WP-Safety

Snapplify Single Sign On Security & Risk Analysis

wordpress.org/plugins/snapplify-single-sign-on

WordPress User Single Sign On authentication with a Snapplify User Account.

0 active installs v1.5.2 PHP 7.4+ WP 6.1+ Updated Aug 18, 2025
loginoauth-2-0openidsingle-sign-onwordpress-sso
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Snapplify Single Sign On Safe to Use in 2026?

Generally Safe

Score 100/100

Snapplify Single Sign On has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7mo ago
Risk Assessment

The "snapplify-single-sign-on" v1.5.2 plugin exhibits a generally good security posture based on the provided static analysis. The absence of any critical or high-severity taint flows, along with the consistent use of prepared statements for all SQL queries, are strong indicators of secure coding practices in these areas. Furthermore, the plugin demonstrates a commitment to security by implementing nonce checks and capability checks, and its attack surface is minimal and appears to be protected.

However, there are some areas for improvement. The output escaping is only properly handled for 69% of outputs, meaning nearly a third of the outputs could potentially be vulnerable to cross-site scripting (XSS) if user-supplied data is not properly sanitized before being displayed. The single external HTTP request also presents a potential avenue for attacks if the target endpoint is compromised or if the request is not validated securely. The lack of any recorded vulnerabilities in its history is a positive sign, suggesting ongoing maintenance and a focus on security by the developers. Despite the minor concerns regarding output escaping and external requests, the plugin's overall security foundation appears robust.

In conclusion, the "snapplify-single-sign-on" plugin v1.5.2 has a solid security foundation with strong defenses against common vulnerabilities like SQL injection and an intentionally limited attack surface. The developers have demonstrated good practice by implementing proper database query handling and nonce/capability checks. The main area of concern lies in the incomplete output escaping, which warrants attention to prevent potential XSS vulnerabilities. The absence of any historical vulnerabilities is a significant strength. Overall, the plugin is assessed as relatively secure, with minor improvements needed in output handling to reach an excellent security posture.

Key Concerns

  • Output escaping is not fully implemented
  • Plugin makes external HTTP requests
Vulnerabilities
None known

Snapplify Single Sign On Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Snapplify Single Sign On Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
30
66 escaped
Nonce Checks
4
Capability Checks
1
File Operations
0
External Requests
1
Bundled Libraries
0

Output Escaping

69% escaped96 total outputs
Attack Surface

Snapplify Single Sign On Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[snapplify_sso_component] Core\SnapplifySingleSignOn.php:101
WordPress Hooks 33
actionadmin_menuCore\Admin\SnapplifySingleSignOnAdminSettingUi.php:20
actionadmin_initCore\Admin\SnapplifySingleSignOnAdminUi.php:18
actionshow_user_profileCore\Admin\SnapplifySingleSignOnAdminUserPropertyUi.php:20
actionedit_user_profileCore\Admin\SnapplifySingleSignOnAdminUserPropertyUi.php:21
actionadmin_initCore\Admin\SnapplifySingleSignOnAdminUserPropertyUi.php:22
actionadmin_initCore\Admin\SnapplifySingleSignOnAdminUserPropertyUi.php:23
actionrestrict_manage_usersCore\Admin\SnapplifySingleSignOnAdminUserPropertyUi.php:28
filterpre_get_usersCore\Admin\SnapplifySingleSignOnAdminUserPropertyUi.php:48
filtermanage_users_columnsCore\Admin\SnapplifySingleSignOnAdminUserPropertyUi.php:119
filtermanage_users_custom_columnCore\Admin\SnapplifySingleSignOnAdminUserPropertyUi.php:126
filtertemplate_includeCore\Api\SnapplifySingleSignOnAuthenticationController.php:18
actionlogin_enqueue_scriptsCore\Assets\SnapplifySingleSignOnAssetController.php:30
actionlogin_enqueue_scriptsCore\Assets\SnapplifySingleSignOnAssetController.php:31
actionlogin_enqueue_scriptsCore\Assets\SnapplifySingleSignOnAssetController.php:32
actionwp_enqueue_scriptsCore\Assets\SnapplifySingleSignOnAssetController.php:33
actionwp_enqueue_scriptsCore\Assets\SnapplifySingleSignOnAssetController.php:34
actionlogin_enqueue_scriptsCore\Assets\SnapplifySingleSignOnAssetController.php:35
actionwp_enqueue_scriptsCore\Assets\SnapplifySingleSignOnAssetController.php:36
actionadmin_enqueue_scriptsCore\Assets\SnapplifySingleSignOnAssetController.php:44
actionadmin_enqueue_scriptsCore\Assets\SnapplifySingleSignOnAssetController.php:45
actioninitCore\Settings\SnapplifySingleSignOnSettingController.php:18
actionplugins_loadedCore\SnapplifySingleSignOn.php:90
actionplugins_loadedCore\SnapplifySingleSignOn.php:91
filtertemplate_includeCore\SnapplifySingleSignOn.php:92
actionadmin_initCore\SnapplifySingleSignOn.php:93
actionadmin_noticesCore\SnapplifySingleSignOn.php:94
filterwp_login_errorsCore\SnapplifySingleSignOn.php:95
filterwoocommerce_initCore\SnapplifySingleSignOn.php:96
actioninitCore\Users\SnapplifySingleSignOnUserPropertyController.php:18
filtersnplfy_sso_get_persisted_user_property_valueCore\Users\SnapplifySingleSignOnUserPropertyController.php:19
filterget_user_option_avatar_urlCore\Users\SnapplifySingleSignOnUserPropertyController.php:58
filterget_avatarCore\Users\SnapplifySingleSignOnUserPropertyController.php:65
filteruser_profile_picture_descriptionCore\Users\SnapplifySingleSignOnUserPropertyController.php:108
Maintenance & Trust

Snapplify Single Sign On Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedAug 18, 2025
PHP min version7.4
Downloads181

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Snapplify Single Sign On Alternatives

OAuth Single Sign On – SSO (OAuth Client)

OAuth Single Sign On – SSO (OAuth Client)

miniorange-login-with-eve-online-google-facebook

B
82

WordPress SSO (Single Sign On) with Azure, Azure B2C, Cognito, Okta, Classlink, Discord, Clever, Keycloak, OAuth & OpenID Providers [24/7 SUPPORT].

7K 10 CVEs
Tim's Nextcloud SSO OAuth2

Tim's Nextcloud SSO OAuth2

tims-nextcloud-sso-oauth2

A
100

Enables you to login to your WordPress site with your Nextcloud account with OAuth2

300 No CVEs
Lana Single Sign On

Lana Single Sign On

lana-sso

A
100

Creates the ability to login using Single Sign On via OAuth 2.0

20 No CVEs
OpenID Connect Generic Client

OpenID Connect Generic Client

daggerhart-openid-connect-generic

A
98

A simple client that provides SSO or opt-in authentication against a generic OAuth2 Server implementation.

10K 2 CVEs
SAML Single Sign On – SSO Login

SAML Single Sign On – SSO Login

miniorange-saml-20-single-sign-on

A
98

SAML SSO (Single Sign On) for WordPress Login with Okta, Entra ID, Azure AD/B2C, G-Suite, Shibboleth, OneLogin, Keycloak, Salesforce [24/7 Support]

10K 6 CVEs
Developer Profile

Snapplify Single Sign On Developer Profile

Snapplify

3 plugins · 10 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Snapplify Single Sign On

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/snapplify-single-sign-on/assets/css/snapplify-sso-admin-login.css/wp-content/plugins/snapplify-single-sign-on/assets/css/snapplify-sso.css/wp-content/plugins/snapplify-single-sign-on/assets/js/snapplify-sso.js/wp-content/plugins/snapplify-single-sign-on/assets/css/snapplify-sso-admin.css/wp-content/plugins/snapplify-single-sign-on/assets/js/snapplify-sso-admin.js
Script Paths
/wp-content/plugins/snapplify-single-sign-on/assets/js/snapplify-sso.js/wp-content/plugins/snapplify-single-sign-on/assets/js/snapplify-sso-admin.js
Version Parameters
snapplify-sso-admin-loginsnapplify-ssosnapplify-sso-admin

HTML / DOM Fingerprints

JS Globals
snapplifySsoJsData
Shortcode Output
[snapplify_sso_component]
FAQ

Frequently Asked Questions about Snapplify Single Sign On