[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f6M_r1XfMbpoGkvcEe9GvxUz0MSCKFsr9-rbjUZpMEKc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":21,"security_score":22,"vuln_count":23,"unpatched_count":23,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":33,"analysis":34,"fingerprints":112},"ajaxify-wp-post-comment-form","Ajaxify WP Post Comment Form","1.8","kairav","https:\u002F\u002Fprofiles.wordpress.org\u002Fkairav\u002F","\u003Cp>Hello Users,\u003C\u002Fp>\n\u003Cp>Here I want to share brief information about the plugin scenario and its working method.\u003Cbr \u002F>\nWhen the plugin gets active it will have a setting page that is very easy to use and make adjustments. Once you make the plugin active, please visit the plugin URL again to check the screenshot which is attached here for a more simple explanation.\u003C\u002Fp>\n\u003Cp>If a non-developer users want to find the form id which is mentioned in the 2nd screenshot, that let me share the steps with you:\u003Cbr \u002F>\n1) Go to setting and click on the Developer or Inspect Element option\u003Cbr \u002F>\n2) Then click on the selector arrow and then move the cursor to the form main title\u003Cbr \u002F>\n3) Here you will find the \u003Cform? HTML tag which will have the id=”***” like this example. Just collect it and put it on the plugin setting page.\u003C\u002Fp>\n\u003Cp>Still, if any user finds an issue or trouble. please share your comments and will solve your all queries.\u003C\u002Fp>\n\u003Cp>Thanks.\u003C\u002Fp>\n","Submit Post comment form using Ajax functionality.",20,1995,100,4,"2024-09-05T11:23:00.000Z","6.6.5","6.0","",[20],"post-comment-form","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fajaxify-wp-post-comment-form.zip",92,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":11,"avg_security_score":29,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},2,96,30,91,"2026-04-04T04:23:10.561Z",[],{"attackSurface":35,"codeSignals":73,"taintFlows":99,"riskAssessment":100,"analyzedAt":111},{"hooks":36,"ajaxHandlers":52,"restRoutes":69,"shortcodes":70,"cronEvents":71,"entryPointCount":72,"unprotectedCount":72},[37,43,48],{"type":38,"name":39,"callback":40,"file":41,"line":42},"action","admin_menu","ajaxify_admin_menu","includes\\class-ajaxify-wp-post-comment-form.php",21,{"type":38,"name":44,"callback":45,"priority":46,"file":41,"line":47},"admin_enqueue_scripts","ajaxify_admin_style_scripts",10,22,{"type":38,"name":49,"callback":50,"priority":46,"file":41,"line":51},"wp_enqueue_scripts","ajaxify_front_style_scripts",23,[53,58,61,64,67],{"action":54,"nopriv":55,"callback":54,"hasNonce":55,"hasCapCheck":55,"file":56,"line":57},"comment_status_info",false,"ajaxify-wp-post-comment-form.php",71,{"action":59,"nopriv":55,"callback":59,"hasNonce":55,"hasCapCheck":55,"file":56,"line":60},"get_container_id",112,{"action":59,"nopriv":62,"callback":59,"hasNonce":55,"hasCapCheck":55,"file":56,"line":63},true,113,{"action":65,"nopriv":55,"callback":65,"hasNonce":55,"hasCapCheck":55,"file":56,"line":66},"comment_public_submit_ajax_comment",133,{"action":65,"nopriv":62,"callback":65,"hasNonce":55,"hasCapCheck":55,"file":56,"line":68},134,[],[],[],5,{"dangerousFunctions":74,"sqlUsage":75,"outputEscaping":88,"fileOperations":23,"externalRequests":23,"nonceChecks":23,"capabilityChecks":76,"bundledLibraries":98},[],{"prepared":76,"raw":14,"locations":77},1,[78,81,83,86],{"file":56,"line":79,"context":80},76,"$wpdb->get_var() with variable interpolation",{"file":56,"line":82,"context":80},118,{"file":56,"line":84,"context":85},121,"$wpdb->get_row() with variable interpolation",{"file":87,"line":14,"context":85},"includes\\ajaxify-comment-form-setting.php",{"escaped":72,"rawEcho":89,"locations":90},3,[91,94,96],{"file":56,"line":92,"context":93},122,"raw output",{"file":87,"line":95,"context":93},26,{"file":87,"line":97,"context":93},40,[],[],{"summary":101,"deductions":102},"The ajaxify-wp-post-comment-form plugin, version 1.8, presents a significant security concern due to its unprotected AJAX handlers.  All five identified AJAX handlers lack authentication checks, creating a wide attack surface that could be exploited by unauthenticated users.  This is a major weakness, as it allows any visitor to potentially trigger plugin functionality. While the plugin demonstrates good practices in avoiding dangerous functions, file operations, and external HTTP requests, and its SQL queries show some use of prepared statements, these strengths are overshadowed by the critical lack of security on its primary entry points. The absence of any known vulnerabilities in its history is a positive sign, suggesting a potentially stable codebase in the past. However, this does not mitigate the immediate risks posed by the current analysis. The plugin's security posture is concerningly weak due to the exposed AJAX endpoints. It's crucial to implement proper authorization checks for these handlers to protect the site from unauthorized actions.",[103,105,107,109],{"reason":104,"points":11},"5 unprotected AJAX handlers",{"reason":106,"points":46},"No nonce checks on AJAX",{"reason":108,"points":72},"Low percentage of prepared SQL statements",{"reason":110,"points":72},"Moderate unescaped output","2026-03-16T22:54:06.844Z",{"wat":113,"direct":126},{"assetPaths":114,"generatorPatterns":119,"scriptPaths":120,"versionParams":121},[115,116,117,118],"ajaxify-wp-post-comment-form\u002Fadmin\u002Fcss\u002Fajaxify-wp-post-comment-form-admin.css","ajaxify-wp-post-comment-form\u002Fadmin\u002Fjs\u002Fajaxify-wp-post-comment-form-admin.js","ajaxify-wp-post-comment-form\u002Fpublic\u002Fcss\u002Fajaxify-wp-post-comment-form-public.css","ajaxify-wp-post-comment-form\u002Fpublic\u002Fjs\u002Fajaxify-wp-post-comment-form-public.js",[],[116,118],[122,123,124,125],"ajaxify-wp-post-comment-form\u002Fadmin\u002Fcss\u002Fajaxify-wp-post-comment-form-admin.css?ver=","ajaxify-wp-post-comment-form\u002Fadmin\u002Fjs\u002Fajaxify-wp-post-comment-form-admin.js?ver=","ajaxify-wp-post-comment-form\u002Fpublic\u002Fcss\u002Fajaxify-wp-post-comment-form-public.css?ver=","ajaxify-wp-post-comment-form\u002Fpublic\u002Fjs\u002Fajaxify-wp-post-comment-form-public.js?ver=",{"cssClasses":127,"htmlComments":129,"htmlAttributes":130,"restEndpoints":131,"jsGlobals":132,"shortcodeOutput":135},[128],"error_comment_msg",[],[],[],[133,134],"admin_comment_ajax_obj","public_comment_ajax_obj",[]]