002Fli>\n\u003Cli>Blossom: Pinterest– This widget lets you show your latest pins on your WordPress website.\u003C\u002Fli>\n\u003Cli>Blossom: Popular Post- This widget helps you show popular posts of your website.\u003C\u002Fli>\n\u003Cli>Blossom: Posts Category Slider– You can display the posts of selected category in a slider using this widget.\u003C\u002Fli>\n\u003Cli>Blossom: Recent Post– This widget helps you display recent posts of your website.\u003C\u002Fli>\n\u003Cli>Blossom: Snapchat Snapcode– You can show your Snapchat’s snapcode using this widget.\u003C\u002Fli>\n\u003Cli>Blossom: Social Media– This widget allows you to add social media links on your website.\u003C\u002Fli>\n\u003Cli>Blossom: Twitter Feed– You can now show your twitter news feed right on your website using this widget\u003C\u002Fli>\n\u003C\u002Ful>\n","BlossomThemes Toolkit provides you necessary widgets for better and effective blogging.",30000,944329,"2025-05-26T06:13:00.000Z","6.8.5","4.4.0","7.4",[129,130],"blossom","toolkit","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fblossomthemes-toolkit\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblossomthemes-toolkit.2.2.7.zip",{"attackSurface":134,"codeSignals":154,"taintFlows":170,"riskAssessment":197,"analyzedAt":209},{"hooks":135,"ajaxHandlers":150,"restRoutes":151,"shortcodes":152,"cronEvents":153,"entryPointCount":24,"unprotectedCount":24},[136,142,146],{"type":137,"name":138,"callback":139,"file":140,"line":141},"action","admin_init","codoforum_register_settings","wordpress-codoforum-sso.php",33,{"type":137,"name":143,"callback":144,"file":140,"line":145},"admin_menu","codoforum_register_options_page",39,{"type":137,"name":147,"callback":148,"file":140,"line":149},"init","init_codoforum_sso",95,[],[],[],[],{"dangerousFunctions":155,"sqlUsage":156,"outputEscaping":158,"fileOperations":24,"externalRequests":24,"nonceChecks":24,"capabilityChecks":24,"bundledLibraries":169},[],{"prepared":24,"raw":24,"locations":157},[],{"escaped":24,"rawEcho":159,"locations":160},3,[161,165,167],{"file":162,"line":163,"context":164},"sso.php",64,"raw output",{"file":140,"line":166,"context":164},53,{"file":140,"line":168,"context":164},57,[],[171,188],{"entryPoint":172,"graph":173,"unsanitizedCount":13,"severity":187},"output_jsonp (sso.php:37)",{"nodes":174,"edges":184},[175,179],{"id":176,"type":177,"label":178,"file":162,"line":163},"n0","source","$_GET['callback']",{"id":180,"type":181,"label":182,"file":162,"line":163,"wp_function":183},"n1","sink","echo() [XSS]","echo",[185],{"from":176,"to":180,"sanitized":186},false,"medium",{"entryPoint":189,"graph":190,"unsanitizedCount":13,"severity":196},"\u003Csso> (sso.php:0)",{"nodes":191,"edges":194},[192,193],{"id":176,"type":177,"label":178,"file":162,"line":163},{"id":180,"type":181,"label":182,"file":162,"line":163,"wp_function":183},[195],{"from":176,"to":180,"sanitized":186},"low",{"summary":198,"deductions":199},"The codoforum-sso v1.1 plugin exhibits a seemingly low-risk profile based on the provided static analysis and vulnerability history. The absence of reported CVEs and the lack of identified dangerous functions, SQL injection vulnerabilities, or file operations are positive indicators. However, the static analysis reveals significant concerns regarding output escaping, with 100% of detected outputs being unescaped. This presents a risk of Cross-Site Scripting (XSS) vulnerabilities if the data being output is not properly sanitized by the application itself.\n\nFurthermore, the taint analysis indicates two flows with unsanitized paths. While classified as not critical or high severity, these flows still represent potential security weaknesses that could be exploited if user-supplied data reaches sensitive functions without adequate validation or sanitization. The complete lack of nonce checks and capability checks on the identified entry points (though there are none) is a concerning pattern that would be a major issue if entry points existed and were unprotected. The overall security posture is thus a mixed bag, with a clean vulnerability history but underlying code quality issues in output handling and data flow sanitization that require attention.",[200,202,205,207],{"reason":201,"points":44},"All outputs unescaped",{"reason":203,"points":204},"Taint flows with unsanitized paths",5,{"reason":206,"points":204},"No capability checks",{"reason":208,"points":204},"No nonce checks","2026-03-17T01:09:07.824Z",{"wat":211,"direct":216},{"assetPaths":212,"generatorPatterns":213,"scriptPaths":214,"versionParams":215},[],[],[],[],{"cssClasses":217,"htmlComments":219,"htmlAttributes":220,"restEndpoints":225,"jsGlobals":226,"shortcodeOutput":227},[218],"wrap",[],[221,222,223,224],"id=\"codoforum_clientid\"","name=\"codoforum_clientid\"","id=\"codoforum_secret\"","name=\"codoforum_secret\"",[],[],[]]