[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fSJHvlhYrCDVEDskRheo8IQohYdMd2bLmtfoLaYlL8H0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":39,"analysis":143,"fingerprints":347},"comment-notifier-no-spammers","Lightweight Subscribe To Comments","1.5.8","isabel104","https:\u002F\u002Fprofiles.wordpress.org\u002Fisabel104\u002F","\u003Cp>This simply adds a subscription checkbox to your WordPress comments form to let your visitors subscribe to comments. They will then be notified by email when others comment on the same post. Works automatically upon activation, no settings required.\u003C\u002Fp>\n\u003Cp>This plugin focuses on a lightweight footprint and fastest pagespeed. No scripts are added. It simply just works upon activation. All settings are optional.\u003C\u002Fp>\n\u003Ch4>Easily Switch From Other Comments Subscription Plugins\u003C\u002Fh4>\n\u003Cp>Your subscribers will be imported for an easy switch from the following listed plugins. This is done automatically upon activation. Your comment subscribers will be migrated from these plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>“Subscribe To Comments” plugin\u003C\u002Fli>\n\u003Cli>“Subscribe To Comments Reloaded” plugin\u003C\u002Fli>\n\u003Cli>“Comment Notifier” plugin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Optional Settings\u003C\u002Fstrong> include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>You can unsubscribe people, if you wish.\u003C\u002Fli>\n\u003Cli>You can customize the notification emails.\u003C\u002Fli>\n\u003Cli>Set a custom “Unsubscribe Page” URL or unsubscribe message.\u003C\u002Fli>\n\u003Cli>Send a “Thank You” message for first time commentators.\u003C\u002Fli>\n\u003Cli>Send a copy of EACH notification to emails of your choice.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Special Condition For “Comment Notifier” Plugin Users:\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>“Lightweight Subscribe to Comments” fixes a major problem with the “Comment Notifier” plugin:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>In particular, “Lightweight Subscribe to Comments” fixes \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fremove-subscribed-emails-whose-comments-are-trashedmarked-as-spam\" rel=\"ugc\">this problem\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Lightweight Subscribe to Comments will not subscribe spammers while their comment is pending moderation. Only approved comments will be subscribed. Comments authors in moderation will only be subscribed if, and when, you approve their comment.\u003C\u002Fp>\n\u003Cp>The problem is that “Comment Notifier” plugin subscribes the email address as soon as the submitted comment goes into moderation. This means that spammers get added to the list of subscribers, immediately. Later, when you delete the spam comments, the spammer’s email remains in the list of subscribers.\u003C\u002Fp>\n\u003Cp>You could have hundreds, even thousands, of spammer email addresses in that list. Then, when you approve a legit comment, your server sends out emails to all of the post subscribers (including spammers), which can cause server overload, among other problems.\u003C\u002Fp>\n\u003Cp>This plugin fixes that by ignoring comments in moderation until they are approved by you. This means less load on your server.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Bonus Clean Up For “Comment Notifier” Plugin Users:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin removes spammers from your “Comment Notifier” list.\u003C\u002Fp>\n\u003Cp>Upon activation, this plugin will clean up your “comment_notifier” list (database table) by removing all spammer emails (emails of people that do NOT have an approved comment). (This only applies to you if you were using the “Comment Notifier” plugin.) It will also empty your Comments “Trash” and “Spam”. This clean up is only done once, upon plugin activation.\u003C\u002Fp>\n\u003Ch4>Languages\u003C\u002Fh4>\n\u003Cp>This plugin is translation-ready and includes a \u003Ccode>.pot\u003C\u002Fcode> file to make it easy to translate.\u003C\u002Fp>\n\u003Cp>See the \u003Ca href=\"https:\u002F\u002Fisabelcastillo.com\u002Ffree-plugins\u002Flightweight-subscribe-comments#jl-install\" rel=\"nofollow ugc\">Installation Guide\u003C\u002Fa>.\u003C\u002Fp>\n","Easiest and most lightweight plugin to let visitors subscribe to comments and get email notifications.",1000,17319,98,25,"2024-08-30T20:33:00.000Z","6.6.5","3.7","",[20,21,22,23,24],"comment","comments","follow-comments","notifications","subscribe-to-comments","https:\u002F\u002Fisabelcastillo.com\u002Ffree-plugins\u002Flightweight-subscribe-comments","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomment-notifier-no-spammers.1.5.8.zip",92,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":35,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},5,1190,86,30,84,"2026-04-04T13:47:32.663Z",[40,63,85,104,124],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":50,"num_ratings":51,"last_updated":52,"tested_up_to":53,"requires_at_least":54,"requires_php":55,"tags":56,"homepage":18,"download_link":59,"security_score":60,"vuln_count":61,"unpatched_count":28,"last_vuln_date":62,"fetched_at":30},"subscribe-to-comments-reloaded","Subscribe To Comments Reloaded","240119","WPKube","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpkube\u002F","\u003Cp>Subscribe to Comments Reloaded is a robust plugin that enables commenters to sign up for e-mail notification of subsequent entries. The plugin includes a full-featured subscription manager that your commenters can use to unsubscribe to certain posts or suspend all notifications. It solves most of the issues that affect Mark Jaquith’s version, using the latest WordPress features and functionality. Plus, allows administrators to enable a double opt-in mechanism, requiring users to confirm their subscription clicking on a link they will receive via email or even One Click Unsubscribe.\u003C\u002Fp>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>WordPress 4.0 or higher\u003C\u002Fli>\n\u003Cli>PHP 5.6 or higher\u003C\u002Fli>\n\u003Cli>MySQL 5.x or higher\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Main Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Easily manage and search among your subscriptions\u003C\u002Fli>\n\u003Cli>Imports Mark Jaquith’s Subscribe To Comments (and its clones) data\u003C\u002Fli>\n\u003Cli>Messages are fully customizable, no poEdit required (and you can use HTML!) with a Rich Text Editor – WYSIWYG\u003C\u002Fli>\n\u003Cli>Disable subscriptions for specific posts\u003C\u002Fli>\n\u003Cli>One Click Unsubscribe\u003C\u002Fli>\n\u003Cli>Get and Download your System information for better support.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Language Localization\u003C\u002Fh3>\n\u003Cp>If you would like to help out translating the plugin to your language you can do so through the \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fsubscribe-to-comments-reloaded\u002F\" rel=\"nofollow ugc\">official WordPress plugin translation system\u003C\u002Fa>\u003C\u002Fp>\n","Subscribe to Comments Reloaded allows commenters to sign up for e-mail notifications of subsequent replies. Don't miss any comment.",10000,966338,90,169,"2024-01-19T20:16:00.000Z","6.4.8","4.0","5.6",[21,57,58,24,41],"email","subscribe","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsubscribe-to-comments-reloaded.240119.zip",80,4,"2024-04-05 00:00:00",{"slug":64,"name":65,"version":66,"author":67,"author_profile":68,"description":69,"short_description":70,"active_installs":71,"downloaded":72,"rating":13,"num_ratings":73,"last_updated":74,"tested_up_to":75,"requires_at_least":76,"requires_php":77,"tags":78,"homepage":83,"download_link":84,"security_score":71,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"comments-subscribe-checkbox","Subscribe To Comments Checkbox","1.2.6","yydevelopment","https:\u002F\u002Fprofiles.wordpress.org\u002Fyydevelopment\u002F","\u003Cp>The subscribe to comments checkbox is a simple plugin that will allow you to add subscribe checkbox message below comments on your website and it will also send automatic email when the comment get replied.\u003C\u002Fp>\n\u003Cp>To add the comment email subscribe notification message all you need to do is to activate the plugin and it will be added automatically.\u003C\u002Fp>\n\u003Cp>The plugin also allow you to see under the “comments” section in wordpress admin panel all the user that subscribed to the comment reply in your blog posts & pages and you will be able to see who get mail and who didn’t.\u003C\u002Fp>\n\u003Ch4>Comments Subscribe Checkbox Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Comment subscribe notification message below the comment box\u003C\u002Fli>\n\u003Cli>Comments users management system\u003C\u002Fli>\n\u003Cli>Automatic email message that will be send to every user who subscribed to the comment\u003C\u002Fli>\n\u003Cli>The ability to unsubscribe from getting new comments on the site\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Available languages:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Hebrew (only frontend code)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>About the author & license\u003C\u002Fh4>\n\u003Cp>This plugin was brought to you for free by \u003Ca href=\"https:\u002F\u002Fwww.yydevelopment.com\u002F\" rel=\"nofollow ugc\">YYDevelopment\u003C\u002Fa> under GPLv2 license.\u003C\u002Fp>\n\u003Cp>The plugin is 100% free and we intend to keep it that way in the future as well. You are free to use this plugin and all our other \u003Ca href=\"https:\u002F\u002Fwww.yydevelopment.com\u002Fyydevelopment-wordpress-plugins\u002F\" rel=\"nofollow ugc\">free wordpress plugins\u003C\u002Fa> for your projects, your client’s projects or for anything else you need.\u003C\u002Fp>\n\u003Cp>If this plugin was helpful for you please share it online and if you get a chance to give it a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcomments-subscribe-checkbox\u002F#reviews\" rel=\"ugc\">positive review\u003C\u002Fa> we will appreciate that.\u003C\u002Fp>\n\u003Cp>If have any problems or questions regarding our comments subscribe checkbox plugin \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcomments-subscribe-checkbox\u002F\" rel=\"ugc\">submit a ticket\u003C\u002Fa> and we will be happy to help.\u003C\u002Fp>\n\u003Cp>By the way, we are based in Israel so we welcome you to visit our Hebrew site as well \u003Ca href=\"https:\u002F\u002Fwww.yydevelopment.co.il\u002F\" rel=\"nofollow ugc\">YYDevelopment Israel\u003C\u002Fa> if you are fellow Israeli.\u003C\u002Fp>\n\u003Ch4>Help support us with a coffee donation\u003C\u002Fh4>\n\u003Cp>Don’t you just hate it when you download a plugin and you find out that in order to use it you have to buy a pro version?\u003C\u002Fp>\n\u003Cp>Even bigger problem is when you use a plugin and then just out of the blue the developer decides to add a pro version and he either changes the way the plugin works or he converts some of the free functions to paid ones.\u003C\u002Fp>\n\u003Cp>We sure did hate that and a few years back we decided to start creating some of the plugins ourselves and we decided to share them all with the WordPress community \u003Cstrong>100% FREE\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>Nowadays we have more than 15 plugins and you can download and use them all for free by \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsearch\u002Fyydevelopment\u002F\" rel=\"ugc\">Clicking Here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>If you liked this plugin and you want to help support our cause, \u003Ca href=\"https:\u002F\u002Fwww.yydevelopment.com\u002Fcoffee-break\u002F?plugin=comments-subscribe-checkbox\" rel=\"nofollow ugc\">buy us a coffee\u003C\u002Fa>. Studies show that coffee helps with creating WordPress plugins.\u003C\u002Fp>\n","This plugin will allow you to add subscribe notification checkbox to comments on your site.",100,4550,8,"2025-12-10T03:51:00.000Z","6.9.4","5.0","5.2.4",[79,80,81,82,24],"comments-checkbox","comments-subscribe","notification-subscription","subscribe-email","https:\u002F\u002Fwww.yydevelopment.com\u002Fyydevelopment-wordpress-plugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomments-subscribe-checkbox.1.2.6.zip",{"slug":86,"name":87,"version":88,"author":89,"author_profile":90,"description":91,"short_description":92,"active_installs":93,"downloaded":94,"rating":71,"num_ratings":95,"last_updated":96,"tested_up_to":97,"requires_at_least":98,"requires_php":18,"tags":99,"homepage":101,"download_link":102,"security_score":103,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"optin-comment-notifications","Optin Comment Notifications","1.4","Scott Reilly","https:\u002F\u002Fprofiles.wordpress.org\u002Fcoffee2code\u002F","\u003Cp>This plugin adds a checkbox to the profile page for users which allows them to opt into receiving a notification email whenever a comment is made to the site.\u003C\u002Fp>\n\u003Cp>If a comment goes into moderation, only users who have the ability to manage comments on the site will receive the moderation notification email.\u003C\u002Fp>\n\u003Cp>By default, all users of the site have the ability to subscribe to notifications about comments. A filter is provided to facilitate use of code to customize the feature’s availability to users.\u003C\u002Fp>\n\u003Cp>Note: a “user” is a person with an actual login account for the site. The plugin does not facilitate permitting visitors who do not have an account on the site to be able to subscribe to all comments.\u003C\u002Fp>\n\u003Cp>Links: \u003Ca href=\"http:\u002F\u002Fcoffee2code.com\u002Fwp-plugins\u002Foptin-comment-notifications\u002F\" rel=\"nofollow ugc\">Plugin Homepage\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Foptin-comment-notifications\u002F\" rel=\"ugc\">Plugin Directory Page\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcoffee2code\u002Foptin-comment-notifications\u002F\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa> | \u003Ca href=\"http:\u002F\u002Fcoffee2code.com\" rel=\"nofollow ugc\">Author Homepage\u003C\u002Fa>\u003C\u002Fp>\n","Allows users to opt into receiving a notification email whenever a comment is made to the site.",60,4235,3,"2019-03-27T05:14:00.000Z","5.1.22","4.6",[20,100,21,57,23],"commenting","http:\u002F\u002Fcoffee2code.com\u002Fwp-plugins\u002Foptin-comment-notifications\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Foptin-comment-notifications.1.4.zip",85,{"slug":105,"name":106,"version":107,"author":108,"author_profile":109,"description":110,"short_description":111,"active_installs":112,"downloaded":113,"rating":28,"num_ratings":28,"last_updated":114,"tested_up_to":115,"requires_at_least":116,"requires_php":77,"tags":117,"homepage":18,"download_link":123,"security_score":103,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"disable-updates-comments","Disable Update Notifications & Comments for WordPress","1.1","Aman Verma","https:\u002F\u002Fprofiles.wordpress.org\u002Fefficientninja\u002F","\u003Cp>Disables Update notification for themes, plugins and core. It has option to disable auto-update of your WordPress Version.If you are not using blog in your website then you can also disable comments and hide comments settings with this plugin.\u003C\u002Fp>\n","Disables Update notification for themes, plugins and core. disable auto-update of your WordPress Version and has ability to disable comments.",40,1085,"2019-06-04T13:58:00.000Z","5.2.24","3.8",[118,119,120,121,122],"disable-update-notifications-in-wordpress","disable-updates","hide-comments-options","hide-update-notification","permanently-remove-comments","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-updates-comments.zip",{"slug":125,"name":126,"version":127,"author":128,"author_profile":129,"description":130,"short_description":131,"active_installs":132,"downloaded":133,"rating":60,"num_ratings":134,"last_updated":135,"tested_up_to":136,"requires_at_least":137,"requires_php":18,"tags":138,"homepage":141,"download_link":142,"security_score":103,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"report-comments","AJAX Report Comments","2.0.4","tierrainnovation","https:\u002F\u002Fprofiles.wordpress.org\u002Ftierrainnovation\u002F","\u003Cp>*** Please Note: If you have installed v.1, please deactivate, install, and then reactivate the plugin. ***\u003C\u002Fp>\n\u003Cp>AJAX Report Comments is a simple yet powerful add-on for any WordPress blog, particularly larger blogs with a higher volume of user comments. It provides blog visitors the ability to report an inappropriate comment to the blog’s moderator with a single click using AJAX and email.\u003C\u002Fp>\n\u003Cp>Through the WordPress Admin you can modify many aspects of the plugin including the text of the “Report Comment” link, the resulting “Thank you” message, the email address to send the inappropriate comment to and the layout and content of the generated email itself. You can even modify the HTML surrounding the “Report Comment” link to suit your needs.\u003C\u002Fp>\n\u003Cp>After a comment is reported, the email address you specify will receive a message including the text of the reported comment and a link to view the comment on the site. The next version of this plugin will include more admin options and variety of moderation options, such as placing the comment in a moderation queue if more than X number of visitors flag it as inappropriate.\u003C\u002Fp>\n","AJAX Report Comments is a simple yet powerful add-on for any Wordpress blog, particularly larger blogs with a higher volume of user comments.",20,7429,1,"2010-10-26T14:59:00.000Z","3.0.5","2.9",[100,21,23,139,140],"report","spam","http:\u002F\u002Ftierra-innovation.com\u002Fwordpress-cms\u002Fplugins\u002Freport-comments\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freport-comments.zip",{"attackSurface":144,"codeSignals":192,"taintFlows":254,"riskAssessment":337,"analyzedAt":346},{"hooks":145,"ajaxHandlers":188,"restRoutes":189,"shortcodes":190,"cronEvents":191,"entryPointCount":28,"unprotectedCount":28},[146,152,158,163,168,172,176,179,184],{"type":147,"name":148,"callback":149,"file":150,"line":151},"action","admin_menu","lstc_admin_menu","comment-notifier-no-spammers.php",345,{"type":153,"name":154,"callback":155,"priority":156,"file":150,"line":157},"filter","comment_form_submit_field","lstc_comment_form_submit_field",9999,350,{"type":147,"name":159,"callback":160,"priority":161,"file":150,"line":162},"comment_form","lstc_comment_form",99,352,{"type":147,"name":164,"callback":165,"priority":166,"file":150,"line":167},"wp_set_comment_status","lstc_wp_set_comment_status",10,355,{"type":147,"name":169,"callback":170,"priority":166,"file":150,"line":171},"comment_post","lstc_comment_post",356,{"type":147,"name":173,"callback":174,"file":150,"line":175},"init","lstc_init",387,{"type":147,"name":173,"callback":177,"file":150,"line":178},"lstc_load_textdomain",417,{"type":147,"name":180,"callback":181,"priority":182,"file":150,"line":183},"wp_enqueue_scripts","lstc_inline_style",999,460,{"type":147,"name":185,"callback":186,"file":150,"line":187},"admin_init","lstc_cleanup_old_options",682,[],[],[],[],{"dangerousFunctions":193,"sqlUsage":194,"outputEscaping":216,"fileOperations":28,"externalRequests":28,"nonceChecks":95,"capabilityChecks":28,"bundledLibraries":253},[],{"prepared":132,"raw":195,"locations":196},7,[197,200,203,206,208,211,213],{"file":150,"line":198,"context":199},529,"$wpdb->query() with variable interpolation",{"file":150,"line":201,"context":202},532,"$wpdb->get_col() with variable interpolation",{"file":150,"line":204,"context":205},600,"$wpdb->get_results() with variable interpolation",{"file":150,"line":207,"context":205},605,{"file":209,"line":210,"context":205},"options.php",311,{"file":209,"line":212,"context":205},319,{"file":214,"line":215,"context":199},"uninstall.php",11,{"escaped":217,"rawEcho":218,"locations":219},13,16,[220,223,225,227,229,231,233,235,237,239,241,243,245,247,249,251],{"file":150,"line":221,"context":222},161,"raw output",{"file":150,"line":224,"context":222},379,{"file":209,"line":226,"context":222},133,{"file":209,"line":228,"context":222},153,{"file":209,"line":230,"context":222},160,{"file":209,"line":232,"context":222},166,{"file":209,"line":234,"context":222},177,{"file":209,"line":236,"context":222},186,{"file":209,"line":238,"context":222},202,{"file":209,"line":240,"context":222},210,{"file":209,"line":242,"context":222},232,{"file":209,"line":244,"context":222},241,{"file":209,"line":246,"context":222},266,{"file":209,"line":248,"context":222},275,{"file":209,"line":250,"context":222},316,{"file":209,"line":252,"context":222},325,[],[255,291,305,322],{"entryPoint":256,"graph":257,"unsanitizedCount":28,"severity":290},"lstc_options_page (options.php:2)",{"nodes":258,"edges":285},[259,263,269,273,278,281],{"id":260,"type":261,"label":262,"file":209,"line":166},"n0","source","$_POST",{"id":264,"type":265,"label":266,"file":209,"line":267,"wp_function":268},"n1","sink","update_option() [Settings Manipulation]",12,"update_option",{"id":270,"type":261,"label":271,"file":209,"line":272},"n2","$_POST (x2)",50,{"id":274,"type":265,"label":275,"file":209,"line":276,"wp_function":277},"n3","query() [SQLi]",51,"query",{"id":279,"type":261,"label":280,"file":209,"line":166},"n4","$_POST (x5)",{"id":282,"type":265,"label":283,"file":209,"line":228,"wp_function":284},"n5","echo() [XSS]","echo",[286,288,289],{"from":260,"to":264,"sanitized":287},true,{"from":270,"to":274,"sanitized":287},{"from":279,"to":282,"sanitized":287},"low",{"entryPoint":292,"graph":293,"unsanitizedCount":28,"severity":290},"\u003Coptions> (options.php:0)",{"nodes":294,"edges":301},[295,296,297,298,299,300],{"id":260,"type":261,"label":262,"file":209,"line":166},{"id":264,"type":265,"label":266,"file":209,"line":267,"wp_function":268},{"id":270,"type":261,"label":271,"file":209,"line":272},{"id":274,"type":265,"label":275,"file":209,"line":276,"wp_function":277},{"id":279,"type":261,"label":280,"file":209,"line":166},{"id":282,"type":265,"label":283,"file":209,"line":228,"wp_function":284},[302,303,304],{"from":260,"to":264,"sanitized":287},{"from":270,"to":274,"sanitized":287},{"from":279,"to":282,"sanitized":287},{"entryPoint":306,"graph":307,"unsanitizedCount":134,"severity":321},"lstc_init (comment-notifier-no-spammers.php:342)",{"nodes":308,"edges":317},[309,312,315],{"id":260,"type":261,"label":310,"file":150,"line":311},"$_GET",365,{"id":264,"type":313,"label":314,"file":150,"line":311},"transform","→ lstc_unsubscribe()",{"id":270,"type":265,"label":275,"file":150,"line":316,"wp_function":277},395,[318,320],{"from":260,"to":264,"sanitized":319},false,{"from":264,"to":270,"sanitized":319},"high",{"entryPoint":323,"graph":324,"unsanitizedCount":336,"severity":321},"\u003Ccomment-notifier-no-spammers> (comment-notifier-no-spammers.php:0)",{"nodes":325,"edges":332},[326,328,329,330,331],{"id":260,"type":261,"label":310,"file":150,"line":327},363,{"id":264,"type":265,"label":275,"file":150,"line":316,"wp_function":277},{"id":270,"type":261,"label":310,"file":150,"line":311},{"id":274,"type":313,"label":314,"file":150,"line":311},{"id":279,"type":265,"label":275,"file":150,"line":316,"wp_function":277},[333,334,335],{"from":260,"to":264,"sanitized":319},{"from":270,"to":274,"sanitized":319},{"from":274,"to":279,"sanitized":319},2,{"summary":338,"deductions":339},"The 'comment-notifier-no-spammers' plugin, version 1.5.8, exhibits a mixed security posture. On the positive side, it has a very small attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events, and it has a history of no known vulnerabilities.  However, the code analysis reveals some concerning areas. A significant portion of SQL queries (26%) are not using prepared statements, which presents a risk of SQL injection if these queries are constructed with user-supplied data. Furthermore, the taint analysis indicates two high-severity flows with unsanitized paths, suggesting potential vulnerabilities that could be exploited if user input is not properly validated and sanitized before being used in sensitive operations. The relatively low percentage of properly escaped output (45%) also raises concerns about potential cross-site scripting (XSS) vulnerabilities, although this is not directly flagged as a high-severity taint flow in the provided data.",[340,342,344],{"reason":341,"points":267},"High severity unsanitized taint flows",{"reason":343,"points":73},"SQL queries not using prepared statements",{"reason":345,"points":33},"Low percentage of properly escaped output","2026-03-16T18:55:39.263Z",{"wat":348,"direct":357},{"assetPaths":349,"generatorPatterns":352,"scriptPaths":353,"versionParams":354},[350,351],"\u002Fwp-content\u002Fplugins\u002Fcomment-notifier-no-spammers\u002Fcss\u002Fcomment-notifier-no-spammers.css","\u002Fwp-content\u002Fplugins\u002Fcomment-notifier-no-spammers\u002Fjs\u002Fcomment-notifier-no-spammers.js",[],[351],[355,356],"comment-notifier-no-spammers\u002Fcss\u002Fcomment-notifier-no-spammers.css?ver=","comment-notifier-no-spammers\u002Fjs\u002Fcomment-notifier-no-spammers.js?ver=",{"cssClasses":358,"htmlComments":361,"htmlAttributes":362,"restEndpoints":367,"jsGlobals":368,"shortcodeOutput":369},[359,360],"cnns-comment-subscription","lstc-label",[],[363,364,365,366],"name=\"lstc_subscribe\"","id=\"lstc_subscribe\"","id=\"cnns-label\"","class=\"lstc-label\"",[],[],[]]