Does Easy Secure Login – Google One Tap & Sign-In have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Easy Secure Login – Google One Tap & Sign-In compatible with WordPress 6.9.4?

According to WordPress.org data, Easy Secure Login – Google One Tap & Sign-In 2.2.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Easy Secure Login – Google One Tap & Sign-In compatible with PHP 7.4+?

Easy Secure Login – Google One Tap & Sign-In requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Easy Secure Login – Google One Tap & Sign-In updated?

Easy Secure Login – Google One Tap & Sign-In was last updated on Mar 5, 2026. Frequent updates are generally a positive security signal.

What is Easy Secure Login – Google One Tap & Sign-In's security score?

Easy Secure Login – Google One Tap & Sign-In has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Easy Secure Login – Google One Tap & Sign-In Security & Risk Analysis

wordpress.org/plugins/easy-secure-login

Eliminate passwords and secure your site with Google. This plugin replaces WordPress login with a secure Google Sign-In button and frictionless Google …

20 active installs v2.2.1 PHP 7.4+ WP 5.0+ Updated Mar 5, 2026

google-logingoogle-one-tapgoogle-sign-inlogin-redirectpasswordless

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Easy Secure Login – Google One Tap & Sign-In Safe to Use in 2026?

Generally Safe

Score 100/100

Easy Secure Login – Google One Tap & Sign-In has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The 'easy-secure-login' plugin version 2.2.1 demonstrates a generally good security posture based on the static analysis. The absence of known CVEs and a clean vulnerability history are significant strengths. The code also shows strong adherence to secure coding practices, with a high percentage of properly escaped outputs, no direct SQL queries that aren't prepared, and a good number of nonce and capability checks.

However, there are areas that warrant attention. The presence of two taint analysis flows with unsanitized paths, even without critical or high severity, indicates a potential for vulnerabilities if these flows are ever exploited. These represent the most concrete risk identified in the static analysis. Furthermore, the plugin makes three external HTTP requests, which, while not inherently insecure, represent an external dependency that could introduce risks if the remote endpoints are compromised or if data is not handled securely during transmission.

In conclusion, while the plugin has a strong foundation with no known vulnerabilities and good internal security practices, the two unsanitized taint flows are a notable weakness that requires further investigation and potential remediation. The external HTTP requests are a minor concern that should be monitored.

Key Concerns

Flows with unsanitized paths (2)
External HTTP requests (3)

Vulnerabilities

None known

Easy Secure Login – Google One Tap & Sign-In Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Easy Secure Login – Google One Tap & Sign-In Release Timeline

v2.2.1Current

v2.2.0

v2.1.9

v2.1.8

v2.1.7

v2.1.6

v2.1.5

v2.1.4

v2.1.3

v2.1.2

Code Analysis

Analyzed Mar 16, 2026

Easy Secure Login – Google One Tap & Sign-In Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

141 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

95% escaped148 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

handleOneTapCallback (includes\class-eslgp-google-auth.php:31)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Easy Secure Login – Google One Tap & Sign-In Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_eslgp_test_connectionincludes\class-eslgp-admin-settings.php:18

WordPress Hooks 33

actionadmin_noticeseasy-secure-login.php:217

actionadmin_noticeseasy-secure-login.php:235

filterplugin_row_metaeasy-secure-login.php:239

actionadmin_noticeseasy-secure-login.php:243

actionplugins_loadedeasy-secure-login.php:246

actionadmin_menuincludes\class-eslgp-admin-settings.php:15

actionadmin_initincludes\class-eslgp-admin-settings.php:16

actionadmin_enqueue_scriptsincludes\class-eslgp-admin-settings.php:17

actionshow_user_profileincludes\class-eslgp-easy-secure-login.php:39

actionedit_user_profileincludes\class-eslgp-easy-secure-login.php:40

filterget_avatarincludes\class-eslgp-easy-secure-login.php:41

actioninitincludes\class-eslgp-easy-secure-login.php:42

filterrest_authentication_errorsincludes\class-eslgp-easy-secure-login.php:43

filterallowed_redirect_hostsincludes\class-eslgp-easy-secure-login.php:46

filterxmlrpc_enabledincludes\class-eslgp-easy-secure-login.php:140

actiontemplate_redirectincludes\class-eslgp-frontend-hooks.php:14

actionlogin_initincludes\class-eslgp-frontend-hooks.php:15

actionlogin_enqueue_scriptsincludes\class-eslgp-frontend-hooks.php:17

actionlogin_formincludes\class-eslgp-frontend-hooks.php:18

filterlogin_headerurlincludes\class-eslgp-frontend-hooks.php:19

filterlogin_headertextincludes\class-eslgp-frontend-hooks.php:20

filterlogin_body_classincludes\class-eslgp-frontend-hooks.php:21

actionwp_enqueue_scriptsincludes\class-eslgp-frontend-hooks.php:23

actionwp_footerincludes\class-eslgp-frontend-hooks.php:26

actionwp_footerincludes\class-eslgp-frontend-hooks.php:32

filterauthenticateincludes\class-eslgp-frontend-hooks.php:36

filterallow_password_resetincludes\class-eslgp-frontend-hooks.php:37

actionlogin_form_lostpasswordincludes\class-eslgp-frontend-hooks.php:38

actionlogin_form_rpincludes\class-eslgp-frontend-hooks.php:39

actionlogin_form_registerincludes\class-eslgp-frontend-hooks.php:40

actionwp_login_errorsincludes\class-eslgp-frontend-hooks.php:42

actioninitincludes\class-eslgp-google-auth.php:10

actioninitincludes\class-eslgp-google-auth.php:11

Maintenance & Trust

Easy Secure Login – Google One Tap & Sign-In Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 5, 2026

PHP min version7.4

Downloads746

Community Trust

Rating100/100

Number of ratings1

Active installs20

Alternatives

Easy Secure Login – Google One Tap & Sign-In Alternatives

Wapu Auth – Google Social Login for WordPress & WooCommerce

wapu-auth-social-login

100

Google Social Login for WordPress & WooCommerce -- free. Let users register and login with their Google account in one click. No passwords, no forms.

20 No CVEs

Temporary Login Without Password

temporary-login-without-password

100

Create self-expiring, temporary admin accounts. Easily share direct login links (no need for username/password) with your developers or editors.

100K 1 CVE

LoginWP (Formerly Peter's Login Redirect)

peters-login-redirect

Redirect users to different locations after they log in, log out and register based on different conditions.

90K 3 CVEs

Temporary Login

temporary-login

Create a secure, temporary URL for easy access to your WP admin.

40K 1 CVE

FluentAuth – The Ultimate Authorization & Security Plugin for WordPress

fluent-security

Enhance the Security and User Experience of Your Site with Login/Signup Security, Two-Factor Email Authentication, Social Logins and more...

10K 2 CVEs

Developer Profile

Easy Secure Login – Google One Tap & Sign-In Developer Profile

ateeqdev

1 plugin · 20 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Easy Secure Login – Google One Tap & Sign-In

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/easy-secure-login/assets/css/bootstrap.min.css/wp-content/plugins/easy-secure-login/assets/css/eslgp-admin.css/wp-content/plugins/easy-secure-login/assets/css/frontend.css/wp-content/plugins/easy-secure-login/assets/js/admin.js/wp-content/plugins/easy-secure-login/assets/js/frontend.js/wp-content/plugins/easy-secure-login/assets/js/google-one-tap.js

Script Paths

/wp-content/plugins/easy-secure-login/assets/js/admin.js/wp-content/plugins/easy-secure-login/assets/js/frontend.js/wp-content/plugins/easy-secure-login/assets/js/google-one-tap.js

Version Parameters

easy-secure-login/assets/css/bootstrap.min.css?ver=easy-secure-login/assets/css/eslgp-admin.css?ver=easy-secure-login/assets/css/frontend.css?ver=easy-secure-login/assets/js/admin.js?ver=easy-secure-login/assets/js/frontend.js?ver=easy-secure-login/assets/js/google-one-tap.js?ver=

HTML / DOM Fingerprints

CSS Classes

eslgp-admin-wrapeslgp-settings-formeslgp-google-login-buttoneslgp-one-tap-container

HTML Comments

Data Attributes

data-client-iddata-redirect-uridata-login-url

JS Globals

eslgp_admin_paramseslgp_frontend_paramsgoogleOneTap

REST Endpoints

/wp-json/eslgp/v1/auth

Shortcode Output

[easy_secure_login_button][easy_secure_login_one_tap]

FAQ