Description
Social Publisher helps you publish WordPress content to multiple social networks from one place inside your dashboard.
Connect your accounts, choose where each post should be shared, customize the message, attach an image, and publish without jumping between platforms.
Designed for a simple workflow, Social Publisher supports manual publishing from its main screen and auto-post options from the WordPress editor.
Main features
- Publish to multiple social networks from one dashboard
- Connect and manage accounts in one place
- Write a custom message before publishing
- Use the built-in image cropper before posting
- Trigger auto-post options from the Gutenberg editor
- Disconnect accounts and restart a connection from zero when needed
- Review debug logs when troubleshooting a connection or publish attempt
Supported networks
Social Publisher currently supports:
- Bluesky
- Mastodon
- Tumblr
- Threads
- Blogger
- Telegram
- Facebook Pages
Support for some networks may depend on the account type, app approval status, or provider requirements.
Who is this plugin for?
Social Publisher is a good fit for:
- bloggers who want a simpler social publishing workflow
- site owners who publish to more than one network
- content creators who want to manage sharing from WordPress
- admins who want account connections and publishing tools in one place
External services
Social Publisher connects to external services only when a site administrator enables a provider, starts an authorization flow, tests a connection, opens a share action, or publishes content to that provider.
The plugin stores the credentials returned by each provider in the WordPress database for the current site. It uses those credentials only to validate the connection and publish content chosen by the administrator. Debug logs are sanitized to avoid storing access tokens or OAuth secrets in clear text.
No data is sent to a social network unless that specific integration is configured and used.
Bluesky
Service provider: Bluesky Social, PBC.
Domains/endpoints used: https://bsky.social/xrpc/
What it is used for: authenticating with a Bluesky handle and app password, uploading images, and creating Bluesky posts.
Data sent and when: when the administrator saves or tests the Bluesky connection, the plugin sends the configured handle and app password to Bluesky. When publishing, it sends the post text, link, optional image data, and the authenticated account identifier to Bluesky.
Terms: https://bsky.social/about/support/tos
Privacy policy: https://bsky.social/about/support/privacy-policy
Mastodon
Service provider: the Mastodon server/instance selected by the site administrator. Mastodon is federated, so the exact provider, terms, and privacy policy depend on the selected instance.
Domains/endpoints used: the plugin connects over HTTPS to the administrator-selected Mastodon instance. Example endpoints include https://mastodon.social/api/v1/accounts/verify_credentials, https://mastodon.social/api/v1/statuses, https://mastodon.social/api/v1/media, and https://mastodon.social/api/v1/apps. The domain changes when the administrator enters a different instance.
What it is used for: registering or connecting an app on the selected Mastodon instance, validating the account, uploading media, checking uploaded media, and publishing statuses.
Data sent and when: when the administrator saves, tests, or connects Mastodon, the plugin sends the selected server name, callback/redirect details, OAuth app data, authorization code, client credentials, and access token to that selected instance. When publishing, it sends the status text, link, optional media files, visibility settings, and account token to that selected instance.
Terms: each Mastodon instance publishes its own terms. Review the selected instance terms before connecting it. Example for mastodon.social: https://mastodon.social/terms
Privacy policy: each Mastodon instance publishes its own privacy policy. Example for mastodon.social: https://mastodon.social/privacy-policy
Tumblr
Service provider: Tumblr.
Domains/endpoints used: https://www.tumblr.com/oauth/ and https://api.tumblr.com/v2/.
What it is used for: OAuth authentication, validating the configured blog, retrieving basic account/blog information, and publishing posts to the selected Tumblr blog.
Data sent and when: during connection, the plugin sends the Consumer Key, Consumer Secret, OAuth verifier, callback URL, token, token secret, and blog identifier to Tumblr. When publishing, it sends the post title/text, link, tags, optional image/media data, and blog identifier.
Terms: https://www.tumblr.com/policy/en/terms-of-service
Privacy policy: https://www.tumblr.com/privacy/en
Service provider: Pinterest.
Domains/endpoints used: https://www.pinterest.com/oauth/, https://api.pinterest.com/v5/, and https://api-sandbox.pinterest.com/v5/ when sandbox mode is selected.
What it is used for: OAuth authentication, validating account access, selecting boards when available, and creating Pins.
Data sent and when: during connection, the plugin sends the configured App ID, App Secret, redirect/callback URL, authorization code, requested scopes, and token data to Pinterest. When publishing, it sends the Pin title/description, destination link, selected board, and optional image URL or media data.
Terms: https://policy.pinterest.com/en/terms-of-service
Developer/API terms: https://developers.pinterest.com/terms/
Privacy policy: https://policy.pinterest.com/en/privacy-policy
Threads
Service provider: Meta Platforms, Inc. / Threads.
Domains/endpoints used: https://threads.net/oauth/ and https://graph.threads.net/. Example endpoints include https://graph.threads.net/v1.0/me, https://graph.threads.net/v1.0/{user-id}/threads, and https://graph.threads.net/v1.0/{container-id}/publish.
What it is used for: OAuth authentication, account validation, media container creation, checking media container status, and publishing Threads posts.
Data sent and when: during connection, the plugin sends the configured App ID, App Secret, redirect/callback URL, authorization code, requested scopes, and access token data to Meta/Threads endpoints. When validating or publishing, it sends the post text, link, optional media URL/data, container IDs, account identifier, and access token to Meta/Threads endpoints.
Meta Platform Terms: https://developers.facebook.com/terms/dfc_platform_terms/
Threads API documentation: https://developers.facebook.com/docs/threads/
Meta Privacy Policy: https://www.facebook.com/privacy/policy/
Service provider: Meta Platforms, Inc. / Instagram.
Domains/endpoints used: https://www.instagram.com/oauth/, https://api.instagram.com/oauth/, and https://graph.instagram.com/.
What it is used for: OAuth authentication, account validation, media container creation, and publishing Instagram content when the configured account and permissions allow it.
Data sent and when: during connection, the plugin sends the configured Client/App ID, Client/App Secret, redirect/callback URL, authorization code, requested scopes, and token data to Instagram/Meta endpoints. When publishing, it sends the caption/text, link when supported by the provider, optional image/media URL/data, container IDs, and account identifier.
Meta Platform Terms: https://developers.facebook.com/terms/dfc_platform_terms/
Meta Privacy Policy: https://www.facebook.com/privacy/policy/
Facebook Pages
Service provider: Meta Platforms, Inc. / Facebook.
Domains/endpoints used: https://www.facebook.com/v20.0/dialog/oauth and https://graph.facebook.com/v20.0/.
What it is used for: OAuth authentication, retrieving available Pages for the authorized account, storing the selected Page token, and publishing to Facebook Pages. The plugin can also open Facebook’s public share dialog when the administrator uses the Facebook share action.
Data sent and when: during connection, the plugin sends the configured App ID, App Secret, redirect/callback URL, authorization code, requested scopes, and token data to Facebook/Meta endpoints. When loading available Pages, it sends the account token and receives Page identifiers and Page names. When publishing, it sends the selected Page ID/token, post message, link, and optional image/media data. When using the public share action, it opens a Facebook URL containing the page URL to share.
Meta Platform Terms: https://developers.facebook.com/terms/dfc_platform_terms/
Meta Privacy Policy: https://www.facebook.com/privacy/policy/
Service provider: LinkedIn.
Domains/endpoints used: https://www.linkedin.com/oauth/v2/ and https://api.linkedin.com/.
What it is used for: OAuth authentication, retrieving basic member/profile information when available, validating the configured person or organization URN, initializing image uploads, uploading images, and publishing posts.
Data sent and when: during connection, the plugin sends the configured Client ID, Client Secret, redirect/callback URL, authorization code, requested scopes, and token data to LinkedIn. When validating or publishing, it sends the person/organization URN, post text, link, optional image data, upload URL data, and access token.
User Agreement: https://www.linkedin.com/legal/user-agreement
API Terms of Use: https://legal.linkedin.com/api-terms-of-use
Privacy policy: https://www.linkedin.com/legal/privacy-policy
Blogger / Google
Service provider: Google / Blogger.
Domains/endpoints used: https://accounts.google.com/o/oauth2/v2/auth, https://oauth2.googleapis.com/token, and https://www.googleapis.com/blogger/v3/.
What it is used for: OAuth authentication, selecting the destination Blogger blog, reading basic blog information, refreshing tokens when needed, and publishing Blogger posts.
Data sent and when: during connection, the plugin sends the configured Client ID, Client Secret, redirect/callback URL, authorization code, requested Blogger scopes, refresh token, and access token data to Google. When selecting or publishing to a blog, it sends the blog ID, post title/content, labels when used, and token data to the Blogger API.
Google APIs Terms of Service: https://developers.google.com/terms
Google Terms of Service: https://policies.google.com/terms
Google Privacy Policy: https://policies.google.com/privacy
Telegram
Service provider: Telegram Messenger Inc. / Telegram Bot API.
Domains/endpoints used: https://api.telegram.org/. Example methods include getMe, getChat, sendMessage, and sendPhoto.
What it is used for: validating the configured bot token and chat destination, then publishing posts to the selected Telegram group, supergroup, channel, or forum topic.
Data sent and when: when the administrator saves or tests Telegram, the plugin sends the Bot Token and configured chat ID to Telegram Bot API endpoints to validate the connection. When publishing, it sends the post title/text, link, hashtags, optional image URL, optional topic/thread ID, and the destination chat ID.
Terms: https://telegram.org/tos
Bot API documentation: https://core.telegram.org/bots/api
Privacy policy: https://telegram.org/privacy
Service provider: Flipboard.
Domains/endpoints used: https://share.flipboard.com/.
What it is used for: opening Flipboard’s public share window when the administrator uses the Flipboard share action.
Data sent and when: when the administrator uses the Flipboard share action, the plugin opens a Flipboard URL containing the public page URL to share. The plugin does not store Flipboard credentials.
Terms: https://about.flipboard.com/terms-of-service/
Privacy policy: https://about.flipboard.com/privacy-policy/
Screenshots
Social Publisher main publishing screen 
Connected accounts and network status 
Image cropper before publishing 
Social options inside the block editor 
Connection setup screen for supported networks 
Installation
- Upload the plugin folder to
/wp-content/plugins/or install the ZIP from Plugins > Add New. - Activate the plugin.
- Open Social Publisher in your WordPress admin area.
- Connect the social networks you want to use.
- Publish from the Social Publisher screen or configure sharing options in the block editor.
FAQ
-
Open Social Publisher in your WordPress admin, go to the connection area for the network you want to use, complete the required app details if needed, and authorize the connection.
-
Where can I find the step-by-step publishing guide?
-
The step-by-step guide for configuring Social Publisher and publishing content is available on the official WordPress.org plugin page:
-
Can I disconnect an account and connect it again later?
-
Yes. Social Publisher includes a Disconnect action so you can remove saved credentials and start the connection again from zero.
-
Can I publish to multiple networks at once?
-
Yes. You can select more than one connected network from the plugin interface when publishing.
-
Yes. Social Publisher lets you edit the text before sending the post to the selected networks.
-
Can I publish images?
-
Yes. The plugin includes an image workflow with cropping support before publishing.
-
Does every network work the same way?
-
No. Some providers require different app settings, permissions, account types, or approval steps. For example, some networks may require a Page, Business account, or developer app review before publishing works.
-
Does the plugin use external services?
-
Yes. Social Publisher connects to external social network APIs only when the administrator configures and uses those integrations. See the External services section for details.
-
Is there a Gutenberg integration?
-
Yes. Social Publisher includes block editor support for auto-post related options when publishing from Gutenberg.
Reviews
There are no reviews for this plugin.
Contributors & Developers
“Social Publisher” is open source software. The following people have contributed to this plugin.
Contributors
Translate “Social Publisher” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
1.3.1
- Fixed Telegram publishing by registering the Telegram client in the network dispatcher.
1.3
- Added Telegram publishing for groups, supergroups, channels, and optional forum topics.
- Added Telegram connection settings, Bot Token validation, chat destination testing, manual publishing, and Gutenberg auto-post support.
- Added Telegram external service documentation and uninstall cleanup handling.
1.2
- Fixed Gutenberg automatic publishing so the selected social destinations and sidebar fields are saved reliably before the auto-post runs.
- Reused the same internal publishing pipeline for both Gutenberg auto-post and the manual Publish now flow.
- Prevented automatic re-posting on normal updates after a post is already published, unless the post leaves publish status and is published again.
1.0.25
- Added Instagram feed image compatibility handling: images outside the supported 4:5 to 1.91:1 ratio are auto-cropped into a centered compatible copy before publishing.
- Added a square-crop retry when Instagram still returns an unsupported aspect ratio error while creating the media container.
- Rechecked WordPress.org review fixes: external services documentation, REST callback URLs via rest_url(), explicit setting sanitizers, and the native image cropper replacement remain in place.
1.0.24
- Hardened uninstall cleanup so deleting the plugin is not blocked by stale cleanup data, upload folders, or old legacy Facebook options.
- Prevented intentionally cleared/disconnected tokens from being restored from the automatic connection backup.
- Clarified that disconnecting a network removes credentials, while deleting the plugin itself requires deactivating it first from the WordPress Plugins screen.
1.0.23
- Improved Facebook identity confirmation messaging with clear mobile-app verification instructions and a preventive connection note.
- Kept Facebook connected during Meta identity blocks and preserved technical logging without secrets.
1.0.22
- Hardened the image remove action so selected/cropped images, local storage, file input, preview, and alt text are cleared reliably.
- Cleared the manual publish image selection after successful and partial publishes so the next post starts clean.
- Made Facebook disconnect clear both current Social Publisher options and legacy Facebook token options.
1.0.21
- Improved Facebook Graph API error classification so code 368 is not always treated as identity confirmation.
- Added safer Facebook diagnostics and technical logging without access tokens or app secrets.
- Added Facebook test publishing options for text, link, and image checks.
1.0.20
- Normalized hashtags consistently across manual publishing, Gutenberg, and network-specific payloads.
- Added safer partial-result reporting so Pinterest anti-spam rejections are treated as network-specific warnings instead of full plugin failures.
- Added Publisher image format options with an Original mode plus square, portrait, and landscape crops.
- Hardened public media generation and validation for Instagram, Threads, Facebook, Pinterest, and Blogger uploads.
- Improved Facebook Page connection fallback so page discovery can continue even when some business-related endpoints are unavailable.
- Clarified user-facing publish and connection messages for Facebook, Pinterest, Instagram, Threads, and Blogger.
1.0.19
- Removed the outdated bundled Cropper.js library and replaced it with a native image cropper.
- Reworked Settings API registration so each setting type has an explicit sanitize callback.
- Hardened the Facebook Pages cache sanitization and reduced cached settings to expected fields only.
- Expanded external services documentation for Mastodon and Threads endpoints, data sent, terms, and privacy links.
1.0.18
- Addressed WordPress.org review feedback for external services documentation, REST callback URLs, and settings sanitization.
1.0.14
- Added automatic backup/restore protection for saved connections during updates and reinstalls
- Preserved user data by default on delete unless cleanup is explicitly enabled
1.0.8
- Fixed false connected states caused by missing options being treated as saved credentials
- Fixed destination checkboxes so only real connected networks are preselected
1.0.3
- Refined the Social Publisher admin branding and updated the header logo styling
- Updated the header logo treatment for the Calliope SP brand asset
- Removed the custom Update URI for WordPress.org compatibility
- Added missing translators comments flagged by Plugin Check
- Improved sanitization and unslashing for admin form and OAuth callback inputs
- Renamed internal filter hooks to use the Social Publisher prefix
- Continued cleanup for WordPress.org readiness