[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fzjjqssJaGVh6kvALALTXnHWBfwNNDsk4tIexjcAxkIo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":15,"tags":18,"homepage":15,"download_link":24,"security_score":13,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":34,"analysis":35,"fingerprints":89},"node-wpapi-auth","EASY-JS-WPAPI Client HANDLE for the WordPress REST-API","2.0","Oluwasegun Somefun","https:\u002F\u002Fprofiles.wordpress.org\u002Foluwasegun27\u002F","\u003Ch3>Short Description\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Easily talk with the WordPress REST-API to access and display your WordPress (model) data without\u003Cbr \u002F>\nrest-authentication errors when creating Javascript Themes for consistent views by all users\u002Fclients accessing\u003Cbr \u002F>\nyour WordPress site.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Description and Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>We chose the bundled node-wpapi isomorphic Javascript client, because it is the simplest way to get up and running\u003Cbr \u002F>\nquickly to display live website data in your installed WordPress website, using a Javascript-controlled Theme or Plugin\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>The WEB Landscape is changing. Today, we can use Javascript to build WordPress Themes. WordPress becomes our Model,\u003Cbr \u002F>\nwhich we can theme with Javascript using the WordPress REST-API.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>This plugin was developed to make life easy for web developers who which to create full-fledged\u003Cbr \u002F>\nJavascript WordPress Themes OR  Javascript-PHP WordPress Themes using a Javascript Framework\u002FLibrary like:\u003Cbr \u002F>\njQuery, React, OpenUI5, et.c. for use in a WordPress installation with the wpapi.js rest-client.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>It relies on the node-wpapi isomorphic javascript client to access the WP REST-API. The problem with accessing\u003Cbr \u002F>\nthe REST-API using javascript-clients is the headache of authentication issues and private data access, which can\u003Cbr \u002F>\nhamper fluid display of the web-page, leading to rest-errors when using Javascript to display the data.\u003Cbr \u002F>\nThis plugin works under the hood and makes the javascript-client object, ‘wp’ that interfaces with the WP REST-API\u003Cbr \u002F>\nglobally accessible for direct and easy use in a javascript(.js) file under the scope of a WordPress installation.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>It handles three authentication use cases: admin user, non-admin user and for a client from inside a WP installation.\u003Cbr \u002F>\nSay your WordPress website url is e.g: http:\u002F\u002Ftalker-test.com or http:\u002F\u002Flocalhost:8080\u003Cbr \u002F>\nWordPress switches to Cookie WP Authentication for  switched to when an administrator is currently logged in to\u003Cbr \u002F>\nthe WordPress installation. Basic WP-Authentication is switched to when a Client accesses your WordPress website\u003Cbr \u002F>\nWhen an authenticated non-admin user, like an Author or Subscriber is currently logged in to your website,\u003Cbr \u002F>\nit displays data using Basic WP-Authentication.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>We then make the WPAPI global as a globally scoped javascript object, wp,\u003Cbr \u002F>\nfor use in a WordPress Installation to talk with the WP REST-API on the go.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>So, with added ease, you can start building your next Javascript Themes for WordPress, or accessing the WP REST-API\u003Cbr \u002F>\nSo start coding  and talking with the WordPress REST-API and display consistent, unhindered data,\u003Cbr \u002F>\nas you permit to all your clients, and users.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>See Demo WP Installation that shows how this plugin is used to display live website data from the WordPress REST-API\u003Cbr \u002F>\nIn it we created a sample JS-controlled WordPress theme using jQuery and the ‘wp’ object provided by our bundled\u003Cbr \u002F>\njavascript client, which our plugin has made globally scoped and authenticated.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>For more info. and examples, you can check out the documentation\u003Cbr \u002F>\nof the node-wpapi javascript client at wp-api.org\u002Fnode-wpapi\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Testing\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Go to https:\u002F\u002Fsomefunagba.github.io\u002Feasyjs-wpapi-rest-client-handle\u002F\u003C\u002Fli>\n\u003Cli>Click on the Demo link: Download a sample zipped Javascript Theme and a .xml import file.\u003C\u002Fli>\n\u003Cli>Copy the theme to your Local WordPress Themes directory and Activate it.\u003C\u002Fli>\n\u003Cli>If your WP installation has no posts or a single post. Import the downloaded .xml posts\u003C\u002Fli>\n\u003Cli>Go to your site-url homepage e.g: http:\u002F\u002Flocalhost:8080\u002F\u003C\u002Fli>\n\u003Cli>You should see a demo Blog\u002FNews themed website.[Demo Website Image]\u003C\u002Fli>\n\u003Cli>Inside the Theme folder, You can play with this theme’s index.js and footer.js files.\u003C\u002Fli>\n\u003C\u002Ful>\n","Short Description",10,3165,100,1,"","4.8.28","4.8",[19,20,21,22,23],"basic-authentication","cookie-authentication","javascript-client","node-wpapi","wpapi","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnode-wpapi-auth.2.0.zip",0,null,"2026-03-15T10:48:56.248Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":11,"avg_security_score":13,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"oluwasegun27",30,94,"2026-04-04T21:07:39.284Z",[],{"attackSurface":36,"codeSignals":76,"taintFlows":84,"riskAssessment":85,"analyzedAt":88},{"hooks":37,"ajaxHandlers":72,"restRoutes":73,"shortcodes":74,"cronEvents":75,"entryPointCount":25,"unprotectedCount":25},[38,45,47,51,56,60,62,64,68],{"type":39,"name":40,"callback":41,"priority":42,"file":43,"line":44},"filter","determine_current_user","the_wp_basic_auth_handler",20,"easy-js-wpapi.php",79,{"type":39,"name":40,"callback":41,"priority":42,"file":43,"line":46},90,{"type":39,"name":48,"callback":49,"file":43,"line":50},"rest_authentication_errors","basic_auth_error",106,{"type":52,"name":53,"callback":54,"file":43,"line":55},"action","wp_enqueue_scripts","closure",133,{"type":52,"name":57,"callback":54,"file":58,"line":59},"admin_enqueue_scripts","functions.php",9,{"type":52,"name":57,"callback":54,"file":58,"line":61},15,{"type":52,"name":57,"callback":54,"file":58,"line":63},44,{"type":52,"name":65,"callback":66,"file":67,"line":59},"admin_init","register_easy_js_wpapi_plugin_options","options.php",{"type":52,"name":69,"callback":70,"file":67,"line":71},"admin_menu","easy_js_wpapi_plugin_menu",21,[],[],[],[],{"dangerousFunctions":77,"sqlUsage":78,"outputEscaping":80,"fileOperations":25,"externalRequests":25,"nonceChecks":25,"capabilityChecks":14,"bundledLibraries":83},[],{"prepared":25,"raw":25,"locations":79},[],{"escaped":81,"rawEcho":25,"locations":82},6,[],[],[],{"summary":86,"deductions":87},"The node-wpapi-auth v2.0 plugin exhibits a very strong security posture based on the provided static analysis. The plugin demonstrates excellent adherence to secure coding practices, with no identified unprotected entry points, dangerous functions, raw SQL queries, or file operations. All identified output is properly escaped, and SQL queries exclusively use prepared statements.  The single capability check present suggests at least some level of access control is implemented, further bolstering its security.\n\nThe lack of any taint analysis findings, coupled with zero known vulnerabilities and no historical security issues, indicates a mature and well-maintained codebase. The absence of external HTTP requests and bundled libraries also minimizes potential attack vectors commonly found in other plugins. The overall design appears to prioritize security by minimizing its attack surface and employing robust defensive measures.\n\nIn conclusion, the node-wpapi-auth v2.0 plugin is assessed as highly secure. Its strengths lie in its minimal attack surface, strict adherence to secure coding principles, and a completely clean vulnerability history. There are no immediate security concerns identified based on the provided data, making it a low-risk plugin.",[],"2026-03-16T23:17:41.012Z",{"wat":90,"direct":101},{"assetPaths":91,"generatorPatterns":98,"scriptPaths":99,"versionParams":100},[92,93,94,95,96,97],"\u002Fwp-content\u002Fplugins\u002Fnode-wpapi-auth\u002Fwpapi.min.js","\u002Fwp-content\u002Fplugins\u002Fnode-wpapi-auth\u002Feasy-js-wpapi.js","\u002Fwp-content\u002Fplugins\u002Fnode-wpapi-auth\u002Foptions.css","\u002Fwp-content\u002Fplugins\u002Fnode-wpapi-auth\u002Ffont-awesome\u002Fcss\u002Ffont-awesome.min.css","\u002Fwp-content\u002Fplugins\u002Fnode-wpapi-auth\u002Ffont-awesome-animation\u002Ffont-awesome-animation.min.css","\u002Fwp-content\u002Fplugins\u002Fnode-wpapi-auth\u002Foptions.js",[],[92,93,97],[],{"cssClasses":102,"htmlComments":103,"htmlAttributes":112,"restEndpoints":115,"jsGlobals":117,"shortcodeOutput":120},[],[104,105,106,107,108,109,110,111],"\u003C!-- Start: Modified WordPress HTTP Basic Authentication. -->","\u003C!-- End: Modified JSON Basic Authentication. -->","\u003C!-- Register and Enqueue the NODE-WPAPI pre-built wpapi.js script; -->","\u003C!-- Register, Localize and Enqueue the first-party script -->","\u003C!-- First Created by Oluwasegun Somefun -->","\u003C!-- Enqueue styling for this plugin's options page -->","\u003C!-- Enqueue styling for css styles used by this plugin -->","\u003C!-- Enqueue options.js script for our settings page: options.php -->",[113,114],"data-userstate","data-adminstate",[116],"\u002Fwp-json\u002F",[118,119],"WP_API_Settings","EasyJS_WPAPI_Options",[]]