[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f-DRg0wC9WJIRfc0y2bSLBrdzXic3-uFFRancL_8x1b0":3,"$ffRwkHSnxkuGvMW-duuYFBoYG8Hxhk3zeXces1CAdTcM":291,"$fvD-XB7MHXCfmNtvXT90VOh8Q7nRGgHu3rPsCdgi5GEw":295},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"discovery_status":30,"vulnerabilities":31,"developer":32,"crawl_stats":28,"alternatives":40,"analysis":143,"fingerprints":274},"comment-notifier","Comment Notifier","2.3.2","Stefano Lissa","https:\u002F\u002Fprofiles.wordpress.org\u002Fsatollo\u002F","\u003Cp>Comment Notifier lets user to subscribe the comment thread of each single post of your blog. It improves traffic and loyalty.\u003C\u002Fp>\n\u003Cp>Notification emails are fully customizable (both plain text or html) with a number of “tags” to insert author name, post link and title, receiver name and so on.\u003C\u002Fp>\n\u003Cp>The “subscribe me” checkbox in the comment form area can be added automatically or manually.\u003C\u002Fp>\n\u003Cp>Read more on \u003Ca href=\"http:\u002F\u002Fwww.satollo.net\u002Fplugins\u002Fcomment-notifier\" rel=\"nofollow ugc\">Comment Notifier\u003C\u002Fa> offical page.\u003C\u002Fp>\n\u003Ch4>Other plugins\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.satollo.net\u002Fplugins\u002Fhyper-cache\" rel=\"nofollow ugc\">Hyper Cache\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\" rel=\"nofollow ugc\">Newsletter\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.satollo.net\u002Fplugins\u002Fheader-footer\" rel=\"nofollow ugc\">Header and Footer\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.satollo.net\u002Fplugins\u002Fthumbnails\" rel=\"nofollow ugc\">Thumbnails\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.satollo.net\u002Fplugins\u002Finclude-me\" rel=\"nofollow ugc\">Include Me\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Add comment subscriptions to the blog comment form.",500,47324,100,10,"2026-02-03T07:04:00.000Z","6.9.4","6.1","7.0",[20,21,22,23,24],"comments","discussion","email","notify","subscription","http:\u002F\u002Fwww.satollo.net\u002Fplugins\u002Fcomment-notifier","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomment-notifier.2.3.2.zip",0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"satollo",16,514950,92,650,73,"2026-05-19T20:01:29.726Z",[41,63,86,106,126],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":51,"num_ratings":52,"last_updated":53,"tested_up_to":54,"requires_at_least":55,"requires_php":56,"tags":57,"homepage":58,"download_link":59,"security_score":60,"vuln_count":61,"unpatched_count":27,"last_vuln_date":62,"fetched_at":29},"subscribe-to-comments","Subscribe to Comments","2.3.1","Mark Jaquith","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarkjaquith\u002F","\u003Cp>Subscribe to Comments is a robust plugin that enables commenters to sign up for e-mail notification of subsequent entries.  The plugin includes a full-featured subscription manager that your commenters can use to unsubscribe to certain posts, block all notifications, or even change their notification e-mail address!\u003C\u002Fp>\n","Subscribe to Comments allows commenters on an entry to subscribe to e-mail notifications for subsequent comments.",20000,572233,78,14,"2024-10-29T05:34:00.000Z","4.3.34","2.9","",[20,22,24],"http:\u002F\u002Ftxfx.net\u002Fwordpress-plugins\u002Fsubscribe-to-comments\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsubscribe-to-comments.2.3.1.zip",89,3,"2024-10-29 14:20:48",{"slug":64,"name":65,"version":66,"author":67,"author_profile":68,"description":69,"short_description":70,"active_installs":71,"downloaded":72,"rating":73,"num_ratings":74,"last_updated":75,"tested_up_to":16,"requires_at_least":76,"requires_php":77,"tags":78,"homepage":81,"download_link":82,"security_score":83,"vuln_count":84,"unpatched_count":27,"last_vuln_date":85,"fetched_at":29},"subscribe2","Subscribe2 – Form, Email Subscribers & Newsletters","10.45","weDevs","https:\u002F\u002Fprofiles.wordpress.org\u002Fwedevs\u002F","\u003Ch4>Summary\u003C\u002Fh4>\n\u003Cp>Subscribe2 provides a comprehensive subscription management and email notification system for WordPress blogs that sends email notifications to a list of subscribers when you publish new content to your blog.\u003C\u002Fp>\n\u003Cp>A full description of features is below.\u003C\u002Fp>\n\u003Ch4>Email\u003C\u002Fh4>\n\u003Cp>Email notifications can be sent on a per-post basis or periodically in a Digest email. Additionally, certain categories can be excluded from inclusion in the notification and posts can be excluded on an individual basis by setting a custom field.\u003C\u002Fp>\n\u003Ch4>Subscriptions\u003C\u002Fh4>\n\u003Cp>Subscription requests allows users to publicly subscribe (\u003Cstrong>Public Subscribers\u003C\u002Fstrong>) by submitting their email address in an easy to use form or to register with your blog (\u003Cstrong>Registered Users\u003C\u002Fstrong>) which enables greater flexibility over the email content for per-post notifications for the subscriber. Admins are given control over the presentation of the email notifications, can bulk manage subscriptions for users and manually send email notices to subscribers.\u003C\u002Fp>\n\u003Cp>The format of the email can also be customised for per-post notifications, Subscribe2 can generate emails for each of the following formats:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>plaintext excerpt.\u003C\u002Fli>\n\u003Cli>plaintext full post (Registered Users only).\u003C\u002Fli>\n\u003Cli>HTML excerpt (Registered Users only).\u003C\u002Fli>\n\u003Cli>HTML full post (Registered Users only).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you want to grow your subscriber lists, send automated campaigns to huge subscriber lists, you should upgrade to \u003Ca href=\"https:\u002F\u002Fgetwemail.io\" rel=\"nofollow ugc\">weMail\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Privacy Policy\u003C\u002Fh4>\n\u003Cp>Subscribe2 uses \u003Ca href=\"https:\u002F\u002Fappsero.com\" rel=\"nofollow ugc\">Appsero\u003C\u002Fa> SDK to collect some telemetry data upon user’s confirmation. This helps us to troubleshoot problems faster & make product improvements. Learn more about how \u003Ca href=\"https:\u002F\u002Fappsero.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">Appsero collects and uses this data\u003C\u002Fa>.\u003C\u002Fp>\n","Sends a list of subscribers an email notification when you publish new posts.",10000,2457129,70,115,"2025-12-29T06:11:00.000Z","4.0","5.4",[22,23,79,80,24],"posts","subscribe","https:\u002F\u002Fgetwemail.io","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsubscribe2.10.45.zip",88,8,"2026-02-03 00:00:00",{"slug":87,"name":88,"version":89,"author":90,"author_profile":91,"description":92,"short_description":93,"active_installs":13,"downloaded":94,"rating":95,"num_ratings":84,"last_updated":96,"tested_up_to":16,"requires_at_least":97,"requires_php":98,"tags":99,"homepage":104,"download_link":105,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"comments-subscribe-checkbox","Subscribe To Comments Checkbox","1.2.6","yydevelopment","https:\u002F\u002Fprofiles.wordpress.org\u002Fyydevelopment\u002F","\u003Cp>The subscribe to comments checkbox is a simple plugin that will allow you to add subscribe checkbox message below comments on your website and it will also send automatic email when the comment get replied.\u003C\u002Fp>\n\u003Cp>To add the comment email subscribe notification message all you need to do is to activate the plugin and it will be added automatically.\u003C\u002Fp>\n\u003Cp>The plugin also allow you to see under the “comments” section in wordpress admin panel all the user that subscribed to the comment reply in your blog posts & pages and you will be able to see who get mail and who didn’t.\u003C\u002Fp>\n\u003Ch4>Comments Subscribe Checkbox Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Comment subscribe notification message below the comment box\u003C\u002Fli>\n\u003Cli>Comments users management system\u003C\u002Fli>\n\u003Cli>Automatic email message that will be send to every user who subscribed to the comment\u003C\u002Fli>\n\u003Cli>The ability to unsubscribe from getting new comments on the site\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Available languages:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Hebrew (only frontend code)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>About the author & license\u003C\u002Fh4>\n\u003Cp>This plugin was brought to you for free by \u003Ca href=\"https:\u002F\u002Fwww.yydevelopment.com\u002F\" rel=\"nofollow ugc\">YYDevelopment\u003C\u002Fa> under GPLv2 license.\u003C\u002Fp>\n\u003Cp>The plugin is 100% free and we intend to keep it that way in the future as well. You are free to use this plugin and all our other \u003Ca href=\"https:\u002F\u002Fwww.yydevelopment.com\u002Fyydevelopment-wordpress-plugins\u002F\" rel=\"nofollow ugc\">free wordpress plugins\u003C\u002Fa> for your projects, your client’s projects or for anything else you need.\u003C\u002Fp>\n\u003Cp>If this plugin was helpful for you please share it online and if you get a chance to give it a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcomments-subscribe-checkbox\u002F#reviews\" rel=\"ugc\">positive review\u003C\u002Fa> we will appreciate that.\u003C\u002Fp>\n\u003Cp>If have any problems or questions regarding our comments subscribe checkbox plugin \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcomments-subscribe-checkbox\u002F\" rel=\"ugc\">submit a ticket\u003C\u002Fa> and we will be happy to help.\u003C\u002Fp>\n\u003Cp>By the way, we are based in Israel so we welcome you to visit our Hebrew site as well \u003Ca href=\"https:\u002F\u002Fwww.yydevelopment.co.il\u002F\" rel=\"nofollow ugc\">YYDevelopment Israel\u003C\u002Fa> if you are fellow Israeli.\u003C\u002Fp>\n\u003Ch4>Help support us with a coffee donation\u003C\u002Fh4>\n\u003Cp>Don’t you just hate it when you download a plugin and you find out that in order to use it you have to buy a pro version?\u003C\u002Fp>\n\u003Cp>Even bigger problem is when you use a plugin and then just out of the blue the developer decides to add a pro version and he either changes the way the plugin works or he converts some of the free functions to paid ones.\u003C\u002Fp>\n\u003Cp>We sure did hate that and a few years back we decided to start creating some of the plugins ourselves and we decided to share them all with the WordPress community \u003Cstrong>100% FREE\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>Nowadays we have more than 15 plugins and you can download and use them all for free by \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsearch\u002Fyydevelopment\u002F\" rel=\"ugc\">Clicking Here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>If you liked this plugin and you want to help support our cause, \u003Ca href=\"https:\u002F\u002Fwww.yydevelopment.com\u002Fcoffee-break\u002F?plugin=comments-subscribe-checkbox\" rel=\"nofollow ugc\">buy us a coffee\u003C\u002Fa>. Studies show that coffee helps with creating WordPress plugins.\u003C\u002Fp>\n","This plugin will allow you to add subscribe notification checkbox to comments on your site.",4660,98,"2025-12-10T03:51:00.000Z","5.0","5.2.4",[100,101,102,103,42],"comments-checkbox","comments-subscribe","notification-subscription","subscribe-email","https:\u002F\u002Fwww.yydevelopment.com\u002Fyydevelopment-wordpress-plugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomments-subscribe-checkbox.1.2.6.zip",{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":114,"downloaded":115,"rating":116,"num_ratings":117,"last_updated":118,"tested_up_to":54,"requires_at_least":119,"requires_php":56,"tags":120,"homepage":123,"download_link":124,"security_score":125,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"subscribr","Subscribr","0.1.9.1","Mindshare Labs, Inc.","https:\u002F\u002Fprofiles.wordpress.org\u002Fmindshare\u002F","\u003Cp>Allows WordPress users to subscribe to email notifications for new posts, pages, and custom types, filterable by taxonomies. The plugin supports tons of actions and filters too! More documentation will be coming soon.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>We are now working on a major rewrite of this plugin which will allow us to more rapidly roll out new features. Stay tuned for version 0.2.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>send mail as plain text or HTML (by user preference)\u003C\u002Fli>\n\u003Cli>integrated email template editor\u003C\u002Fli>\n\u003Cli>option to use PHP template instead of integrated template editor\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Upcoming Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>option to separate different taxonomies on profile update\u003C\u002Fli>\n\u003Cli>widget\u003C\u002Fli>\n\u003Cli>option to post notifications for update as well as new posts\u003C\u002Fli>\n\u003Cli>html\u002Fplain text options\u003C\u002Fli>\n\u003Cli>scheduling options \u002F digest mode\u003C\u002Fli>\n\u003Cli>analytics options\u003C\u002Fli>\n\u003Cli>minimum role option for notifications\u003C\u002Fli>\n\u003Cli>double opt-in\u003C\u002Fli>\n\u003Cli>SMS text messages\u003C\u002Fli>\n\u003Cli>integration with 3rd-party SMTP servers and\u002For advanced SMTP settings\u003C\u002Fli>\n\u003Cli>integration with MailChimp\u002FMandrill\u003C\u002Fli>\n\u003Cli>integration with Constant Contact\u003C\u002Fli>\n\u003Cli>integration with Aweber\u003C\u002Fli>\n\u003Cli>notification on site (like Facebook)\u003C\u002Fli>\n\u003Cli>subscriber management to settings\u003C\u002Fli>\n\u003Cli>CSV subscriber export\u003C\u002Fli>\n\u003Cli>list management for Roles, use-case wholesale \u002F retail\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Support development with a donation and let us know what features are most important to you!\u003C\u002Fp>\n","Allows WordPress users to subscribe to notifications for new posts, pages, and custom types, filterable by taxonomies.",20,6416,96,5,"2015-08-10T15:33:00.000Z","3.8",[22,121,23,80,122],"notifications","subscriptions","https:\u002F\u002Fmindsharelabs.com\u002Fdownloads\u002Fsubscribr\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsubscribr.0.1.9.1.zip",85,{"slug":127,"name":128,"version":129,"author":130,"author_profile":131,"description":132,"short_description":133,"active_installs":14,"downloaded":134,"rating":27,"num_ratings":27,"last_updated":135,"tested_up_to":136,"requires_at_least":137,"requires_php":56,"tags":138,"homepage":141,"download_link":142,"security_score":125,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"category-subscriptions","Category Subscriptions","1.1","Dan Collis-Puro","https:\u002F\u002Fprofiles.wordpress.org\u002Fdjcp\u002F","\u003Cp>This plugin allows users of subscriber- or greater access to subscribe to categories of posts on your wordpress blog. It is probably most appropriate for small to medium sites.\u003C\u002Fp>\n\u003Cp>Users can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Choose whether they prefer HTML or text-only email,\u003C\u002Fli>\n\u003Cli>Control on a category-by-category basis whether or not they get messages immediately or in a daily or weekly digest.\u003C\u002Fli>\n\u003Cli>Control which categories they subscribe to.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Site administrators can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Modify reply-to, from, and BCC addresses.\u003C\u002Fli>\n\u003Cli>Modify user subscriptions on a users profile page.\u003C\u002Fli>\n\u003Cli>Set basic parameters for delivery – how many messages to send at once to avoid usage complaints on shared hosting, for instance.\u003C\u002Fli>\n\u003Cli>Bulk edit category subscriptions from the users list.\u003C\u002Fli>\n\u003Cli>Exercise complete control over text and HTML templates.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Other notes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Scheduled posts are only sent out after the wordpress backend actually publishes them. Put more simply, they work as expected. Be sure wp-cron is running correctly.\u003C\u002Fli>\n\u003Cli>Admins can set a “send delay” parameter to allow last-minute edits before sending out a message.\u003C\u002Fli>\n\u003Cli>If a message is unpublished after being published, message sending will be aborted. Messages sent already are – well – sent already. We can’t travel back in time (though that’d be a great 2.0 feature). This ensures that old posts needing minor edits don’t get sent out again as updates.\u003C\u002Fli>\n\u003Cli>Only messages published after the date of installation are sent out.\u003C\u002Fli>\n\u003Cli>Category hierarchy has no effect on subscriptions. If you subscribe to a parent category, you ARE NOT automatically subscribed to its children. This may be integrated into future releases. We may also allow for the subscription to tags or custom taxonomies in future releases.\u003C\u002Fli>\n\u003Cli>Bounces ARE NOT handled by this plugin. You can, however, set the “reply-to” and “from” addresses to allow you to collect them in a logical place.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Speaking of cron, if you have a low-traffic site (say, for an intranet), you may find that your messages aren’t delivered in the time frame you’re expecting. This is because wordpress scheduled tasks are fired off by visitors to your website – so if you don’t get a lot of traffic, your scheduled tasks won’t run frequently. You can manually create a cron job to hit your wp-cron.php file, something like:\u003C\u002Fp>\n\u003Cp>*\u002F15 * * * * wget -q –post-data=”foo” http:\u002F\u002Fwww.example.com\u002Fyoursite -O – > \u002Fdev\u002Fnull\u003C\u002Fp>\n\u003Cp>Remove the “-q” switch above when you test this manually to ensure the request returns a “200 OK” response.\u003C\u002Fp>\n\u003Cp>TODO:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>More template tags.\u003C\u002Fli>\n\u003Cli>Better bulk editing features.\u003C\u002Fli>\n\u003Cli>Queue management \u002F statistics.\u003C\u002Fli>\n\u003Cli>A better template editing interface.\u003C\u002Fli>\n\u003Cli>Better debugging – e.g. the ability to send example messages.\u003C\u002Fli>\n\u003Cli>More flexible task scheduling.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>More Documentation\u003C\u002Fh3>\n\u003Cp>See the “Category Subscriptions” options page under your Settings menu. Template tag documentation lives there.\u003C\u002Fp>\n\u003Ch3>Other\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the same terms as WordPress itself.\u003C\u002Fp>\n\u003Cp>Copyright 2011, The President and Fellows of Harvard College\u003C\u002Fp>\n","Allow registered users to subscribe to categories giving them control over delivery times (e.g. daily or weekly digests) and format (html or text).",4615,"2011-07-05T17:08:00.000Z","3.1.4","3.0.3",[139,22,140,23,24],"category","notification","http:\u002F\u002Fwww.collispuro.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcategory-subscriptions.1.1.zip",{"attackSurface":144,"codeSignals":186,"taintFlows":195,"riskAssessment":266,"analyzedAt":273},{"hooks":145,"ajaxHandlers":182,"restRoutes":183,"shortcodes":184,"cronEvents":185,"entryPointCount":27,"unprotectedCount":27},[146,152,156,160,165,170,174,178],{"type":147,"name":148,"callback":149,"file":150,"line":151},"action","admin_head","cmnt_admin_head","plugin.php",19,{"type":147,"name":153,"callback":154,"file":150,"line":155},"init","cmnt_init",259,{"type":147,"name":157,"callback":158,"file":150,"line":159},"admin_menu","cmnt_admin_menu",265,{"type":161,"name":162,"callback":163,"file":150,"line":164},"filter","plugin_action_links_comment-notifier\u002Fplugin.php","cmnt_plugin_action_links",266,{"type":147,"name":166,"callback":167,"priority":168,"file":150,"line":169},"comment_form","cmnt_comment_form",99,269,{"type":147,"name":171,"callback":172,"priority":14,"file":150,"line":173},"wp_set_comment_status","cmnt_wp_set_comment_status",270,{"type":147,"name":175,"callback":176,"priority":14,"file":150,"line":177},"comment_post","cmnt_comment_post",271,{"type":147,"name":179,"callback":180,"file":150,"line":181},"activate_comment-notifier\u002Fplugin.php","cmnt_activate",323,[],[],[],[],{"dangerousFunctions":187,"sqlUsage":188,"outputEscaping":190,"fileOperations":27,"externalRequests":27,"nonceChecks":61,"capabilityChecks":193,"bundledLibraries":194},[],{"prepared":52,"raw":27,"locations":189},[],{"escaped":191,"rawEcho":27,"locations":192},47,[],1,[],[196,234,251],{"entryPoint":197,"graph":198,"unsanitizedCount":27,"severity":233},"\u003Coptions> (options.php:0)",{"nodes":199,"edges":228},[200,206,211,215,220,223],{"id":201,"type":202,"label":203,"file":204,"line":205},"n0","source","$_POST","options.php",11,{"id":207,"type":208,"label":209,"file":204,"line":34,"wp_function":210},"n1","sink","update_option() [Settings Manipulation]","update_option",{"id":212,"type":202,"label":213,"file":204,"line":214},"n2","$_POST (x2)",59,{"id":216,"type":208,"label":217,"file":204,"line":218,"wp_function":219},"n3","query() [SQLi]",60,"query",{"id":221,"type":202,"label":222,"file":204,"line":205},"n4","$_POST (x12)",{"id":224,"type":208,"label":225,"file":204,"line":226,"wp_function":227},"n5","echo() [XSS]",128,"echo",[229,231,232],{"from":201,"to":207,"sanitized":230},true,{"from":212,"to":216,"sanitized":230},{"from":221,"to":224,"sanitized":230},"low",{"entryPoint":235,"graph":236,"unsanitizedCount":193,"severity":250},"cmnt_init (plugin.php:261)",{"nodes":237,"edges":246},[238,241,244],{"id":201,"type":202,"label":239,"file":150,"line":240},"$_GET",281,{"id":207,"type":242,"label":243,"file":150,"line":240},"transform","→ cmnt_unsubscribe()",{"id":212,"type":208,"label":217,"file":150,"line":245,"wp_function":219},302,[247,249],{"from":201,"to":207,"sanitized":248},false,{"from":207,"to":212,"sanitized":248},"high",{"entryPoint":252,"graph":253,"unsanitizedCount":265,"severity":250},"\u003Cplugin> (plugin.php:0)",{"nodes":254,"edges":261},[255,257,258,259,260],{"id":201,"type":202,"label":239,"file":150,"line":256},273,{"id":207,"type":208,"label":217,"file":150,"line":245,"wp_function":219},{"id":212,"type":202,"label":239,"file":150,"line":240},{"id":216,"type":242,"label":243,"file":150,"line":240},{"id":221,"type":208,"label":217,"file":150,"line":245,"wp_function":219},[262,263,264],{"from":201,"to":207,"sanitized":248},{"from":212,"to":216,"sanitized":248},{"from":216,"to":221,"sanitized":248},2,{"summary":267,"deductions":268},"The \"comment-notifier\" plugin v2.3.2 demonstrates strong security practices in several key areas.  The static analysis reveals a commendable 100% usage of prepared statements for SQL queries and proper output escaping, indicating a low risk of common injection vulnerabilities.  Furthermore, the absence of known CVEs in its history suggests a well-maintained and historically secure plugin.  The plugin also appears to have a minimal attack surface, with no AJAX handlers, REST API routes, shortcodes, or cron events exposed without authentication, which is a significant security positive.\n\nHowever, there are two \"Taint Analysis\" findings related to \"unsanitized paths\" that warrant attention. While their severity is not explicitly rated as critical or high, the presence of unsanitized paths in any context is a potential concern, as it could lead to path traversal or other file system vulnerabilities if these paths are user-controlled or processed insecurely.  The plugin does implement some nonce and capability checks, but the existence of these taint flows suggests that the sanitization of path-related inputs might be incomplete or not universally applied across all potential entry points. Overall, the plugin is built on a solid foundation, but the identified taint flows represent the primary area of concern.",[269,272],{"reason":270,"points":271},"Taint flows with unsanitized paths (High severity)",12,{"reason":270,"points":271},"2026-04-16T11:01:32.603Z",{"wat":275,"direct":282},{"assetPaths":276,"generatorPatterns":278,"scriptPaths":279,"versionParams":280},[277],"\u002Fwp-content\u002Fplugins\u002Fcomment-notifier\u002Fadmin.css",[],[],[281],"comment-notifier\u002Fadmin.css?ver=",{"cssClasses":283,"htmlComments":284,"htmlAttributes":285,"restEndpoints":286,"jsGlobals":287,"shortcodeOutput":288},[],[],[],[],[],[289,290],"\u003Cp style=\"clear:both\">\u003Cinput style=\"width: 20px\" type=\"checkbox\" value=\"1\" name=\"subscribe\" id=\"subscribe\"","\u003Clabel style=\"margin:0; padding:0; position:relative; left:0; top:0;\" for=\"subscribe\">",{"error":230,"url":292,"statusCode":293,"statusMessage":294,"message":294},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fcomment-notifier\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":265,"versions":296},[297,302],{"version":6,"download_url":26,"svn_tag_url":298,"released_at":28,"has_diff":248,"diff_files_changed":299,"diff_lines":28,"trac_diff_url":300,"vulnerabilities":301,"is_current":230},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcomment-notifier\u002Ftags\u002F2.3.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcomment-notifier%2Ftags%2F2.3.1&new_path=%2Fcomment-notifier%2Ftags%2F2.3.2",[],{"version":44,"download_url":303,"svn_tag_url":304,"released_at":28,"has_diff":248,"diff_files_changed":305,"diff_lines":28,"trac_diff_url":28,"vulnerabilities":306,"is_current":248},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomment-notifier.2.3.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcomment-notifier\u002Ftags\u002F2.3.1\u002F",[],[]]