WP-Safety

oneTap – Easy Google Sign In Prompt Security & Risk Analysis

wordpress.org/plugins/onetap

oneTap - One Tab Google Sign In plugin allows you to get more users for your shop, directory, magazine, portal, and booking site.

100 active installs v1.0.9 PHP 7.2+ WP 5.2+ Updated Sep 1, 2024
googleloginone-tabsignupsocial-login
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is oneTap – Easy Google Sign In Prompt Safe to Use in 2026?

Generally Safe

Score 92/100

oneTap – Easy Google Sign In Prompt has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The "onetap" v1.0.9 plugin exhibits a strong security posture based on the provided static analysis and vulnerability history. The code analysis reveals no critical vulnerabilities, dangerous functions, or untainted flows. All SQL queries are properly prepared, and output escaping is consistently applied, indicating good development practices. The presence of nonce and capability checks on entry points further strengthens its defense against common web exploits. Furthermore, the complete lack of recorded CVEs, both historical and current, suggests a history of responsible development and prompt patching, if any issues have ever arisen.

While the plugin demonstrates many positive security attributes, a minor concern is the inclusion of the Guzzle bundled library. Without specific version information, it's impossible to assess if this library is up-to-date and free from known vulnerabilities. However, this is a general concern for bundled libraries and not a specific, high-risk finding for this plugin based on the provided data. The limited attack surface (primarily one shortcode) is also a positive factor, as it reduces the potential for exploitation.

Key Concerns

  • Bundled library Guzzle (version not specified)
Vulnerabilities
None known

oneTap – Easy Google Sign In Prompt Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

oneTap – Easy Google Sign In Prompt Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
3 prepared
Unescaped Output
0
25 escaped
Nonce Checks
2
Capability Checks
2
File Operations
1
External Requests
0
Bundled Libraries
1

Bundled Libraries

Guzzle

SQL Query Safety

100% prepared3 total queries

Output Escaping

100% escaped25 total outputs
Attack Surface

oneTap – Easy Google Sign In Prompt Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[onetap_google_login_button] app\Module\Login_Widget\Model\One_Tap_Widget.php:48
WordPress Hooks 18
actionadmin_menuapp\Module\Core\Admin\Admin_Menu.php:10
actionadmin_enqueue_scriptsapp\Module\Core\Asset\Admin_Asset.php:16
actionwp_enqueue_scriptsapp\Module\Core\Asset\Public_Asset.php:15
actionrest_api_initapp\Module\Core\Rest_API\Base.php:22
filterexlac_customer_support_app_rest_check_permissionsapp\Module\Core\Rest_API\Rest_Filters.php:15
actionwp_enqueue_scriptsapp\Module\Login_Widget\Asset\Assets.php:11
actionlogin_enqueue_scriptsapp\Module\Login_Widget\Asset\Assets.php:12
actionlogin_footerapp\Module\Login_Widget\Asset\Assets.php:13
actioninitapp\Module\Login_Widget\Model\Controller.php:22
actionwp_footerapp\Module\Login_Widget\Model\One_Tap_Widget.php:15
actionlogin_footerapp\Module\Login_Widget\Model\One_Tap_Widget.php:16
actioninitapp\Module\Login_Widget\Model\One_Tap_Widget.php:17
actionlogin_formapp\Module\Login_Widget\Model\One_Tap_Widget.php:20
actionwoocommerce_login_form_startapp\Module\Login_Widget\Model\One_Tap_Widget.php:21
actionatbdp_before_login_form_endapp\Module\Login_Widget\Model\One_Tap_Widget.php:25
actionatbdp_before_user_registration_submitapp\Module\Login_Widget\Model\One_Tap_Widget.php:26
actionadmin_enqueue_scriptsapp\Module\Settings_Panel\Asset\Admin_Asset.php:18
actionplugins_loadedapp.php:21
Maintenance & Trust

oneTap – Easy Google Sign In Prompt Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5
Last updatedSep 1, 2024
PHP min version7.2
Downloads8K

Community Trust

Rating80/100
Number of ratings4
Active installs100
Alternatives

oneTap – Easy Google Sign In Prompt Alternatives

One Tap Google Sign in

One Tap Google Sign in

one-tap-google-sign-in

A
85

Allows users to add Google One Tap Sign-in Or Sign-up to wordpress website.

1K No CVEs
Nextend Social Login and Register

Nextend Social Login and Register

nextend-facebook-connect

A
89

One click registration & login plugin for Facebook, Google, X (formerly Twitter) and more. Quick setup and easy configuration.

200K 6 CVEs
miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn)

miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn)

miniorange-login-openid

C
56

Social Login with Discord, Facebook, Google, Twitter, LinkedIn and 40+ apps. Social login with social share and comments. Free, fast & easy! WooCo …

10K 1 unpatched
UsersWP – Social Login

UsersWP – Social Login

userswp-social-login

A
100

Social Login addon for UsersWP.

2K No CVEs
Happy Social Login

Happy Social Login

happy-social-login

A
92

Enables user authentication through various social media accounts. Login through Google, Facebook, LinkedIn, GitHub and more.

100 No CVEs
Developer Profile

oneTap – Easy Google Sign In Prompt Developer Profile

Exlac

3 plugins · 300 total installs

85
trust score
Avg Security Score
87/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect oneTap – Easy Google Sign In Prompt

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/onetap/assets/css/core-public.css/wp-content/plugins/onetap/assets/js/core-public.js
Script Paths
https://accounts.google.com/gsi/client

HTML / DOM Fingerprints

JS Globals
oneTap_CoreScriptData
REST Endpoints
/wp-json/exlac_cs/v1
Shortcode Output
<script type="text/javascript"> jQuery("#wp-login-google-login-button").prependTo("#loginform"); </script>
FAQ

Frequently Asked Questions about oneTap – Easy Google Sign In Prompt