[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fTExu5Nkl1NDNGL_FJtHWa-vu-QQq7kVnm8iYtLvDPFo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":49,"crawl_stats":38,"alternatives":57,"analysis":147,"fingerprints":309},"google-apps-login","Login for Google Apps","3.5.2","Syed Balkhi","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmub\u002F","\u003Cp>Login for Google Apps allows existing WordPress user accounts to log in to your website using Google to securely authenticate their account. This means that if they are already logged into Gmail – they can simply click their way through the WordPress login screen – no username or password is explicitly required!\u003C\u002Fp>\n\u003Cp>Login for Google Apps uses \u003Cstrong>secure oAuth2 authentication recommended by Google\u003C\u002Fstrong>, including 2-factor authentication (2FA) if enabled for your Google Workspace (formerly known as Google Apps and G Suite) accounts.\u003C\u002Fp>\n\u003Cp>This is far simpler to configure than the older SAML protocol.\u003C\u002Fp>\n\u003Cp>Login for Google Apps is trusted by thousands of organizations from schools to large public companies. Login for Google Apps for WordPress is the most popular enterprise grade plugin enabling login and user management based on your Google Workspace domain.\u003C\u002Fp>\n\u003Cp>Its plugin setup requires you to have admin access to any Google Workspace domain, or a regular Gmail account, to register and obtain two simple codes from Google.\u003C\u002Fp>\n\u003Ch4>Support and Premium features\u003C\u002Fh4>\n\u003Cp>Full support and premium features are also available for purchase:\u003C\u002Fp>\n\u003Cp>Eliminate the need for Google Workspace (previously called “Google Apps and G Suite”) domain admins to separately manage WordPress user accounts, and get peace of mind that only authorized employees have access to your organization’s websites and intranet.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>See \u003Ca href=\"https:\u002F\u002Fwp-glogin.com\u002Fglogin\u002F?utm_source=Login%20Readme%20Top&utm_medium=freemium&utm_campaign=Freemium\" rel=\"nofollow ugc\">our website at wp-glogin.com\u003C\u002Fa> for more details.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The Premium version allows everyone in your Google Workspace (Google Apps \u002F G Suite) domain to log in to WordPress – an account will be automatically created in WordPress if one doesn’t already exist.\u003C\u002Fp>\n\u003Cp>Our Enterprise version goes further, allowing you to specify granular access and role controls based on Google Group or Organizational Unit membership.\u003C\u002Fp>\n\u003Cp>You can also see logs of accounts created and roles changed by the plugin.\u003C\u002Fp>\n\u003Ch4>Extensible Platform\u003C\u002Fh4>\n\u003Cp>Login for Google Apps allows you to centralize your site’s Google functionality and build your own extensions, or use third-party extensions, which require no configuration themselves and share the same user authentication and permissions that users already allowed for Login for Google Apps itself.\u003C\u002Fp>\n\u003Cp>Using our platform, your website appears to Google accounts as one unified ‘web application’, making it more secure and easier to manage.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwp-glogin.com\u002Fwpgoogledriveembedder\" rel=\"nofollow ugc\">Google Drive Embedder\u003C\u002Fa> is an extension plugin allowing\u003Cbr \u002F>\nusers to browse for Google Drive documents to embed directly in their posts or pages.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwp-glogin.com\u002Fwpgoogleappsdirectory\" rel=\"nofollow ugc\">Google Apps Directory\u003C\u002Fa> is an extension plugin allowing\u003Cbr \u002F>\nlogged-in users to search your Google Apps employee directory from a widget on your intranet or client site.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwp-glogin.com\u002Favatars\u002F?utm_source=Login%20Readme%20Avatars&utm_medium=freemium&utm_campaign=Freemium\" rel=\"nofollow ugc\">Google Profile Avatars\u003C\u002Fa>\u003Cbr \u002F>\nis available on our website. It displays users’ Google profile photos in place of their avatars throughout your site.\u003C\u002Fp>\n\u003Cp>Login for Google Apps works on single or multisite WordPress websites or private intranets.\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cp>One-click login will work for the following domains and user accounts:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Google Workspace Starter\u003C\u002Fli>\n\u003Cli>Google Workspace Business Standard\u003C\u002Fli>\n\u003Cli>Google Workspace Business Plus\u003C\u002Fli>\n\u003Cli>Google Workspace Enterprise\u003C\u002Fli>\n\u003Cli>Google Workspace for Nonprofits\u003C\u002Fli>\n\u003Cli>Google Workspace for Government\u003C\u002Fli>\n\u003Cli>Google Classroom (Google Workspace for Education)\u003C\u002Fli>\n\u003Cli>Personal gmail.com and googlemail.com emails\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Login for Google Apps uses the latest secure OAuth2 authentication recommended by Google. Other 3rd party authentication plugins may allow you to use your Google username and password to login, but they do not do this securely unless they also use OAuth2. This is discussed further in the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgoogle-apps-login\u002F#faq\" rel=\"ugc\">FAQ\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cp>This plugin currently operates in multiple languages.\u003C\u002Fp>\n\u003Cp>We welcome volunteers to translate into their own language. If you would like to contribute a translation, please open the WordPress.org \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fgoogle-apps-login\u002F\" rel=\"nofollow ugc\">Translation portal\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Website and Upgrades\u003C\u002Fh4>\n\u003Cp>Please see our website \u003Ca href=\"https:\u002F\u002Fwp-glogin.com\u002F?utm_source=Login%20Readme%20Website&utm_medium=freemium&utm_campaign=Freemium\" rel=\"nofollow ugc\">https:\u002F\u002Fwp-glogin.com\u002F\u003C\u002Fa> for more information about this free plugin and extra features available in our Premium and Enterprise upgrades, plus support details, other plugins, and useful guides for admins of WordPress sites and Google Apps.\u003C\u002Fp>\n\u003Cp>The \u003Ca href=\"https:\u002F\u002Fwp-glogin.com\u002Fglogin\u002F?utm_source=Login%20Readme%20PremEnt&utm_medium=freemium&utm_campaign=Freemium\" rel=\"nofollow ugc\">Premium and Enterprise versions\u003C\u002Fa> eliminate the need to manage user accounts in your WordPress site – everything is synced from Google Apps instead.\u003C\u002Fp>\n\u003Cp>If you are building your organization’s intranet on WordPress, try out our \u003Ca href=\"https:\u002F\u002Fwp-glogin.com\u002Fintranet\u002F?utm_source=Login%20Readme%20AIOI&utm_medium=freemium&utm_campaign=Freemium\" rel=\"nofollow ugc\">All-In-One Intranet plugin\u003C\u002Fa>.\u003C\u002Fp>\n","Simple secure login and user management through your Google Workspace for WordPress (using oAuth2 and MFA if enabled).",10000,661543,92,64,"2025-05-08T16:01:00.000Z","6.8.5","5.5","7.2",[20,21,22,23,24],"authentication","google","login","oauth","sso","https:\u002F\u002Fwp-glogin.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgoogle-apps-login.3.5.2.zip",100,1,0,"2022-12-01 00:00:00","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2022-3840","google-apps-login-authenticated-administrator-stored-cross-site-scripting","Google Apps Login \u003C= 3.4.4 - Authenticated (Administrator+) Stored Cross-Site Scripting","The Google Apps Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.4.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",null,"\u003C=3.4.4","3.4.5","medium",5.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-01-22 19:56:02",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F08ffb478-7280-4fbc-bc5f-482c1348091e?source=api-prod",418,{"slug":50,"display_name":7,"profile_url":8,"plugin_count":51,"total_installs":52,"avg_security_score":53,"avg_patch_time_days":54,"trust_score":55,"computed_at":56},"smub",94,23510130,91,795,73,"2026-04-03T23:31:34.038Z",[58,78,93,110,123],{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":68,"num_ratings":69,"last_updated":70,"tested_up_to":71,"requires_at_least":17,"requires_php":72,"tags":73,"homepage":76,"download_link":77,"security_score":27,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"login-with-google","Log in with Google","1.4.2","rtCamp","https:\u002F\u002Fprofiles.wordpress.org\u002Frtcamp\u002F","\u003Cp>Ultra minimal plugin to let your users login to WordPress applications using their Google accounts. No more remembering hefty passwords!\u003C\u002Fp>\n\u003Ch3>Initial Setup\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Cp>Create a project from \u003Ca href=\"https:\u002F\u002Fconsole.developers.google.com\u002Fapis\u002Fdashboard\" rel=\"nofollow ugc\">Google Developers Console\u003C\u002Fa> if none exists.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Go to \u003Cstrong>Credentials\u003C\u002Fstrong> tab, then create credential for OAuth client.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Application type will be \u003Cstrong>Web Application\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Add \u003Ccode>YOUR_DOMAIN\u002Fwp-login.php\u003C\u002Fcode> in \u003Cstrong>Authorized redirect URIs\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>This will give you \u003Cstrong>Client ID\u003C\u002Fstrong> and \u003Cstrong>Secret key\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Input these values either in \u003Ccode>WP Admin > Settings > WP Google Login\u003C\u002Fcode>, or in \u003Ccode>wp-config.php\u003C\u002Fcode> using the following code snippet:\u003C\u002Fp>\n\u003Cp>\u003Ccode>define( 'WP_GOOGLE_LOGIN_CLIENT_ID', 'YOUR_GOOGLE_CLIENT_ID' );\u003Cbr \u002F>\ndefine( 'WP_GOOGLE_LOGIN_SECRET', 'YOUR_SECRET_KEY' );\u003C\u002Fcode>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Browser support\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fdevelopers.google.com\u002Fidentity\u002Fgsi\u002Fweb\u002Fguides\u002Fsupported-browsers\" rel=\"nofollow ugc\">These browsers are supported\u003C\u002Fa>. Note, for example, that One Tap Login is not supported in Safari.\u003C\u002Fp>\n\u003Ch3>How to enable automatic user registration\u003C\u002Fh3>\n\u003Cp>You can enable user registration either by\u003Cbr \u002F>\n– Enabling \u003Cem>Settings > WP Google Login > Enable Google Login Registration\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>OR\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Adding\u003Cbr \u002F>\n\u003Ccode>define( 'WP_GOOGLE_LOGIN_USER_REGISTRATION', 'true' );\u003C\u002Fcode>\u003Cbr \u002F>\nin wp-config.php file.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> If the checkbox is ON then, it will register valid Google users even when WordPress default setting, under\u003C\u002Fp>\n\u003Cp>\u003Cem>Settings > General Settings > Membership > Anyone can register\u003C\u002Fem> checkbox\u003C\u002Fp>\n\u003Cp>is OFF.\u003C\u002Fp>\n\u003Ch3>Restrict user registration to one or more domain(s)\u003C\u002Fh3>\n\u003Cp>By default, when you enable user registration via constant \u003Ccode>WP_GOOGLE_LOGIN_USER_REGISTRATION\u003C\u002Fcode> or enable \u003Cem>Settings > WP Google Login > Enable Google Login Registration\u003C\u002Fem>, it will create a user for any Google login (including gmail.com users). If you are planning to use this plugin on a private, internal site, then you may like to restrict user registration to users under a single Google Suite organization. This configuration variable does that.\u003C\u002Fp>\n\u003Cp>Add your domain name, without any schema prefix and \u003Ccode>www,\u003C\u002Fcode> as the value of \u003Ccode>WP_GOOGLE_LOGIN_WHITELIST_DOMAINS\u003C\u002Fcode> constant or in the settings \u003Ccode>Settings > WP Google Login > Whitelisted Domains\u003C\u002Fcode>. You can whitelist multiple domains. Please separate domains with commas. See the below example to know how to do it via constants:\u003Cbr \u002F>\n    \u003Ccode>define( 'WP_GOOGLE_LOGIN_WHITELIST_DOMAINS', 'example.com,sample.com' );\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> If a user already exists, they \u003Cstrong>will be allowed to login with Google\u003C\u002Fstrong> regardless of whether their domain is whitelisted or not. Whitelisting will only prevent users from \u003Cstrong>registering\u003C\u002Fstrong> with email addresses from non-whitelisted domains.\u003C\u002Fp>\n\u003Ch3>Hooks\u003C\u002Fh3>\n\u003Cp>For a list of all hooks please refer to \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FrtCamp\u002Flogin-with-google#hooks\" rel=\"nofollow ugc\">this documentation\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>wp-config.php parameters list\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Ccode>WP_GOOGLE_LOGIN_CLIENT_ID\u003C\u002Fcode> (string): Google client ID of your application.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>WP_GOOGLE_LOGIN_SECRET\u003C\u002Fcode> (string): Secret key of your application\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>WP_GOOGLE_LOGIN_USER_REGISTRATION\u003C\u002Fcode> (boolean) (optional): Set \u003Ccode>true\u003C\u002Fcode> If you want to enable new user registration. By default, user registration defers to \u003Ccode>Settings > General Settings > Membership\u003C\u002Fcode> if constant is not set.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>WP_GOOGLE_LOGIN_WHITELIST_DOMAINS\u003C\u002Fcode> (string) (optional): Domain names, if you want to restrict login with your custom domain. By default, it will allow all domains. You can whitelist multiple domains.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>BTW, We’re Hiring!\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Frtcamp.com\u002Fcareers\u002F\" rel=\"nofollow ugc\">\u003C\u002Fa>\u003C\u002Fp>\n","Minimal plugin that allows WordPress users to log in using Google.",6000,117533,90,15,"2026-02-20T14:59:00.000Z","6.7.5","7.4",[20,74,23,75,24],"google-login","sign-in","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogin-with-google.1.4.2.zip",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":29,"downloaded":86,"rating":29,"num_ratings":29,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":72,"tags":90,"homepage":76,"download_link":92,"security_score":27,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"digitadive-login-with-google-one-tap","DigitaDive Login with Google One Tap","1.1.1","Digitaldive","https:\u002F\u002Fprofiles.wordpress.org\u002Fdigitaldive\u002F","\u003Cp>DigitaDive Login with Google One Tap adds a modern, monochrome Google sign-in experience to WordPress. It supports the One Tap prompt for logged-out visitors and a shortcode for placing the Google button anywhere.\u003C\u002Fp>\n\u003Cp>Google is a trademark of Google LLC. This plugin is not affiliated with or endorsed by Google.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>One Tap prompt across your site (optional)\u003C\u002Fli>\n\u003Cli>Shortcode button: \u003Ccode>[ddgot_google_login]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Login button on WordPress\u002FWooCommerce login and registration forms\u003C\u002Fli>\n\u003Cli>New user creation controls and role assignment\u003C\u002Fli>\n\u003Cli>Admin access restrictions for non-admin users\u003C\u002Fli>\n\u003Cli>Google avatar support\u003C\u002Fli>\n\u003Cli>Optional admin bar hiding for non-admin users\u003C\u002Fli>\n\u003Cli>Optional email domain allowlist\u003C\u002Fli>\n\u003Cli>Optional email allowlist and prompt exclusions\u003C\u002Fli>\n\u003Cli>Optional failure logging and session-based prompt control\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin integrates with Google Identity Services (Google One Tap) to allow users to sign in with their Google account.\u003C\u002Fp>\n\u003Cp>When the One Tap prompt or button is enabled, the user’s browser loads Google’s Identity Services JavaScript from https:\u002F\u002Faccounts.google.com\u002Fgsi\u002Fclient.\u003C\u002Fp>\n\u003Cp>When a user signs in, the plugin sends the Google ID token to Google’s token verification endpoint at https:\u002F\u002Foauth2.googleapis.com\u002Ftokeninfo to validate the token before logging the user in.\u003C\u002Fp>\n\u003Cp>Data sent includes the ID token and request metadata (such as IP address and user agent) required to complete these requests.\u003C\u002Fp>\n\u003Cp>All plugin CSS\u002FJS assets are bundled locally; the only external resources used are Google’s Identity Services script and the token verification endpoint described above.\u003C\u002Fp>\n\u003Cp>Site owners must create a Google OAuth Client ID in Google Cloud Console to use this service, and end users need a Google account to sign in.\u003C\u002Fp>\n\u003Cp>Terms of Service: https:\u002F\u002Fdevelopers.google.com\u002Fterms\u003Cbr \u002F>\nPrivacy Policy: https:\u002F\u002Fpolicies.google.com\u002Fprivacy\u003C\u002Fp>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>This plugin does not store Google passwords. It creates or updates WordPress user accounts using the profile data returned in the ID token and stores the Google avatar URL if provided.\u003C\u002Fp>\n","Secure login with Google One Tap and a button for WordPress with a shortcode and site-wide prompt.",126,"2026-01-19T23:40:00.000Z","6.9.4","5.8",[21,22,23,91,24],"one-tap","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdigitadive-login-with-google-one-tap.1.1.1.zip",{"slug":94,"name":95,"version":96,"author":97,"author_profile":98,"description":99,"short_description":100,"active_installs":29,"downloaded":101,"rating":27,"num_ratings":28,"last_updated":102,"tested_up_to":103,"requires_at_least":104,"requires_php":76,"tags":105,"homepage":76,"download_link":108,"security_score":109,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"goauth","GOAuth","2.20","igroykt","https:\u002F\u002Fprofiles.wordpress.org\u002Figroykt\u002F","\u003Cp>This plugin allow users authenticate with OAuth Providers. If you have Two-Factor verification enabled in account, then it will work or you can use the Google Authenticator App.\u003Cbr \u002F>\nDependencies: curl, bcmath, intl, openssl.\u003Cbr \u002F>\nSupported OAuth Providers: Google\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FqJuByi5KwfA?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch4>Free Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Force Login\u003C\u002Fli>\n\u003Cli>Google Authenticator\u003C\u002Fli>\n\u003Cli>Unlimited Users\u003C\u002Fli>\n\u003Cli>Wildcard Domain Support\u003C\u002Fli>\n\u003Cli>Single Domain Restriction\u003C\u002Fli>\n\u003Cli>Hide Login Form\u003C\u002Fli>\n\u003Cli>Hide Navigation Buttons\u003C\u002Fli>\n\u003Cli>Disable XMLRPC\u003C\u002Fli>\n\u003Cli>Disable Rest API\u003C\u002Fli>\n\u003Cli>Login Button Styles\u003C\u002Fli>\n\u003Cli>Save Data on Uninstall\u003C\u002Fli>\n\u003Cli>Persistent sessions\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Premium Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Multiple Domain Restriction\u003C\u002Fli>\n\u003Cli>Custom Logo\u003C\u002Fli>\n\u003Cli>Auto Register\u003C\u002Fli>\n\u003Cli>Browser Language Detection\u003C\u002Fli>\n\u003Cli>Hide Name Fields\u003C\u002Fli>\n\u003Cli>Hide E-Mail Field\u003C\u002Fli>\n\u003Cli>Hide Password Field\u003C\u002Fli>\n\u003Cli>Auto Fix User Data\u003C\u002Fli>\n\u003C\u002Ful>\n","Go and OAuthenticate plugin for WordPress.",3720,"2022-03-21T16:35:00.000Z","5.9.13","4.7",[106,20,74,23,107],"2fa","rest-api","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgoauth.2.20.zip",85,{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":29,"downloaded":118,"rating":29,"num_ratings":29,"last_updated":76,"tested_up_to":71,"requires_at_least":17,"requires_php":72,"tags":119,"homepage":76,"download_link":121,"security_score":27,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":122},"login-with-github","Login with GitHub","1.0.3","Parth vataliya","https:\u002F\u002Fprofiles.wordpress.org\u002Fparthvataliya\u002F","\u003Cp>Ultra minimal plugin to let your users login to WordPress applications using their GitHub accounts. No more remembering hefty passwords!\u003C\u002Fp>\n\u003Ch3>Initial Setup\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Cp>Create a project from \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsettings\u002Fdevelopers\" rel=\"nofollow ugc\">GitHub Developer Settings\u003C\u002Fa> if none exists.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Go to \u003Cstrong>OAuth\u003C\u002Fstrong> tab, then create credential for OAuth client.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Add \u003Ccode>YOUR_WEBSITE_NAME\u003C\u002Fcode> in \u003Cstrong>Application Name\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Add \u003Ccode>YOUR_DOMAIN\u002FHOME_URL\u003C\u002Fcode> in \u003Cstrong>Homepage URL\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Add \u003Ccode>YOUR_DOMAIN\u002Fwp-login.php\u003C\u002Fcode> in \u003Cstrong>Authorized redirect URIs\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>This will give you \u003Cstrong>Client ID\u003C\u002Fstrong> and \u003Cstrong>Secret key\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Input these values either in \u003Ccode>WP Admin > Settings > Login With GitHub\u003C\u002Fcode>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>How to enable automatic user registration\u003C\u002Fh3>\n\u003Cp>You can enable user registration by\u003Cbr \u002F>\n– Enabling \u003Cem>Settings > Login With GitHub > Enable GitHub Login Registration\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> If the checkbox is ON then, it will register valid GitHub users even when WordPress default setting, under\u003C\u002Fp>\n\u003Cp>\u003Cem>Settings > General Settings > Membership > Anyone can register\u003C\u002Fem> checkbox\u003C\u002Fp>\n\u003Cp>is OFF.\u003C\u002Fp>\n","Minimal plugin that allows WordPress users to log in using GitHub.",1196,[20,120,23,75,24],"github-login","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogin-with-github.1.0.3.zip","2026-03-15T10:48:56.248Z",{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":131,"downloaded":132,"rating":133,"num_ratings":134,"last_updated":135,"tested_up_to":88,"requires_at_least":136,"requires_php":137,"tags":138,"homepage":142,"download_link":143,"security_score":144,"vuln_count":145,"unpatched_count":29,"last_vuln_date":146,"fetched_at":31},"miniorange-login-with-eve-online-google-facebook","OAuth Single Sign On – SSO (OAuth Client)","6.26.17","miniOrange","https:\u002F\u002Fprofiles.wordpress.org\u002Fcyberlord92\u002F","\u003Cp>\u003Cstrong>WordPress Single Sign-On\u003C\u002Fstrong> (WordPress SSO) with our \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-sso?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_1\" rel=\"nofollow ugc\">OAuth & OpenID Connect plugin\u003C\u002Fa>\u003C\u002Fstrong> allows unlimited login\u002FSSO (Single Sign On) with your \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fazure-ad-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_2\" rel=\"nofollow ugc\">Azure AD\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fazure-b2c-ad-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_3\" rel=\"nofollow ugc\">Azure B2C\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fgoogle-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_4\" rel=\"nofollow ugc\">G Suite \u002F Google Apps \u002F Google Workspace\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fclasslink-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_12\" rel=\"nofollow ugc\">ClassLink\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fclever-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_11\" rel=\"nofollow ugc\">Clever\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Foffice-365-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_5\" rel=\"nofollow ugc\">Office 365\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Faws-cognito-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_6\" rel=\"nofollow ugc\">AWS Cognito\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fdiscord-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_7\" rel=\"nofollow ugc\">Discord\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fping-federate-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">PingFederate\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsalesforce-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_10\" rel=\"nofollow ugc\">Salesforce\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fkeycloak-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_9\" rel=\"nofollow ugc\">Keycloak\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fokta-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_8\" rel=\"nofollow ugc\">Okta\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fidentityserver4-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Identity Server\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Finvision-community-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Invision Community\u003C\u002Fa>\u003C\u002Fstrong> or other custom OAuth 2.0 and OpenID Connect providers. WordPress SSO plugin supports Single Sign On (SSO) with many OAuth 2.0, OAuth 2.1, OAuth 1.0 & OpenID Connect (OIDC) 1.0 providers.\u003C\u002Fp>\n\u003Cp>An unlimited number of users can perform Single Sign-On with OAuth\u002FOIDC supported Identity Providers on WordPress using SSO capabilities.\u003C\u002Fp>\n\u003Cp>|\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-sso#key-features\" rel=\"nofollow ugc\"> Features \u003C\u002Fa>| \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-single-sign-on-sso-with-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_13\" rel=\"nofollow ugc\"> OAuth \u002F OpenID Providers Setup guides \u003C\u002Fa>|\u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FVff0E0KxM3k\" rel=\"nofollow ugc\"> Videos \u003C\u002Fa>|\u003C\u002Fp>\n\u003Ch4>POPULAR OAUTH AND OPENID CONNECT (OIDC) PROVIDERS SINGLE SIGN-ON\u003C\u002Fh4>\n\u003Cp>The following providers support OAuth 2.0\u002FOpenID Connect SSO for WordPress login.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Faws-cognito-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_6\" rel=\"nofollow ugc\">AWS Cognito SSO | Login with AWS Cognito\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Foffice-365-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_5\" rel=\"nofollow ugc\">Office 365 SSO | Login with Office 365\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fazure-b2c-ad-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_3\" rel=\"nofollow ugc\">Azure B2C SSO | Login with Azure B2C\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fazure-ad-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Azure AD SSO | Login with Azure AD\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fadfs-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">ADFS SSO | Login with ADFS\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fauth0-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Auth0 SSO | Login with Auth0\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fokta-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_8\" rel=\"nofollow ugc\">OKTA SSO | Login with OKTA\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fclasslink-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_12\" rel=\"nofollow ugc\">ClassLink SSO | Login with ClassLink\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fkeycloak-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_9\" rel=\"nofollow ugc\">Keycloak SSO | Login with Keycloak\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fclever-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_11\" rel=\"nofollow ugc\">Clever SSO | Login with Clever\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fgoogle-classroom-single-sign-on-sso\" rel=\"nofollow ugc\">Google Classroom SSO | Login with Google Classroom\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsalesforce-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_10\" rel=\"nofollow ugc\">Salesforce SSO | Login with Salesforce\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-oauth-openid-connect-single-sign-on-sso-using-criipto?utm_source=Readme&utm_medium=Readme&utm_campaign=Readme&utm_id=wpor_15\" rel=\"nofollow ugc\">Criipto SSO | Login with Criipto\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fgoogle-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_4\" rel=\"nofollow ugc\">G Suite \u002F Google Apps SSO | Login with Google\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fping-federate-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Ping Federate SSO ( Ping \u002F Ping Identity ) | Login with Ping Federate\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fidentityserver4-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">IdentityServer4 SSO | Login with IdentityServer4\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fidentityserver3-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">WordPress IdentityServer3 SSO | Login with IdentityServer3\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fdiscord-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_7\" rel=\"nofollow ugc\">Discord SSO | Login with Discord\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fonelogin-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">OneLogin SSO | Login with OneLogin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fswiss-rx-login-single-sign-on-for-wordpress-using-oauth\" rel=\"nofollow ugc\">Swiss-RX-Login SSO ( Swiss RX Login ) | Login with Swiss-RX-Login\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fneon-crm-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Neon CRM SSO | Login with Neon CRM\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fimis-oauth-and-openid-connect-single-sign-on-sso\" rel=\"nofollow ugc\">iMIS SSO | Login with iMIS\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsignicat-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Signicat SSO | User Verification with Signicat\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fid-me-oauth-and-openid-connect-single-sign-on-sso-login\" rel=\"nofollow ugc\">ID.me SSO | Login with ID.me\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fcanvas-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Canvas SSO | Login with Canvas\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fguide-to-setup-single-sign-on-between-two-wordpress-sites\" rel=\"nofollow ugc\">WordPress SSO | Login with WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwso2-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">WSO2 SSO | Login with WSO2\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fopenathens-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">OpenAthens SSO | Login with OpenAthens\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fhp-single-sign-on-sso-oauth-and-openid-connect\" rel=\"nofollow ugc\">HP SSO | Login with HP\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fservicenow-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Servicenow SSO | Login with Servicenow\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Finvision-community-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Invision Community SSO | Login with Invision Community\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fforgerock-open-am-single-sign-on-for-wordpress-using-oauth\" rel=\"nofollow ugc\">OpenAM \u002F Forgerock SSO | Login with Forgerock\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fnextcloud-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">NextCloud SSO | Login with NextCloud\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Forcid-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Orcid SSO | Login with Orcid\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fmemberclicks-oauth-and-openid-connect-single-sign-on-sso-login\" rel=\"nofollow ugc\">Memberclicks SSO | Login with MemberClicks\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsheepcrm-oauth-and-openid-connect-single-sign-on-sso-login\" rel=\"nofollow ugc\">SheepCRM SSO | Login with SheepCRM\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Famazon-oauth-and-openid-connect-single-sign-on-sso-login\" rel=\"nofollow ugc\">Amazon SSO | Login with Amazon\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fslack-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Slack SSO | Login with Slack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fyahoo-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Yahoo SSO | Login with Yahoo\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Flinkedin-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">LinkedIn SSO | Login with LinkedIn\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fgitlab-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Gitlab SSO | Login with Gitlab\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fgithub-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">GitHub SSO | Login with GitHub\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Flogin-with-apple-app-using-wordpress-oauth-client\" rel=\"nofollow ugc\">Apple SSO | Login with Apple\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fstrava-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Strava SSO | Login with Strava\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fblizzard-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Blizzard \u002F Battle.net SSO | Login with Battle.net\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Feve-online-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Eve Online SSO | Login with Eve Online\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fhubspot-single-sign-on-for-wordpress-using-oauth\" rel=\"nofollow ugc\">Hubspot SSO | Login with Hubspot\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Ftwitter-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">X(Twitter) SSO | Login with Twitter\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fzoho-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Zoho SSO | Login with Zoho\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fidaptive-single-sign-on-for-wordpress-using-oauth\" rel=\"nofollow ugc\">Idaptive SSO | CyberArk SSO | Login with CyberArk\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwhmcs-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">WHMCS SSO | Login with WHMCS\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Ffranceconnect-single-sign-on-sso-wordpress-oauth\" rel=\"nofollow ugc\">France Connect SSO | Login with France Connect\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>OTHER OAUTH AND OPENID CONNECT (OIDC) PROVIDERS WE SUPPORT FOR WORDPRESS SINGLE SIGN-ON (SSO)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Other OAuth 2.0 and OpenId Connect ( OIDC ) 1.0 servers WordPress Single Sign-On ( SSO ) plugin support includes Office 365, AWS Cognito, Microsoft Dynamic CRM 365, Auth0, Google Workspace, Egnyte, Autodesk, Zendesk, Foursquare, Harvest, Mailchimp, Bitrix24, Spotify, Vkontakte, Huddle, Reddit, Strava, Ustream, Yammer, RunKeeper, Instagram, SoundCloud, Pocket, PayPal, Pinterest, Vimeo, Nest, Heroku, DropBox, Buffer, Box, Hubic, Deezer, DeviantArt, Delicious, Dailymotion, Bitly, Mondo, Netatmo, Amazon, FitBit, Clever, Sqaure Connect, Windows, Microsoft Live, Dash 10, Github, Invision Community, Blizzard, authlete, Keycloak, Procore, Eve Online, Laravel Passport, Nextcloud, Renren, Soundcloud, OpenAM \u002F Forgerock, IdentityServer, ORCID, Diaspora, Timezynk, Idaptive CyberArk, Duo Security, Rippling, Crowd, Janrain, Numina Solutions, Ubuntu Single Sign-On, Apple, Ipsilon, Zoho, Stripe, Itthinx, Fellowshipone, Miro, Naver, Clever, Coil, Parallel Markets, VATSIM, Liferay, Fatsecret, Intuit, iMIS, ORY Hydra, FusionAuth, Kakao, ID.me, MoxiWorks, HR Answerlink \u002F Support center, ClassLink, Google Classroom, MemberClicks, BankID, CSI, Splitwise, Infusionsoft, Hubspot, Join It, MyAcademicID, MemberConnex, Novi, Coassemble, Servicenow, IBM APP ID, Nimble AMS, iSpring LMS, Neon CRM, EPIC, IPB forum, Wiziq, Sprinklr, Elvanto, ABSORB LMS, Wechat, Weibo, Shibboleth, Centrify, FranceConnect, Church Online, Bigcommerce, Sewobe, PracticePanther, SubscribeStar, Eventbrite, Medi-Access, Lichess, CILogon, Servicem8, Gigya, PhantAuth, XING, Simplecast, SURF, MediaWiki, UNA, NetSuite, Oracle IDCS, Globus, Square, SimpleSAMLphp, Basecamp, HP, SHELL, Otoy, Steam, Webflow, Simplepass, Feide, SingPass, Asmodee, SwissID, Miro, Alkami, Switch, Citrix, Schoology, iGov, LearnWorlds, France Connect, DID, Blackboard, UAEPass, Polar, CodeB, Vincere CRM, F5, TicketMaster, BizLibrary, Skolon, Rapattoni, PowerSchool, Minecraft, NETS, Joomla, Drupal, ASP.NET, CA Siteminder, Outseta, XUMM, ID Austria, Ubisecure, Gravitee.io, SheepCRM, Wahoo, WeatherFlow Tempest, OneWelcome \u002F iWelcome, Xbox, Trovo, Cornerstone, Criipto, bare.id, Discourse, Authentik, Sailpoint, Coil, Asset Bank, GrowthZone, Vipps, Authorizer, Deviant Art, Miracl, Teamsnap, Authelia, Django, IDsampa, Cvent, SERMO, Pixelfed, Finys, Login.gov, Fastcase, Acuity, ARPA, Zitadel, Yeti, myID.be, memberful,Open edX \u002F eduNEXT, Teachable, Mindbody etc. This comprehensive SSO support facilitates seamless integration and secure authentication across a wide range of platforms.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WordPress Single Sign-On ( Login to WordPress )\u003C\u002Fh4>\n\u003Cp>WordPress Single Sign-On allows users to log into any website\u002Fapplication using the single set of credentials of another app\u002Fsite through the SSO feature.\u003Cbr \u002F>\n\u003Cstrong>Example:\u003C\u002Fstrong>Let’s say you have all your users\u002Fcustomers\u002Fmembers\u002Femployees stored on a site, called ‘site A’ and you want all of them to register\u002Flogin using SSO to your WordPress site called ‘site B’. In this scenario, you can register\u002Flogin all your users of site A into site B using the login credentials\u002Faccount of site A. This is called Single Sign-On, and it simplifies user management.\u003C\u002Fp>\n\u003Ch4>WordPress Single Sign-On supported Third-Party Application \u002F OAuth OpenID Provider\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>The Third-Party Application can be anything where user accounts are stored or a site\u002Fapplication where you want to store\u002Fmigrate all the users. It can be your social login app, WordPress site, OAuth provider, OpenID provider, custom provider or any database.\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Identity providers such as OAuth Identity Provider, OAuth Server, OpenID Connect Server, OpenID Connect Provider, and OIDC Application support Single Sign-On. SSO integration ensures secure user authentication and management across these platforms.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>OAuth and OpenID Connect are token-based Single Sign-On protocols that allow an end user’s account information to be used by third-party services without exposing the user’s password.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WordPress Single Sign-On USE CASES\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>WordPress to WordPress SSO\u003C\u002Fstrong>: Single Sign On to one\u002Fmultiple WordPress site (single\u002Fmultisite) using User Credentials stored on another WordPress site with WordPress SSO plugin.\u003C\u002Fli>\n\u003Cli>Single Sign On to one\u002Fmultiple WordPress site (single \u002F multisite) using User Credentials stored on your OAuth \u002F OpenID Connect (OIDC) application.\u003C\u002Fli>\n\u003Cli>Single Sign On into WordPress using existing User stores (Active Directory\u002FDatabase)\u003C\u002Fli>\n\u003Cli>SSO and extended plugin functionality using tokens (access_token \u002F JWT token \u002F id_token) such as secure API calls using third-party token\u003C\u002Fli>\n\u003Cli>Others: eCommerce Single Sign On\u002FLogin, Single sign on for Educational and Healthcare paltforms\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Microsoft SSO\u002FAzure SSO\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This WordPress Single Sign-On (OAuth \u002F OpenID Connect SSO) plugin supports SSO with Microsoft apps like Azure AD, Azure B2C, Office 365, Microsoft Dynamics CRM, Microsoft Teams, and Windows Live. It also supports policy-based login redirections, including sign-up, sign-in, forgot password, and custom policies, enhancing the login experience across Microsoft services.\u003C\u002Fp>\n\u003Cp>WordPress integrates with Microsoft services like Azure AD, Azure B2C, and Office 365 for secure Single Sign-On across single-site and multisite networks (including subdomains). Users can perform single sign-on, map profile attributes, and manage role-based access across applications and tenants using SSO\u003C\u002Fp>\n\u003Cp>Apart from SSO, it also supports WordPress-Azure integrations and customizations, such as token-based calls to specific APIs and the Microsoft Graph API, enhancing the login experience\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Cognito SSO\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The WordPress Single Sign-On plugin supports WordPress Login with AWS Cognito, Amazon, and WordPress using Cognito. It provides user profile syncing, role mapping, and token fetching from AWS Cognito for API calls. Customizations include integrating Cognito SDKs, syncing new registrations, logging in via the default WordPress form instead of Cognito’s SSO page, connecting to the Cognito User Pool, and configuring login redirections.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Discord SSO\u003C\u002Fstrong>\u003Cbr \u002F>\nThis WordPress Single Sign-On plugin enables Discord login into WordPress. It supports syncing user profiles from Discord to WordPress, mapping Discord roles to WordPress roles, mapping WordPress roles to Discord roles, and managing Discord role memberships based on WordPress purchases.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Keycloak SSO\u003C\u002Fstrong>\u003Cbr \u002F>\nThe WordPress Single Sign-On (OAuth \u002F OpenID Connect SSO) plugin works with Keycloak to enable SSO on your WordPress site. It also lets WordPress use Keycloak access tokens to call external services. In addition, the plugin supports role-based access control (RBAC), so you can map Keycloak roles to WordPress roles and capabilities.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Ping Federate SSO\u003C\u002Fstrong>\u003Cbr \u002F>\nOauth Single sign-on plugin enables Login to WordPress using PingFederate. It supports Single Sign-On  with authorized access to Ping REST APIs via access tokens or bearer tokens, ensuring seamless SSO integration and secure interactions with PingFederate.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Clever SSO\u003C\u002Fstrong>\u003Cbr \u002F>\nOauth Single sign-on plugin supports WordPress Login with Clever for users (teachers, students, admins) and integrates with LearnDash to sync lessons and assignments. It also provides SSO with other IDPs like ClassLink, Google Classroom, and Canvas, as well as any Identity Provider (SAML, OAuth, OpenID Connect, Active Directory, databases) via miniOrange IDP.\u003C\u002Fp>\n\u003Ch4>FREE VERSION FEATURES\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress Single Sign-On OAuth & OpenID Connect Login supports unlimited SSO with any 3rd party OAuth & OpenID Connect server or custom OAuth & OpenID Connect server like AWS Cognito, Azure AD, Azure AD B2C, Office 365, Google Apps, etc.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress Single Sign-On  Grant Support\u003C\u002Fstrong> – Standard OAuth2 Grant: Authorization Code\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Auto Create Users ( User Provisioning )\u003C\u002Fstrong> : After Single Sign On, a new user automatically gets created in WordPress\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Account Linking\u003C\u002Fstrong> : After SSO, if the user already exists in WordPress, then their profile gets updated. Else, a new WordPress User is created.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Attribute Mapping\u003C\u002Fstrong> : OAuth Login allows you to map your Identity Provider’s unique attribute with WordPress Username Attribute.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Login Widget\u003C\u002Fstrong> : Use Widgets to integrate the Single Sign-On login on your WordPress site easily.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>OpenID Connect & OAuth Provider Support\u003C\u002Fstrong> : WordPress Single Sign On (OAuth Login) supports any OpenID Connect & OAuth Provider seamless Single Sign-On.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Redirect URL after Login\u003C\u002Fstrong> : WordPress Single Sign On (OAuth Login) automatically redirects the user after successful Single Sign-On login.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Logging\u003C\u002Fstrong> : If you run into issues, WordPress Single Sign On (OAuth Login) can be helpful to enable debug logging.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>PAID FEATURES\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>WordPress Single Sign-On Grant Support\u003C\u002Fstrong>: Standard OAuth2 Grants including \u003Cstrong>Authorization Code\u003C\u002Fstrong>, \u003Cstrong>Implicit Grant\u003C\u002Fstrong>, \u003Cstrong>Password Grant\u003C\u002Fstrong>, \u003Cstrong>Refresh Token Grant\u003C\u002Fstrong>, \u003Cstrong>Client Credential Grant\u003C\u002Fstrong>, \u003Cstrong>authorization code grant with PKCE flow\u003C\u002Fstrong>, and \u003Cstrong>Hybrid Grant\u003C\u002Fstrong> (Customization Available)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Auto Register Users\u003C\u002Fstrong>: Automatic user registration after SSO if the user is not already registered with your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Attribute Mapping\u003C\u002Fstrong>: Ability to map WordPress user profile attributes, such as username, first name, last name, and email.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Role Mapping\u003C\u002Fstrong>: Assign roles to users based on defined rules through Single Sign-On.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Force Authentication \u002F Protect Complete Site\u003C\u002Fstrong>: Protect the entire website for public users and grant access only to authenticated users through Single Sign-on.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Attribute Mapping\u003C\u002Fstrong>: Map custom user attributes received from OAuth \u002F OpenID Connect providers to any WordPress user attribute for Single Sign-On.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multiple OAuth & OpenID Connect Provider Support\u003C\u002Fstrong>: Support for multiple SSO providers.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Single Login button for Multiple Apps\u003C\u002Fstrong>: Provides a single login button for multiple providers.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Extended OAuth API Support\u003C\u002Fstrong>: Extend OAuth \u002F OpenID Connect API support for enhanced Single Sign-On functionality.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress Single Sign-On Login Reports\u003C\u002Fstrong>: Generate user login and registration reports based on the application used for SSO.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enable \u002F Disable WordPress Default Login\u003C\u002Fstrong>: Option to disable the default WordPress login form and use SSO instead.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>FrontChannel & BackChannel Single Logout Support\u003C\u002Fstrong>: Allows users to be logged out from WordPress as well as the IDP through Single Sign-On.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Third-Party Plugin Compatibility for Single Sign-On\u003C\u002Fstrong>: Compatible with WooCommerce and other third-party plugins for seamless Single Sign-On integration.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Add-on Support with Plugin\u003C\u002Fstrong>: Support for various add-ons including SCIM User Provisioning, Page & Post Restriction, BuddyPress Integration, Login Form Add-on, LearnDash Integration, Media Restriction, Attribute\u002FMembership-Based Redirection, SSO Session Management, Paid Membership Pro Integrator, WooCommerce Integrator, SSO Login Audit, Memberpress Integration, and Guest User Login.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No SSL Restriction\u003C\u002Fstrong>: Allows SSO login without SSL or HTTPS-enabled site using Google credentials or any other app.\u003C\u002Fli>\n\u003C\u002Ful>\n","WordPress SSO (Single Sign On) with Azure, Azure B2C, Cognito, Okta, Classlink, Discord, Clever, Keycloak, OAuth & OpenID Providers [24\u002F7 SUPPORT].",7000,266899,98,315,"2025-12-15T05:56:00.000Z","3.0.1","7.0",[22,139,140,141,24],"oauth-2-0","openid","single-sign-on","https:\u002F\u002Fwww.miniorange.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fminiorange-login-with-eve-online-google-facebook.6.26.17.zip",82,10,"2026-02-05 18:30:28",{"attackSurface":148,"codeSignals":221,"taintFlows":248,"riskAssessment":299,"analyzedAt":308},{"hooks":149,"ajaxHandlers":217,"restRoutes":218,"shortcodes":219,"cronEvents":220,"entryPointCount":29,"unprotectedCount":29},[150,156,161,164,168,172,176,180,185,189,193,197,200,204,208,211,215],{"type":151,"name":152,"callback":153,"priority":145,"file":154,"line":155},"filter","allowed_redirect_hosts","gal_allowed_redirect_hosts","core\\core_google_apps_login.php",651,{"type":157,"name":158,"callback":159,"file":154,"line":160},"action","admin_notices","ga_admin_auth_message",846,{"type":157,"name":162,"callback":159,"file":154,"line":163},"network_admin_notices",849,{"type":151,"name":165,"callback":166,"priority":145,"file":154,"line":167},"user_profile_picture_description","gal_user_profile_picture_description",856,{"type":157,"name":169,"callback":170,"file":154,"line":171},"plugins_loaded","ga_plugins_loaded",1734,{"type":157,"name":173,"callback":174,"file":154,"line":175},"login_enqueue_scripts","ga_login_styles",1736,{"type":157,"name":177,"callback":178,"file":154,"line":179},"login_form","ga_login_form",1737,{"type":151,"name":181,"callback":182,"priority":183,"file":154,"line":184},"authenticate","ga_authenticate",5,1738,{"type":151,"name":186,"callback":187,"priority":183,"file":154,"line":188},"login_redirect","ga_login_redirect",1740,{"type":157,"name":190,"callback":191,"priority":28,"file":154,"line":192},"init","ga_init",1741,{"type":157,"name":194,"callback":195,"priority":183,"file":154,"line":196},"admin_init","ga_admin_init",1743,{"type":151,"name":198,"callback":198,"file":154,"line":199},"gal_get_clientid",1747,{"type":157,"name":201,"callback":202,"priority":145,"file":154,"line":203},"upgrader_process_complete","my_upgrade_function",1749,{"type":151,"name":205,"callback":206,"priority":145,"file":154,"line":207},"network_admin_plugin_action_links","ga_plugin_action_links",1752,{"type":151,"name":209,"callback":206,"priority":145,"file":154,"line":210},"plugin_action_links",1755,{"type":157,"name":158,"callback":212,"file":213,"line":214},"ga_user_screen_upgrade_message","google_apps_login.php",203,{"type":157,"name":162,"callback":212,"file":213,"line":216},206,[],[],[],[],{"dangerousFunctions":222,"sqlUsage":227,"outputEscaping":229,"fileOperations":245,"externalRequests":28,"nonceChecks":28,"capabilityChecks":246,"bundledLibraries":247},[223],{"fn":224,"file":225,"line":55,"context":226},"unserialize","core\\Google\\Cache\\File.php","$data =  unserialize($data);",{"prepared":29,"raw":29,"locations":228},[],{"escaped":230,"rawEcho":231,"locations":232},118,6,[233,236,238,240,241,243],{"file":154,"line":234,"context":235},386,"raw output",{"file":154,"line":237,"context":235},390,{"file":154,"line":239,"context":235},1045,{"file":154,"line":118,"context":235},{"file":213,"line":242,"context":235},236,{"file":213,"line":244,"context":235},237,14,2,[],[249,268,276,291],{"entryPoint":250,"graph":251,"unsanitizedCount":28,"severity":41},"attempt_upload (core\\keyfile_uploader.php:25)",{"nodes":252,"edges":265},[253,259],{"id":254,"type":255,"label":256,"file":257,"line":258},"n0","source","$_FILES","core\\keyfile_uploader.php",54,{"id":260,"type":261,"label":262,"file":257,"line":263,"wp_function":264},"n1","sink","file_get_contents() [SSRF\u002FLFI]",55,"file_get_contents",[266],{"from":254,"to":260,"sanitized":267},false,{"entryPoint":269,"graph":270,"unsanitizedCount":28,"severity":41},"\u003Ckeyfile_uploader> (core\\keyfile_uploader.php:0)",{"nodes":271,"edges":274},[272,273],{"id":254,"type":255,"label":256,"file":257,"line":258},{"id":260,"type":261,"label":262,"file":257,"line":263,"wp_function":264},[275],{"from":254,"to":260,"sanitized":267},{"entryPoint":277,"graph":278,"unsanitizedCount":29,"severity":290},"ga_options_do_network_errors (core\\core_google_apps_login.php:991)",{"nodes":279,"edges":287},[280,283],{"id":254,"type":255,"label":281,"file":154,"line":282},"$_REQUEST",1010,{"id":260,"type":261,"label":284,"file":154,"line":285,"wp_function":286},"echo() [XSS]",1017,"echo",[288],{"from":254,"to":260,"sanitized":289},true,"low",{"entryPoint":292,"graph":293,"unsanitizedCount":29,"severity":290},"\u003Ccore_google_apps_login> (core\\core_google_apps_login.php:0)",{"nodes":294,"edges":297},[295,296],{"id":254,"type":255,"label":281,"file":154,"line":282},{"id":260,"type":261,"label":284,"file":154,"line":285,"wp_function":286},[298],{"from":254,"to":260,"sanitized":289},{"summary":300,"deductions":301},"The 'google-apps-login' plugin version 3.5.2 exhibits a generally positive security posture with a strong emphasis on secure coding practices. The absence of any unprotected entry points, a high percentage of properly escaped output, and the exclusive use of prepared statements for SQL queries are commendable. Furthermore, the plugin demonstrates an awareness of WordPress security by implementing nonce and capability checks. However, the presence of the `unserialize` function, even if not immediately exploitable due to limited attack surface, represents a potential point of concern that could be leveraged if input handling were to change in future versions.  The plugin's vulnerability history, with a single medium severity Cross-Site Scripting (XSS) vulnerability patched in late 2022, suggests a track record of addressing security issues promptly. While the attack surface is commendably low and no critical or high severity taint flows were detected, the use of `unserialize` warrants careful monitoring and consideration for mitigation if possible.",[302,304,306],{"reason":303,"points":145},"Use of unserialize function",{"reason":305,"points":183},"Flows with unsanitized paths",{"reason":307,"points":69},"Past medium severity XSS vulnerability","2026-03-16T17:44:00.826Z",{"wat":310,"direct":317},{"assetPaths":311,"generatorPatterns":314,"scriptPaths":315,"versionParams":316},[312,313],"\u002Fwp-content\u002Fplugins\u002Fgoogle-apps-login\u002Fimg\u002Fbasic_loginupgrade.png","\u002Fwp-content\u002Fplugins\u002Fgoogle-apps-login\u002Fimg\u002Fbasic_driveplugin.png",[],[],[],{"cssClasses":318,"htmlComments":323,"htmlAttributes":324,"restEndpoints":327,"jsGlobals":328,"shortcodeOutput":329},[319,320,321,322],"gal-tableright","gal-tablecell","galtab","ul-disc",[],[325,326],"id=\"gal-tableright\"","id=\"domain-section\"",[],[],[]]