Open Source Software Contributions Security & Risk Analysis
wordpress.org/plugins/open-source-software-contributionsDisplays Pull Request links from GitHub for Open Source Software Contributions simply add [ossc] shortcode to your page and configure settings.
Is Open Source Software Contributions Safe to Use in 2026?
Generally Safe
Score 92/100Open Source Software Contributions has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The 'open-source-software-contributions' plugin v1.1.3 exhibits a strong security posture based on the provided static analysis and vulnerability history. The plugin demonstrates excellent adherence to secure coding practices, with no dangerous functions, all SQL queries utilizing prepared statements, and all output properly escaped. Furthermore, the absence of file operations and external HTTP requests (excluding one, which needs scrutiny) limits the potential attack surface. The presence of a nonce check further bolsters security for its limited entry points.
However, a few areas warrant attention. The lack of capability checks on any entry points is a significant concern, meaning that any user, regardless of their role, could potentially trigger the plugin's functionality. The single external HTTP request, while not inherently problematic, could be a vector for certain types of attacks if the target is compromised or if sensitive data is sent without proper validation or encryption. The vulnerability history is remarkably clean, suggesting a well-maintained and secure plugin up to this point. This lack of past issues is a positive indicator, but it doesn't negate the risks identified in the static analysis.
In conclusion, while the plugin is built on solid secure coding foundations, the absence of capability checks presents a notable risk. The single external HTTP request should also be investigated. These are critical points to address to ensure a truly robust security profile. The excellent handling of SQL queries and output escaping are significant strengths.
Key Concerns
- Missing capability checks on entry points
- One external HTTP request without details
Open Source Software Contributions Security Vulnerabilities
Open Source Software Contributions Code Analysis
SQL Query Safety
Output Escaping
Open Source Software Contributions Attack Surface
WordPress Hooks 6
Scheduled Events 1
Maintenance & Trust
Open Source Software Contributions Maintenance & Trust
Maintenance Signals
Community Trust
Open Source Software Contributions Alternatives
Github Embed
github-embed
Plugin that allows you to embed details from GitHub just by pasting in the URL as you would any other embed source. Currently supports:
WP Plugin Info Card
wp-plugin-info-card
Plugin Info Card displays plugins & themes data in beautiful cards using WP APIs. Custom plugins, EDD, and GitHub Info Cards are supported.
Static Site Exporter
jekyll-exporter
Features
Pastacode
pastacode
Use Pastacode to add code into your posts with the awesome PrismJs coloration library. So, past'a code!
Embed Block for GitHub
embed-block-for-github
Easily embed GitHub repositories in Gutenberg Editor.
Open Source Software Contributions Developer Profile
3 plugins · 600 total installs
How We Detect Open Source Software Contributions
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/open-source-software-contributions/css/admin-ossc.cssHTML / DOM Fingerprints
ossc_admin_divossc_tableossc_trossc_thossc_tdossc_input<!-- Display the plugin's settings page --><!-- Add a "Settings" link for the plugin in the WordPress admin --><!-- Create the plugin's settings page in the WordPress admin menu --><!-- Add a settings link in the plugins list -->+4 morename="github_api_key"name="github_repos"name="github_users"class="ossc_input"[ossc]