[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$flRspDsjPagQXNdv0_v-VHa64GGEdyt5GXlKRN_uRXek":3,"$f9RZfiyKMTSA146CVgyiZxvhffI_G3WfvUngpZiibI4E":228,"$fDg2JuSvZKh8PNG4HMsTiyt0tLgFY7hdm8mWzfXAEGxY":233},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"discovery_status":30,"vulnerabilities":31,"developer":32,"crawl_stats":28,"alternatives":39,"analysis":144,"fingerprints":215},"bloat-buster","Bloat Buster – A Simple Plugin To Kill Off Bloat","1.2.1","Alvind","https:\u002F\u002Fprofiles.wordpress.org\u002Falvindcaesar\u002F","\u003Cp>Bloat Buster is a super simple plugin to remove unnecessary bloat from your WordPress site. Just a toggle away and you’re set.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>9 Optimization Features Available:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Remove Emoticon Scripts\u003C\u002Fstrong> – Remove extra code related to emojis from WordPress which was added recently to suport emoticons in an older browser.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Remove Full Site Editing Global Styles\u003C\u002Fstrong> – This will prevent the Full Site Editing global CSS from loading because this script is enabled by default even if you’re not using FSE.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Remove RSD Links\u003C\u002Fstrong> – RSD (Really Simple Discovery) is needed if you intend to use XML-RPC client, pingback, etc. However, if you don’t need pingback or remote client to manage post then you can safely get rid of this unnecessary header.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Remove Shortlink\u003C\u002Fstrong> – Starting from version 3, WordPress added shortlink (shorter link of web page address) in header code. If you’re not using shortlink for any functionality then you can remove them.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable Embed\u003C\u002Fstrong> – WordPress introduced oEmbed features in 4.4 which allows any site to embed WordPress post remotely. Activate this feature to prevent other parties from embedding your blog post and disable loading related JS file.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable XML-RPC\u003C\u002Fstrong> – Activate this option if you don’t use WordPress API (XML-RPC) to publish\u002Fedit\u002Fdelete a post, edit\u002Flist comments, upload file. Having XML-RPC enabled and not hardened properly may lead to DDoS & brute force attacks.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Hide WordPress Version\u003C\u002Fstrong> – This doesn’t help in performance but more to mitigate information leakage vulnerability. By default, WordPress adds meta name generator with the version details which is visible in source code and HTTP header. To remove the WP version, activate this option.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable Heartbeat\u003C\u002Fstrong> – WordPress use heartbeat API to communicate with a browser to a server by frequently calling admin-ajax.php. This may slow down the overall page load time and increase CPU utilization if on shared hosting. If you don’t have a requirement to use heartbeat API, then you can activate this option.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable Dashicons on The Front-end\u003C\u002Fstrong> – Dashicons are utilized in the admin console, and if not using them to load any icons on front-end then you may want to disable it. By activating this option, \u003Ccode>dashicons.min.css\u003C\u002Fcode> will stop loading on front-end.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contribute to Bloat Buster\u003C\u002Fh4>\n\u003Cp>Development for this plugin happens in a public GitHub repository. If you have a suggestion, bug report, patch, or pull request, please feel free to \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Falvindcaesar\u002Fbloat-buster\" rel=\"nofollow ugc\">contribute here\u003C\u002Fa>.\u003C\u002Fp>\n","A super simple plugin to remove unnecessary bloat from your WordPress site.",30,3839,100,2,"2024-01-06T04:49:00.000Z","6.4.8","5.5","7.0",[20,21,22,23],"clean-up","disable","performance-tweak","remove-bloat","https:\u002F\u002Fgithub.com\u002Falvindcaesar\u002Fbloat-buster","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbloat-buster.1.2.1.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":34,"trust_score":37,"computed_at":38},"alvindcaesar",6,130,87,91,"2026-05-20T01:10:44.576Z",[40,59,77,97,121],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":13,"num_ratings":34,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":53,"download_link":58,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"disable-everything","Disable Everything","0.4.1","dessky","https:\u002F\u002Fprofiles.wordpress.org\u002Fdessky\u002F","\u003Cp>Do you know what is better for a website performance then installing a good caching plugin and getting more expensive hosting?\u003C\u002Fp>\n\u003Ch3>Not to load bloat in the first place!\u003C\u002Fh3>\n\u003Cp>This lightweight plugin is meant to do just that.\u003C\u002Fp>\n\u003Cp>With this All-in-One plugin you can simply disable any feature that you do not use with one click.\u003C\u002Fp>\n\u003Cp>If you change your mind and want feature back you can always re-enable it later.\u003C\u002Fp>\n\u003Cp>You can also chose any combo of features that you do not want and make a custom selection for disabling.\u003C\u002Fp>\n\u003Ch3>Disable All of the Comments\u003C\u002Fh3>\n\u003Cp>\u003Cem>(PRO version only)\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>If you are sick of SPAM or you do not need Comment Section so much then Disable them Completely with this one lightweight plugin.\u003C\u002Fp>\n\u003Ch3>Having Too Many Plugins Can Hurt Your Website\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>Installing and activating numerous plugins on your website can affect your page load time and the performance of your site as a whole.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Plugin conflicts can result in slow-loading pages, error messages, or broken functionality. Ultimately, a plugin conflict can cause a website to crash.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Security risks. The more plugins you install, the greater the risk that you’ll download one with a security vulnerability.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Learning curves. Each plugin’s dashboard or settings interface is different and the time required to learn how to take advantage of each plugin quickly adds up. Plus, there’s often maintenance involved to ensure that each one functions properly.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>With this All-in-One plugin you can forget installation of one plugin for each feature that you want to disable.\u003C\u002Fh3>\n\u003Cp>There are simply way too many of those in WordPress and you really do not want to have bunch of plugins hogging server resources just for that.\u003C\u002Fp>\n\u003Ch3>Following features are currently included for disabling\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Free Version:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>User-Enumeration\u003C\u002Fli>\n\u003Cli>Author Archives\u003C\u002Fli>\n\u003Cli>capital_P_dangit\u003C\u002Fli>\n\u003Cli>Screen options and help\u003C\u002Fli>\n\u003Cli>Howdy in adminbar\u003C\u002Fli>\n\u003Cli>Navigation items in adminbar\u003C\u002Fli>\n\u003Cli>Clean Dashboard\u003C\u002Fli>\n\u003Cli>Emojis\u003C\u002Fli>\n\u003Cli>Embed Objects\u003C\u002Fli>\n\u003Cli>Dashicons\u003C\u002Fli>\n\u003Cli>Heartbeat\u003C\u002Fli>\n\u003Cli>XML-RPC + Pingback\u003C\u002Fli>\n\u003Cli>Generator\u003C\u002Fli>\n\u003Cli>WLW Manifest\u003C\u002Fli>\n\u003Cli>Really Simple Discovery\u003C\u002Fli>\n\u003Cli>Short Link\u003C\u002Fli>\n\u003Cli>RSS Feeds\u003C\u002Fli>\n\u003Cli>REST API\u003C\u002Fli>\n\u003Cli>Block Library\u003C\u002Fli>\n\u003Cli>Application Passwords\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>NEW Features that you can disable:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Privacy Tools\u003C\u002Fli>\n\u003Cli>Site Health page\u003C\u002Fli>\n\u003Cli>adjacent_posts links in the header\u003C\u002Fli>\n\u003Cli>Version var (?ver=) after styles and scripts.\u003C\u002Fli>\n\u003Cli>PDF Thumbnails\u003C\u002Fli>\n\u003Cli>Empty Trash (period is shortened to 1 week)\u003C\u002Fli>\n\u003Cli>Plugin and Theme Editor\u003C\u002Fli>\n\u003Cli>oEmbed\u003C\u002Fli>\n\u003Cli>Remote Block Patterns\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>PRO Version:\u003C\u002Fstrong> \u003Cem>(yeah we know it sucks but this plugin needs to be supported somehow)\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Comments\u003C\u002Fli>\n\u003Cli>WP Updates\u003C\u002Fli>\n\u003Cli>Auto-update Email Notifications for Themes and Plugins\u003C\u002Fli>\n\u003Cli>Post Revisions\u003C\u002Fli>\n\u003Cli>Search\u003C\u002Fli>\n\u003Cli>WP Login Logo and Favicon\u003C\u002Fli>\n\u003Cli>Administration Email Verification Prompt\u003C\u002Fli>\n\u003Cli>Lazy Loading\u003C\u002Fli>\n\u003Cli>Yoast SEO Bloat\u003C\u002Fli>\n\u003Cli>WooCommerce Bloat\u003C\u002Fli>\n\u003Cli>Right Click\u003C\u002Fli>\n\u003Cli>Admin Footer\u003C\u002Fli>\n\u003Cli>Elementor Bloat\u003C\u002Fli>\n\u003Cli>Jetpack Promotions\u003C\u002Fli>\n\u003Cli>Contact Form 7 Bloat\u003C\u002Fli>\n\u003Cli>Autoptimize Toolbar\u003C\u002Fli>\n\u003Cli>W3 Total Cache HTML Footer Comments\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fdiscuss.dessky.org\u002Ft\u002Fdisable-everything\" rel=\"nofollow ugc\">Join Our Open Community\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Dessky Team does not provide support for the Disable Everything on the WordPress.org forums. In order to get support from a Dessky Team or make a suggestion you will have to \u003Ca href=\"https:\u002F\u002Fdiscuss.dessky.org\u002Ft\u002Fdisable-everything\" rel=\"nofollow ugc\">Start a Discussion\u003C\u002Fa> here.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fdiscuss.dessky.org\u002Ft\u002Fdisable-everything\" rel=\"nofollow ugc\">DISCUSS WITH THE DESSKY TEAM\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fdiscuss.dessky.org\u002Ft\u002Fdisable-everything\" rel=\"nofollow ugc\">JOIN OUR OPEN COMMUNITY\u003C\u002Fa>: The purpose of this open community is to have a collective place where the community can help each other, and we can get some feedback to improve Disable Everything as well. Joining the community is also a great way to connect with like-minded people and share your experience.\u003C\u002Fp>\n\u003Cp>You can also \u003Ca href=\"https:\u002F\u002Fdessky.me\u002F\" rel=\"nofollow ugc\">GET THE PREMIUM SUPPORT\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>I have further questions, how do I contact you?\u003C\u002Fp>\n\u003Cp>Please fill up the \u003Ca href=\"https:\u002F\u002Fdessky.com\u002Fcontact\u002F\" rel=\"nofollow ugc\">contact form\u003C\u002Fa> here and we would be more than happy to assist.\u003C\u002Fp>\n","Greatly Improve Performance by Disabling All Unnecessary Features. All with this One lightweight plugin.",20000,49847,"2026-03-24T13:21:00.000Z","6.9.4","3.9","",[55,21,56,23,57],"bloat","remove","unbloat","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-everything.0.4.1.zip",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":13,"num_ratings":14,"last_updated":69,"tested_up_to":51,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":53,"download_link":76,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"disable-global-style","Disable Global Style","1.0.1","Jose Mortellaro","https:\u002F\u002Fprofiles.wordpress.org\u002Fgiuse\u002F","\u003Cp>It disables the global style inlined by WordPress since WP 5.9. It also removes the duotone SVGs added after the opening body tag.\u003C\u002Fp>\n\u003Cp>Even if you don’t use the full site editing, since WordPress 5.9 you will have an inlined style and some duotone SVGs added by the core on all the pages of your website.\u003C\u002Fp>\n\u003Cp>The global inlined style is not enormous, but it’s also not very little. Around 5 kB added to the document may make a difference if your document is already heavy.\u003C\u002Fp>\n\u003Cp>Moreover, why should your page have this style if you don’t need it?\u003C\u002Fp>\n\u003Cp>Activate Disable Global Style and you will get rid of it.\u003C\u002Fp>\n\u003Ch3>How to disable the global style added by WordPress since v. 5.9\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Install Disable Global Style\u003C\u002Fli>\n\u003Cli>Done\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>No settings needed for this plugin. Just activate it and that’s it.\u003C\u002Fp>\n\u003Ch3>How to check that the global style is not inlined\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Disable the plugin\u003C\u002Fli>\n\u003Cli>Load a page of your website\u003C\u002Fli>\n\u003Cli>Inspect elements (right-click => Inspect Elements)\u003C\u002Fli>\n\u003Cli>Search for “global-style-inline-css”\u003C\u002Fli>\n\u003Cli>Activate the plugin\u003C\u002Fli>\n\u003Cli>Search again “global-style-inline-css”\u003C\u002Fli>\n\u003Cli>If you find “global-style-inline-css” when the plugin is not active, but you don’t find it when the plugin is active, it means that it works\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Clear the cache if any before to check.\u003C\u002Fp>\n\u003Ch3>Backend Speed Optimization\u003C\u002Fh3>\n\u003Cp>Is your dashboard slow? We optimize admin performance by improving queries and reducing plugin load.\u003Cbr \u002F>\nRead \u003Ca href=\"https:\u002F\u002Fjosemortellaro.com\u002Fbackend-speed-optimization\u002F\" rel=\"nofollow ugc\">Backend Speed Optimization Service\u003C\u002Fa> for more information.\u003C\u002Fp>\n","It disables the global style inlined by WordPress since WP 5.9.",500,3419,"2025-12-10T09:23:00.000Z","4.6","5.6",[20,73,74,21,75],"cleanup","deactivate","style","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-global-style.1.0.1.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":87,"num_ratings":88,"last_updated":89,"tested_up_to":51,"requires_at_least":90,"requires_php":71,"tags":91,"homepage":95,"download_link":96,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"classic-widgets","Classic Widgets","0.3","Tonya Mork","https:\u002F\u002Fprofiles.wordpress.org\u002Fhellofromtonya\u002F","\u003Cp>Classic Widgets is an official plugin maintained by the WordPress team that restores the previous (“classic”) WordPress widgets settings screens. It will be supported and maintained to 2024, or as long as is necessary.\u003C\u002Fp>\n\u003Cp>Once activated and when using a classic (non-block) theme, this plugin restores the previous widgets settings screens and disables the block editor from managing widgets. There is no other configuration, the classic widgets settings screens are enabled or disabled by either enabling or disabling this plugin.\u003C\u002Fp>\n","Enables the previous \"classic\" widgets settings screens in Appearance - Widgets and the Customizer. Disables the block editor from managing widgets.",2000000,7280667,98,265,"2025-12-08T10:52:00.000Z","4.9",[78,21,92,93,94],"disable-gutenberg","editor","gutenberg","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fclassic-widgets\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclassic-widgets.0.3.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":107,"num_ratings":108,"last_updated":109,"tested_up_to":51,"requires_at_least":110,"requires_php":18,"tags":111,"homepage":116,"download_link":117,"security_score":118,"vuln_count":119,"unpatched_count":27,"last_vuln_date":120,"fetched_at":29},"disable-comments","Disable Comments – Remove Comments & Stop Spam [Multi-Site Support]","2.7.0","WPDeveloper","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpdevteam\u002F","\u003Ch4>Disable Comments – Remove Comments & Stop Spam [Multi-Site Support]\u003C\u002Fh4>\n\u003Cp>Enable\u002FDisable comments on any WordPress content (Pages, Posts, or Media) to stop spammers. WP-CLI, XML-RPC & REST-API support to stop spam comments.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002Fplugins\u002Fdisable-comments\u002F\" rel=\"nofollow ugc\">More About Plugin\u003C\u002Fa> ◼️ \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002Fdocs-category\u002Fdisable-comments\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> ◼️ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fdisable-comments\u002F\" rel=\"ugc\">Support Forum\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FEpuYs9Nf_nY?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Take Global Control Over Your WordPress Site\u003C\u002Fh3>\n\u003Cp>Override all comments-related settings throughout your website & manage your comments just the way you want.\u003C\u002Fp>\n\u003Ch3>Disable Comments On Posts, Pages & Media\u003C\u002Fh3>\n\u003Cp>Choose which posts, pages or media should allow comments from site visitors & configure Disable Comments accordingly\u003C\u002Fp>\n\u003Ch3>Disallow Comments On Multi-Site Network\u003C\u002Fh3>\n\u003Cp>Have multiple websites? Get rid of irrelevant comments on the entire network using Disable Comments Plugin\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FJ9AteKzQpPs?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>KEY FEATURES OF DISABLE COMMENTS\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>All “Comments” links are hidden from the Admin Menu and Admin Bar.\u003C\u002Fli>\n\u003Cli>All comment-related sections (“Recent Comments”, “Discussion” etc.) are hidden from the WordPress Dashboard.\u003C\u002Fli>\n\u003Cli>All comment-related widgets are disabled (so your theme cannot use them).\u003C\u002Fli>\n\u003Cli>The “Discussion” settings page is hidden.\u003C\u002Fli>\n\u003Cli>All comment RSS\u002FAtom feeds are disabled (and requests for these will be redirected to the parent post).\u003C\u002Fli>\n\u003Cli>The X-Pingback HTTP header is removed from all pages.\u003C\u002Fli>\n\u003Cli>Outgoing pingbacks are disabled.\u003C\u002Fli>\n\u003Cli>Stop spam comments entirely from the site with one click.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>[New]\u003C\u002Fstrong> Delete comments by type.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>[New]\u003C\u002Fstrong> Disable comments via \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002Fdocs\u002Fhow-to-disable-comments-made-via-xml-rpc\u002F\" rel=\"nofollow ugc\">XML-RPC\u003C\u002Fa> & \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002Fdocs\u002Fhow-to-disable-comments-made-via-rest-api\u002F\" rel=\"nofollow ugc\">REST-API\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>[New]\u003C\u002Fstrong> Fully Multi-site Network supported.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>[New]\u003C\u002Fstrong> Manage multiple website network-specific subsites or entire network comments in advance.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>[New]\u003C\u002Fstrong> Exclude Disable Comments Settings based on user roles.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FFBq3-W-p-DM?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>Please delete any existing comments on your site \u003Cstrong>before applying this setting\u003C\u002Fstrong>, otherwise (depending on your theme) those comments may still be displayed to visitors. You can use the \u003Cstrong>Delete Comments tool\u003C\u002Fstrong> to delete any existing comments on your site.\u003C\u002Fp>\n\u003Ch3>🌟 WHAT’S NEW WITH DISABLE COMMENTS 2.0\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>AMAZING USER FRIENDLY INTERFACE\u003C\u002Fstrong>\u003Cbr \u002F>\nEasily configure your comment-related settings with an amazing and attractive app-like user interface.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WP-CLI COMMANDS TO DISABLE COMMENTS\u003C\u002Fstrong>\u003Cbr \u002F>\nUse \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002Fdocs\u002Fhow-to-use-disable-comments-plugin-with-wp-cli-command-line\u002F\" rel=\"nofollow ugc\">WP-CLI\u003C\u002Fa> control for comment-related settings to disable comments on posts, pages, attachments or everywhere on your website.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fmzi5uhKB9Zk?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>GET STARTED WITH QUICK SETUP WIZARD\u003C\u002Fstrong>\u003Cbr \u002F>\nUse the quick setup wizard after activating the plugin to instantly configure comment-related settings for your WordPress website.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>DISABLE COMMENTS ON DOCS\u003C\u002Fstrong>\u003Cbr \u002F>\nInstantly disable comments on your documentation pages or WordPress knowledge base with a single click.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Ft7BQ-7A4y4s?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>DELETE CERTAIN COMMENT TYPE(S)\u003C\u002Fstrong>\u003Cbr \u002F>\nPermanently delete certain comment types from your WordPress website including WooCommerce product reviews as well as generic comments.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FIzm_ihC-z10?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>DISABLE COMMENTS VIA XML-RPC And REST API\u003C\u002Fstrong>\u003Cbr \u002F>\nBlock any comments made on your WordPress website via XML-RPC specification and REST API.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important note\u003C\u002Fstrong>: Use this plugin if you don’t want comments at all on your site (or on certain post types). Don’t use it if you want to selectively disable comments on individual posts – WordPress lets you do that anyway. If you don’t know how to disable comments on individual posts, there are instructions in \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisable-comments\u002F#faq\" rel=\"ugc\">the FAQ\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you come across any bugs or have suggestions, please use the plugin support forum. I can’t fix it if I don’t know it’s broken! Please check the \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisable-comments\u002F#faq\" rel=\"ugc\">FAQ\u003C\u002Fa>\u003C\u002Fstrong> for common issues.\u003C\u002Fp>\n\u003Cp>Want to contribute? Here’s the \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FWPDevelopers\u002Fdisable-comments\" rel=\"nofollow ugc\">GitHub development repository\u003C\u002Fa>\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>A \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FWPDevelopers\u002Fdisable-comments-mu\" rel=\"nofollow ugc\">must-use version\u003C\u002Fa> of the plugin is also available.\u003C\u002Fp>\n\u003Ch3>Advanced Configuration\u003C\u002Fh3>\n\u003Cp>Some of the plugin’s behavior can be modified by site administrators and plugin\u002Ftheme developers through code:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Define \u003Ccode>DISABLE_COMMENTS_REMOVE_COMMENTS_TEMPLATE\u003C\u002Fcode> and set it to \u003Ccode>false\u003C\u002Fcode> to prevent the plugin from replacing the theme’s comment template with an empty one.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Define \u003Ccode>DISABLE_COMMENTS_ALLOW_DISCUSSION_SETTINGS\u003C\u002Fcode> and set it to \u003Ccode>true\u003C\u002Fcode> to prevent the plugin from hiding the Discussion settings page.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>These definitions can be made either in your main \u003Ccode>wp-config.php\u003C\u002Fcode> or in your theme’s \u003Ccode>functions.php\u003C\u002Fcode> file.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>THIS PLUGIN IS NOW MAINTAINED BY THE TEAM\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002F\" rel=\"nofollow ugc\">WPDeveloper\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>💙 LOVED DISABLE COMMENTS?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>For documentation and tutorials go to our \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002Fdocs-category\u002Fdisable-comments\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>For video tutorials go to our \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=J9AteKzQpPs&list=PLWHp1xKHCfxD2_xOIR5dMAGf3wd4hv-8K\" rel=\"nofollow ugc\">YouTube Playlist\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Join our \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fgroups\u002Fwpdeveloper.net\u002F\" rel=\"nofollow ugc\">Facebook Group\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>If you love Disable Comments, \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fdisable-comments\u002Freviews\u002F?filter=5\" rel=\"ugc\">rate us on WordPress\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>For more information about features, FAQs, and documentation, check out our website at \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002Fplugins\u002Fdisable-comments\u002F\" rel=\"nofollow ugc\">Disable Comments\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔥 GET FREEBIES FOR YOUR WORDPRESS SITE\u003C\u002Fh3>\n\u003Cp>Consider checking out our other WordPress solutions & boost your WordPress website:\u003C\u002Fp>\n\u003Cp>🔝 \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fessential-addons-for-elementor-lite\u002F\" rel=\"ugc\">Essential Addons For Elementor\u003C\u002Fa>: Most popular Elementor addons with 2 million+ happy users & 95+ widgets & ready blocks\u003C\u002Fp>\n\u003Cp>🔔 \u003Ca href=\"https:\u002F\u002Fnotificationx.com\u002F\" rel=\"nofollow ugc\">NotificationX\u003C\u002Fa> – Best Social Proof & FOMO Marketing Solution to increase conversion rates.\u003C\u002Fp>\n\u003Cp>🔗 \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbetterlinks\u002F\" rel=\"ugc\">BetterLinks\u003C\u002Fa>: Latest best WordPress link management plugin for link shortening, tracking & analyzing.\u003C\u002Fp>\n\u003Cp>📄 \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fembedpress\u002F\" rel=\"ugc\">EmbedPress\u003C\u002Fa>: EmbedPress lets you embed anything including videos, images, posts, audio, maps and upload PDF, DOC, PPT etc.\u003C\u002Fp>\n\u003Cp>☁ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftemplately\u002F\" rel=\"ugc\">Templately\u003C\u002Fa>: 6000+ Free templates library for Elementor & Gutenberg along with the cloud collaboration for WordPress.\u003C\u002Fp>\n\u003Cp>📚 \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbetterdocs\u002F\" rel=\"ugc\">BetterDocs\u003C\u002Fa>: Best Documentation & Knowledge Base Plugin for WordPress reduce manual support tickets & improve user experience.\u003C\u002Fp>\n\u003Cp>⏰ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-scheduled-posts\u002F\" rel=\"ugc\">SchedulePress\u003C\u002Fa>: Advanced editorial calendar with WordPress Post Scheduling, Social Sharing, Missed scheduled alerts, and more.\u003C\u002Fp>\n\u003Cp>⚡ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fthemes\u002Fflexia\u002F\" rel=\"ugc\">Flexia\u003C\u002Fa>: Most lightweight, customizable & multi purpose theme for WordPress.\u003C\u002Fp>\n\u003Cp>Visit \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002F\" rel=\"nofollow ugc\">WPDeveloper\u003C\u002Fa> to learn more about how to do better in WordPress with \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002Fblog\" rel=\"nofollow ugc\">Help Tutorial, Tips & Tricks\u003C\u002Fa>.\u003C\u002Fp>\n","Allows administrators to globally disable comments on their site. Comments can be disabled according to post type. Multisite friendly.",1000000,32413639,94,278,"2026-04-05T06:41:00.000Z","5.0",[112,98,113,114,115],"delete-comments","remove-comments","spam-protection","stop-spam","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisable-comments\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-comments.2.7.0.zip",99,1,"2014-08-01 00:00:00",{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":129,"downloaded":130,"rating":131,"num_ratings":132,"last_updated":133,"tested_up_to":18,"requires_at_least":134,"requires_php":71,"tags":135,"homepage":141,"download_link":142,"security_score":13,"vuln_count":119,"unpatched_count":27,"last_vuln_date":143,"fetched_at":29},"stops-core-theme-and-plugin-updates","Easy Updates Manager","9.0.20","David Anderson \u002F Team Updraft","https:\u002F\u002Fprofiles.wordpress.org\u002Fdavidanderson\u002F","\u003Cp>Easy Updates Manager is a light yet powerful plugin that allows you to manage all kinds of update- both on your single site install, or in WordPress Multisite. With a huge number of settings for endless configuration, Easy Updates Manager is an obvious choice for anyone wanting to take control of their website updates.\u003C\u002Fp>\n\u003Cp>\u003Ciframe loading=\"lazy\" title=\"Easy Updates Manager Overview\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F288535460?dnt=1&app_id=122963\" width=\"750\" height=\"422\" frameborder=\"0\" allow=\"autoplay; fullscreen; picture-in-picture; clipboard-write\">\u003C\u002Fiframe>\u003C\u002Fp>\n\u003Ch4>Free Features Include\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Disable all updates with one click\u003C\u002Fli>\n\u003Cli>Enable automatic updates with one click\u003C\u002Fli>\n\u003Cli>Deeply customize your automatic update settings\u003C\u002Fli>\n\u003Cli>Use logs to determine what and when something is updated\u003C\u002Fli>\n\u003Cli>Hide plugin and theme updates (if custom developed)\u003C\u002Fli>\n\u003Cli>Select which plugins and themes can be automatically updated\u003C\u002Fli>\n\u003Cli>Disable core, plugin, theme, and translation updates\u003C\u002Fli>\n\u003Cli>Force Updates to check that automatic updates are working\u003C\u002Fli>\n\u003Cli>Integrate with \u003Ca href=\"https:\u002F\u002Fupdraftplus.com\u002F\" rel=\"nofollow ugc\">UpdraftPlus\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Configure email notification settings\u003C\u002Fli>\n\u003Cli>And much more…\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Go Premium\u003C\u002Fh4>\n\u003Cp>Visit \u003Ca href=\"https:\u002F\u002Feasyupdatesmanager.com\" rel=\"nofollow ugc\">easyupdatesmanager.com\u003C\u002Fa> to upgrade to our premium features.\u003C\u002Fp>\n\u003Cp>\u003Ciframe loading=\"lazy\" title=\"Easy Updates Manager Premium\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F289883791?dnt=1&app_id=122963\" width=\"750\" height=\"422\" frameborder=\"0\" allow=\"autoplay; fullscreen; picture-in-picture; clipboard-write\">\u003C\u002Fiframe>\u003C\u002Fp>\n\u003Cp>Premium features include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Safe mode: ensures updates are compatible with your WordPress version and your server’s PHP version\u003C\u002Fli>\n\u003Cli>Schedule for automatic updates: runs the updates when you want them to avoid any downtime\u003C\u002Fli>\n\u003Cli>External logging – Get alerts when new updates have been logged\u003C\u002Fli>\n\u003Cli>Anonymization – Control what is sent to the WordPress API\u003C\u002Fli>\n\u003Cli>Delayed updates – Delay automatic updates in the case of hotfixes and frequent releases\u003C\u002Fli>\n\u003Cli>Auto backups: integrates with \u003Ca href=\"https:\u002F\u002Fupdraftplus.com\u002F\" rel=\"nofollow ugc\">UpdraftPlus\u003C\u002Fa> and take a backup before your site is updated\u003C\u002Fli>\n\u003Cli>UpdraftCentral: fully integrates with \u003Ca href=\"https:\u002F\u002Fupdraftplus.com\u002Fupdraftcentral\u002F\" rel=\"nofollow ugc\">UpdraftCentral\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Log clearing schedule: keeps your logs table under control and deletes entries according to your own schedule\u003C\u002Fli>\n\u003Cli>Import\u002FExport settings: exports your settings from one site to another for quick configuration\u003C\u002Fli>\n\u003Cli>Email notification of updates: gives you weekly or monthly reports of pending updates \u003C\u002Fli>\n\u003Cli>White label: disables notices and customizes what the client sees\u003C\u002Fli>\n\u003Cli>Check plugins: runs a check of plugins that have been removed from the WordPress Plugin Directory\u003C\u002Fli>\n\u003Cli>Webhook: integrates with third-party services to run automatic updates via cron or even Zapier\u003C\u002Fli>\n\u003Cli>Export logs: exports logs for printing, or downloads a CSV or JSON file for a date range\u003C\u002Fli>\n\u003Cli>Version control protection: prevent updates from occurring to plugins and themes under version control\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cblockquote>\n\u003Cp>For more information on Easy Updates Manager Premium, \u003Ca href=\"https:\u002F\u002Feasyupdatesmanager.com\" rel=\"nofollow ugc\">check out our website at easyupdatesmanager.com\u003C\u002Fa>.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cp>If you want to contribute to the translation, \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fstops-core-theme-and-plugin-updates\" rel=\"nofollow ugc\">please visit our translation section\u003C\u002Fa>. We appreciate all the translation help we can get.\u003C\u002Fp>\n","Manage all your WordPress updates, including individual updates, automatic updates, logs, and loads more. This also works very well with WordPress Mul &hellip;",300000,7720887,96,722,"2026-03-25T10:41:00.000Z","5.1",[136,137,138,139,140],"disable-updates","disable-updates-manager","easy-updates-manager","update-control","updates-manager","https:\u002F\u002Feasyupdatesmanager.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fstops-core-theme-and-plugin-updates.9.0.20.zip","2019-03-28 00:00:00",{"attackSurface":145,"codeSignals":191,"taintFlows":205,"riskAssessment":206,"analyzedAt":214},{"hooks":146,"ajaxHandlers":187,"restRoutes":188,"shortcodes":189,"cronEvents":190,"entryPointCount":27,"unprotectedCount":27},[147,153,158,163,166,170,174,178,183],{"type":148,"name":149,"callback":150,"file":151,"line":152},"action","admin_menu","add_options_link","src\u002FPages\u002FAdmin.php",17,{"type":148,"name":154,"callback":155,"file":156,"line":157},"admin_post_export_settings","export_settings","src\u002FPages\u002FSettings\u002FExport.php",9,{"type":148,"name":159,"callback":160,"file":161,"line":162},"admin_post_import_settings","import_settings","src\u002FPages\u002FSettings\u002FImport.php",16,{"type":148,"name":164,"callback":165,"file":161,"line":152},"admin_notices","success_notices",{"type":148,"name":167,"callback":168,"file":169,"line":157},"init","setting_options","src\u002FPages\u002FSettings\u002FOptions.php",{"type":148,"name":171,"callback":172,"file":169,"line":173},"wp_footer","disable_embed",10,{"type":148,"name":175,"callback":176,"file":169,"line":177},"wp_enqueue_scripts","dequeue_dashicon",11,{"type":179,"name":180,"callback":181,"file":169,"line":182},"filter","xmlrpc_enabled","__return_false",38,{"type":148,"name":184,"callback":185,"file":186,"line":157},"admin_init","register_setting","src\u002FPages\u002FSettings\u002FRegister.php",[],[],[],[],{"dangerousFunctions":192,"sqlUsage":193,"outputEscaping":195,"fileOperations":119,"externalRequests":27,"nonceChecks":14,"capabilityChecks":196,"bundledLibraries":204},[],{"prepared":27,"raw":27,"locations":194},[],{"escaped":27,"rawEcho":196,"locations":197},3,[198,201,203],{"file":199,"line":14,"context":200},"includes\u002Fpartials\u002Fexport-form.php","raw output",{"file":202,"line":14,"context":200},"includes\u002Fpartials\u002Fimport-form.php",{"file":156,"line":11,"context":200},[],[],{"summary":207,"deductions":208},"The \"bloat-buster\" plugin v1.2.1 exhibits a generally strong security posture based on the static analysis provided. The absence of any AJAX handlers, REST API routes, shortcodes, or cron events significantly limits its attack surface. The code also demonstrates good practices by using prepared statements for all SQL queries and including nonce and capability checks. The lack of any recorded vulnerabilities in its history is a positive indicator of its past security performance.\n\nHowever, a significant concern arises from the output escaping. With 3 total outputs and 0% properly escaped, this presents a clear risk of Cross-Site Scripting (XSS) vulnerabilities. Any user-controlled data that is displayed back to the user without proper sanitization could be exploited. While the taint analysis shows no unsanitized paths, this is likely due to the limited scope of the analysis or the lack of complex data flows within the plugin. The single file operation also warrants attention; depending on its purpose and how it handles user input, it could introduce security risks.\n\nIn conclusion, while \"bloat-buster\" v1.2.1 has a small attack surface and good internal security practices like prepared statements and checks, the complete lack of output escaping is a critical weakness. This single issue overshadows the other positive aspects and requires immediate attention to prevent potential XSS attacks. The file operation also needs a closer review.",[209,212],{"reason":210,"points":211},"Output escaping is not properly handled",8,{"reason":213,"points":14},"File operations present a potential risk","2026-04-16T11:22:05.213Z",{"wat":216,"direct":221},{"assetPaths":217,"generatorPatterns":218,"scriptPaths":219,"versionParams":220},[],[],[],[],{"cssClasses":222,"htmlComments":223,"htmlAttributes":224,"restEndpoints":225,"jsGlobals":226,"shortcodeOutput":227},[],[],[],[],[],[],{"error":229,"url":230,"statusCode":231,"statusMessage":232,"message":232},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fbloat-buster\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":234,"versions":235},7,[236,242,249,256,263,270,277],{"version":6,"download_url":25,"svn_tag_url":237,"released_at":28,"has_diff":238,"diff_files_changed":239,"diff_lines":28,"trac_diff_url":240,"vulnerabilities":241,"is_current":229},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbloat-buster\u002Ftags\u002F1.2.1\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbloat-buster%2Ftags%2F1.2&new_path=%2Fbloat-buster%2Ftags%2F1.2.1",[],{"version":243,"download_url":244,"svn_tag_url":245,"released_at":28,"has_diff":238,"diff_files_changed":246,"diff_lines":28,"trac_diff_url":247,"vulnerabilities":248,"is_current":238},"1.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbloat-buster.1.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbloat-buster\u002Ftags\u002F1.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbloat-buster%2Ftags%2F1.1.2.1&new_path=%2Fbloat-buster%2Ftags%2F1.2",[],{"version":250,"download_url":251,"svn_tag_url":252,"released_at":28,"has_diff":238,"diff_files_changed":253,"diff_lines":28,"trac_diff_url":254,"vulnerabilities":255,"is_current":238},"1.1.2.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbloat-buster.1.1.2.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbloat-buster\u002Ftags\u002F1.1.2.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbloat-buster%2Ftags%2F1.1.2&new_path=%2Fbloat-buster%2Ftags%2F1.1.2.1",[],{"version":257,"download_url":258,"svn_tag_url":259,"released_at":28,"has_diff":238,"diff_files_changed":260,"diff_lines":28,"trac_diff_url":261,"vulnerabilities":262,"is_current":238},"1.1.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbloat-buster.1.1.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbloat-buster\u002Ftags\u002F1.1.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbloat-buster%2Ftags%2F1.1.1&new_path=%2Fbloat-buster%2Ftags%2F1.1.2",[],{"version":264,"download_url":265,"svn_tag_url":266,"released_at":28,"has_diff":238,"diff_files_changed":267,"diff_lines":28,"trac_diff_url":268,"vulnerabilities":269,"is_current":238},"1.1.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbloat-buster.1.1.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbloat-buster\u002Ftags\u002F1.1.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbloat-buster%2Ftags%2F1.1&new_path=%2Fbloat-buster%2Ftags%2F1.1.1",[],{"version":271,"download_url":272,"svn_tag_url":273,"released_at":28,"has_diff":238,"diff_files_changed":274,"diff_lines":28,"trac_diff_url":275,"vulnerabilities":276,"is_current":238},"1.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbloat-buster.1.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbloat-buster\u002Ftags\u002F1.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbloat-buster%2Ftags%2F1.0&new_path=%2Fbloat-buster%2Ftags%2F1.1",[],{"version":278,"download_url":279,"svn_tag_url":280,"released_at":28,"has_diff":238,"diff_files_changed":281,"diff_lines":28,"trac_diff_url":28,"vulnerabilities":282,"is_current":238},"1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbloat-buster.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbloat-buster\u002Ftags\u002F1.0\u002F",[],[]]