[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fSni1LkcSKusrXwu7_aBRAmM4exXBpVrZpThNiz61HOs":3,"$fZ0VVn3RIVhJkI9bNjX-qAGcThy6eJYoyBIs9nIQQL64":199,"$fe85qQUQTgs5NE0cU02-FCDsjjckGV5NU5bfudEACNpc":204},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"discovery_status":31,"vulnerabilities":32,"developer":33,"crawl_stats":29,"alternatives":40,"analysis":131,"fingerprints":186},"wpsitesync-for-http-authentication","WPSiteSync for HTTP Authentication","1.1","Dave Jesch","https:\u002F\u002Fprofiles.wordpress.org\u002Fdavejesch\u002F","\u003Cp>This plugin provides the ability to configure WPSiteSync with an HTTP Authentication username and password to be used when communicating with a Target server that is set up with Authentication.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Usage Scenarios:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you’re using WPSiteSync with a staging server but want to limit access to the staging server via HTTP Authentication, this is the plugin for you.\u003C\u002Fp>\n\u003Cp>This add-on plugin for WPSiteSync allows you to configure an HTTP Authentication username and password that will be used in communicating with the Target server; allowing you to PUSH and PULL changes from your local site to your password protected staging site.\u003C\u002Fp>\n\u003Cp>This plugin works the same whether your Source Site is a local install via DesktopServer or other local development environment, or a publicly hosted site. For more information on DesktopServer and local development tools, please visit our web site at: \u003Ca href=\"https:\u002F\u002Fserverpress.com\u002Fget-desktopserver\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fserverpress.com\u002Fget-desktopserver\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How it Works:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The WPSiteSync for HTTP Authentication add-on plugin sends the username and password with each API request made to the Target site. This allows you to configure your Target site with .htaccess rules that will limit access to user that have the password.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Support:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Support Details:\u003C\u002Fstrong> We are happy to provide support and help troubleshoot issues. Visit our Contact page at \u003Ca href=\"http:\u002F\u002Fserverpress.com\u002Fcontact\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Fserverpress.com\u002Fcontact\u002F\u003C\u002Fa>. Users should know however, that we check the WordPress.org support forums once a week on Wednesdays from 6pm to 8pm PST (UTC -8).\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>ServerPress, LLC is not responsible for any loss of data that may occur as a result of using this tool. We strongly recommend performing a site and database backup before testing and using this tool. However, should you experience such an issue, we want to know about it right away.\u003C\u002Fp>\n\u003Cp>We welcome feedback and Pull Requests for this plugin via our public GitHub repository located at: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FServerPress\u002Fwpsitesync-httpauth\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002FServerPress\u002Fwpsitesync-httpauth\u003C\u002Fa>\u003C\u002Fp>\n","Adds support for sites protected with HTTP Authentication via .htaccess rules.",10,2386,100,1,"2020-06-12T02:49:00.000Z","5.3.21","3.5","",[20,21,22,23,24],"content","content-sync","data-migration","synchronization","wpsitesync","http:\u002F\u002Fwpsitesync.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpsitesync-for-http-authentication.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":34,"display_name":7,"profile_url":8,"plugin_count":35,"total_installs":36,"avg_security_score":27,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"davejesch",4,2020,284,69,"2026-05-20T04:31:05.929Z",[41,67,86,96,112],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":51,"num_ratings":52,"last_updated":53,"tested_up_to":54,"requires_at_least":55,"requires_php":18,"tags":56,"homepage":62,"download_link":63,"security_score":64,"vuln_count":65,"unpatched_count":28,"last_vuln_date":66,"fetched_at":30},"sync-post-with-other-site","Sync Post With Other Site","1.9.1","Kamlesh Parmar","https:\u002F\u002Fprofiles.wordpress.org\u002Fkp4coder\u002F","\u003Cp>Allows user to sync Posts, Pages and Custom Post Type with multiple websites.\u003C\u002Fp>\n\u003Cp>If you run multiple websites and want to synchronise them automatically and securely for specific post operations, then Sync Post With Other Site is the plugin to use.\u003C\u002Fp>\n\u003Cp>You just need to enter website URL & login credentials of other website to sync the post from there.\u003C\u002Fp>\n\u003Ch3>OVERVIEW\u003C\u002Fh3>\n\u003Cp>This plugin adds the following major features to WordPress:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>admin page:\u003C\u002Fstrong> a “Sync Post” menu to manage remote sites.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Import and Export:\u003C\u002Fstrong> Connected sites’ present posts base can be synchronised manually thanks to the provided import\u002Fexport tool.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Developers\u003C\u002Fh4>\n\u003Cp>Development takes place on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fkp4coder\u002Fsync-post-with-other-site\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>. Patches welcome.\u003C\u002Fp>\n","Allows user to sync Posts, Pages and Custom Post Type with multiple websites.",3000,45372,82,27,"2025-07-12T10:20:00.000Z","6.6.5","4.5",[57,58,59,60,61],"migrate-post-content","post-content-sync","sync-post-with-multiple-sites","synchronization-post","wp-sync-post","https:\u002F\u002Fkp4coder.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsync-post-with-other-site.1.9.1.zip",99,2,"2024-08-02 00:00:00",{"slug":68,"name":69,"version":70,"author":71,"author_profile":72,"description":73,"short_description":74,"active_installs":28,"downloaded":75,"rating":28,"num_ratings":28,"last_updated":76,"tested_up_to":77,"requires_at_least":78,"requires_php":79,"tags":80,"homepage":18,"download_link":85,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"easy-stagepush-receiver","Easy ContentPush","1.2.1","Anandhu Nadesh","https:\u002F\u002Fprofiles.wordpress.org\u002Fanandhunadesh\u002F","\u003Cp>\u003Cstrong>Easy ContentPush\u003C\u002Fstrong> lets you safely and easily migrate content — including ACF fields, media files, featured images, taxonomy terms, and SEO metadata — directly from your staging\u002Fdev site to your production site.\u003C\u002Fp>\n\u003Cp>A “Push to Live” button appears in the editor sidebar for all supported post types. When you click the button, the plugin instantly transfers the post, including all custom fields and media references, to your live site using a secure REST API endpoint.\u003C\u002Fp>\n\u003Cp>This plugin must be installed on both your production site and dev site to push the content. You should configure the plugin settings from the dashboard by providing the ‘Target Site URL’ and ‘Origin Site URL’ in the corresponding fields.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important:\u003C\u002Fstrong> Your production site should have the same post types, taxonomies, and ACF field groups as your staging\u002Fdev site. This plugin does not register or sync post type or field definitions—it only pushes content and metadata.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Manual “Push to Live” button for posts, pages, and custom post types (CPTs)\u003C\u002Fli>\n\u003Cli>One-click transfer of all post content, including ACF Flexible Content, Relationships, Repeaters, and Groups\u003C\u002Fli>\n\u003Cli>Seamless handling of featured images and other media (no duplication)\u003C\u002Fli>\n\u003Cli>Taxonomy and term synchronization (including custom taxonomies)\u003C\u002Fli>\n\u003Cli>Yoast SEO metadata transfer\u003C\u002Fli>\n\u003Cli>Respects page templates and parent\u002Fchild hierarchies\u003C\u002Fli>\n\u003Cli>Supports scheduled posts, files, SVGs, and more\u003C\u002Fli>\n\u003Cli>Customizable settings panel for site URL and allowed post types\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Install and activate\u003C\u002Fstrong> Easy ContentPush on your development\u002Fstaging WordPress site.\u003C\u002Fli>\n\u003Cli>Go to \u003Cstrong>Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Easy ContentPush\u003C\u002Fstrong> on your dev\u002Fstaging site and provide the target website URL (where you want to push the content to) in the field named ‘Target Site URL’ in settings page.\u003C\u002Fli>\n\u003Cli>Select the post types you want to enable for pushing\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Install and activate\u003C\u002Fstrong> Easy ContentPush on your live\u002Fproduction WordPress site\u003C\u002Fli>\n\u003Cli>Go to \u003Cstrong>Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Easy ContentPush\u003C\u002Fstrong> on your live\u002Fproduction site and provide the origin website URL (where you want to receive content from – Your development\u002Fstaging website) in the field named ‘Origin Site URL’ in settings page.\u003C\u002Fli>\n\u003Cli>Edit a post, page, or custom post type in development\u002Fproduction website.\u003C\u002Fli>\n\u003Cli>Click the \u003Cstrong>Push to Live\u003C\u002Fstrong> button in the editor’s sidebar meta box.\u003C\u002Fli>\n\u003Cli>Your post’s content, ACF data, media references, taxonomy, and SEO metadata will be transferred to your live site instantly, preserving status (draft, scheduled, published, etc.).\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> Make sure all ACF field groups, post types, and taxonomies exist on both sites for proper mapping.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For support, questions, or feature requests, contact anandhu.natesh@gmail.com \u002F anandhu.nadesh@gmail.com\u003Cbr \u002F>\nContributions are welcome on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FMacromaniak\u002Feasy-content-push\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under GPLv2 or later. You are free to use, modify, and distribute this plugin under the terms of the license.\u003C\u002Fp>\n","Push posts, pages, custom content, ACF fields, media, taxonomies & SEO from staging to production with one click.",332,"2025-12-24T09:11:00.000Z","6.9.4","6.3","7.2.24",[81,21,82,83,84],"acf","dev-to-live","media","migration","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-stagepush-receiver.1.2.1.zip",{"slug":87,"name":88,"version":89,"author":71,"author_profile":72,"description":90,"short_description":74,"active_installs":28,"downloaded":91,"rating":28,"num_ratings":28,"last_updated":92,"tested_up_to":77,"requires_at_least":78,"requires_php":79,"tags":93,"homepage":18,"download_link":94,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":95},"easy-stagepush-sender","Easy StagePush Sender","1.2","\u003Cp>\u003Cstrong>Easy StagePush Sender\u003C\u002Fstrong> lets you safely and easily migrate content — including ACF fields, media files, featured images, taxonomy terms, and SEO metadata — directly from your staging\u002Fdev site to your production site.\u003C\u002Fp>\n\u003Cp>A “Push to Live” button appears in the editor sidebar for all supported post types. When you click the button, the plugin instantly transfers the post, including all custom fields and media references, to your live site using a secure REST API endpoint.\u003C\u002Fp>\n\u003Cp>This plugin is designed to work with the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feasy-stagepush-receiver\u002F\" rel=\"ugc\">Easy StagePush Receiver\u003C\u002Fa> plugin, which must be installed on your production site to receive the content.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important:\u003C\u002Fstrong> Your production site should have the same post types, taxonomies, and ACF field groups as your staging\u002Fdev site. This plugin does not register or sync post type or field definitions—it only pushes content and metadata.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Manual “Push to Live” button for posts, pages, and custom post types (CPTs)\u003C\u002Fli>\n\u003Cli>One-click transfer of all post content, including ACF Flexible Content, Relationships, Repeaters, and Groups\u003C\u002Fli>\n\u003Cli>Seamless handling of featured images and other media (no duplication)\u003C\u002Fli>\n\u003Cli>Taxonomy and term synchronization (including custom taxonomies)\u003C\u002Fli>\n\u003Cli>Yoast SEO metadata transfer\u003C\u002Fli>\n\u003Cli>Respects page templates and parent\u002Fchild hierarchies\u003C\u002Fli>\n\u003Cli>Supports scheduled posts, files, SVGs, and more\u003C\u002Fli>\n\u003Cli>Customizable settings panel for site URL and allowed post types\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Install and activate\u003C\u002Fstrong> Easy StagePush Sender on your development\u002Fstaging WordPress site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Install and activate\u003C\u002Fstrong> Easy StagePush Receiver on your live\u002Fproduction WordPress site.\u003C\u002Fli>\n\u003Cli>Go to \u003Cstrong>Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> StagePush\u003C\u002Fstrong> on your dev\u002Fstaging site:\n\u003Cul>\n\u003Cli>Enter the production site URL.\u003C\u002Fli>\n\u003Cli>(Optional) Enter the dev\u002Fstaging site URL for automatic URL replacement.\u003C\u002Fli>\n\u003Cli>Select the post types you want to enable for pushing.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Edit a post, page, or custom post type.\u003C\u002Fli>\n\u003Cli>Click the \u003Cstrong>Push to Live\u003C\u002Fstrong> button in the editor’s sidebar meta box.\u003C\u002Fli>\n\u003Cli>Your post’s content, ACF data, media references, taxonomy, and SEO metadata will be transferred to your live site instantly, preserving status (draft, scheduled, published, etc.).\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> Make sure all ACF field groups, post types, and taxonomies exist on both sites for proper mapping.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For support, questions, or feature requests, contact anandhu.natesh@gmail.com \u002F anandhu.nadesh@gmail.com\u003Cbr \u002F>\nContributions are welcome on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FMacromaniak\u002Feasy-stagepush-sender\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under GPLv2 or later. You are free to use, modify, and distribute this plugin under the terms of the license.\u003C\u002Fp>\n",311,"2025-12-24T08:48:00.000Z",[81,21,82,83,84],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-stagepush-sender.zip","2026-04-06T09:54:40.288Z",{"slug":97,"name":98,"version":99,"author":98,"author_profile":100,"description":101,"short_description":102,"active_installs":28,"downloaded":103,"rating":28,"num_ratings":28,"last_updated":104,"tested_up_to":77,"requires_at_least":105,"requires_php":106,"tags":107,"homepage":18,"download_link":111,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"optipub","OptiPub","1.0.19","https:\u002F\u002Fprofiles.wordpress.org\u002Foptipub\u002F","\u003Cp>OptiPub synchronizes content from the OptiPub platform to your WordPress installation. Creates custom post types for Resources, Videos, FAQs and Authors with automated sync every 5 minutes via WP-Cron.\u003C\u002Fp>\n\u003Cp>Features: Custom post types (Resources, Videos, FAQs, Authors), automated content synchronization via WP-Cron, secure API authentication with encrypted token storage, multiple publication support, widget integration with custom content, tag and category management, static and dynamic pages sync, redirect handling, theme template integration, and file copying utilities.\u003C\u002Fp>\n\u003Ch3>Source Code for Minified Files\u003C\u002Fh3>\n\u003Cp>This plugin includes one minified JavaScript file (\u003Ccode>public\u002Fjs\u002Fvideo.js\u003C\u002Fcode>) which is a third-party library. The source code for this minified file is publicly available:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Video.js v4.6.3\u003C\u002Fstrong> (Location: \u003Ccode>public\u002Fjs\u002Fvideo.js\u003C\u002Fcode>)\u003Cbr \u002F>\n* \u003Cstrong>Source Code Repository:\u003C\u002Fstrong> https:\u002F\u002Fgithub.com\u002Fvideojs\u002Fvideo.js\u002Ftree\u002Fv4.6.3\u003Cbr \u002F>\n* \u003Cstrong>License:\u003C\u002Fstrong> Apache 2.0\u003Cbr \u002F>\n* \u003Cstrong>Documentation:\u003C\u002Fstrong> https:\u002F\u002Fdocs.videojs.com\u002F\u003C\u002Fp>\n\u003Cp>All other JavaScript and CSS files in this plugin (\u003Ccode>public\u002Fjs\u002Farchive-filters.js\u003C\u002Fcode>, \u003Ccode>public\u002Fjs\u002Fgtm.js\u003C\u002Fcode>, \u003Ccode>public\u002Fjs\u002Finit.js\u003C\u002Fcode>, \u003Ccode>public\u002Fjs\u002Flogin-forms.js\u003C\u002Fcode>, \u003Ccode>public\u002Fjs\u002Fnavigation-collapse.js\u003C\u002Fcode>, and \u003Ccode>public\u002Fcss\u002Fsubscribers.css\u003C\u002Fcode>) are provided in their original, unminified source code format and are fully human-readable.\u003C\u002Fp>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin connects to the following external services:\u003C\u002Fp>\n\u003Ch4>Google Tag Manager\u003C\u002Fh4>\n\u003Cp>Provides tag management and analytics functionality when GTM containers are configured in OptiPub. Sends the container ID to www.googletagmanager.com on every page load. Data collection is controlled by your GTM configuration.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Service Provider: Google LLC  \u003C\u002Fli>\n\u003Cli>Terms of Use: https:\u002F\u002Fwww.google.com\u002Fanalytics\u002Ftag-manager\u002Fuse-policy\u002F  \u003C\u002Fli>\n\u003Cli>Privacy Policy: https:\u002F\u002Fpolicies.google.com\u002Fprivacy\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>YouTube\u003C\u002Fh4>\n\u003Cp>Embeds YouTube videos when video content is configured to use YouTube as the player. Sends video IDs to youtube.com\u002Fembed only when displaying YouTube video content. Data collection is controlled by YouTube’s privacy policy.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Service Provider: Google LLC (YouTube)  \u003C\u002Fli>\n\u003Cli>Terms of Use: https:\u002F\u002Fwww.youtube.com\u002Fstatic?template=terms  \u003C\u002Fli>\n\u003Cli>Privacy Policy: https:\u002F\u002Fpolicies.google.com\u002Fprivacy\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Wistia\u003C\u002Fh4>\n\u003Cp>Embeds Wistia videos when video content is configured to use Wistia as the player. Sends video IDs to fast.wistia.net only when displaying Wistia video content. Data collection is controlled by Wistia’s privacy policy.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Service Provider: Wistia, Inc.  \u003C\u002Fli>\n\u003Cli>Terms of Use: https:\u002F\u002Fwistia.com\u002Fterms  \u003C\u002Fli>\n\u003Cli>Privacy Policy: https:\u002F\u002Fwistia.com\u002Fprivacy\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>OptiPub API\u003C\u002Fh4>\n\u003Cp>Synchronizes content (publications, resources, videos, FAQs, authors, tags, categories, redirects) from the OptiPub platform to WordPress. Sends authenticated API requests with encrypted tokens to your configured OptiPub domain (typically \u003Ccode>https:\u002F\u002F\u003Cdomain>.app.optipub.com\u003C\u002Fcode>) via WP-Cron at configured intervals (default: every 5 minutes). Also creates edit links to OptiPub content management pages in WordPress admin.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Service Provider: OptiPub  \u003C\u002Fli>\n\u003Cli>Terms of Use & Privacy Policy: Please refer to your OptiPub service agreement for terms of use and privacy policy.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Third Party Libraries\u003C\u002Fh3>\n\u003Cp>This plugin includes one minified JavaScript library for video functionality:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Video.js v4.6.3\u003C\u002Fstrong> – Used for video player functionality\n\u003Cul>\n\u003Cli>\u003Cstrong>Source Code Repository:\u003C\u002Fstrong> https:\u002F\u002Fgithub.com\u002Fvideojs\u002Fvideo.js\u002Ftree\u002Fv4.6.3\u003C\u002Fli>\n\u003Cli>\u003Cstrong>License:\u003C\u002Fstrong> Apache 2.0\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Location in Plugin:\u003C\u002Fstrong> \u003Ccode>public\u002Fjs\u002Fvideo.js\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Documentation:\u003C\u002Fstrong> https:\u002F\u002Fdocs.videojs.com\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The source code for this minified library is publicly available at the GitHub repository link above. This plugin does not include any custom build process – the minified file is used directly from the Video.js project.\u003C\u002Fp>\n\u003Ch3>Development Documentation\u003C\u002Fh3>\n\u003Cp>Technical documentation for developers working with the OptiPub plugin. Topics covered:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>OptiPub Introduction\u003C\u002Fli>\n\u003Cli>Prepare\u003C\u002Fli>\n\u003Cli>Installation\u003C\u002Fli>\n\u003Cli>Activation\u003C\u002Fli>\n\u003Cli>OptiPub Admin Page (Save Changes Button, Clear Data Button)\u003C\u002Fli>\n\u003Cli>Cron Job & Troubleshooting\u003C\u002Fli>\n\u003Cli>Plugin Configurations (wp-config.php, Configuring WP-Cron)\u003C\u002Fli>\n\u003Cli>Deactivation & Rescheduling the cron job\u003C\u002Fli>\n\u003Cli>Uninstallation\u003C\u002Fli>\n\u003Cli>Theme dependencies\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>OptiPub Introduction\u003C\u002Fh3>\n\u003Cp>OptiPub syncs OptiPub Resources to a WordPress installation. The plugin schedules the WP-Cron event \u003Ccode>optipub_sync\u003C\u002Fcode> to sync Publications, Resources, Videos, FAQs, Authors, Pages, Custom Content, Tags, Categories and Redirects.\u003C\u002Fp>\n\u003Cp>The plugin creates Custom Post Types (CPTs): \u003Ccode>Resources\u003C\u002Fcode>, \u003Ccode>Videos\u003C\u002Fcode>, \u003Ccode>FAQs\u003C\u002Fcode> and \u003Ccode>Authors\u003C\u002Fcode>. Resources synced to these post types store OptiPub metadata and properties in the \u003Ccode>wp_postmeta\u003C\u002Fcode> table. OptiPub Tags are saved as WordPress Tags. OptiPub Resource Categories are saved as WordPress Categories.\u003C\u002Fp>\n\u003Cp>WordPress Widgets can be created with OptiPub Custom Content from the \u003Ccode>OptiPub Admin\u003C\u002Fcode> page.\u003C\u002Fp>\n\u003Ch3>Prepare\u003C\u002Fh3>\n\u003Cp>From WordPress Admin: Settings > General, select timezone (recommended: ‘New York’) and click [Save Changes].\u003C\u002Fp>\n\u003Cp>OptiPub syncs with UTC but displays dates in EST. If you don’t select ‘New York’, website dates may differ from OptiPub dates. WordPress automatically converts \u003Ccode>post_date\u003C\u002Fcode> and \u003Ccode>post_modified\u003C\u002Fcode> to the selected timezone. Configure this before syncing data.\u003C\u002Fp>\n\u003Ch3>Bitnami permissions and configurations (Optional)\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> This section is only required if you’re using Bitnami WordPress. Skip this if you’re using a standard WordPress installation.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Increase upload file size:\u003C\u002Fstrong>\u003Cbr \u002F>\n1. \u003Ccode>sudo -i\u003C\u002Fcode>\u003Cbr \u002F>\n2. \u003Ccode>sudo nano \u002Fopt\u002Fbitnami\u002Fphp\u002Fetc\u002Fphp.ini\u003C\u002Fcode>\u003Cbr \u002F>\n3. Update \u003Ccode>upload_max_filesize\u003C\u002Fcode>, e.g. \u003Ccode>upload_max_filesize = 128M\u003C\u002Fcode>\u003Cbr \u002F>\n4. Restart: \u003Ccode>sudo \u002Fopt\u002Fbitnami\u002Fctlscript.sh restart\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Set permissions before activation\u003C\u002Fstrong> (required for proper activation and uninstallation – vendor files need deletion permissions):\u003C\u002Fp>\n\u003Cp>Note: These commands apply to all WP plugins. Modify paths to target only OptiPub if needed.\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Ccode>sudo find \u002Fhome\u002Fbitnami\u002Fapps\u002Fwordpress\u002Fhtdocs\u002Fwp-content\u002Fplugins\u002F -type d -exec chmod 775 {} \\;\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>sudo find \u002Fhome\u002Fbitnami\u002Fapps\u002Fwordpress\u002Fhtdocs\u002Fwp-content\u002Fplugins\u002F -type f -exec chmod 664 {} \\;\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>sudo chown -R bitnami:daemon \u002Fhome\u002Fbitnami\u002Fapps\u002Fwordpress\u002Fhtdocs\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>This sets user\u002Fgroup to \u003Ccode>bitnami:daemon\u003C\u002Fcode>, file permissions to 664 (read\u002Fwrite for user\u002Fgroup, read for others), and folder permissions to 775 (read\u002Fwrite\u002Fexecute for user\u002Fgroup, read\u002Fexecute for others).\u003C\u002Fp>\n\u003Ch3>Activation\u003C\u002Fh3>\n\u003Cp>Activate from Plugins page. After activation, a green \u003Cstrong>OptiPub Admin\u003C\u002Fstrong> menu item appears in the left sidebar.\u003C\u002Fp>\n\u003Ch3>Activation Processes\u003C\u002Fh3>\n\u003Cp>During activation, three processes execute:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>Override \u003Ccode>WP_CRON_LOCK_TIMEOUT\u003C\u002Fcode> constant\u003C\u002Fstrong> – Locates \u003Ccode>wp-config.php\u003C\u002Fcode> and overrides the constant. See \u003Ca href=\"#plugin-constants\" rel=\"nofollow ugc\">WP_CRON_LOCK_TIMEOUT\u003C\u002Fa>. Note: May fail in Bitnami if permissions aren’t set first.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Generate \u003Ccode>OPTIPUB_KEY\u003C\u002Fcode> encryption key\u003C\u002Fstrong> – Generates a random key stored in \u003Ccode>wp-config.php\u003C\u002Fcode> as \u003Ccode>OPTIPUB_KEY\u003C\u002Fcode>. Used to encrypt\u002Fdecrypt the API token during cron job execution.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Change permalink structure\u003C\u002Fstrong> – Changes permalink structure to \u003Ccode>\u002F%postname%\u002F\u003C\u002Fcode> to accommodate static pages with multiple slugs (e.g., \u003Ccode>https:\u002F\u002Fwww.energyandcapital.com\u002Fpubs-detailed\u002Fbab\u003C\u002Fcode> where \u003Ccode>pubs-detailed\u002Fbab\u003C\u002Fcode> is defined in \u003Ccode>\u002Fpages\u003C\u002Fcode> OptiPub API).\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>OptiPub Admin Page\u003C\u002Fh3>\n\u003Cp>The green menu icon opens the Admin Page for migrating data from the OptiPub API.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>OptiPub Sync Options:\u003C\u002Fstrong>\u003Cbr \u002F>\n1. \u003Cstrong>OptiPub Domain\u003C\u002Fstrong> – HTTPS URL of the OptiPub API\u003Cbr \u002F>\n2. \u003Cstrong>API Token\u003C\u002Fstrong> – The provided API Token from OptiPub will be used to authenticate with the API. Encrypted and stored in database, decrypted for API calls\u003Cbr \u002F>\n3. \u003Cstrong>Open Graph Image Link\u003C\u002Fstrong> – Backup\u002Fdefault image URL. Access with:\u003Cbr \u002F>\n       \u003Ccode>function get_optipub_opengraph_image() {\u003Cbr \u002F>\n      return get_option(\\OptiPub\\Base\\Constants::OPTIPUB_OPENGRAPH_IMAGE_LINK);\u003Cbr \u002F>\n   }\u003C\u002Fcode>\u003Cbr \u002F>\n4. \u003Cstrong>WP Auth Token\u003C\u002Fstrong> – Create a WP Auth Token to authenticate subscriber logins through OptiPub\u003Cbr \u002F>\n5. \u003Cstrong>Home Page Template\u003C\u002Fstrong> – Template name from OptiPub:\u003Cbr \u002F>\n   – OptiPub > Administration > Templates – create template with \u003Ccode>.php\u003C\u002Fcode> extension (e.g., \u003Ccode>optipub_home_page.php\u003C\u002Fcode>)\u003Cbr \u002F>\n   – OptiPub > Content > Pages – create page with path \u003Ccode>\u002F\u003C\u002Fcode> using the template\u003Cbr \u002F>\n   – Optional: OptiPub > Content > Redirects – create redirect from \u003Ccode>domain.com\u002Fhome\u003C\u002Fcode> to \u003Ccode>https:\u002F\u002Fwww.domain.com\u002F\u003C\u002Fcode>\u003Cbr \u002F>\n6. \u003Cstrong>Publication Dropdown\u003C\u002Fstrong> – Generated after \u003Ccode>OptiPub Domain\u003C\u002Fcode> and \u003Ccode>API Token\u003C\u002Fcode> are provided and \u003Ccode>Save changes\u003C\u002Fcode> is clicked\u003Cbr \u002F>\n7. \u003Cstrong>Publication Domain Id\u003C\u002Fstrong> – Publication domain ID (integer) used to retrieve redirects\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Copy Files To Theme\u003C\u002Fstrong> (feature complete – documentation under construction)\u003Cbr \u002F>\nView more documentation in the plugin ‘OptiPub Admin’ page\u003C\u002Fp>\n\u003Col>\n\u003Cli>Files copied to \u003Ccode>[theme-directory]\u002Finc\u002Foptipub\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Select file categories and click [Copy Files]\u003C\u002Fli>\n\u003Cli>Reference from current location or use as integration guide\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>If copying \u003Ccode>Helper Functions\u003C\u002Fcode>, copy content from \u003Ccode>[theme-directory]\u002Finc\u002Foptipub\u002Fphp\u002Fadd_to_bottom_of_functions.php.txt\u003C\u002Fcode> to your theme’s \u003Ccode>functions.php\u003C\u002Fcode>. \u003Ccode>include\u003C\u002Fcode> statements and filter\u002Faction calls are commented out. Review functions before uncommenting.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Custom Content Widget Sidebars\u003C\u002Fstrong> (feature complete – documentation under construction)\u003Cbr \u002F>\nView more documentation in the plugin ‘OptiPub Admin’ page\u003C\u002Fp>\n\u003Cp>Create custom content macro in OptiPub > Content > Custom Content. Custom Content syncs to WordPress as options.\u003C\u002Fp>\n\u003Cp>Click [Create New Widget]:\u003Cbr \u002F>\n– \u003Cstrong>Title\u003C\u002Fstrong> – WordPress Admin Console\u003Cbr \u002F>\n– \u003Cstrong>Sidebar ID\u003C\u002Fstrong> – Display widget in theme templates\u003Cbr \u002F>\n– \u003Cstrong>File Name\u003C\u002Fstrong> – WordPress Sidebar Widget content file\u003Cbr \u002F>\n– \u003Cstrong>Description\u003C\u002Fstrong> – WordPress Admin Console\u003Cbr \u002F>\n– \u003Cstrong>Custom Content\u003C\u002Fstrong> – OptiPub custom content macro name\u003Cbr \u002F>\n– \u003Cstrong>Class Name\u003C\u002Fstrong> – CSS class for styling\u003Cbr \u002F>\n– \u003Cstrong>Before Widget\u003C\u002Fstrong> – HTML before widget\u003Cbr \u002F>\n– \u003Cstrong>After Widget\u003C\u002Fstrong> – HTML after widget\u003Cbr \u002F>\n– \u003Cstrong>Before Title\u003C\u002Fstrong> – HTML before title (displays Title if used)\u003Cbr \u002F>\n– \u003Cstrong>After Title\u003C\u002Fstrong> – HTML after title (displays Title if used)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How OptiPub Custom Content creates WordPress Sidebar Widgets:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Widget files created at:\u003Cbr \u002F>\n    \u003Ccode>[theme-directory]\u002Finc\u002Foptipub\u002Fwidget-templates\u002F\u003C\u002Fcode>File Name\u003Ccode>\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Default content:\u003Cbr \u002F>\n    \u003Ccode>\u003C?php echo get_option('{$custom_content_name}'); ?>\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Include in theme templates:\u003Cbr \u002F>\n    \u003Ccode>if (is_active_sidebar('sidebar-id')) {\u003Cbr \u002F>\n   dynamic_sidebar('sidebar-id');\u003Cbr \u002F>\n}\u003C\u002Fcode>\u003C\u002Fp>\n\u003Ch3>Save Changes Button\u003C\u002Fh3>\n\u003Cp>Validates API Domain and token, then stores \u003Ccode>Optipub Domain\u003C\u002Fcode>, \u003Ccode>Api Token\u003C\u002Fcode>, \u003Ccode>Publication\u003C\u002Fcode>, \u003Ccode>Publication Domain\u003C\u002Fcode>, \u003Ccode>Header Pencil Ad Macro\u003C\u002Fcode>, \u003Ccode>Article bottom Ad Macro\u003C\u002Fcode>, \u003Ccode>Signup Sidebar Macro\u003C\u002Fcode> in \u003Ccode>wp_options\u003C\u002Fcode> table.\u003C\u002Fp>\n\u003Cp>Schedules cron job to run every 5 minutes if \u003Ccode>Optipub Domain\u003C\u002Fcode>, \u003Ccode>Api Token\u003C\u002Fcode>, and \u003Ccode>Publication\u003C\u002Fcode> are provided correctly.\u003C\u002Fp>\n\u003Cp>After saving, an API call fetches publication metadata. Fetched metadata appears in the WordPress admin left menu. New CPT links appear in \u003Cstrong>green\u003C\u002Fstrong> to differentiate from other CPTs.\u003C\u002Fp>\n\u003Ch3>Clear Data Button\u003C\u002Fh3>\n\u003Cp>Clears all imported posts (articles, resources, reports, etc.). Publication metadata remains, but imported posts are deleted. Stops and reschedules the cron job. Use to reset the plugin after errors.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important Note:\u003C\u002Fstrong> \u003Cem>The clear button stops the current cron job, deletes all posts imported from the API, and reschedules the cron job.\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch3>Cron Job\u003C\u002Fh3>\n\u003Cp>Syncs content from the OptiPub API. Scheduled to run every \u003Ccode>CRON_INTERVAL_IN_SECONDS\u003C\u002Fcode> after \u003Ccode>OptiPub Domain\u003C\u002Fcode>, \u003Ccode>API key\u003C\u002Fcode>, and \u003Ccode>Publication\u003C\u002Fcode> are selected.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>First run:\u003C\u002Fstrong> Loads all content for Custom Post Types, dynamic pages (nav menu pages like Videos, FAQs, Authors), static pages (from \u003Ccode>\u002Fcontents\u002Fpages\u003C\u002Fcode> endpoint), and Widget contents (from \u003Ccode>\u002Fcustom-contents\u003C\u002Fcode> endpoint).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Subsequent runs:\u003C\u002Fstrong> Loads only new or updated content using the \u003Ccode>updated_at\u003C\u002Fcode> attribute and last cron run timestamp.\u003C\u002Fp>\n\u003Ch3>Troubleshooting the Cron Job\u003C\u002Fh3>\n\u003Cp>WP-CLI commands:\u003Cbr \u002F>\n– \u003Ccode>wp cron event list\u003C\u002Fcode> – Lists all cron jobs (\u003Ccode>optipub_sync\u003C\u002Fcode> is the plugin cron job)\u003Cbr \u002F>\n– \u003Ccode>wp cron event delete optipub_sync\u003C\u002Fcode> – Deletes the cron job. Use \u003Ccode>Save changes\u003C\u002Fcode> to reschedule.\u003C\u002Fp>\n\u003Ch3>Plugin Configurations\u003C\u002Fh3>\n\u003Cp>Constants control plugin behavior: Cron Job scheduling, error handling, widgetized areas, template directory paths.\u003C\u002Fp>\n\u003Cp>Constants defined in two places:\u003Cbr \u002F>\n1. \u003Ccode>wp-config.php\u003C\u002Fcode> – WordPress environment variables\u003Cbr \u002F>\n2. \u003Ccode>Plugin Constants\u003C\u002Fcode> ([plugin-directory]\u002Finc\u002FBase\u002FConstants.php) – Plugin runtime configuration\u003C\u002Fp>\n\u003Ch3>wp-config.php\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>WP_CRON_LOCK_TIMEOUT\u003C\u002Fstrong> – Defines cron job execution period (default: 60 seconds, can be changed to 3600 seconds for 60 minutes). Plugin attempts to write this during activation. If it fails, cron job won’t schedule and error appears:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>Could not activate Cron Job since WP_CRON_LOCK_TIMEOUT is smaller than the expected value of: 3000 (e.x);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Configuring WP-Cron\u003C\u002Fh3>\n\u003Cp>WP-Cron documentation: https:\u002F\u002Fdeveloper.wordpress.org\u002Fplugins\u002Fcron\u002F\u003C\u002Fp>\n\u003Cp>Configuration in \u003Ccode>[plugin-directory]\u002Finc\u002FBase\u002FConstants.php\u003C\u002Fcode>:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>CRON_INTERVAL_IN_SECONDS\u003C\u002Fstrong> – Default: 60 – Interval in seconds for \u003Ccode>optipub_sync\u003C\u002Fcode> wp-cron job. Creates a lock option in \u003Ccode>wp_options\u003C\u002Fcode> table; cron won’t run again until it finishes and deletes the option.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>WP_CRON_LOCK_TIMEOUT\u003C\u002Fstrong> – Default: 3600 – Changes WP-Cron timeout in \u003Ccode>wp-config.php\u003C\u002Fcode>:\u003Cbr \u002F>\n   \u003Ccode>define( 'WP_CRON_LOCK_TIMEOUT', 3600 );\u003C\u002Fcode>\u003Cbr \u002F>\nPlugin updates this during Activation, when clearing plugin data, or when changing Publication.\u003C\u002Fp>\n\u003Cp>NOTE: WP-Cron checks for scheduled jobs on every page load. For more consistent intervals, create a system cron job (requires server access).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Crontab in Linux:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>PHP Command:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>* * * * * HTTP_HOST=www.domain.com $(which php) \u002Fopt\u002Fbitnami\u002Fwordpress\u002Fwp-cron.php >> \u002Fpath\u002Fto\u002Ffile.log 2>&1\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Configure \u003Ccode>HTTP_HOST\u003C\u002Fcode> to your site domain.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WP-CLI:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>* * * * * sudo wp cron event run optipub_sync\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Note: Cannot log output and less reliable than PHP command.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Deactivation\u003C\u002Fh3>\n\u003Cp>Deactivate from Plugins page. Deactivation pauses execution, temporarily disables custom post types and admin page, and stops cron job schedule. Cron job won’t reschedule on reactivation. If cron is running during deactivation, it finishes its job, then gets deleted on next run.\u003C\u002Fp>\n\u003Ch3>Rescheduling the cron job\u003C\u002Fh3>\n\u003Cp>After deactivation clears the cron job, reschedule via \u003Cstrong>Save Changes\u003C\u002Fstrong> button (even without data changes).\u003C\u002Fp>\n\u003Ch3>Uninstallation\u003C\u002Fh3>\n\u003Cp>Uninstall from WP Plugin page. Deactivate first to enable delete option.\u003C\u002Fp>\n\u003Cp>Uninstallation removes all plugin directory files. During uninstall, database commands delete all plugin-created content. Details in \u003Ccode>uninstall.php\u003C\u002Fcode> file.\u003C\u002Fp>\n\u003Ch3>Theme dependencies\u003C\u002Fh3>\n\u003Cp>Content loaded by the plugin is displayed via custom WP theme templates. Theme must provide templates for dynamic pages and widgets, and register\u002Fdisplay widgets. Page templates in theme root directory. Widget templates in theme \u003Ccode>widget-templates\u003C\u002Fcode> directory.\u003C\u002Fp>\n\u003Cp>Templates in plugin \u003Ccode>\u002Ftemplates\u003C\u002Fcode> directory are not used by the plugin but serve as guides for retrieving content from the WP Database. Only \u003Ccode>optipub_admin.php\u003C\u002Fcode> in \u003Ccode>\u002Ftemplates\u003C\u002Fcode> is used (decorates the Admin page).\u003C\u002Fp>\n\u003Cp>Theme must know Widget area IDs to register them in \u003Ccode>functions.php\u003C\u002Fcode>. IDs are documented above and found in plugin \u003Ccode>Constants.php\u003C\u002Fcode> class.\u003C\u002Fp>\n\u003Cp>template-parts\u002Farchives\u002F\u003Cbr \u002F>\n   optipub-filters.php\u003Cbr \u002F>\n   optipub-pagination_params.php\u003C\u002Fp>\n\u003Cp>template-parts\u002Fvideos\u002F\u003Cbr \u002F>\n   mv display.php videos_handler.php\u003C\u002Fp>\n","Sync OptiPub content to WordPress with automated cron jobs and custom post types.",692,"2026-04-07T09:14:00.000Z","5.0","7.4",[108,21,109,97,110],"api-integration","custom-post-types","widgets","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Foptipub.1.0.19.zip",{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":28,"downloaded":120,"rating":28,"num_ratings":28,"last_updated":121,"tested_up_to":77,"requires_at_least":122,"requires_php":123,"tags":124,"homepage":129,"download_link":130,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"pushpull","PushPull","0.0.20","Jerome Steunenberg","https:\u002F\u002Fprofiles.wordpress.org\u002Fjeromesteunenberg\u002F","\u003Cp>PushPull stores selected WordPress content in a Git repository using a canonical JSON representation instead of raw database dumps.\u003C\u002Fp>\n\u003Cp>This project is also documented through a DevOps-focused article series that explains how to efficiently manage a WordPress stack with Bedrock and PushPull, starting here: https:\u002F\u002Fcreativemoods.pt\u002Fdevops-with-wordpress\u002F\u003C\u002Fp>\n\u003Ch3>Beta notice\u003C\u002Fh3>\n\u003Cp>This is a beta plugin. It is still under active development, has limited functionality, and currently supports only a narrow subset of the intended PushPull feature set.\u003C\u002Fp>\n\u003Cp>The current release supports these managed domains:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Primary domains:\u003Cbr \u002F>\n   generateblocks_global_styles\u003Cbr \u002F>\n   generateblocks_conditions\u003Cbr \u002F>\n   wordpress_block_patterns\u003Cbr \u002F>\n   wordpress_categories\u003Cbr \u002F>\n   wordpress_comments\u003Cbr \u002F>\n   wordpress_menus\u003Cbr \u002F>\n   wordpress_pages\u003Cbr \u002F>\n   wordpress_posts\u003Cbr \u002F>\n   wordpress_tags\u003Cbr \u002F>\n   wordpress_custom_css\u003Cbr \u002F>\n   generatepress_elements\u003Cbr \u002F>\n   wordpress_attachments (explicit opt-in only)\u003Cbr \u002F>\ngeneric discovered custom post types and taxonomies\u003C\u002Fli>\n\u003Cli>Config domains:\u003Cbr \u002F>\n   wordpress_core_configuration\u003Cbr \u002F>\n   wpml_configuration\u003C\u002Fli>\n\u003Cli>Overlay domains:\u003Cbr \u002F>\n   translation_management (WPML-backed)\u003Cbr \u002F>\n   media_organization (Real Media Library-backed)\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>PushPull keeps a local Git-like repository inside WordPress database tables and supports the following workflow directly from WordPress admin:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Test the remote GitHub or GitLab connection\u003C\u002Fli>\n\u003Cli>Commit live managed content into the local repository\u003C\u002Fli>\n\u003Cli>Initialize an empty remote repository\u003C\u002Fli>\n\u003Cli>Fetch remote commits into a local tracking ref\u003C\u002Fli>\n\u003Cli>Diff live, local, and remote states\u003C\u002Fli>\n\u003Cli>Pull remote changes through fetch + merge\u003C\u002Fli>\n\u003Cli>Merge remote changes into the local branch\u003C\u002Fli>\n\u003Cli>Resolve conflicts when needed\u003C\u002Fli>\n\u003Cli>Apply repository content back into WordPress\u003C\u002Fli>\n\u003Cli>Push local commits to GitHub or GitLab\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>The plugin also includes:\u003C\u002Fp>\n\u003Col>\n\u003Cli>An audit log screen\u003C\u002Fli>\n\u003Cli>Local repository reset tooling\u003C\u002Fli>\n\u003Cli>Remote branch reset tooling that creates one commit removing all tracked files from the branch\u003C\u002Fli>\n\u003Cli>A dedicated Domains screen that separates WordPress core, installed plugin integrations, and discovered custom content\u003C\u002Fli>\n\u003Cli>Global and per-domain managed-content views in the admin UI\u003C\u002Fli>\n\u003Cli>A high-level PushPull status dropdown in the WordPress admin bar\u003C\u002Fli>\n\u003Cli>Menu structure export and apply with hierarchy and theme location assignment\u003C\u002Fli>\n\u003Cli>A scheduled lightweight remote-head check that highlights when \u003Ccode>Fetch\u003C\u002Fcode> likely has updates available\u003C\u002Fli>\n\u003Cli>Bulk \u003Ccode>Commit + Push All\u003C\u002Fcode> and \u003Ccode>Pull + Apply All\u003C\u002Fcode> workflows for whole-site bootstrap and deploy flows\u003C\u002Fli>\n\u003Cli>A \u003Ccode>wp pushpull\u003C\u002Fcode> WP-CLI command surface for status, configuration, domains, and sync operations\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Current scope\u003C\u002Fh3>\n\u003Cp>This is an early, focused release. At the moment, PushPull is intentionally limited to:\u003C\u002Fp>\n\u003Col>\n\u003Cli>GitHub and GitLab as implemented remote providers\u003C\u002Fli>\n\u003Cli>Managed domains across three families:\u003Cbr \u002F>\n   generateblocks\u002Fglobal-styles\u002F\u003Cbr \u002F>\n   generateblocks\u002Fconditions\u002F\u003Cbr \u002F>\n   wordpress\u002Fblock-patterns\u002F\u003Cbr \u002F>\n   wordpress\u002Fcategories\u002F\u003Cbr \u002F>\n   wordpress\u002Fcomments\u002F\u003Cbr \u002F>\n   wordpress\u002Fmenus\u002F\u003Cbr \u002F>\n   wordpress\u002Fpages\u002F\u003Cbr \u002F>\n   wordpress\u002Fposts\u002F\u003Cbr \u002F>\n   wordpress\u002Ftags\u002F\u003Cbr \u002F>\n   wordpress\u002Fcustom-css\u002F\u003Cbr \u002F>\n   wordpress\u002Fattachments\u002F\u003Cbr \u002F>\n   wordpress\u002Fconfiguration\u002F\u003Cbr \u002F>\n   wpml\u002Fconfiguration\u002F\u003Cbr \u002F>\n   wordpress\u002Fgeneratepress-elements\u002F\u003Cbr \u002F>\n   wordpress\u002Fcustom-post-types\u002F\u002F\u003Cbr \u002F>\n   wordpress\u002Fcustom-taxonomies\u002F\u002F\u003Cbr \u002F>\n   translations\u002Fmanagement\u002F\u003Cbr \u002F>\n   media\u002Forganization\u002F\u003C\u002Fli>\n\u003Cli>Canonical JSON storage with one file per managed item for manifest-backed sets, plus directory-backed storage for attachments using \u003Ccode>attachment.json\u003C\u002Fcode> and the binary file\u003C\u002Fli>\n\u003Cli>Explicit opt-in attachment sync through a media-library checkbox\u003C\u002Fli>\n\u003Cli>Overlay domains that scope themselves to enabled compatible base domains rather than exporting every backend row blindly\u003C\u002Fli>\n\u003Cli>A cached remote-head availability signal for \u003Ccode>Fetch\u003C\u002Fcode>, driven by a configurable recurring check instead of a live provider probe on every page load\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>It does not yet manage forms, users, arbitrary \u003Ccode>wp_options\u003C\u002Fcode>, or arbitrary plugin data.\u003C\u002Fp>\n\u003Ch3>How PushPull represents content\u003C\u002Fh3>\n\u003Cp>PushPull does not use WordPress post IDs as repository identity.\u003C\u002Fp>\n\u003Cp>For the currently supported managed sets it stores:\u003C\u002Fp>\n\u003Col>\n\u003Cli>One canonical JSON file per managed item\u003C\u002Fli>\n\u003Cli>One separate \u003Ccode>manifest.json\u003C\u002Fcode> file for manifest-backed sets that preserves logical ordering\u003C\u002Fli>\n\u003Cli>One directory per attachment for the attachments set, containing \u003Ccode>attachment.json\u003C\u002Fcode> and the binary file\u003C\u002Fli>\n\u003Cli>Stable logical keys instead of environment-specific database IDs\u003C\u002Fli>\n\u003Cli>Canonical logical-key references for cross-domain relationships such as reading settings, translation groups, media folders, GeneratePress condition targets, and menu object references\u003C\u002Fli>\n\u003Cli>Recursive placeholder normalization for current-site absolute URLs in post-type-backed content\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Configuration\u003C\u002Fh3>\n\u003Cp>PushPull currently supports GitHub and GitLab repositories.\u003C\u002Fp>\n\u003Cp>For GitHub, grant:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Repository metadata read access\u003C\u002Fli>\n\u003Cli>Repository contents read and write access\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>For GitLab fine-grained personal access tokens, grant:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Ccode>Project: Read\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>Branch: Read\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>Commit: Read\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>Commit: Create\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>Repository: Read\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>In PushPull > Settings:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Select \u003Ccode>GitHub\u003C\u002Fcode> or \u003Ccode>GitLab\u003C\u002Fcode> as the provider\u003C\u002Fli>\n\u003Cli>Enter the repository owner and repository name\u003C\u002Fli>\n\u003Cli>Enter the target branch\u003C\u002Fli>\n\u003Cli>Enter the API token\u003C\u002Fli>\n\u003Cli>Optionally set the remote fetch check interval in minutes\u003C\u002Fli>\n\u003Cli>Click \u003Ccode>Test connection\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Save the settings\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Domain selection\u003C\u002Fh4>\n\u003Cp>In PushPull > Domains:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Enable one or more managed domains\u003C\u002Fli>\n\u003Cli>Review WordPress core, installed plugin integrations, and discovered custom content separately\u003C\u002Fli>\n\u003Cli>Opt into generic discovered custom post types and taxonomies when you want them managed\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Workflow\u003C\u002Fh4>\n\u003Cp>The normal workflow is:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Ccode>Commit\u003C\u002Fcode> to snapshot the current live managed-set content into the local repository\u003C\u002Fli>\n\u003Cli>\u003Ccode>Fetch\u003C\u002Fcode> to import the current remote branch into \u003Ccode>refs\u002Fremotes\u002Forigin\u002F\u003Cbranch>\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Inspect the live\u002Flocal and local\u002Fremote diff views if needed\u003C\u002Fli>\n\u003Cli>\u003Ccode>Pull\u003C\u002Fcode> for the common fetch + merge flow, or \u003Ccode>Merge\u003C\u002Fcode> manually after fetch when you want review first\u003C\u002Fli>\n\u003Cli>\u003Ccode>Apply repo to WordPress\u003C\u002Fcode> when you want the local branch state written back into WordPress\u003C\u002Fli>\n\u003Cli>\u003Ccode>Push\u003C\u002Fcode> when you want local commits published to GitHub or GitLab\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>PushPull also performs a lightweight recurring remote-head check and visually highlights \u003Ccode>Fetch\u003C\u002Fcode> when the latest scheduled check suggests the remote branch has advanced since the last fetch.\u003C\u002Fp>\n\u003Cp>For whole-site bootstrap flows, PushPull also supports:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Ccode>Commit + Push All\u003C\u002Fcode> to snapshot and publish all enabled domains\u003C\u002Fli>\n\u003Cli>\u003Ccode>Pull + Apply All\u003C\u002Fcode> to import and apply all enabled domains on a bare target site\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>If both local and remote changed, PushPull can persist conflicts, let you resolve them in the admin UI, and then finalize a merge commit.\u003C\u002Fp>\n\u003Cp>When pushing to GitLab, PushPull currently linearizes local merge results into a normal commit on the remote branch instead of preserving merge topology. The merged tree content is preserved; only the remote Git history shape is flattened.\u003C\u002Fp>\n\u003Ch4>WP-CLI\u003C\u002Fh4>\n\u003Cp>PushPull also exposes a \u003Ccode>wp pushpull\u003C\u002Fcode> command.\u003C\u002Fp>\n\u003Cp>Examples:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Ccode>wp pushpull status\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp pushpull domains\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp pushpull config list\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp pushpull config set branch main\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp pushpull config enable-domain wordpress_pages\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp pushpull commit wordpress_pages\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp pushpull push\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp pushpull commit-push-all\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp pushpull pull-apply-all\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Empty repositories\u003C\u002Fh4>\n\u003Cp>If the configured GitHub or GitLab repository exists but has no commits yet, \u003Ccode>Test connection\u003C\u002Fcode> will report that the repository is reachable but empty.\u003C\u002Fp>\n\u003Cp>In that case, click \u003Ccode>Initialize remote repository\u003C\u002Fcode>. PushPull will:\u003C\u002Fp>\n\u003Col>\n\u003Cli>create the first commit on the configured branch\u003C\u002Fli>\n\u003Cli>fetch that initial commit into the local remote-tracking ref\u003C\u002Fli>\n\u003Cli>make the repository ready for normal commit, fetch, merge, apply, and push workflows\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>You do not need to create the first commit manually on the provider before using PushPull.\u003C\u002Fp>\n\u003Ch3>TODO\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Cache the admin-bar PushPull status summary so the high-level live\u002Flocal and local\u002Fremote aggregation is not recomputed on every page view.\u003C\u002Fli>\n\u003Cli>Move chunked async provider resumability fully into the provider layer so \u003Ccode>AsyncBranchOperationRunner\u003C\u002Fcode> no longer needs provider-specific GitLab staging rehydration logic.\u003C\u002Fli>\n\u003Cli>Improve push progress and recap reporting to distinguish newly uploaded objects from objects reused from the remote history.\u003C\u002Fli>\n\u003Cli>Surface unresolved logical-reference mapping issues, such as GeneratePress condition IDs that could not be converted to logical placeholders, instead of silently leaving mixed raw IDs and canonical refs.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>PushPull connects to the GitHub or GitLab API for the repository you configure in the plugin settings.\u003C\u002Fp>\n\u003Cp>The plugin uses the provider REST API to:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Read repository metadata and the default branch\u003C\u002Fli>\n\u003Cli>Read and update branch refs\u003C\u002Fli>\n\u003Cli>Read and create Git objects or provider-equivalent commit actions\u003C\u002Fli>\n\u003Cli>Test repository access before sync operations\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>PushPull sends the following information to the configured provider over HTTPS:\u003C\u002Fp>\n\u003Col>\n\u003Cli>The repository owner, repository name, branch, and API base URL\u003C\u002Fli>\n\u003Cli>Your configured API token in the provider-specific authentication header\u003C\u002Fli>\n\u003Cli>Canonical JSON representations of the managed content you choose to commit and push\u003C\u002Fli>\n\u003Cli>Commit metadata such as commit messages and, if configured, author name and email\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>In the current release, the managed content sent to the provider is limited to the enabled supported domains: GenerateBlocks Global Styles, GenerateBlocks Conditions, WordPress Block Patterns, WordPress Categories, WordPress Comments, WordPress Menus, WordPress Pages, WordPress Posts, WordPress Tags, WordPress Custom CSS, GeneratePress Elements, explicitly opted-in WordPress Attachments, WordPress core configuration, WPML configuration, generic discovered custom post types and taxonomies, WPML-backed translation management, and Real Media Library-backed media organization.\u003C\u002Fp>\n\u003Cp>PushPull does not send your whole WordPress database to the provider. It only sends the managed content represented by the enabled adapters.\u003C\u002Fp>\n\u003Cp>GitHub terms of service: https:\u002F\u002Fdocs.github.com\u002Fen\u002Fsite-policy\u002Fgithub-terms\u002Fgithub-terms-of-service\u003Cbr \u002F>\nGitHub privacy statement: https:\u002F\u002Fdocs.github.com\u002Fen\u002Fsite-policy\u002Fprivacy-policies\u002Fgithub-general-privacy-statement\u003Cbr \u002F>\nGitLab terms: https:\u002F\u002Fabout.gitlab.com\u002Fterms\u002F\u003Cbr \u002F>\nGitLab privacy statement: https:\u002F\u002Fabout.gitlab.com\u002Fprivacy\u002F\u003C\u002Fp>\n","Git-based content sync for WordPress. Project homepage: https:\u002F\u002Fcreativemoods.pt\u002Fpushpull\u002F",532,"2026-04-14T10:49:00.000Z","6.0","8.1",[21,125,126,127,128],"devops","generateblocks","git","github","https:\u002F\u002Fgithub.com\u002Fcreativemoods\u002Fpushpull","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpushpull.0.0.20.zip",{"attackSurface":132,"codeSignals":165,"taintFlows":176,"riskAssessment":177,"analyzedAt":185},{"hooks":133,"ajaxHandlers":161,"restRoutes":162,"shortcodes":163,"cronEvents":164,"entryPointCount":28,"unprotectedCount":28},[134,140,145,148,153,157],{"type":135,"name":136,"callback":137,"file":138,"line":139},"action","spectrom_sync_register_settings","add_settings_fields","classes\u002Fhttpauthadmin.php",7,{"type":135,"name":141,"callback":142,"file":143,"line":144},"spectrom_sync_init","init","wpsitesync-httpauth.php",24,{"type":135,"name":146,"callback":146,"file":143,"line":147},"wp_loaded",26,{"type":149,"name":150,"callback":151,"priority":11,"file":143,"line":152},"filter","spectrom_sync_api_arguments","filter_api_args",49,{"type":135,"name":154,"callback":155,"file":143,"line":156},"admin_notices","notice_requires_wpss",58,{"type":135,"name":158,"callback":159,"file":143,"line":160},"admin_init","disable_plugin",59,[],[],[],[],{"dangerousFunctions":166,"sqlUsage":167,"outputEscaping":169,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":14,"bundledLibraries":175},[],{"prepared":28,"raw":28,"locations":168},[],{"escaped":28,"rawEcho":65,"locations":170},[171,174],{"file":143,"line":172,"context":173},84,"raw output",{"file":143,"line":27,"context":173},[],[],{"summary":178,"deductions":179},"The \"wpsitesync-for-http-authentication\" plugin version 1.1 exhibits a generally strong security posture based on the provided static analysis. The complete absence of identified attack surface points (AJAX handlers, REST API routes, shortcodes, cron events) is a significant positive, indicating that there are no apparent direct entry points for attackers to exploit. Furthermore, the fact that all SQL queries utilize prepared statements and there are no identified dangerous functions or file operations suggests careful development practices and a lack of common vulnerability patterns.\n\nHowever, there are areas for concern. The most notable is the complete lack of output escaping, meaning any data rendered to the user interface could potentially be vulnerable to cross-site scripting (XSS) attacks. While the taint analysis found no unsanitized paths, the absence of escaping means that if any data were to become tainted downstream, it would not be mitigated. The plugin also only has a single capability check, which might indicate a limited scope of functionality but also potentially a lack of granular permission control if its functions were to expand.\n\nGiven the plugin's clean vulnerability history with zero recorded CVEs, this suggests a track record of security. However, this history alone should not override the findings from static analysis. The lack of escaping is a clear weakness that needs to be addressed, even in the absence of past exploitation. Overall, the plugin is well-architected with a minimal attack surface and secure database interactions, but the critical oversight in output sanitization presents a tangible risk.",[180,183],{"reason":181,"points":182},"0% output escaping",8,{"reason":184,"points":65},"Only 1 capability check","2026-04-16T12:36:31.127Z",{"wat":187,"direct":192},{"assetPaths":188,"generatorPatterns":189,"scriptPaths":190,"versionParams":191},[],[],[],[],{"cssClasses":193,"htmlComments":194,"htmlAttributes":195,"restEndpoints":196,"jsGlobals":197,"shortcodeOutput":198},[],[],[],[],[],[],{"error":200,"url":201,"statusCode":202,"statusMessage":203,"message":203},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fwpsitesync-for-http-authentication\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":14,"versions":205},[206],{"version":207,"download_url":208,"svn_tag_url":209,"released_at":29,"has_diff":210,"diff_files_changed":211,"diff_lines":29,"trac_diff_url":29,"vulnerabilities":212,"is_current":210},"1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpsitesync-for-http-authentication.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwpsitesync-for-http-authentication\u002Ftags\u002F1.0\u002F",false,[],[]]