[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$foHnDTrQUFBj4GV1RxBJWkDJ6o1F8C4J-ekEcGGtbgTM":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":136,"fingerprints":271},"blacklist-keys-manager","Blacklist keys manager","1.2.0","tmatsuur","https:\u002F\u002Fprofiles.wordpress.org\u002Ftmatsuur\u002F","\u003Cp>This plugin increases the efficiency of spam distinction of a comment. It is possible to extract URL from the past spam comment and add to a blacklist. Moreover, URL contained in a new spam comment can be added to a blacklist.\u003C\u002Fp>\n\u003Ch4>Some features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>The key of a blacklist and a moderation list is automatically rearranged in order of a name. \u003C\u002Fli>\n\u003Cli>Each key is movable by drag and drop. \u003C\u002Fli>\n\u003Cli>URL contained in the accumulated spam comment can be added to a blacklist.\u003C\u002Fli>\n\u003Cli>URL contained in a new spam comment can be added to a blacklist when marked spam. \u003C\u002Fli>\n\u003Cli>The comment in which a few URL is contained can be marked as spam. \u003C\u002Fli>\n\u003Cli>The extended blacklist corresponding to a regular expression can be used.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Japanese – http:\u002F\u002Felearn.jp\u002Fwpman\u002Fcolumn\u002Fblacklist-keys-manager.html\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Translators\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Japanese(ja) – \u003Ca href=\"http:\u002F\u002F12net.jp\u002F\" rel=\"nofollow ugc\">Takenori Matsuura\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can send your own language pack to me.\u003C\u002Fp>\n\u003Cp>Please contact to me.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>http:\u002F\u002F12net.jp\u002F (ja)\u003C\u002Fli>\n\u003Cli>@tmatsuur on twitter.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contributors\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002F12net.jp\u002F\" rel=\"nofollow ugc\">Takenori Matsuura\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>This plug-in is not guaranteed though the user of WordPress can freely use this plug-in free of charge regardless of the purpose.\u003Cbr \u002F>\nThe author must acknowledge the thing that the operation guarantee and the support in this plug-in use are not done at all beforehand.\u003C\u002Fp>\n\u003Ch3>Contact\u003C\u002Fh3>\n\u003Cp>email to takenori.matsuura[at]gmail.com\u003Cbr \u002F>\ntwitter @tmatsuur\u003C\u002Fp>\n","The increase in efficiency of management of a comment blacklist is attained, and a spam comment is blocked.",10,1945,0,"2015-05-22T00:55:00.000Z","4.2.39","3.5.0","",[19,20,21,22],"blacklist","comment","moderation","spam","http:\u002F\u002Felearn.jp\u002Fwpman\u002Fcolumn\u002Fblacklist-keys-manager.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblacklist-keys-manager.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},8,21190,86,1904,69,"2026-04-04T13:32:40.910Z",[37,59,81,102,119],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":32,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":56,"download_link":57,"security_score":58,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"blacklist-updater","Block List Updater","1.0.2","pluginkollektiv","https:\u002F\u002Fprofiles.wordpress.org\u002Fpluginkollektiv\u002F","\u003Cp>Few users are familiar with the comment block list built into WordPress. Located in the WordPress admin area under “Settings”—“Discussion”, that block list for incoming comments accepts values (words) to identify spam by.\u003C\u002Fp>\n\u003Cp>Additionally to plugins like \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fantispam-bee\u002F\" rel=\"ugc\">Antispam Bee\u003C\u002Fa> in order to fight spam successfully a curated comment block list is recommendable. You can either update the list manually, or utilize a very detailed global \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsplorp\u002Fwordpress-comment-blacklist\" rel=\"nofollow ugc\">comment block list\u003C\u002Fa> that gets updated on a regular basis.\u003C\u002Fp>\n\u003Cp>Block List Updater has been developed to keep your comment block list in your WordPress installation up to speed with the curated global list on GitHub.\u003C\u002Fp>\n\u003Cp>The plugin will check the global comment block list on GitHub multiple times a day. Whenever new anti-spam values have been added to the global list, Block List Updater will read the global list and update your WordPress database accordingly. While the check-up process will run several times a day, the plugin will only update the database when it detects an actual change of the global comment block list on GitHub.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Community support via the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fblacklist-updater\" rel=\"ugc\">support forums on wordpress.org\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>We don’t handle support via e-mail, Twitter, GitHub issues etc.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contribute\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Active development of this plugin is handled \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fpluginkollektiv\u002Fblacklist-updater\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Pull requests for documented bugs are highly appreciated.\u003C\u002Fli>\n\u003Cli>If you think you’ve found a bug (e.g. you’re experiencing unexpected behavior), please post at the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fblacklist-updater\" rel=\"ugc\">support forums\u003C\u002Fa> first.\u003C\u002Fli>\n\u003Cli>If you want to help us translate this plugin you can do so \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fblacklist-updater\" rel=\"nofollow ugc\">on WordPress Translate\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Author: \u003Ca href=\"https:\u002F\u002Fsergejmueller.github.io\u002F\" rel=\"nofollow ugc\">Sergej Müller\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Maintainers: \u003Ca href=\"https:\u002F\u002Fpluginkollektiv.org\u002F\" rel=\"nofollow ugc\">pluginkollektiv\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Automatic updating of the comment block list in WordPress with antispam keys from GitHub.",4000,31272,4,"2026-03-14T09:16:00.000Z","6.9.4","3.8","5.2",[53,19,54,55,22],"antispam","blocklist","comments","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fblacklist-updater\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblacklist-updater.1.0.2.zip",100,{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":69,"num_ratings":47,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":73,"tags":74,"homepage":77,"download_link":78,"security_score":25,"vuln_count":79,"unpatched_count":13,"last_vuln_date":80,"fetched_at":27},"comment-blacklist-updater","Comment Blacklist Updater","1.2.2","apasionados","https:\u002F\u002Fprofiles.wordpress.org\u002Fapasionados\u002F","\u003Cp>Updates the “Comment Blacklist” in Settings \u002F Discussion with a list terms from a remote or local source. By default it get’s the data from Github \u003Cstrong>(“\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsplorp\u002Fwordpress-comment-blacklist\u002F\" rel=\"nofollow ugc\">wordpress-comment-blacklist\u003C\u002Fa>“)\u003C\u002Fstrong> by \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsplorp\" rel=\"nofollow ugc\">Grant Hutchinson\u003C\u002Fa>) but you can also get them \u003Cstrong>from any URL\u003C\u002Fstrong> or from a \u003Cstrong>local blacklist.txt file\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>This plugin is an enhanced version of the plugin \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcomment-blacklist-manager\u002F\" rel=\"ugc\">Comment Blacklist Manager\u003C\u002Fa>. We decided to create this enhanced version of the plugin, because we wanted to be able to add blacklists without using filters and directly from the WordPress administration. You can still use a filter to modify the blacklist sources if that is more convienient for you. And we also wanted to have more information about the plugin in SETTINGS \u002F DISCUSSION; for example when the blacklist was updated and when it will be updated next time, when the blacklist sources were updated, etc.\u003C\u002Fp>\n\u003Cp>You can configure three sources for your blacklists:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>Default blacklist\u003C\u002Fstrong> (which can be disabled): \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsplorp\u002Fwordpress-comment-blacklist\u002F\" rel=\"nofollow ugc\">wordpress-comment-blacklist\u003C\u002Fa> by \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsplorp\" rel=\"nofollow ugc\">Grant Hutchinson\u003C\u002Fa>). Please keep in mind that if there is no other blacklist source defined, this will be used as default, even if it\\’s not selected.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Blacklist from remote URL\u003C\u002Fstrong>: You paste the URL to the blacklist and if the file exists and can be accesed (must return code 200) it will be used as a blacklist source.\u003C\u002Fli>\n\u003Cli>If you want to include a \u003Cstrong>local blacklist\u003C\u002Fstrong> for the site, you can upload a blacklist.txt file to the UPLOADS folder and it will also be taken into account. The blacklist.txt file has to be in the root of the UPLOADS folder; it will not be recognized if it\\’s for example in \u002Fuploads\u002F2025\u002F12\u002F and the file has to be accesible via http\u002Fhttps (if the access to the file is protected it can\\’t be used).\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>And you can use the filter \u003Ccode>cblm_sources\u003C\u002Fcode> to replace all the blacklists or to add more. If you replace all blacklists with the filter, the settings done in the WordPress administration will be ignored. We decided to keep the same filter as used by “Comment Blacklist Manager” to make it easy to switch between both plugins.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Please note: \u003Cstrong>After the September 2023 update only users with administrator privileges can use this plugin.\u003C\u002Fstrong> If you’re not an admin you will get following error: “You do not have sufficient permissions to access this page”.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>What can I do with this plugin?\u003C\u002Fh4>\n\u003Cp>The plugin updates the “Comment Blacklist” in Settings \u002F Discussion with a list terms from a remote or local source. By default it get’s the data from Github (“\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsplorp\u002Fwordpress-comment-blacklist\u002F\" rel=\"nofollow ugc\">wordpress-comment-blacklist\u003C\u002Fa> by \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsplorp\" rel=\"nofollow ugc\">Grant Hutchinson\u003C\u002Fa>) but you can also get them from any URL or from a local blacklist.txt file.\u003C\u002Fp>\n\u003Ch4>Why do I want to update the “Comment Blacklist” in Settings \u002F Discussion?\u003C\u002Fh4>\n\u003Cp>If you want to reduce spam received in your comment forms but also in your contact forms (for example when using Contact Form 7), using blacklisted terms can help.\u003C\u002Fp>\n\u003Cp>Contact Form 7 encourages to use: Akismet, reCaptcha and the comment blacklist to reduce contact form spam.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cem>Contact Form 7 supports spam-filtering with Akismet. Intelligent reCAPTCHA blocks annoying spambots. Plus, using comment blacklist, you can block messages containing specified keywords or those sent from specified IP addresses.\u003C\u002Fem>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>The best way to reduce the contact form 7 spam is to use a very extensive term database which is updated regulary with new spam terms. And this plugin does exactly this: Updating the blacklist regularly.\u003C\u002Fp>\n\u003Ch4>Why are you using the “Comment Blacklist for WordPress” from Grant Hutchinson as default source for the blacklist?\u003C\u002Fh4>\n\u003Cp>Since 2011 Grant Hutchinson has been identifying and compiling over 34,000 phrases, patterns, and keywords commonly used by spammers and comment bots in usernames, email addresses, link text, and URIs.\u003C\u002Fp>\n\u003Cp>His blacklist is very extensive and that’s why we love it.\u003C\u002Fp>\n\u003Cp>As with all compilations, this blacklist is a work in progress and it is updated more or less every month. And each of these updates will be included automatically with the update process that runs every 24 hours.\u003C\u002Fp>\n\u003Cp>\u003Cem>Sometimes simple is better.\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>If you know another source that is as extensive as this one, drop us a message and we will check if it’s interesting to add it also as a default.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>System requirements\u003C\u002Fh4>\n\u003Cp>PHP version 5.6 or greater.\u003C\u002Fp>\n\u003Ch4>Comment Blacklist Updater Plugin in your Language!\u003C\u002Fh4>\n\u003Cp>This first release is avaliable in English and Spanish. In the “languages” folder we have included the necessary files to translate this plugin.\u003C\u002Fp>\n\u003Cp>If you would like the plugin in your language and you’re good at translating, please drop us a line at \u003Ca href=\"https:\u002F\u002Fapasionados.es\u002Fcontacto\u002Findex.php?desde=wordpress-org-apa-comment-blacklist-updater-home\" rel=\"nofollow ugc\">Contact us\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Further Reading\u003C\u002Fh4>\n\u003Cp>You can access the description of the plugin in Spanish at: \u003Ca href=\"https:\u002F\u002Fapasionados.es\u002Fblog\u002F\" rel=\"nofollow ugc\">Actualizador lista negra de comentarios | WordPress Plugin\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Contact\u003C\u002Fh3>\n\u003Cp>For further information please send us an \u003Ca href=\"https:\u002F\u002Fapasionados.es\u002Fcontacto\u002Findex.php?desde=wordpress-org-apa-comment-blacklist-updater\" rel=\"nofollow ugc\">email\u003C\u002Fa>.\u003C\u002Fp>\n","Update \"Comment Blacklist\" spam terms to manage spam in forms and comments",1000,10162,96,"2023-09-26T13:22:00.000Z","6.3.8","4.0.1","5.6",[19,55,75,76,22],"contact-form-7","form-spam","https:\u002F\u002Fapasionados.es\u002Fblog\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomment-blacklist-updater.1.2.2.zip",1,"2023-09-23 00:00:00",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":32,"num_ratings":91,"last_updated":92,"tested_up_to":93,"requires_at_least":94,"requires_php":17,"tags":95,"homepage":100,"download_link":101,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"wp-referrer-spam-blacklist","WP referrer spam blacklist (fight 2040+ Referrer Spammers in (Google\u002FMatomo) Analytics)","1.3.0","Umbrovskis.com","https:\u002F\u002Fprofiles.wordpress.org\u002Frolandinsh\u002F","\u003Cp>List of spammers in \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-referrer-spam-blacklist\u002Ffaq\u002F\" rel=\"ugc\">FAQ\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>No need for configuration! Plugin in background redirects referral spammer to blank page ( about:blank ). Redirect link can be altered via filter \u003Ccode>wp_referralblock_redirect_uri\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cp>NO auto update, as we see that as possible as security hole. We do not wan’t Your site to get hacked.\u003C\u002Fp>\n\u003Cp>Plugin is for sites that can’t edit their \u003Ccode>.htaccess\u003C\u002Fcode> or configure NGINX or Apache servers.\u003C\u002Fp>\n\u003Cp>Via \u003Ca href=\"http:\u002F\u002Fgo.mediabox.lv\u002F1LbSuKq\" rel=\"nofollow ugc\">my LinkedIN post\u003C\u002Fa>: Few months ago I started to collect referral spam pages in private file un bitbucket.org. Problem was that I did not know all spammers. Then, few weeks ago, I found that Matomo (Open source analytics) started their own “project”, and they did the same thing I did – collected referral spam sites to block them from Your website.\u003C\u002Fp>\n\u003Cp>On my own server I do that at server level, but some of my clients have hosting, where You can not edit server settings. This week I came up with another solution – WordPress plugin “WP referrer spam blacklist”. I will update list every week from \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmatomo-org\u002Freferrer-spam-blacklist\" rel=\"nofollow ugc\">Matomo’s community-contributed list of spammers\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>If You have WordPress site and no knowledge about or access to server settings, I made that for You!\u003C\u002Fp>\n\u003Cp>From \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FReferer_spam\" rel=\"nofollow ugc\">Wikipedia\u003C\u002Fa>:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>Referrer spam (also known as log spam or referrer \nbombing) is a kind of spamdexing (spamming aimed \nat search engines). The technique involves making \nrepeated web site requests using a fake referer URL \nto the site the spammer wishes to advertise. Sites that \npublish their access logs, including referer statistics, \nwill then inadvertently link back to the spammer's site. \nThese links will be indexed by search engines \nas they crawl the access logs. \n\nThis benefits the spammer because the free link improves \nthe spammer site's search engine ranking owing \nto link-counting algorithms that search engines use.\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Other plugins by author: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fitempropwp\u002F\" rel=\"ugc\">itemprop WP for SERP\u002FSEO Rich snippets\u003C\u002Fa> – Add schema.org itemprop code to the (custom) post content for search engines and bots for better SERP results\u003C\u002Fp>\n","WordPress plugin to fight with 2040+ referrer spammers (like semalt, buttons-for-website and many more).",700,19667,3,"2020-12-27T20:57:00.000Z","5.6.17","4.0",[96,53,97,98,99],"anti-spam","comment-moderation","comment-spam","referral-spam","https:\u002F\u002Fsimplemediacode.com\u002F?utm_source=WPplugin%3Awp-referrer-spam-blacklist&utm_medium=wordpressplugin&utm_campaign=FreeWordPressPlugins&utm_content=v-1.2.201801281","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-referrer-spam-blacklist.1.3.0.zip",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":112,"num_ratings":113,"last_updated":114,"tested_up_to":49,"requires_at_least":73,"requires_php":115,"tags":116,"homepage":117,"download_link":118,"security_score":58,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"comment-blacklist-manager","Comment Blacklist Manager","1.0.1","Andrew Norcross","https:\u002F\u002Fprofiles.wordpress.org\u002Fnorcross\u002F","\u003Cp>Comment Blacklist Manager retrieves a list of terms from a remote source and updates the \u003Ccode>disallowed_keys\u003C\u002Fcode> setting in WordPress. The plugin will automatically fetch a list of terms on a regular schedule and update the contents of the “Disallowed Comment Keys” field. Terms added manually via the “Local Blacklist” field will be retained during the scheduled updates. Terms added manually to the “Excluded Terms” field will be removed from the list.\u003C\u002Fp>\n\u003Cp>The default list of terms is fetched from a \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsplorp\u002Fwordpress-comment-blacklist\u002F\" title=\"Comment Blacklist for WordPress\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa> repository maintained by \u003Ca href=\"https:\u002F\u002Fsplorp.com\u002F\" title=\"Interface considerations. Gadget accumulation. Typography. Scotch.\" rel=\"nofollow ugc\">Grant Hutchinson\u003C\u002Fa>.\u003C\u002Fp>\n","Remotely add terms to the WordPress Disallowed Comment Keys field to manage spam.",600,8186,88,5,"2025-12-13T21:44:00.000Z","7.0",[19,55,22],"https:\u002F\u002Fgithub.com\u002Fnorcross\u002Fcomment-blacklist-manager","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomment-blacklist-manager.1.0.1.zip",{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":127,"downloaded":128,"rating":129,"num_ratings":113,"last_updated":130,"tested_up_to":131,"requires_at_least":50,"requires_php":17,"tags":132,"homepage":134,"download_link":135,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"auto-approve-comments","Auto Approve Comments","2.8","Federico Andrioli","https:\u002F\u002Fprofiles.wordpress.org\u002Ffedeandri\u002F","\u003Cp>Auto approve comments by Commenter (email, name, url), User and Role (Akismet and wpDiscuz compatible).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Usage\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Open Comments -> Auto Approve Comments\u003C\u002Fli>\n\u003Cli>Go to Settings -> Discussion and check “Comment must be manually approved” \u003C\u002Fli>\n\u003Cli>Optionally install and activate Akismet (comments flagged as SPAM will never get auto approved) \u003C\u002Fli>\n\u003Cli>Configure your auto approval filters in “Commenters”, “Users” and “Roles”\u003C\u002Fli>\n\u003Cli>Save and you’re done\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>From now on all the comments that match at least one of the configurations in “Commenters”, “Users” or “Roles” will always be auto approved.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Commenters – example\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Add one Commenter per line, follow the example below:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>tom@myface.com\ntom@myface.com,Tom\ntom@myface.com,www.myface.com\ntom@myface.com,www.myface.com,Tom\ntom@myface.com,Tom,www.myface.com\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Users – example\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Add one Username per line, follow the example below:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>steveknobs76\njeffmezos012\nlarrymage98\nmarktuckerberg2004\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Roles – example\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Add one Role per line, follow the example below:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>contributor\neditor\nyourcustomrole\nsubscriber\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Developers\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Official Github repository:\u003Cbr \u002F>\nhttps:\u002F\u002Fgithub.com\u002Ffedeandri\u002Fauto-approve-comments\u003C\u002Fp>\n","Auto approve comments by Commenter (email, name, url), User and Role (Akismet and wpDiscuz compatible)",200,9999,64,"2021-06-15T12:24:00.000Z","5.8.13",[96,133,55,21],"auto-approve","https:\u002F\u002Fgithub.com\u002Ffedeandri\u002Fauto-approve-comments","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fauto-approve-comments.2.8.zip",{"attackSurface":137,"codeSignals":179,"taintFlows":223,"riskAssessment":261,"analyzedAt":270},{"hooks":138,"ajaxHandlers":165,"restRoutes":175,"shortcodes":176,"cronEvents":177,"entryPointCount":178,"unprotectedCount":13},[139,144,147,150,153,158,161],{"type":140,"name":141,"callback":141,"file":142,"line":143},"action","admin_init","blacklist-keys-manager.php",27,{"type":140,"name":145,"callback":145,"file":142,"line":146},"admin_menu",28,{"type":140,"name":148,"callback":148,"file":142,"line":149},"admin_head",30,{"type":140,"name":151,"callback":151,"file":142,"line":152},"spammed_comment",36,{"type":154,"name":155,"callback":156,"priority":11,"file":142,"line":157},"filter","pre_comment_approved","maxlinks_comment_approved",38,{"type":154,"name":155,"callback":159,"priority":11,"file":142,"line":160},"exblacklist_comment_approved",41,{"type":154,"name":162,"callback":163,"file":142,"line":164},"comments_clauses","all_comments_clauses",310,[166,171],{"action":167,"nopriv":168,"callback":167,"hasNonce":169,"hasCapCheck":168,"file":142,"line":170},"test_exblacklist",false,true,42,{"action":172,"nopriv":168,"callback":173,"hasNonce":169,"hasCapCheck":168,"file":142,"line":174},"upload_white_list_file_for_comment","upload_white_list_files",44,[],[],[],2,{"dangerousFunctions":180,"sqlUsage":181,"outputEscaping":183,"fileOperations":79,"externalRequests":13,"nonceChecks":91,"capabilityChecks":79,"bundledLibraries":222},[],{"prepared":13,"raw":13,"locations":182},[],{"escaped":184,"rawEcho":185,"locations":186},14,17,[187,190,192,194,196,198,200,202,204,206,208,210,212,214,216,218,220],{"file":142,"line":188,"context":189},559,"raw output",{"file":142,"line":191,"context":189},561,{"file":142,"line":193,"context":189},571,{"file":142,"line":195,"context":189},574,{"file":142,"line":197,"context":189},580,{"file":142,"line":199,"context":189},583,{"file":142,"line":201,"context":189},589,{"file":142,"line":203,"context":189},592,{"file":142,"line":205,"context":189},609,{"file":142,"line":207,"context":189},620,{"file":142,"line":209,"context":189},623,{"file":142,"line":211,"context":189},661,{"file":142,"line":213,"context":189},664,{"file":142,"line":215,"context":189},854,{"file":142,"line":217,"context":189},859,{"file":142,"line":219,"context":189},897,{"file":142,"line":221,"context":189},900,[],[224,250],{"entryPoint":225,"graph":226,"unsanitizedCount":13,"severity":249},"properties (blacklist-keys-manager.php:396)",{"nodes":227,"edges":246},[228,233,239,242],{"id":229,"type":230,"label":231,"file":142,"line":232},"n0","source","$_POST (x2)",415,{"id":234,"type":235,"label":236,"file":142,"line":237,"wp_function":238},"n1","sink","update_option() [Settings Manipulation]",427,"update_option",{"id":240,"type":230,"label":231,"file":142,"line":241},"n2",439,{"id":243,"type":235,"label":244,"file":142,"line":188,"wp_function":245},"n3","echo() [XSS]","echo",[247,248],{"from":229,"to":234,"sanitized":169},{"from":240,"to":243,"sanitized":169},"low",{"entryPoint":251,"graph":252,"unsanitizedCount":13,"severity":249},"\u003Cblacklist-keys-manager> (blacklist-keys-manager.php:0)",{"nodes":253,"edges":258},[254,255,256,257],{"id":229,"type":230,"label":231,"file":142,"line":232},{"id":234,"type":235,"label":236,"file":142,"line":237,"wp_function":238},{"id":240,"type":230,"label":231,"file":142,"line":241},{"id":243,"type":235,"label":244,"file":142,"line":188,"wp_function":245},[259,260],{"from":229,"to":234,"sanitized":169},{"from":240,"to":243,"sanitized":169},{"summary":262,"deductions":263},"The \"blacklist-keys-manager\" v1.2.0 plugin exhibits a generally good security posture based on the provided static analysis.  There are no identified critical or high-severity vulnerabilities from taint analysis, and the plugin demonstrates sound practices such as using prepared statements for all SQL queries and performing nonce checks on its entry points. The absence of known CVEs and a clean vulnerability history further contribute to this positive assessment.\n\nHowever, there are areas that warrant attention.  The plugin has a moderate output escaping rate (45%), which indicates a potential risk for cross-site scripting (XSS) vulnerabilities if user-supplied data is not properly sanitized before being rendered in the browser.  While the attack surface is small and appears to be protected by authentication checks, the presence of file operations without further context could introduce risks if not handled with extreme care. The limited number of capability checks is also a potential concern, as it might not sufficiently restrict access to sensitive functionalities.\n\nIn conclusion, \"blacklist-keys-manager\" v1.2.0 is likely safe for use given its current state, but the moderate output escaping and the file operation warrant careful review.  The plugin's lack of past vulnerabilities is a strong indicator of responsible development.  Focusing on improving output escaping and thoroughly auditing the file operation functionality would further strengthen its security.",[264,266,268],{"reason":265,"points":30},"Moderate output escaping (45%)",{"reason":267,"points":113},"Presence of file operations",{"reason":269,"points":47},"Limited capability checks","2026-03-17T00:55:31.997Z",{"wat":272,"direct":281},{"assetPaths":273,"generatorPatterns":276,"scriptPaths":277,"versionParams":278},[274,275],"\u002Fwp-content\u002Fplugins\u002Fblacklist-keys-manager\u002Fjs\u002Fscript.js","\u002Fwp-content\u002Fplugins\u002Fblacklist-keys-manager\u002Fcss\u002Fstyle.css",[],[274],[279,280],"blacklist-keys-manager\u002Fjs\u002Fscript.js?ver=","blacklist-keys-manager\u002Fcss\u002Fstyle.css?ver=",{"cssClasses":282,"htmlComments":287,"htmlAttributes":291,"restEndpoints":293,"jsGlobals":294,"shortcodeOutput":296},[283,284,285,286],"drag-frame","form-table","edit-frame","key-count",[288,289,290],"\u003C!-- clearfix -->","\u003C!-- Hides from IE-mac \\-->","\u003C!-- End hide from IE-mac -->",[292],"data-key-id",[],[295],"blacklist_keys_manager_params",[]]