Does Share Login have any unpatched vulnerabilities?

No. All known vulnerabilities in Share Login have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Share Login compatible with WordPress 6.7.5?

According to WordPress.org data, Share Login 1.1.0 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Share Login compatible with PHP 7.4+?

Share Login requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Share Login updated?

Share Login was last updated on Feb 10, 2025. Frequent updates are generally a positive security signal.

What is Share Login's security score?

Share Login has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Share Login Security & Risk Analysis

wordpress.org/plugins/share-login

Automatically synchronize user logins between WordPress websites, enabling seamless single sign-on functionality.

0 active installs v1.1.0 PHP 7.4+ WP 5.0+ Updated Feb 10, 2025

cross-domain-loginmulti-site-loginshared-loginsingle-sign-onsso

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Share Login Safe to Use in 2026?

Generally Safe

Score 92/100

Share Login has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The 'share-login' plugin version 1.1.0 presents a significant security risk due to its large number of unprotected entry points. All 8 AJAX handlers and 1 REST API route lack authentication or permission checks, meaning any unauthenticated user can interact with these potentially sensitive functions. While the plugin demonstrates good practices by using prepared statements for all SQL queries and has a clean vulnerability history with no known CVEs, this is overshadowed by the substantial attack surface exposed. The absence of capability checks is a major concern, as it allows for unauthorized access to plugin functionalities. The taint analysis shows no critical or high severity unsanitized paths, which is positive, but this does not mitigate the risk of unauthenticated access to functionalities that might be implicitly trusted by the developers. Overall, the plugin has strengths in its SQL handling and lack of historical vulnerabilities, but the complete lack of authorization on its entry points makes it a high-risk component.

Key Concerns

AJAX handlers without auth checks
REST API routes without permission callbacks
No capability checks implemented
All entry points unprotected

Vulnerabilities

None known

Share Login Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Share Login Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

29 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

74% escaped39 total outputs

Data Flows

All sanitized

Data Flow Analysis

6 flows

save_step_1 (includes\class-share-login-ajax.php:9)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

9 unprotected

Share Login Attack Surface

Entry Points9

Unprotected9

AJAX Handlers 8

authwp_ajax_save_step_1includes\class-share-login.php:163

authwp_ajax_template_step_1includes\class-share-login.php:164

authwp_ajax_save_step_2includes\class-share-login.php:166

authwp_ajax_template_step_2includes\class-share-login.php:167

authwp_ajax_save_step_3includes\class-share-login.php:169

authwp_ajax_template_step_3includes\class-share-login.php:170

authwp_ajax_save_sync_login_settingsincludes\class-share-login.php:172

authwp_ajax_save_main_site_settingsincludes\class-share-login.php:173

REST API Routes 1

POST/wp-json/ol/v1/validatepublic\class-share-login-public.php:86

WordPress Hooks 10

actionadmin_enqueue_scriptsincludes\class-share-login.php:155

actionadmin_enqueue_scriptsincludes\class-share-login.php:156

actionlogin_enqueue_scriptsincludes\class-share-login.php:157

actionadmin_menuincludes\class-share-login.php:158

actionwp_enqueue_scriptsincludes\class-share-login.php:188

actionwp_enqueue_scriptsincludes\class-share-login.php:189

actionwp_loginincludes\class-share-login.php:193

actionwp_logoutincludes\class-share-login.php:194

actionrest_api_initincludes\class-share-login.php:195

actioninitincludes\class-share-login.php:198

Maintenance & Trust

Share Login Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedFeb 10, 2025

PHP min version7.4

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Share Login Alternatives

SAML Single Sign On – SSO Login

miniorange-saml-20-single-sign-on

SAML SSO (Single Sign On) for WordPress Login with Okta, Entra ID, Azure AD/B2C, G-Suite, Shibboleth, OneLogin, Keycloak, Salesforce [24/7 Support]

10K 6 CVEs

OAuth Single Sign On – SSO (OAuth Client)

miniorange-login-with-eve-online-google-facebook

WordPress SSO (Single Sign On) with Azure, Azure B2C, Cognito, Okta, Classlink, Discord, Clever, Keycloak, OAuth & OpenID Providers [24/7 SUPPORT].

7K 10 CVEs

OneLogin SAML SSO

onelogin-saml-sso

This plugin provides single sign-on via SAML and gives users one-click access to their WordPress accounts from identity providers like OneLogin.

7K 5 CVEs

SAML IDP (Identity Provider) – Login with Website Users

miniorange-wp-as-saml-idp

Single sign on (SSO) login with WordPress Users into any Service Provider like Tableau, Thinkific, Zoom, Moodle LMS, Canvas LMS, Absorb LMS, TalentLMS

600 2 CVEs

Tim's Nextcloud SSO OAuth2

tims-nextcloud-sso-oauth2

100

Enables you to login to your WordPress site with your Nextcloud account with OAuth2

300 No CVEs

Developer Profile

Share Login Developer Profile

Ashish Kakadiya

1 plugin · 0 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Share Login

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/share-login/admin/css/share-login-admin.css/wp-content/plugins/share-login/admin/semantic/semantic.min.css/wp-content/plugins/share-login/admin/js/share-login.js/wp-content/plugins/share-login/public/js/cross-storage/client.min.js/wp-content/plugins/share-login/public/js/share-login-client1.js/wp-content/plugins/share-login/public/js/share-login-client2.js/wp-content/plugins/share-login/admin/semantic/semantic.min.js/wp-content/plugins/share-login/admin/js/share-login-setup.js+1 more

Version Parameters

share-login/admin/css/share-login-admin.css?ver=share-login/admin/semantic/semantic.min.css?ver=share-login/admin/js/share-login.js?ver=share-login/public/js/cross-storage/client.min.js?ver=share-login/public/js/share-login-client1.js?ver=share-login/public/js/share-login-client2.js?ver=share-login/admin/semantic/semantic.min.js?ver=share-login/admin/js/share-login-setup.js?ver=share-login/admin/js/share-login-page.js?ver=

HTML / DOM Fingerprints

JS Globals

shareLogin

FAQ