[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fNW3yPW4MHiR2vhNzxeALxKx4LpxTL1fnR6SwTJ4aWjM":3,"$frsprJKJyfAfch83wrfP9F4mncy1tQDbCZ7tuwPZ2ExE":109,"$fh5p_PtsYw_2_TqgVJ1AhmiXx0-y9rVlw1Ivjwo-uXdA":113},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":19,"download_link":20,"security_score":21,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23,"discovery_status":24,"vulnerabilities":25,"developer":26,"crawl_stats":22,"alternatives":32,"analysis":33,"fingerprints":85},"embed-documents-files-for-sharepoint-onedrive","Integration for SharePoint and OneDrive","1.0.2","WPIntegrals","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpintegrals\u002F","\u003Cp>\u003Cstrong>================ WARNING ==============================\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>‼️ \u003Cstrong>Important:\u003C\u002Fstrong> This plugin is \u003Cstrong>deprecated\u003C\u002Fstrong> and \u003Cstrong>no longer maintained\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>This plugin has been discontinued due to issues discovered during a recent review that prevent us from continuing to work on it. To ensure user safety, reliability, and compliance with platform requirements, we have withdrawn active development and updates. The plugin will no longer receive bug fixes, improvements, or security patches.\u003C\u002Fp>\n\u003Cp>We recommend \u003Cstrong>switching to a supported alternative\u003C\u002Fstrong> to maintain a stable and secure environment.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>========================================================\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Embed SharePoint and OneDrive Documents for WordPress\u003C\u002Fstrong> lets you easily embed, display, and manage documents from Microsoft SharePoint and OneDrive directly on your WordPress site. Built with Microsoft Graph API, this plugin enhances collaboration by integrating your WordPress site with Office 365 tools.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to Microsoft OAuth 2.0 and Microsoft Graph API to authenticate users and retrieve user data.\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Microsoft OAuth 2.0 Authorization Service\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Purpose:\u003C\u002Fstrong> Used to authenticate users via OAuth 2.0 authorization code flow.\u003Cbr \u002F>\n– \u003Cstrong>Data Sent:\u003C\u002Fstrong> Client ID, client secret, authorization code, redirect URI, and tenant ID.\u003Cbr \u002F>\n– \u003Cstrong>When:\u003C\u002Fstrong> Data is sent during the login process when a user attempts to authenticate.\u003Cbr \u002F>\n– \u003Cstrong>Service Links:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.microsoft.com\u002Fen-us\u002Fservicesagreement\u002F\" rel=\"nofollow ugc\">Microsoft Terms of Use\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fprivacy.microsoft.com\u002Fen-us\u002Fprivacystatement\" rel=\"nofollow ugc\">Microsoft Privacy Policy\u003C\u002Fa>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Microsoft Graph API\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Purpose:\u003C\u002Fstrong> Retrieves authenticated user’s profile information and file metadata.\u003Cbr \u002F>\n– \u003Cstrong>Data Sent:\u003C\u002Fstrong> Access token (retrieved via OAuth) is used to make API requests.\u003Cbr \u002F>\n– \u003Cstrong>When:\u003C\u002Fstrong> After successful authentication, when accessing user data.\u003Cbr \u002F>\n– \u003Cstrong>Service Links:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fdocs.microsoft.com\u002Fen-us\u002Flegal\u002F\" rel=\"nofollow ugc\">Microsoft Graph Terms of Use\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fprivacy.microsoft.com\u002Fen-us\u002Fprivacystatement\" rel=\"nofollow ugc\">Microsoft Privacy Policy\u003C\u002Fa>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n","‼️ Important - This plugin is deprecated and no longer maintained.",20,669,0,"2025-11-14T10:15:00.000Z","6.7.5","5.6","7.4",[],"","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fembed-documents-files-for-sharepoint-onedrive.zip",100,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":27,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":11,"avg_security_score":21,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},"wpintegrals",2,30,94,"2026-05-20T09:05:02.174Z",[],{"attackSurface":34,"codeSignals":68,"taintFlows":77,"riskAssessment":78,"analyzedAt":84},{"hooks":35,"ajaxHandlers":54,"restRoutes":61,"shortcodes":62,"cronEvents":67,"entryPointCount":28,"unprotectedCount":13},[36,42,46,50],{"type":37,"name":38,"callback":39,"file":40,"line":41},"action","admin_menu","add_settings_page","includes\\class-admin-settings.php",12,{"type":37,"name":43,"callback":44,"file":40,"line":45},"admin_init","register_settings",13,{"type":37,"name":43,"callback":47,"file":48,"line":49},"handle_oauth_callback","includes\\class-auth-handler.php",45,{"type":37,"name":51,"callback":52,"file":53,"line":41},"wp_enqueue_scripts","enqueue_assets","includes\\class-embed-handler.php",[55],{"action":56,"nopriv":57,"callback":58,"hasNonce":59,"hasCapCheck":57,"file":40,"line":60},"test_connection",false,"ajax_test_connection",true,14,[],[63],{"tag":64,"callback":65,"file":66,"line":11},"esodwpi_embed_document","embed_document_shortcode","includes\\class-shortcode-manager.php",[],{"dangerousFunctions":69,"sqlUsage":70,"outputEscaping":72,"fileOperations":13,"externalRequests":74,"nonceChecks":75,"capabilityChecks":13,"bundledLibraries":76},[],{"prepared":13,"raw":13,"locations":71},[],{"escaped":45,"rawEcho":13,"locations":73},[],4,1,[],[],{"summary":79,"deductions":80},"The plugin 'embed-documents-files-for-sharepoint-onedrive' version 1.0.2 exhibits a strong security posture based on the provided static analysis.  The code adheres to several best practices, including 100% proper output escaping and 100% of SQL queries utilizing prepared statements, indicating a good defense against common injection vulnerabilities.  The absence of dangerous functions, file operations, and critical or high severity taint flows further bolsters this positive assessment.  The plugin also demonstrates awareness of security controls with a nonce check present, although capability checks are absent on entry points.\n\nDespite the positive static analysis, the absence of capability checks on the single AJAX handler and REST API routes (even though they report 0 routes, this implies the check would be relevant if routes existed) represents a potential weakness. While the current attack surface is small and seemingly unprotected entry points are zero, the lack of explicit permission validation on the AJAX handler could allow unauthorized users to trigger its functionality. The plugin's vulnerability history is clean, with no recorded CVEs, which is a very positive indicator for its current stable state and development practices.\n\nIn conclusion, this plugin appears to be developed with security in mind, showing commendable practices in output sanitization and SQL query handling. The primary area for improvement lies in implementing capability checks on all entry points, particularly the AJAX handler, to ensure robust access control. The lack of past vulnerabilities is encouraging, but ongoing vigilance and security audits are always recommended for any WordPress plugin.",[81],{"reason":82,"points":83},"Missing capability checks on AJAX handler",7,"2026-03-16T22:52:38.450Z",{"wat":86,"direct":95},{"assetPaths":87,"generatorPatterns":90,"scriptPaths":91,"versionParams":92},[88,89],"\u002Fwp-content\u002Fplugins\u002Fembed-documents-files-for-sharepoint-onedrive\u002Fassets\u002Fstyle.min.css","\u002Fwp-content\u002Fplugins\u002Fembed-documents-files-for-sharepoint-onedrive\u002Fassets\u002Fscript.min.js",[],[89],[93,94],"embed-documents-files-for-sharepoint-onedrive\u002Fassets\u002Fstyle.min.css?ver=","embed-documents-files-for-sharepoint-onedrive\u002Fassets\u002Fscript.min.js?ver=",{"cssClasses":96,"htmlComments":97,"htmlAttributes":98,"restEndpoints":99,"jsGlobals":100,"shortcodeOutput":102},[],[],[],[],[101],"test_connection_vars",[103,104,105,106,107,108],"\u003Ciframe src=","width=\"100%\"","height=\"600px\"","frameborder=\"0\">\u003C\u002Fiframe>","\u003Cp>Invalid or unsupported URL.\u003C\u002Fp>","\u003Cp>Please provide a URL.\u003C\u002Fp>",{"error":59,"url":110,"statusCode":111,"statusMessage":112,"message":112},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fembed-documents-files-for-sharepoint-onedrive\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":13,"versions":114},[]]