[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fHqVctLXT1Ox7QTphDo6k-QkK_45liwAZdSAgohMZcdo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":35,"analysis":142,"fingerprints":255},"rownd-accounts-and-authentication","Rownd — Instant user accounts and authentication","1.3.3","rownd","https:\u002F\u002Fprofiles.wordpress.org\u002Frownd\u002F","\u003Cp>Rownd is a user authentication and account platform that helps you convert more visitors to your website into actual (paying) customers.\u003C\u002Fp>\n\u003Cp>We’re focused on passwordless sign-in that uses email and SMS as a means of distributing authentication links that allow users to verify\u003Cbr \u002F>\ntheir email\u002Fphone after they’ve had the opportunity to explore your product or service.\u003C\u002Fp>\n\u003Cp>When you install the Rownd plugin for WordPress, you’ll bring our powerfully simple authentication and user account capabilities into\u003Cbr \u002F>\nyour website, blog, or ecommerce site.\u003C\u002Fp>\n\u003Cp>Rownd integrates with the existing WordPress user management system, which means we’re compatible with WooCommerce and many other\u003Cbr \u002F>\nWordPress addons! We’ll also detect whether you have WooCommerce installed and provide options to customize your customer experience\u003Cbr \u002F>\nduring the checkout process.\u003C\u002Fp>\n\u003Cp>Whether you’re accepting user signups already or want to start, Rownd makes it super-simple to get visitors and customers up and running quickly.\u003Cbr \u002F>\nEasily trigger our sign-in dialog by setting some HTML data attributes in your code or writing some simple Javascript and we’ll handle getting\u003Cbr \u002F>\nyour users verified and signed in using our unique, passwordless approach.\u003C\u002Fp>\n\u003Cp>To get started, you’ll need:\u003C\u002Fp>\n\u003Col>\n\u003Cli>A free \u003Ca href=\"https:\u002F\u002Fapp.rownd.io\" rel=\"nofollow ugc\">Rownd account\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>A Rownd app key\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Once you install this plugin, drop your app key and secret into our settings and you’ll be good to go!\u003C\u002Fp>\n\u003Cp>Usage of this plugin is governed by Rownd’s \u003Ca href=\"https:\u002F\u002Frownd.io\u002Fterms-and-conditions\" rel=\"nofollow ugc\">terms of service\u003C\u002Fa>.\u003C\u002Fp>\n","Instantly turn visitors into users with Rownd's radically simple, user-centric authentication.",10,2187,0,"2023-04-11T14:41:00.000Z","6.6.5","4.5","7.2",[19,20,21,22,23],"accounts","authentication","profile","users","woocommerce","https:\u002F\u002Fgithub.com\u002Frownd\u002Fwordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frownd-accounts-and-authentication.1.3.4.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},1,30,84,"2026-04-04T03:58:37.963Z",[36,57,79,100,123],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":55,"download_link":56,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wc-password-strength-settings","Password Strength Settings for WooCommerce","3.0.1","Danny Santoro","https:\u002F\u002Fprofiles.wordpress.org\u002Fdanielsantoro\u002F","\u003Cp>Help secure your WooCommerce site by enforcing stronger passwords and taking additional control of your strength requirements.\u003C\u002Fp>\n\u003Ch3>What does this plugin do?\u003C\u002Fh3>\n\u003Cp>WooCommerce has an integrated Password Strength Meter which forces users to use strong passwords. Sometimes this isn’t desirable – with this plugin, you can choose between five password levels ranging from “Anything Goes” to “Strong Passwords Only”. In addition, you can modify the colors and appearance of these custom messages, as well as modify or remove the password hint. For details on how the password strength is determined, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FDanielSantoro\u002Fwc-password-strength-settings\u002Fwiki\u002FHow-Password-Strength-is-Determined\" rel=\"nofollow ugc\">please read the documentation here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>What’s New?\u003C\u002Fh4>\n\u003Cp>Version 3.0.0 is a bit of a rewrite to bring the plugin up to modern coding standards. Functionality should not be impacted, but if it is, please reach out on the support forums.\u003C\u002Fp>\n\u003Cp>Version 3.0.1 is simply a hotfix declaring compatibility with WooCommerce HPOS. Since this plugin doesn’t touch anything with the orders or order metadata, it shouldn’t be impacted at all. \u003Cem>However\u003C\u002Fem>, if you notice any issues then please reach out via the contact form on my website.\u003C\u002Fp>\n\u003Ch4>Notes\u003C\u002Fh4>\n\u003Cp>While this does allow for user accounts to have weaker passwords, it’s a good idea to still encourage strong password use – \u003Cem>especially\u003C\u002Fem> for administrators!\u003C\u002Fp>\n\u003Ch4>Planned Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Option to remove “- Please enter a stronger password.” that is added by WordPress.\u003C\u002Fli>\n\u003Cli>Nothing else at the moment, but let me know if you have any ideas.\u003C\u002Fli>\n\u003C\u002Ful>\n","Help secure your WooCommerce site by enforcing stronger passwords and taking additional control of your strength requirements.",10000,176985,90,24,"2023-10-11T20:51:00.000Z","6.3.8","5.8","",[19,53,54,22,23],"passwords","security","https:\u002F\u002Fdanielsantoro.com\u002Fproject\u002Fwoocommerce-password-strength-settings-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwc-password-strength-settings.zip",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":11,"downloaded":65,"rating":66,"num_ratings":31,"last_updated":67,"tested_up_to":15,"requires_at_least":68,"requires_php":51,"tags":69,"homepage":75,"download_link":76,"security_score":77,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":78},"wp-mechanic","WP Mechanic","1.6.9","Fahad Mahmood","https:\u002F\u002Fprofiles.wordpress.org\u002Ffahadmahmood\u002F","\u003Cul>\n\u003Cli>\n\u003Cp>Author: \u003Ca href=\"http:\u002F\u002Fwww.androidbubbles.com\u002Fcontact\" rel=\"nofollow ugc\">Fahad Mahmood\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Project URI: \u003Ca href=\"https:\u002F\u002Fandroidbubble.com\u002Fblog\u002Fwordpress\u002Fplugins\u002Fwordpress-mechanic\" rel=\"nofollow ugc\">https:\u002F\u002Fandroidbubble.com\u002Fblog\u002Fwordpress\u002Fplugins\u002Fwordpress-mechanic\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>w3 Existence: \u003Ca href=\"https:\u002F\u002Fwpmechanic.wordpress.com\u002F2014\u002F09\u002F25\u002Fwordpress-mechanic-around-the-world\" rel=\"nofollow ugc\">https:\u002F\u002Fwpmechanic.wordpress.com\u002F2014\u002F09\u002F25\u002Fwordpress-mechanic-around-the-world\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>License: GPL 3. See License below for copyright jots and tittles.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>WordPress Mechanic is a combination of FAQ feeds, malware scanner, deprecated functions scanner and many other useful utilities. You don’t need to google every small issue, just browse with your WordPress mechanic or ask a new question if you are tired of searching and still not getting the desired answer. You are welcome to query anything, WordPress mechanic will provide you the ultimate support. This plugin will bridge the gap for developer who don’t have time to go to community sites and search for questions to answer. They will see the questions on their dashboard and will reply to you. You can appreciate them through the same way, every answer will have a donate link of relevant user. That can be anyone, either a developer or any WordPress geek. By this both users and developers will save their time. The idea behind this plugin is to speedup the learning process. People will ask anything without hesitation either a newbie thing. But we will moderate questions and answers because we are here to deliver the value so quality matters.\u003C\u002Fp>\n\u003Cp>Important!\u003C\u002Fp>\n\u003Cp>1- You can ask questions to WordPress experts.\u003C\u002Fp>\n\u003Cp>2- You can learn WordPress in better way without hesitation.\u003C\u002Fp>\n\u003Cp>3- If you are a WordPress expert, then you can reply to the answers and put your donate link in specific field. If user will love your support, you might be appreciated.\u003C\u002Fp>\n\u003Cp>4- WordPress Mechanic API is in testing phase as beta version so that will be launched soon. But still questions can be asked and a no. of WordPress experts are available to help you on your dashboard.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>The WordPress Mechanic plugin is copyright © 2010-2020 by Fahad Mahmood. It uses custom code written by Fahad Mahmood or taken from open discussion forum(s) according to the terms of the [GNU General Public License][]. This program is free software; you can redistribute it and\u002For modify it under the terms of the [GNU General Public License][] as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. GNU General Public License]: http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\u003C\u002Fp>\n","WP Mechanic is a combination of WordPress and Android Playstore Applications. Experience a set of hybrid software applications.",4526,100,"2024-11-04T12:34:00.000Z","3.0",[70,71,72,73,74],"hybrid-application","users-list-and-users-roles","users-profiles-like-administrators-authors-and-contributors","woocommerce-customers","wordpress-and-android-users","http:\u002F\u002Fandroidbubble.com\u002Fblog\u002Fwordpress-mechanic","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-mechanic.1.6.9.zip",92,"2026-03-15T14:54:45.397Z",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":89,"num_ratings":90,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":94,"tags":95,"homepage":98,"download_link":99,"security_score":66,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"user-switching","User Switching","1.11.2","John Blackbourn","https:\u002F\u002Fprofiles.wordpress.org\u002Fjohnbillion\u002F","\u003Cp>This plugin allows you to quickly swap between user accounts in WordPress at the click of a button. You’ll be instantly logged out and logged in as your desired user. This is handy for helping customers on WooCommerce sites, membership sites, testing environments, or for any site where administrators need to switch between multiple accounts.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Switch user: Instantly switch to any user account from the \u003Cem>Users\u003C\u002Fem> screen.\u003C\u002Fli>\n\u003Cli>Switch back: Instantly switch back to your originating account.\u003C\u002Fli>\n\u003Cli>Switch off: Log out of your account but retain the ability to instantly switch back in again.\u003C\u002Fli>\n\u003Cli>Compatible with Multisite, WooCommerce, BuddyPress, and bbPress.\u003C\u002Fli>\n\u003Cli>Compatible with most membership and user management plugins.\u003C\u002Fli>\n\u003Cli>Compatible with most two-factor authentication solutions (see the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fuser-switching\u002Ffaq\u002F\" rel=\"ugc\">FAQ\u003C\u002Fa> for more info).\u003C\u002Fli>\n\u003Cli>Approved for use on enterprise-grade WordPress platforms such as \u003Ca href=\"https:\u002F\u002Fwww.altis-dxp.com\u002F\" rel=\"nofollow ugc\">Altis\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwpvip.com\u002F\" rel=\"nofollow ugc\">WordPress VIP\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Note: User Switching supports versions of WordPress up to three years old, and PHP version 7.4 or higher.\u003C\u002Fp>\n\u003Ch3>Security\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Only users with the ability to edit other users can switch user accounts. By default this is only Administrators on single site installations, and Super Admins on Multisite installations.\u003C\u002Fli>\n\u003Cli>Passwords are not (and cannot be) revealed.\u003C\u002Fli>\n\u003Cli>Uses the cookie authentication system in WordPress when remembering the account(s) you’ve switched from and when switching back.\u003C\u002Fli>\n\u003Cli>Implements the nonce security system in WordPress, meaning only those who intend to switch users can switch.\u003C\u002Fli>\n\u003Cli>Full support for user session validation where appropriate.\u003C\u002Fli>\n\u003Cli>Full support for HTTPS.\u003C\u002Fli>\n\u003Cli>Backed by \u003Ca href=\"https:\u002F\u002Fpatchstack.com\u002Fdatabase\u002Fvdp\u002Fuser-switching\" rel=\"nofollow ugc\">the Patchstack Vulnerability Disclosure Program\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Visit the \u003Cem>Users\u003C\u002Fem> menu in WordPress and you’ll see a \u003Cem>Switch To\u003C\u002Fem> link in the list of action links for each user.\u003C\u002Fli>\n\u003Cli>Click this and you will immediately switch into that user account.\u003C\u002Fli>\n\u003Cli>You can switch back to your originating account via the \u003Cem>Switch back\u003C\u002Fem> link on each dashboard screen or in your profile menu in the WordPress toolbar.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>See the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fuser-switching\u002Ffaq\u002F\" rel=\"ugc\">FAQ\u003C\u002Fa> for information about the \u003Cem>Switch Off\u003C\u002Fem> feature.\u003C\u002Fp>\n\u003Ch3>Other Plugins\u003C\u002Fh3>\n\u003Cp>I maintain several other plugins for developers. Check them out:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fquery-monitor\u002F\" rel=\"ugc\">Query Monitor\u003C\u002Fa> is the developer tools panel for WordPress\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-crontrol\u002F\" rel=\"ugc\">WP Crontrol\u003C\u002Fa> lets you view and control what’s happening in the WP-Cron system\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy Statement\u003C\u002Fh3>\n\u003Cp>User Switching does not send data to any third party, nor does it include any third party resources, nor will it ever do so.\u003C\u002Fp>\n\u003Cp>User Switching makes use of browser cookies in order to allow users to switch to another account. Its cookies operate using the same mechanism as the authentication cookies in WordPress core, which means their values contain the user’s \u003Ccode>user_login\u003C\u002Fcode> field in plain text which should be treated as potentially personally identifiable information (PII) for privacy and regulatory reasons (GDPR, CCPA, etc). The names of the cookies are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wordpress_user_sw_{COOKIEHASH}\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>wordpress_user_sw_secure_{COOKIEHASH}\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>wordpress_user_sw_olduser_{COOKIEHASH}\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>See also the FAQ for some questions relating to privacy and safety when switching between users.\u003C\u002Fp>\n\u003Ch3>Accessibility Statement\u003C\u002Fh3>\n\u003Cp>User Switching aims to be fully accessible to all of its users. It implements best practices for web accessibility, outputs semantic and structured markup, adheres to the default styles and accessibility guidelines of WordPress, uses the accessibility APIs provided by WordPress and web browsers where appropriate, and is fully accessible via keyboard.\u003C\u002Fp>\n\u003Cp>User Switching should adhere to Web Content Accessibility Guidelines (WCAG) 2.0 at level AA when used with a recent version of WordPress where its admin area itself adheres to these guidelines. If you’ve experienced or identified an accessibility issue in User Switching, please open a thread in \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fuser-switching\u002F\" rel=\"ugc\">the User Switching plugin support forum\u003C\u002Fa> and I’ll address it swiftly.\u003C\u002Fp>\n","Instant switching between user accounts in WordPress and WooCommerce.",200000,5499975,98,239,"2026-02-27T00:17:00.000Z","6.9.4","6.1","7.4",[96,97,80,22,23],"fast-user-switching","multisite","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fuser-switching\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-switching.1.11.2.zip",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":110,"num_ratings":111,"last_updated":112,"tested_up_to":92,"requires_at_least":113,"requires_php":51,"tags":114,"homepage":118,"download_link":119,"security_score":120,"vuln_count":121,"unpatched_count":13,"last_vuln_date":122,"fetched_at":28},"one-user-avatar","One User Avatar | User Profile Picture","2.5.4","One Designs","https:\u002F\u002Fprofiles.wordpress.org\u002Fonedesigns\u002F","\u003Cp>WordPress currently only allows you to use custom avatars that are uploaded through \u003Ca href=\"http:\u002F\u002Fgravatar.com\u002F\" rel=\"nofollow ugc\">Gravatar\u003C\u002Fa>. \u003Cstrong>One User Avatar\u003C\u002Fstrong> enables you to use any photo uploaded into your Media Library as an avatar. This means you use the same uploader and library as your posts. No extra folders or image editing functions are necessary. This plugin is a fork of WP User Avatar v2.2.16.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>One User Avatar\u003C\u002Fstrong> also lets you:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Upload your own Default Avatar in your One User Avatar settings.\u003C\u002Fli>\n\u003Cli>Show the user’s \u003Ca href=\"http:\u002F\u002Fgravatar.com\u002F\" rel=\"nofollow ugc\">Gravatar\u003C\u002Fa> avatar or Default Avatar if the user doesn’t have a One User Avatar image.\u003C\u002Fli>\n\u003Cli>Disable \u003Ca href=\"http:\u002F\u002Fgravatar.com\u002F\" rel=\"nofollow ugc\">Gravatar\u003C\u002Fa> avatars and use only local avatars.\u003C\u002Fli>\n\u003Cli>Use the \u003Ccode>[avatar_upload]\u003C\u002Fcode> shortcode to add a standalone uploader to a front page or widget. This uploader is only visible to logged-in users.\u003C\u002Fli>\n\u003Cli>Use the \u003Ccode>[avatar]\u003C\u002Fcode> shortcode in your posts. These shortcodes will work with any theme, whether it has avatar support or not.\u003C\u002Fli>\n\u003Cli>Allow Contributors and Subscribers to upload their own avatars.\u003C\u002Fli>\n\u003Cli>Limit upload file size and image dimensions for Contributors and Subscribers.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Copyright\u003C\u002Fh3>\n\u003Cp>One User Avatar\u003Cbr \u002F>\nCopyright (c) 2023 One Designs https:\u002F\u002Fonedesigns.com\u002F\u003Cbr \u002F>\nLicense: GPLv2\u003Cbr \u002F>\nSource: https:\u002F\u002Fgithub.com\u002Fonedesigns\u002Fone-user-avatar\u003C\u002Fp>\n\u003Cp>One User Avatar is based on WP User Avatar v2.2.16\u003Cbr \u002F>\nCopyright (c) 2020-2021 ProfilePress https:\u002F\u002Fprofilepress.net\u002F\u003Cbr \u002F>\nCopyright (c) 2014-2020 Flippercode https:\u002F\u002Fwww.flippercode.com\u002F\u003Cbr \u002F>\nCopyright (c) 2013-2014 Bangbay Siboliban http:\u002F\u002Fbangbay.com\u002F\u003Cbr \u002F>\nLicense: GPLv2\u003Cbr \u002F>\nSource: https:\u002F\u002Fgithub.com\u002Fprofilepress\u002Fwp-user-avatar\u003C\u002Fp>\n\u003Cp>One User Avatar is distributed under the terms of the GNU GPL\u003C\u002Fp>\n\u003Cp>This program is free software: you can redistribute it and\u002For modify\u003Cbr \u002F>\nit under the terms of the GNU General Public License as published by\u003Cbr \u002F>\nthe Free Software Foundation, either version 2 of the License, or\u003Cbr \u002F>\n(at your option) any later version.\u003C\u002Fp>\n\u003Cp>This program is distributed in the hope that it will be useful,\u003Cbr \u002F>\nbut WITHOUT ANY WARRANTY; without even the implied warranty of\u003Cbr \u002F>\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\u003Cbr \u002F>\nGNU General Public License for more details.\u003C\u002Fp>\n\u003Ch3>Advanced Settings\u003C\u002Fh3>\n\u003Ch4>Add One User Avatar to your own profile edit page\u003C\u002Fh4>\n\u003Cp>You can use the [avatar_upload] shortcode to add a standalone uploader to any page. It’s best to use this uploader by itself and without other profile fields.\u003C\u002Fp>\n\u003Cp>If you’re building your own profile edit page with other fields, One User Avatar is automatically added to the \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FPlugin_API\u002FAction_Reference\u002Fshow_user_profile\" rel=\"nofollow ugc\">show_user_profile\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FPlugin_API\u002FAction_Reference\u002Fshow_user_profile\" rel=\"nofollow ugc\">edit_user_profile\u003C\u002Fa> hooks. If you’d rather have One User Avatar in its own section, you could add another hook:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>do_action( 'edit_user_avatar', $current_user );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Then, to add One User Avatar to that hook and remove it from the other hooks outside of the administration panel, you would add this code to the \u003Ccode>functions.php\u003C\u002Fcode> file of your theme:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>function my_avatar_filter() {\n    \u002F\u002F Remove from show_user_profile hook\n    remove_action( 'show_user_profile', array( 'wp_user_avatar', 'wpua_action_show_user_profile' ) );\n    remove_action( 'show_user_profile', array( 'wp_user_avatar', 'wpua_media_upload_scripts' ) );\n\n    \u002F\u002F Remove from edit_user_profile hook\n    remove_action( 'edit_user_profile', array( 'wp_user_avatar', 'wpua_action_show_user_profile' ) );\n    remove_action( 'edit_user_profile', array( 'wp_user_avatar', 'wpua_media_upload_scripts' ) );\n\n    \u002F\u002F Add to edit_user_avatar hook\n    add_action( 'edit_user_avatar', array( 'wp_user_avatar', 'wpua_action_show_user_profile' ) );\n    add_action( 'edit_user_avatar', array( 'wp_user_avatar', 'wpua_media_upload_scripts' ) );\n}\n\n\u002F\u002F Loads only outside of administration panel\nif ( ! is_admin() ) {\n    add_action( 'init','my_avatar_filter' );\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>HTML Wrapper\u003C\u002Fh4>\n\u003Cp>You can change the HTML wrapper of the One User Avatar section by using the functions \u003Ccode>wpua_before_avatar\u003C\u002Fcode> and \u003Ccode>wpua_after_avatar\u003C\u002Fcode>. By default, the avatar code is structured like this:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003Cdiv class=\"wpua-edit-container\">\n    \u003Ch3>Avatar\u003C\u002Fh3>\n    \u003Cinput type=\"hidden\" name=\"wp-user-avatar\" id=\"wp-user-avatar\" value=\"{attachmentID}\" \u002F>\n    \u003Cp id=\"wpua-add-button\">\n        \u003Cbutton type=\"button\" class=\"button\" id=\"wpua-add\" name=\"wpua-add\">Edit Image\u003C\u002Fbutton>\n    \u003C\u002Fp>\n    \u003Cp id=\"wpua-preview\">\n        \u003Cimg src=\"{imageURL}\" alt=\"\" \u002F>\n        Original Size\n    \u003C\u002Fp>\n    \u003Cp id=\"wpua-thumbnail\">\n        \u003Cimg src=\"{imageURL}\" alt=\"\" \u002F>\n        Thumbnail\n    \u003C\u002Fp>\n    \u003Cp id=\"wpua-remove-button\">\n        \u003Cbutton type=\"button\" class=\"button\" id=\"wpua-remove\" name=\"wpua-remove\">Default Avatar\u003C\u002Fbutton>\n    \u003C\u002Fp>\n    \u003Cp id=\"wpua-undo-button\">\n        \u003Cbutton type=\"button\" class=\"button\" id=\"wpua-undo\" name=\"wpua-undo\">Undo\u003C\u002Fbutton>\n    \u003C\u002Fp>\n\u003C\u002Fdiv>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>To strip out the div container and h3 heading, you would add the following filters to the \u003Ccode>functions.php\u003C\u002Fcode> file in your theme:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>remove_action( 'wpua_before_avatar', 'wpua_do_before_avatar' );\nremove_action( 'wpua_after_avatar', 'wpua_do_after_avatar' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>To add your own wrapper, you could create something like this:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>function my_before_avatar() {\n    echo '\u003Cdiv id=\"my-avatar\">';\n}\nadd_action( 'wpua_before_avatar', 'my_before_avatar' );\n\nfunction my_after_avatar() {\n    echo '\u003C\u002Fdiv>';\n}\nadd_action( 'wpua_after_avatar', 'my_after_avatar' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>This would output:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003Cdiv id=\"my-avatar\">\n    \u003Cinput type=\"hidden\" name=\"wp-user-avatar\" id=\"wp-user-avatar\" value=\"{attachmentID}\" \u002F>\n    \u003Cp id=\"wpua-add-button\">\n        \u003Cbutton type=\"button\" class=\"button\" id=\"wpua-add\" name=\"wpua-add\">Edit Image\u003C\u002Fbutton>\n    \u003C\u002Fp>\n    \u003Cp id=\"wpua-preview\">\n        \u003Cimg src=\"{imageURL}\" alt=\"\" \u002F>\n        \u003Cspan class=\"description\">Original Size\u003C\u002Fspan>\n    \u003C\u002Fp>\n    \u003Cp id=\"wpua-thumbnail\">\n        \u003Cimg src=\"{imageURL}\" alt=\"\" \u002F>\n        \u003Cspan class=\"description\">Thumbnail\u003C\u002Fspan>\n    \u003C\u002Fp>\n    \u003Cp id=\"wpua-remove-button\">\n        \u003Cbutton type=\"button\" class=\"button\" id=\"wpua-remove\" name=\"wpua-remove\">Default Avatar\u003C\u002Fbutton>\n    \u003C\u002Fp>\n    \u003Cp id=\"wpua-undo-button\">\n        \u003Cbutton type=\"button\" class=\"button\" id=\"wpua-undo\" name=\"wpua-undo\">Undo\u003C\u002Fbutton>\n    \u003C\u002Fp>\n\u003C\u002Fdiv>\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Use any image from your WordPress Media Library as a custom user avatar or user profile picture. Add your own Default Avatar.",100000,490816,94,41,"2026-01-12T00:58:00.000Z","4.0",[115,116,117,21,22],"avatar","bbpress","gravatar","https:\u002F\u002Fonedesigns.com\u002Fplugins\u002Fone-user-avatar\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fone-user-avatar.2.5.4.zip",99,2,"2021-09-20 00:00:00",{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":108,"downloaded":131,"rating":77,"num_ratings":132,"last_updated":133,"tested_up_to":92,"requires_at_least":134,"requires_php":94,"tags":135,"homepage":137,"download_link":138,"security_score":139,"vuln_count":140,"unpatched_count":13,"last_vuln_date":141,"fetched_at":28},"simple-local-avatars","Simple Local Avatars","2.8.6","10up","https:\u002F\u002Fprofiles.wordpress.org\u002F10up\u002F","\u003Cp>Adds an avatar upload field to user profiles if the current user has media permissions. Generates requested sizes on demand just like Gravatar! Simple and lightweight.\u003C\u002Fp>\n\u003Cp>Just edit a user profile, and scroll down to the new “Avatar” field. The plug-in will take care of cropping and sizing!\u003C\u002Fp>\n\u003Col>\n\u003Cli>Stores avatars in the “uploads” folder where all of your other media is kept.\u003C\u002Fli>\n\u003Cli>Has a simple, native interface.\u003C\u002Fli>\n\u003Cli>Fully supports Gravatar and default avatars if no local avatar is set for the user – but also allows you turn off Gravatar.\u003C\u002Fli>\n\u003Cli>Generates the requested avatar size on demand (and stores the new size for efficiency), so it looks great, just like Gravatar!\u003C\u002Fli>\n\u003Cli>Lets you decide whether lower privilege users (subscribers, contributors) can upload their own avatar.\u003C\u002Fli>\n\u003Cli>Enables rating of local avatars, just like Gravatar.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Support Level\u003C\u002Fh3>\n\u003Cp>Simple Local Avatars’ support level is marked as \u003Ccode>stable\u003C\u002Fcode>.  10up is not planning to develop any new features for this, but will still respond to bug reports and security concerns.  We welcome PRs, but any that include new features should be small and easy to integrate and should not include breaking changes.  We otherwise intend to keep this tested up to the most recent version of WordPress.\u003C\u002Fp>\n","Adds an avatar upload field to user profiles. Generates requested sizes on demand just like Gravatar!",2395990,89,"2026-02-17T19:34:00.000Z","6.6",[115,117,21,136,22],"user-photos","https:\u002F\u002F10up.com\u002Fplugins\u002Fsimple-local-avatars-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-local-avatars.2.8.6.zip",93,6,"2025-08-11 18:20:29",{"attackSurface":143,"codeSignals":224,"taintFlows":248,"riskAssessment":249,"analyzedAt":254},{"hooks":144,"ajaxHandlers":206,"restRoutes":207,"shortcodes":222,"cronEvents":223,"entryPointCount":121,"unprotectedCount":31},[145,151,155,159,163,167,171,175,180,183,186,189,192,196,200,203],{"type":146,"name":147,"callback":148,"file":149,"line":150},"action","init","plugin_text_domain","src\\Plugin.php",13,{"type":146,"name":152,"callback":153,"file":149,"line":154},"rest_api_init","register_plugin_api",14,{"type":146,"name":156,"callback":157,"file":149,"line":158},"admin_menu","add_rownd_menu",15,{"type":146,"name":160,"callback":161,"file":149,"line":162},"admin_enqueue_scripts","register_admin_assets",16,{"type":146,"name":164,"callback":165,"file":149,"line":166},"wp_enqueue_scripts","register_frontend_assets",17,{"type":146,"name":168,"callback":169,"file":149,"line":170},"admin_post_rownd_save_settings","save_settings",18,{"type":146,"name":172,"callback":173,"priority":11,"file":149,"line":174},"profile_update","update_user_profile",19,{"type":176,"name":177,"callback":178,"priority":11,"file":149,"line":179},"filter","plugin_action_links_rownd-accounts-and-authentication\u002Findex.php","plugin_action_links",21,{"type":176,"name":181,"callback":181,"priority":11,"file":149,"line":182},"plugin_row_meta",22,{"type":176,"name":184,"callback":184,"file":149,"line":185},"determine_current_user",23,{"type":176,"name":187,"callback":188,"priority":11,"file":149,"line":47},"rest_user_query","search_users_by_rownd_id",{"type":146,"name":190,"callback":191,"priority":11,"file":149,"line":26},"woocommerce_before_checkout_form","trigger_rownd_signin_before_checkout",{"type":146,"name":193,"callback":194,"priority":11,"file":149,"line":195},"woocommerce_after_order_details","trigger_rownd_signin_after_checkout",87,{"type":146,"name":197,"callback":198,"file":149,"line":199},"user_register","link_wc_orders_at_registration",91,{"type":176,"name":201,"callback":202,"priority":31,"file":149,"line":110},"wc_get_template","replace_woocommerce_login_page",{"type":176,"name":204,"callback":188,"priority":11,"file":149,"line":205},"woocommerce_rest_customer_query",97,[],[208,216],{"namespace":209,"route":210,"methods":211,"callback":213,"permissionCallback":214,"file":149,"line":215},"rownd\u002Fv1","\u002Fauth",[212],"POST","handle_authenticate","__return_true",33,{"namespace":209,"route":217,"methods":218,"callback":219,"permissionCallback":220,"file":149,"line":221},"\u002Fauth\u002Fsignout",[212],"handle_signout","closure",39,[],[],{"dangerousFunctions":225,"sqlUsage":226,"outputEscaping":228,"fileOperations":13,"externalRequests":13,"nonceChecks":121,"capabilityChecks":31,"bundledLibraries":244},[],{"prepared":13,"raw":13,"locations":227},[],{"escaped":229,"rawEcho":230,"locations":231},29,5,[232,235,237,239,241],{"file":233,"line":11,"context":234},"src\\pages\\admin\\main.php","raw output",{"file":149,"line":236,"context":234},262,{"file":149,"line":238,"context":234},272,{"file":149,"line":240,"context":234},276,{"file":242,"line":243,"context":234},"src\\templates\\woocommerce\\login.php",34,[245],{"name":246,"version":27,"knownCves":247},"Guzzle",[],[],{"summary":250,"deductions":251},"The \"rownd-accounts-and-authentication\" plugin v1.3.3 exhibits a generally good security posture, with strengths in its minimal attack surface and robust handling of SQL queries and output escaping. The absence of dangerous functions, file operations, and external HTTP requests are positive indicators. Furthermore, the lack of any recorded vulnerabilities or CVEs is a strong sign of mature and secure development practices. However, a significant concern arises from its REST API routes, where one out of two routes lacks proper permission callbacks, exposing a potential entry point without authentication. While taint analysis shows no critical flows, this unprotected REST API route represents a tangible risk that could be exploited if sensitive data or functionality is exposed through it. The plugin's strengths in code hygiene are commendable, but this single unprotected endpoint significantly lowers its overall security score.",[252],{"reason":253,"points":11},"REST API route without permission callback","2026-03-17T00:51:57.757Z",{"wat":256,"direct":267},{"assetPaths":257,"generatorPatterns":261,"scriptPaths":262,"versionParams":263},[258,259,260],"\u002Fwp-content\u002Fplugins\u002Frownd-accounts-and-authentication\u002Fjs\u002Frownd-plugin-admin.js","\u002Fwp-content\u002Fplugins\u002Frownd-accounts-and-authentication\u002Fcss\u002Frownd-plugin-admin.css","\u002Fwp-content\u002Fplugins\u002Frownd-accounts-and-authentication\u002Fjs\u002Frownd-plugin-frontend.js",[],[258,260],[264,265,266],"rownd-accounts-and-authentication\u002Fjs\u002Frownd-plugin-admin.js?ver=","rownd-accounts-and-authentication\u002Fcss\u002Frownd-plugin-admin.css?ver=","rownd-accounts-and-authentication\u002Fjs\u002Frownd-plugin-frontend.js?ver=",{"cssClasses":268,"htmlComments":271,"htmlAttributes":275,"restEndpoints":279,"jsGlobals":282,"shortcodeOutput":285},[269,270],"rownd-admin-settings-wrap","rownd-checkout-wrapper",[272,273,274],"\u003C!-- Rownd: Sign in prompt -->","\u003C!-- Rownd: Checkout integration -->","\u003C!-- Rownd admin settings -->",[276,277,278],"data-rownd-modal-target","data-rownd-auth-target","data-rownd-widget",[280,281],"\u002Fwp-json\u002Frownd\u002Fv1\u002Fauth","\u002Fwp-json\u002Frownd\u002Fv1\u002Fauth\u002Fsignout",[283,284],"window.Rownd","var rownd_vars",[]]