[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fGxE3dWGsToUuCAI_VEx8vebsx8aK2RpZahLVGjiJj_g":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":21,"download_link":22,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":34,"analysis":147,"fingerprints":195},"verify-id-tokens-firebase","Verify ID Tokens | Firebase","1.0.0","Mithun Biswas","https:\u002F\u002Fprofiles.wordpress.org\u002Fbhoot\u002F","\u003Cp>If your Firebase client app communicates with a custom backend server, you might need to identify the currently signed-in user on that server.\u003C\u002Fp>\n\u003Cp>This plugin work with Google Firebase tokens. You can use it to verify ID Tokens.\u003C\u002Fp>\n\u003Ch3>Namespace and Endpoints\u003C\u002Fh3>\n\u003Cp>When the plugin is activated, a new namespace is added\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u002Fverify-id-tokens\u002Fv1\u002F\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Also, a new endpoint is added to this namespace\u003C\u002Fp>\n\u003Cp>\u003Cem>\u002Fverify-id-tokens\u002Fv1\u002Ftoken\u002Fvalidate\u003C\u002Fem> | POST\u003C\u002Fp>\n\u003Ch3>PHP HTTP Authorization Header enable\u003C\u002Fh3>\n\u003Cp>Most of the shared hosting has disabled the \u003Cstrong>HTTP Authorization Header\u003C\u002Fstrong> by default.\u003C\u002Fp>\n\u003Cp>To enable this option you’ll need to edit your \u003Cstrong>.htaccess\u003C\u002Fstrong> file adding the follow\u003C\u002Fp>\n\u003Cpre>\u003Ccode>RewriteEngine on\nRewriteCond %{HTTP:Authorization} ^(.*)\nRewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>WPENGINE\u003C\u002Fh3>\n\u003Cp>To enable this option you’ll need to edit your \u003Cstrong>.htaccess\u003C\u002Fstrong> file adding the follow\u003C\u002Fp>\n\u003Cpre>\u003Ccode>SetEnvIf Authorization \"(.*)\" HTTP_AUTHORIZATION=$1\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Configurate the Firebase projectId\u003C\u002Fh3>\n\u003Cp>To add the \u003Cstrong>projectId\u003C\u002Fstrong> edit your wp-config.php file and add a new constant called \u003Cstrong>BENGAL_STUDIO_VERIFY_ID_TOKENS_FIREBASE_PROJECT_ID\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define('BENGAL_STUDIO_VERIFY_ID_TOKENS_FIREBASE_PROJECT_ID', 'projectId');\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Configurate CORs\u003C\u002Fh3>\n\u003Cp>The \u003Cstrong>Verify ID Tokens | Firebase\u003C\u002Fstrong> plugin has the option to activate \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FCross-origin_resource_sharing\" rel=\"nofollow ugc\">CORs\u003C\u002Fa> response headers.\u003C\u002Fp>\n\u003Cp>To enable the CORs edit your wp-config.php file and add a new constant called \u003Cstrong>BENGAL_STUDIO_VERIFY_ID_TOKENS_ENABLE_CORS\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define('BENGAL_STUDIO_VERIFY_ID_TOKENS_ENABLE_CORS', true);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Retrieve ID tokens on clients\u003C\u002Fh3>\n\u003Cp>To retrieve the ID token from the client, make sure the user is signed in and then get the ID token from the signed-in user:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>firebase.auth().currentUser.getIdToken(\u002F* forceRefresh *\u002F true).then(function(idToken) {\n  \u002F\u002F Send token to your backend via HTTPS\n  \u002F\u002F ...\n}).catch(function(error) {\n  \u002F\u002F Handle error\n});\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Verify ID Tokens\u003C\u002Fh3>\n\u003Ch4>verify-id-tokens\u002Fv1\u002Ftoken\u002Fvalidate\u003C\u002Fh4>\n\u003Cp>This is a simple helper endpoint to validate a token; you only will need to make a POST request sending the Authorization header.\u003C\u002Fp>\n","A plugin to work with Firebase tokens.",0,1013,"2019-03-25T03:21:00.000Z","5.1.22","4.7.0","",[18,19,20],"firebase","firebase-auth","json-web-tokens","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fverify-id-tokens\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fverify-id-tokens-firebase.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":23,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"bhoot",4,40,30,84,"2026-04-05T17:45:51.443Z",[35,58,79,101,124],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":16,"download_link":56,"security_score":57,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"fcm-push-notification-from-wp","FCM Push Notification from WP","1.9.1","Paulo Miranda","https:\u002F\u002Fprofiles.wordpress.org\u002Fdprogrammer\u002F","\u003Cp>Notifications for posts, pages and custom post types.\u003C\u002Fp>\n\u003Cp>Works with scheduled posts.\u003C\u002Fp>\n\u003Cp>Send notifications to users of your app from your website using Google’s service, Firebase Push Notification.\u003C\u002Fp>\n\u003Cp>The notification sent includes the block with the data message to be handled by the application, even when it is in the background.\u003C\u002Fp>\n\u003Cp>Configure the plugin to start sending notifications.\u003C\u002Fp>\n\u003Cp>Send custom field values ​​in the notification, in the data option.\u003C\u002Fp>\n\u003Cp>Send a notification when you post news or update your content. When editing, the option is deselected to send you to accidentally send a new notification. Check if you want to send a new notification when editing.\u003C\u002Fp>\n\u003Cp>Compatible with apps developed with the SDK Flutter.\u003C\u002Fp>\n\u003Cp>You need to register users on the same topic (fcm) that was informed in the plugin configuration. This plugin is not intended for sending notifications to websites.\u003C\u002Fp>\n\u003Cp>Support my work\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.buymeacoffee.com\u002Fdprogrammer\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.buymeacoffee.com\u002Fdprogrammer\u003C\u002Fa>\u003C\u002Fp>\n","Notify your users using Firebase Cloud Messaging (FCM) when content is published or updated.",600,14357,86,6,"2024-06-23T18:34:00.000Z","6.5.8","4.6","5.6.20",[52,53,18,54,55],"android","fcm","notification","push","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffcm-push-notification-from-wp.zip",92,{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":43,"downloaded":66,"rating":67,"num_ratings":68,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":72,"tags":73,"homepage":74,"download_link":75,"security_score":76,"vuln_count":77,"unpatched_count":11,"last_vuln_date":78,"fetched_at":25},"integrate-firebase","Integrate Firebase","0.10.0","Dale Nguyen","https:\u002F\u002Fprofiles.wordpress.org\u002Fhanthuy\u002F","\u003Cp>The Firebase for WordPress Plugin will help a Firebase user to login to your WordPress interface – not to WordPress dashboard – from Firebase authentication. You can show user info and display data that is only available to your Firebase users.\u003C\u002Fp>\n\u003Cp>If you want a secured implementation, with much more features, check the \u003Ca href=\"https:\u002F\u002Ffirebase.dalenguyen.me\u002F\" rel=\"nofollow ugc\">Interate Firebase PRO\u003C\u002Fa> version.\u003C\u002Fp>\n\u003Ch4>Links\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fdalenguyen\u002Ffirebase-wordpress-plugin\" rel=\"nofollow ugc\">Github project page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fdalenguyen\u002Ffirebase-wordpress-plugin\u002Fblob\u002Fmaster\u002FCHANGELOG.md\" rel=\"nofollow ugc\">View CHANGELOG\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Integrate Firebase is a plugin that helps to integrate Firebase features to WordPress",27641,100,20,"2024-12-04T22:22:00.000Z","6.7.5","4.0.0","5.2.4",[18],"https:\u002F\u002Fgithub.com\u002Fdalenguyen\u002Ffirebase-wordpress-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fintegrate-firebase.0.10.0.zip",91,1,"2024-12-11 00:00:00",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":89,"num_ratings":68,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":93,"tags":94,"homepage":99,"download_link":100,"security_score":67,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"firebase-authentication","Firebase Authentication","1.6.8","miniOrange","https:\u002F\u002Fprofiles.wordpress.org\u002Fcyberlord92\u002F","\u003Cp>\u003Cstrong>WordPress Firebase Authentication Plugin\u003C\u002Fstrong> allows you to login to WordPress sites using your Firebase user login credentials or via Social Login.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-firebase-authentication\u002F\" rel=\"nofollow ugc\">WordPress Firebase Authentication\u003C\u002Fa> works using the default WordPress login page. We support \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Ffirebase-woocommerce-integration\u002F\" rel=\"nofollow ugc\">Firebase WooCommerce Integration\u003C\u002Fa> and other third-party login pages along with custom login forms.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Flogin-into-wordpress-using-firebase-authentication\u002F\" rel=\"nofollow ugc\">WordPress Firebase Authentication\u003C\u002Fa>\u003C\u002Fstrong> : WordPress login using Firebase authentication user login credentials\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Auto Create Users\u003C\u002Fstrong> : After login using Firebase login credentials, new user automatically gets created in WordPress\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Ffirebase-premium-and-enterprise-plugin-features\u002F\" rel=\"nofollow ugc\">Configurable login options\u003C\u002Fa>\u003C\u002Fstrong> :\u003Cbr \u002F>\nProvide option to login with,\u003Cbr \u002F>\na) Only Firebase credentials\u003Cbr \u002F>\nb) Only WordPress credentials\u003Cbr \u002F>\nc) Both Firebase and WordPress credentials\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Auto Register WooCommerce Users to Firebase\u003C\u002Fstrong> : Provide an option to sync a WordPress user to Firebase whenever an end-user registers into the WordPress site via the WooCommerce registration form. User is created in Firebase with only an email address and password.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Support for Firebase Phone Authentication method\u003C\u002Fstrong> : Users will be asked to enter OTP provided via Firebase to login into WordPress (Passwordless login). This works for WooCommerce as well.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Ffirebase-social-login-integration-for-wordpress\" rel=\"nofollow ugc\">Support for Firebase Social Login\u003C\u002Fa>\u003C\u002Fstrong> : With Firebase authentication, users will be provided an option to login in to WordPress using selected social login providers\u003Cbr \u002F>\nProviders supported are:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Flogin-with-google-using-firebase-authentication\" rel=\"nofollow ugc\">Google\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Flogin-with-facebook-using-firebase-authentication\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Flogin-with-apple-using-firebase-authentication\" rel=\"nofollow ugc\">Apple\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Twitter\u003C\u002Fli>\n\u003Cli>Github\u003C\u002Fli>\n\u003Cli>Yahoo\u003C\u002Fli>\n\u003Cli>Microsoft\u003C\u002Fli>\n\u003C\u002Fol>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Firebase WooCommerce Integration\u003C\u002Fstrong> : Integrate WooCommerce with the WordPress Firebase Authentication plugin and allow users to log in to your WooCommerce site using firebase login credentials on WooCommerce Checkout and My account page.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwoocommerce-cloud-firestore-integration\" rel=\"nofollow ugc\">WordPress Firestore Integration\u003C\u002Fa>\u003C\u002Fstrong>: Sync WordPress User Meta to Cloud Firestore Collections, WooCommerce products, orders, subscription sync to Firebase database.\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Support for Social Login buttons Shortcode\u003C\u002Fstrong> : Use a shortcode to place Firebase social login buttons anywhere in your Theme or Plugin\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Sync Firebase UID to WordPress\u003C\u002Fstrong> : Users can map email, Firebase user-id to their WordPress user profile using this WordPress Firebase Authentication feature.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Custom Redirect Login and Logout URL\u003C\u002Fstrong> : Automatically Redirect users after successful login\u002Flogout. This works for WooCommerce as well.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Support for Firebase Login and Registration form Shortcode\u003C\u002Fstrong> : Using login form shortcode, users can enter their Firebase credentials to login into the WP site, and using the registration form shortcode, users can register into the WordPress site, and that user is also auto created in Firebase with an email address and password.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>WP Hooks for Different Events\u003C\u002Fstrong> : WordPress Firebase authentication provides support for different hooks for user defined functions.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>  \u003Cstrong>WordPress login with Firebase JWT\u003C\u002Fstrong>: WordPress login with Firebase JWT allows you to create a user login session on a WordPress site using their Firebase JWT token, eliminating the need to enter their login credentials again. This is highly recommended when there are multiple websites\u002Fapplications and the user is already logged in to any of them.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin allows login into WordPress using Firebase user credentials and maps Firebase user data to WordPress user profile.",500,26163,80,"2025-05-20T17:48:00.000Z","6.8.5","3.0.1","7.0",[95,18,96,97,98],"authentication","jwt","login","woocommerce-integration","http:\u002F\u002Ffirebase-authentication","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffirebase-authentication.1.6.8.zip",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":87,"downloaded":109,"rating":11,"num_ratings":11,"last_updated":110,"tested_up_to":111,"requires_at_least":112,"requires_php":113,"tags":114,"homepage":120,"download_link":121,"security_score":122,"vuln_count":77,"unpatched_count":11,"last_vuln_date":123,"fetched_at":25},"push-notification-mobile-and-web-app","Push notification for Mobile and Web app","2.0.4","App Cheap","https:\u002F\u002Fprofiles.wordpress.org\u002Fappcheap\u002F","\u003Cp>Support push notification for mobile and the web app.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fcirilla-multipurpose-flutter-wordpress-app\u002F31940668\" rel=\"nofollow ugc\">Demo app\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Push services support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Firebase HTTP V1\u003C\u002Fli>\n\u003Cli>Firebase HTTP legacy\u003C\u002Fli>\n\u003Cli>OneSignal\u003C\u002Fli>\n\u003Cli>Debug\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How does it work\u003C\u002Fh3>\n\u003Cp>The Push Notification plugin is built with five part:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Trigger: When WordPress action execution (Post saved, Order status changed …)\u003C\u002Fli>\n\u003Cli>Recipients: One\u002F More recipients get the notification ( topic, registration ID, role, user, merge tag …)\u003C\u002Fli>\n\u003Cli>Conditionals: Determine whether notification send\u003C\u002Fli>\n\u003Cli>Action: The action when the user click to notification on device\u003C\u002Fli>\n\u003Cli>Merge Tag: That is dynamic information in that context\u003C\u002Fli>\n\u003Cli>String translation: Replace part of string on title and message\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Plugin Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Comment Post: Fires immediately after a comment is inserted into the database.\u003C\u002Fli>\n\u003Cli>Post Type: Fires when a post is transitioned from one status to another.\u003C\u002Fli>\n\u003Cli>Save Post: Fires once a post has been saved.\u003C\u002Fli>\n\u003Cli>Order Status Changed: Fires when an order is transitioned from one status to another.\u003C\u002Fli>\n\u003Cli>Product Status Changed: Fires when a product is transitioned from one status to another.\u003C\u002Fli>\n\u003Cli>WCFM – Direct Messaging: Fires when vendor receive a message.\u003C\u002Fli>\n\u003Cli>BuddyPress: Fires Messages message sent, Activity Posted Update, Friends Friendship Accepted, Friends Friendship Requested, Groups Posted Update, Groups Send Invites\u003C\u002Fli>\n\u003C\u002Ful>\n","Push notification for Android, iOS and the Web",15918,"2025-12-06T07:06:00.000Z","6.6.5","5.8","7.4",[115,116,117,118,119],"android-notifications","app-builder","firebase-messages","ios-notifications","push-notification","https:\u002F\u002Fappcheap.io\u002Fpush-notification-mobile-and-web-app","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpush-notification-mobile-and-web-app.2.0.4.zip",99,"2025-05-16 00:00:00",{"slug":125,"name":126,"version":127,"author":128,"author_profile":129,"description":130,"short_description":131,"active_installs":132,"downloaded":133,"rating":67,"num_ratings":134,"last_updated":135,"tested_up_to":136,"requires_at_least":137,"requires_php":138,"tags":139,"homepage":145,"download_link":146,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"free-sms-verification-for-gravity-forms","Free SMS OTP Verification for Gravity Forms By Firebase","1.0.8","WiserSteps","https:\u002F\u002Fprofiles.wordpress.org\u002Fwisersteps\u002F","\u003Cp>The best free SMS verification plugin for Gravity Forms, Verify users numbers before submitting the forms, Use Google firebase to edit the sent message to phone numbers by adding your website name.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FGwHVKauTSuU?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>Features:\u003Cbr \u002F>\n– Verify 20,000 numbers each month for free\u003Cbr \u002F>\n– The Most stable SMS Verification service by Google\u003Cbr \u002F>\n– Supports 246 countries and 84 languages\u003Cbr \u002F>\n– Supports RTL (Right to left) style\u003Cbr \u002F>\n– Show selected countries to the user\u003C\u002Fp>\n\u003Cp>Important:\u003Cbr \u002F>\n– This is an integration with Firebase\u003Cbr \u002F>\n– https:\u002F\u002Ffirebase.google.com\u002Fdocs\u002Fauth\u002Fweb\u002Fphone-auth\u003Cbr \u002F>\n– Terms of service for Firebase https:\u002F\u002Ffirebase.google.com\u002Fterms\u002F\u003C\u002Fp>\n","The best free SMS verification plugin for Gravity Forms, Verify users numbers before submitting the forms.",200,9460,8,"2021-03-10T01:14:00.000Z","5.5.18","4.7","5.6",[140,141,142,143,144],"form-sms-otp","graivty-forms-otp","gravity-forms-firebase","gravity-forms-sms","gravity-forms-verification","https:\u002F\u002Fwww.wisersteps.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffree-sms-verification-for-gravity-forms.1.0.8.zip",{"attackSurface":148,"codeSignals":172,"taintFlows":182,"riskAssessment":183,"analyzedAt":194},{"hooks":149,"ajaxHandlers":168,"restRoutes":169,"shortcodes":170,"cronEvents":171,"entryPointCount":11,"unprotectedCount":11},[150,156,159,162,165],{"type":151,"name":152,"callback":153,"file":154,"line":155},"action","plugins_loaded","anonymous","includes\\class-bengal-studio-verify-id-tokens.php",139,{"type":151,"name":157,"callback":153,"file":154,"line":158},"rest_api_init",153,{"type":160,"name":157,"callback":153,"file":154,"line":161},"filter",154,{"type":160,"name":163,"callback":153,"file":154,"line":164},"rest_pre_dispatch",155,{"type":160,"name":166,"callback":153,"file":154,"line":167},"determine_current_user",156,[],[],[],[],{"dangerousFunctions":173,"sqlUsage":174,"outputEscaping":176,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":178},[],{"prepared":11,"raw":11,"locations":175},[],{"escaped":77,"rawEcho":11,"locations":177},[],[179],{"name":180,"version":24,"knownCves":181},"Guzzle",[],[],{"summary":184,"deductions":185},"The plugin \"verify-id-tokens-firebase\" v1.0.0 demonstrates a strong security posture based on the static analysis. There are no identified entry points such as AJAX handlers, REST API routes, shortcodes, or cron events that could be directly exploited by attackers. The code also exhibits good practices by avoiding dangerous functions and correctly escaping all identified outputs. Furthermore, all SQL queries are prepared, and there are no file operations or external HTTP requests, which significantly reduces the attack surface. The absence of any recorded vulnerabilities or CVEs further reinforces its current security standing.",[186,189,191],{"reason":187,"points":188},"No capability checks found",10,{"reason":190,"points":188},"No nonce checks found on AJAX handlers",{"reason":192,"points":193},"Bundled library (Guzzle) could be outdated",3,"2026-03-17T06:19:25.249Z",{"wat":196,"direct":205},{"assetPaths":197,"generatorPatterns":200,"scriptPaths":201,"versionParams":202},[198,199],"\u002Fwp-content\u002Fplugins\u002Fverify-id-tokens-firebase\u002Fpublic\u002Fcss\u002Fverify-id-tokens-firebase-public.css","\u002Fwp-content\u002Fplugins\u002Fverify-id-tokens-firebase\u002Fpublic\u002Fjs\u002Fverify-id-tokens-firebase-public.js",[],[199],[203,204],"verify-id-tokens-firebase\u002Fpublic\u002Fcss\u002Fverify-id-tokens-firebase-public.css?ver=","verify-id-tokens-firebase\u002Fpublic\u002Fjs\u002Fverify-id-tokens-firebase-public.js?ver=",{"cssClasses":206,"htmlComments":207,"htmlAttributes":246,"restEndpoints":247,"jsGlobals":249,"shortcodeOutput":250},[],[208,209,210,211,212,213,214,215,216,217,218,219,208,220,221,222,220,223,224,225,226,227,228,229,230,231,232,233,234,235,236,235,237,238,239,240,241,242,243,244,245],"\u003C!-- Requiere the JWT token verifier library. -->","\u003C!-- The plugin bootstrap file -->","\u003C!-- If this file is called directly, abort. -->","\u003C!-- Currently plugin version. -->","\u003C!-- Start at version 1.0.0 and use SemVer - https:\u002F\u002Fsemver.org -->","\u003C!-- Rename this for your plugin and update it as you release new versions. -->","\u003C!-- The core plugin class that is used to define internationalization, -->","\u003C!-- admin-specific hooks, and public-facing site hooks. -->","\u003C!-- Begins execution of the plugin. -->","\u003C!-- Since everything within the plugin is registered via hooks, -->","\u003C!-- then kicking off the plugin from this point in the file does -->","\u003C!-- not affect the page life cycle. -->","\u003C!-- The public-facing functionality of the plugin. -->","\u003C!-- Defines the plugin name, version, and two examples hooks for how to -->","\u003C!-- enqueue the public-facing stylesheet and JavaScript. -->","\u003C!-- Add the endpoints to the API -->","\u003C!-- Add CORs suppot to the request. -->","\u003C!-- [header description] -->","\u003C!-- exit program normally -->","\u003C!-- This is our Middleware to try to authenticate the user according to the -->","\u003C!-- token send. -->","\u003C!-- This hook only should run on the REST API requests to determine -->","\u003C!-- if the user in the Token (if any) is valid, for any other -->","\u003C!-- normal call ex. wp-admin\u002F.* return the user. -->","\u003C!-- If the request URI is for authorize the user don't do anything, -->","\u003C!-- this avoid double calls to the validate_token function. -->","\u003C!-- If there is a error, store it to show it after see rest_pre_dispatch -->","\u003C!-- [return description] -->","\u003C!-- Everything is ok, get and return the user ID stored in the database -->","\u003C!-- Main validation function, this function try to get the Autentication -->","\u003C!-- headers and decoded. -->","\u003C!-- Looking for the HTTP_AUTHORIZATION header, if not present just -->","\u003C!-- return the user. -->","\u003C!-- [if description] -->","\u003C!-- The HTTP_AUTHORIZATION is present verify the format -->","\u003C!-- if the format is wrong return the user. -->","\u003C!-- Get the Secret Key -->","\u003C!-- Try to decode the token -->",[],[248],"\u002Fwp-json\u002Fverify-id-tokens-firebase\u002Fv1\u002Ftoken\u002Fvalidate",[],[]]