[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fsB_nwzKgWKko474csHx-wPK2v433vpWcZhJK-qaZW84":3,"$f7CCLnpibckFtkl3yGULAjARCjsJcYFLOdkw1UQgHn_0":361,"$fOxVuUBdoxjKlTavF9_FUwWZXOK9uaAlvObAMUq2KV5E":365},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"discovery_status":31,"vulnerabilities":32,"developer":33,"crawl_stats":29,"alternatives":38,"analysis":136,"fingerprints":343},"comment-pub","Comment Pub","1.0.0","nowmediagroup","https:\u002F\u002Fprofiles.wordpress.org\u002Fnowmediagroup\u002F","\u003Cp>Allow image upload on comments to create a guestbook. All images will be resized and originals deleted in order to save space in your server. This plugin will add “Comment Pub” under comments and “Comment Pub Options” under settings.\u003C\u002Fp>\n\u003Cp>Comment Pub…\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Will notify the administrator if the plugin is not compatible with their hosting environment\u003C\u002Fli>\n\u003Cli>Supports PNG, GIF, JPG, and JPEG images\u003C\u002Fli>\n\u003Cli>Will notify readers if their attached image is not allowed to be uploaded\u003C\u002Fli>\n\u003Cli>Will add an additional tab under \u003Cem>“Comments”\u003C\u002Fem> in the admin panel allowing easy monitoring\u003C\u002Fli>\n\u003Cli>Will add an additional tab under \u003Cem>“Settings”\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Will allow you to control the Width and Height of the resized version of the original image.\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>You can remove the requiered e-mail input when post a comment as a guest\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Development Information\u003C\u002Fh3>\n\u003Cp>Commen Pub was built using…\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Image Validation by Tom McFarlin – https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fcomment-images\u002F\u003C\u002Fli>\n\u003Cli>Respect for WordPress bloggers everywhere 🙂\u003C\u002Fli>\n\u003C\u002Ful>\n","Create a guestbook or local avatars or unique comments. The images be will resized on upload and originals deleted.",20,6824,100,2,"2013-01-28T21:06:00.000Z","3.5.2","3.4.1","",[20,21,22,23,24],"comments","guest","guestbook","image-upload","resize-images","http:\u002F\u002Fcommentpub.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomment-pub.1.0.0.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},1,30,84,"2026-05-20T01:10:30.934Z",[39,57,75,96,112],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":13,"downloaded":47,"rating":13,"num_ratings":34,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":18,"tags":51,"homepage":55,"download_link":56,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"reverse-order-comments","Reverse Order Comments","1.1.1","Tim","https:\u002F\u002Fprofiles.wordpress.org\u002Ftimz\u002F","\u003Cp>A really simple WordPress Plugin. It provides the function \u003Ccode>ro_comments_template()\u003C\u002Fcode>, which allows the comments to be displayed in reverse order (thus the newest comments first, oldest last).\u003C\u002Fp>\n","Allows to display the comments in reverse order. Latest comment first, oldest last.",18911,"2012-07-16T18:47:00.000Z","3.4.2","1.5",[20,52,22,53,54],"gstebuch","order","reverse","http:\u002F\u002Fwww.zyblog.de\u002Fwordpress-plugins\u002Freverse-order-comments\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freverse-order-comments.1.1.1.zip",{"slug":58,"name":59,"version":6,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":28,"num_ratings":28,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":73,"download_link":74,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"simple-guestbook","Simple Guestbook","dichternebel","https:\u002F\u002Fprofiles.wordpress.org\u002Fdichternebel\u002F","\u003Cp>This plugin is based on the comments feature from WordPress and creates a paged output that can be displayed in a WordPress \u003Cstrong>page\u003C\u002Fstrong> by simply putting the shortcode \u003Ccode>[simple-guestbook]\u003C\u002Fcode> as its content.\u003C\u002Fp>\n\u003Cp>Since the plugin just uses existing core functionality it should respect all WP settings and integrate seemless into most of the themes out there.\u003C\u002Fp>\n\u003Cp>You can tweak some basic settings in the options section of the plugin like:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>sort order\u003C\u002Fli>\n\u003Cli>entries per page\u003C\u002Fli>\n\u003Cli>avatar size\u003C\u002Fli>\n\u003Cli>custom avatar\u003C\u002Fli>\n\u003Cli>reply functionality for editors\u003C\u002Fli>\n\u003Cli>JavaScript based validation for the WP comment form\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Manual Installation\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Download \u003Ccode>simple-guestbook[version].zip\u003C\u002Fcode> and unzip to the \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode> directory\u003C\u002Fli>\n\u003Cli>Activate the plugin through the ‘Plugins’ menu in WordPress\u003C\u002Fli>\n\u003Cli>Change settings in the ‘Options’ menu as needed or leave them default\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>Just place the shortcode \u003Ccode>[simple-guestbook]\u003C\u002Fcode> in an (empty) WordPress page. If you like to have some small content on that page, please make sure to put the shortcode at the very end of the page.\u003C\u002Fp>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Cp>Since this plugin uses WP comments I highly recommend that you protect yourself against spam by using e.g. at least one of these plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhcaptcha-for-forms-and-more\u002F\" rel=\"ugc\">hCaptcha\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fantispam-bee\u002F\" rel=\"ugc\">Antispam Bee\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhoneypot-toolkit\u002F\" rel=\"ugc\">Honeypot Toolkit\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin was tested with hCaptcha and the included JavaScript Validation functionality for the comment form comes with an integration for hCaptcha already.\u003C\u002Fp>\n\u003Cp>Enjoy!\u003C\u002Fp>\n\u003Cp>—\u003C\u002Fp>\n\u003Cp>Banner image by \u003Ca href=\"https:\u002F\u002Fpixabay.com\u002Fusers\u002Fpexels-2286921\u002F?utm_source=link-attribution&utm_medium=referral&utm_campaign=image&utm_content=1866992\" rel=\"nofollow ugc\">Pexels\u003C\u002Fa> from \u003Ca href=\"https:\u002F\u002Fpixabay.com\u002F\u002F?utm_source=link-attribution&utm_medium=referral&utm_campaign=image&utm_content=1866992\" rel=\"nofollow ugc\">Pixabay\u003C\u002Fa>\u003C\u002Fp>\n","A simple guestbook plugin based on WordPress page comments.",70,2023,"2026-01-03T13:04:00.000Z","6.9.4","5.2","5.6.20",[20,22,71,72],"navigation","paging","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsimple-guestbook\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-guestbook.1.0.0.zip",{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":83,"downloaded":84,"rating":85,"num_ratings":86,"last_updated":87,"tested_up_to":88,"requires_at_least":18,"requires_php":89,"tags":90,"homepage":94,"download_link":95,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"libro-de-visitas-guestbook","LIBRO DE VISITAS – GUESTBOOK","1.4","jarim","https:\u002F\u002Fprofiles.wordpress.org\u002Fjarim\u002F","\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.poorbuk.com\u002Fwordpress\u002Fjarim\u002Flibro-de-visitas\u002F\" rel=\"nofollow ugc\">For live example click here!!!\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.sos-childrensvillages.org\u002F\" rel=\"nofollow ugc\">Donate and help children her!!!\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>LIBRO DE VISITAS- GUESTBOOK is the WordPress guestbook you’ve just been looking for. Beautiful, responsive,easy and multi-language.\u003Cbr \u002F>\nCreates its own table for messages so you can easily control all your messages.\u003C\u002Fp>\n\u003Cp>Where is the plugin in the admin menu?\u003Cbr \u002F>\nIs in SETTINGS-> LIBRO DE VISITAS\u003Cbr \u002F>\nand also in\u003Cbr \u002F>\nPLUGINS->LIBRO DE VISITAS(where you see all plugins)->SETTINGS\u003Cbr \u002F>\n(a small menu under the name of the plugin, just beside Activate and Deactivate).\u003C\u002Fp>\n\u003Cp>Current features include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easy to use guestbook frontend with a simple form for visitors of your website.\u003C\u002Fli>\n\u003Cli>Responsive.\u003C\u002Fli>\n\u003Cli>You can change the labels (Message,name,button-send) to any language you like from admin menu.\u003C\u002Fli>\n\u003Cli>Simple and clean admin interface that integrates seamlessly into WordPress admin.\u003C\u002Fli>\n\u003Cli>Easy uninstall not harming your wordpress installation in anyway.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>… and all that integrated in the stylish WordPress look.\u003C\u002Fp>\n\u003Ch4>Languages\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>ALL\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can change the labels of the form (Message, name, button-send) to any language from the admin menu\u003C\u002Fp>\n","For live example click here!!!",40,6681,80,3,"2018-06-04T16:28:00.000Z","4.9.29","5.2.4",[20,91,22,92,93],"guest-book","libro-de-visitas","visitas","http:\u002F\u002Fwww.jarimos.dk\u002Fwebsjarim\u002Flibro-de-visitas\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flibro-de-visitas-guestbook.zip",{"slug":97,"name":98,"version":6,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":103,"downloaded":104,"rating":28,"num_ratings":28,"last_updated":105,"tested_up_to":106,"requires_at_least":107,"requires_php":18,"tags":108,"homepage":110,"download_link":111,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wp-commentwidgetizer","WP CommentWidgetizer","phd38","https:\u002F\u002Fprofiles.wordpress.org\u002Fphd38\u002F","\u003Cp>\u003Cstrong>WP CommentWidgetizer\u003C\u002Fstrong> is a simple widget that takes one of the approved comments made on any page or post of your site and displays it in the sidebar.\u003C\u002Fp>\n\u003Cp>It can be used to manage guest books, or more simply to randomly export to your homepage comments spread deeper in your site pages in order to make it visible to your visitors not reaching the post or page holding those comments.\u003C\u002Fp>\n\u003Cp>You can see the \u003Cem>CommentWidgetizer\u003C\u002Fem> widget used as guestbook homepage exporter \u003Ca href=\"http:\u002F\u002Fwww.photos-dauphine.com\u002F\" title=\"Check out here the WP CommentWidgetizer widget in action\" rel=\"nofollow ugc\">here\u003C\u002Fa>. French reading visitors will get additional insights on this \u003Ca href=\"http:\u002F\u002Fwww.photos-dauphine.com\u002Fwp-commentwidgetizer\" title=\"WP CommentWidgetizer widget page\" rel=\"nofollow ugc\">widget genesis page\u003C\u002Fa>.\u003C\u002Fp>\n","WP CommentWidgetizer is a simple widget that takes one of the approved comments made on any page or post of your site and displays it in the sidebar.",10,5192,"2012-09-16T17:49:00.000Z","2.9.2","2.7",[20,22,109],"widget","http:\u002F\u002Fwww.photos-dauphine.com\u002Fwp-commentwidgetizer","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-commentwidgetizer.1.0.0.zip",{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":120,"downloaded":121,"rating":122,"num_ratings":123,"last_updated":124,"tested_up_to":67,"requires_at_least":125,"requires_php":126,"tags":127,"homepage":131,"download_link":132,"security_score":133,"vuln_count":134,"unpatched_count":28,"last_vuln_date":135,"fetched_at":30},"gwolle-gb","Gwolle Guestbook","4.10.1","Marcel Pol","https:\u002F\u002Fprofiles.wordpress.org\u002Fmpol\u002F","\u003Cp>Gwolle Guestbook is the WordPress guestbook you’ve just been looking for. Beautiful and easy.\u003Cbr \u002F>\nGwolle Guestbook is not just another guestbook for WordPress. The goal is to provide an easy and slim way to integrate a guestbook into your WordPress powered site. Don’t use your ‘comment’ section the wrong way – install Gwolle Guestbook and have a real guestbook.\u003C\u002Fp>\n\u003Cp>Current features include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easy to use guestbook frontend with a simple form for visitors of your website.\u003C\u002Fli>\n\u003Cli>List of guestbook entries at the frontend with pagination or infinite scroll.\u003C\u002Fli>\n\u003Cli>Widget to display an excerpt of your last or your best entries.\u003C\u002Fli>\n\u003Cli>Simple and clean admin interface that integrates seamlessly into WordPress admin.\u003C\u002Fli>\n\u003Cli>Dashboard Widget to easily manage the latest entries from your Admin Dashboard.\u003C\u002Fli>\n\u003Cli>Easy Import from other guestbooks into Gwolle Guestbook.\u003C\u002Fli>\n\u003Cli>Notification by mail when a new entry has been posted.\u003C\u002Fli>\n\u003Cli>Moderation, so that you can check an entry before it is visible in your guestbook (optional).\u003C\u002Fli>\n\u003Cli>7 anti-spam features, like Honeypot, Nonce, Form Timeout, Akismet, Stop Forum Spam and Custom Quiz Question.\u003C\u002Fli>\n\u003Cli>Simple Form Builder to select which form-fields you want to use.\u003C\u002Fli>\n\u003Cli>Simple Entry Builder with the parts of each entry that you want to show.\u003C\u002Fli>\n\u003Cli>Multiple guestbooks are possible.\u003C\u002Fli>\n\u003Cli>MultiSite is supported.\u003C\u002Fli>\n\u003Cli>Localization. Own languages can be added very easily through \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fgwolle-gb\" rel=\"nofollow ugc\">GlotPress\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Admins can add a reply to each entry.\u003C\u002Fli>\n\u003Cli>A log for each entry, so that you know which member of the staff released and edited a guestbook-entry to the public and when.\u003C\u002Fli>\n\u003Cli>IP-address and host-logging with link to WHOIS query site.\u003C\u002Fli>\n\u003Cli>RSS Feed.\u003C\u002Fli>\n\u003Cli>BBcode, Emoji and Smiley integration (optional).\u003C\u002Fli>\n\u003Cli>Easy uninstall routine for complete removal of all database changes.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>… and all that integrated in the stylish WordPress look.\u003C\u002Fp>\n\u003Ch4>Import \u002F Export\u003C\u002Fh4>\n\u003Cp>You may have another guestbook installed. That’s great, because Gwolle Guestbook enables you to import entries easily.\u003Cbr \u002F>\nThe importer does not delete any of your data, so you can go back to your previous setup without loss of data, if you want to.\u003Cbr \u002F>\nTrying Gwolle Guestbook is as easy as 1-2-3.\u003C\u002Fp>\n\u003Cp>Import is supported from:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>DMSGuestbook.\u003C\u002Fli>\n\u003Cli>WordPress comments from a specific post, page or just all comments.\u003C\u002Fli>\n\u003Cli>Gwolle Guestbook itself, with Export supported as well (CSV-file).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>If you have a problem or a feature request, please post it on the plugin’s support forum on \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fgwolle-gb\" rel=\"ugc\">wordpress.org\u003C\u002Fa>. I will do my best to respond as soon as possible.\u003C\u002Fp>\n\u003Cp>If you send me an email, I will not reply. Please use the support forum.\u003C\u002Fp>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cp>Translations can be added very easily through \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fgwolle-gb\" rel=\"nofollow ugc\">GlotPress\u003C\u002Fa>.\u003Cbr \u002F>\nYou can start translating strings there for your locale. They need to be validated though, so if there’s no validator yet, and you want to apply for being validator (PTE), please post it on the support forum.\u003Cbr \u002F>\nI will make a request on make\u002Fpolyglots to have you added as validator for this plugin\u002Flocale.\u003C\u002Fp>\n\u003Ch4>Demo\u003C\u002Fh4>\n\u003Cp>Check out the demo at \u003Ca href=\"https:\u002F\u002Fdemo.zenoweb.nl\u002Fwordpress-plugins\u002Fgwolle-gb\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fdemo.zenoweb.nl\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Add-On\u003C\u002Fh4>\n\u003Cp>Gwolle Guestbook: The Add-On is the add-on for Gwolle Guestbook that gives extra functionality for your guestbook.\u003C\u002Fp>\n\u003Cp>Current features include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Meta Fields. Add any field you want; company, phone number, you name it.\u003C\u002Fli>\n\u003Cli>Social Media Sharing (optional).\u003C\u002Fli>\n\u003Cli>Star Ratings, with voting and display and Rich Snippets for SEO (optional).\u003C\u002Fli>\n\u003Cli>Average star rating per guestbook.\u003C\u002Fli>\n\u003Cli>Like an entry and view likes for each entry.\u003C\u002Fli>\n\u003Cli>Preview for the frontend form.\u003C\u002Fli>\n\u003Cli>Preview for the admin editor form.\u003C\u002Fli>\n\u003Cli>Automatic Refresh of guestbook list with new entries.\u003C\u002Fli>\n\u003Cli>Admin reply on the frontend with AJAX.\u003C\u002Fli>\n\u003Cli>Edit content\u002Fauthor\u002Forigin of entry on the frontend with AJAX.\u003C\u002Fli>\n\u003Cli>Report Abuse.\u003C\u002Fli>\n\u003Cli>Easy String Replacement in the default text so you can make this guestbook into a review section or anything you want.\u003C\u002Fli>\n\u003Cli>Delete button in each entry for the moderator and author (optional).\u003C\u002Fli>\n\u003Cli>Permalink button in each entry for easy access (optional).\u003C\u002Fli>\n\u003Cli>Email button to contact each author (optional).\u003C\u002Fli>\n\u003Cli>Upload Images through the form. (Only for Author, Editor and Administrator with capability ‘gwolle_gb_upload_files’) (optional).\u003C\u002Fli>\n\u003Cli>Sitemap support for popular SEO\u002FSitemap plugins.\u003C\u002Fli>\n\u003Cli>Auto Anonymize timer (optional).\u003C\u002Fli>\n\u003Cli>Auto Delete timer (optional).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can buy the Add-On at \u003Ca href=\"https:\u002F\u002Fzenoweb.nl\u002Fdownloads\u002Fgwolle-guestbook-add-on\u002F\" rel=\"nofollow ugc\">ZenoWeb Webshop\u003C\u002Fa> for only 15 Euro.\u003C\u002Fp>\n\u003Ch4>Demo with Add-On\u003C\u002Fh4>\n\u003Cp>Check out the demo with the Add-On enabled at \u003Ca href=\"https:\u002F\u002Fdemo.zenoweb.nl\u002Fwordpress-plugins\u002Fgwolle-guestbook-the-add-on\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fdemo.zenoweb.nl\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Compatibility\u003C\u002Fh4>\n\u003Cp>This plugin is compatible with \u003Ca href=\"https:\u002F\u002Fwww.classicpress.net\" rel=\"nofollow ugc\">ClassicPress\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Contributions\u003C\u002Fh4>\n\u003Cp>This plugin is also available in \u003Ca href=\"https:\u002F\u002Fcodeberg.org\u002Fcyclotouriste\u002Fgwolle-gb\" rel=\"nofollow ugc\">Codeberg\u003C\u002Fa>.\u003C\u002Fp>\n","Gwolle Guestbook is the WordPress guestbook you've just been looking for. Beautiful and easy.",20000,1519064,96,114,"2026-02-06T09:48:00.000Z","4.1","7.0",[128,91,22,129,130],"gastebuch","livre-dor","review","https:\u002F\u002Fzenoweb.nl\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgwolle-gb.4.10.1.zip",89,7,"2025-07-09 12:49:48",{"attackSurface":137,"codeSignals":201,"taintFlows":274,"riskAssessment":331,"analyzedAt":342},{"hooks":138,"ajaxHandlers":197,"restRoutes":198,"shortcodes":199,"cronEvents":200,"entryPointCount":28,"unprotectedCount":28},[139,145,150,154,157,162,166,170,174,178,181,184,187,190,194],{"type":140,"name":141,"callback":142,"file":143,"line":144},"action","comment_form","add_image_upload_form","comments_pub_comments.php",150,{"type":140,"name":146,"callback":147,"file":148,"line":149},"wp_enqueue_scripts","add_styles","comment_pub.php",48,{"type":140,"name":151,"callback":152,"file":148,"line":153},"admin_enqueue_scripts","add_admin_styles",49,{"type":140,"name":146,"callback":155,"file":148,"line":156},"add_scripts",50,{"type":158,"name":159,"callback":160,"file":148,"line":161},"filter","wp_insert_comment","save_comment_pub",52,{"type":158,"name":163,"callback":164,"file":148,"line":165},"comments_array","display_comment_pub",53,{"type":158,"name":167,"callback":168,"file":148,"line":169},"comments_template","comment_pub_comments",59,{"type":158,"name":171,"callback":172,"file":148,"line":173},"comment_form_field_email","change_email",64,{"type":140,"name":175,"callback":176,"file":148,"line":177},"admin_notices","folder_error_notice",74,{"type":140,"name":179,"callback":142,"file":148,"line":180},"comment_form_after_fields",97,{"type":140,"name":182,"callback":142,"file":148,"line":183},"comment_form_logged_in_after",103,{"type":140,"name":141,"callback":185,"file":148,"line":186},"love_link",111,{"type":140,"name":175,"callback":188,"file":148,"line":189},"save_error_notice",119,{"type":140,"name":191,"callback":192,"file":148,"line":193},"admin_menu","nmg_comment_pub_admin",587,{"type":140,"name":191,"callback":195,"file":148,"line":196},"nmg_comment_pub_sorting",601,[],[],[],[],{"dangerousFunctions":202,"sqlUsage":203,"outputEscaping":206,"fileOperations":272,"externalRequests":28,"nonceChecks":14,"capabilityChecks":86,"bundledLibraries":273},[],{"prepared":204,"raw":28,"locations":205},4,[],{"escaped":207,"rawEcho":208,"locations":209},15,31,[210,214,216,218,220,222,224,226,228,229,231,233,235,237,239,241,242,243,245,248,250,252,254,256,258,260,262,264,266,268,270],{"file":211,"line":212,"context":213},"comments_pub_admin.php",41,"raw output",{"file":211,"line":215,"context":213},69,{"file":211,"line":217,"context":213},94,{"file":211,"line":219,"context":213},105,{"file":211,"line":221,"context":213},160,{"file":211,"line":223,"context":213},161,{"file":211,"line":225,"context":213},164,{"file":211,"line":227,"context":213},174,{"file":211,"line":227,"context":213},{"file":211,"line":230,"context":213},182,{"file":211,"line":232,"context":213},192,{"file":211,"line":234,"context":213},195,{"file":211,"line":236,"context":213},203,{"file":211,"line":238,"context":213},211,{"file":143,"line":240,"context":213},73,{"file":143,"line":27,"context":213},{"file":143,"line":13,"context":213},{"file":143,"line":244,"context":213},175,{"file":246,"line":247,"context":213},"comments_pub_sorting.php",221,{"file":246,"line":249,"context":213},222,{"file":246,"line":251,"context":213},239,{"file":246,"line":253,"context":213},240,{"file":246,"line":255,"context":213},253,{"file":246,"line":257,"context":213},266,{"file":246,"line":259,"context":213},677,{"file":246,"line":261,"context":213},685,{"file":148,"line":263,"context":213},139,{"file":148,"line":265,"context":213},154,{"file":148,"line":267,"context":213},267,{"file":148,"line":269,"context":213},284,{"file":148,"line":271,"context":213},520,9,[],[275,299,322],{"entryPoint":276,"graph":277,"unsanitizedCount":204,"severity":298},"\u003Ccomments_pub_admin> (comments_pub_admin.php:0)",{"nodes":278,"edges":294},[279,283,288,292],{"id":280,"type":281,"label":282,"file":211,"line":223},"n0","source","$_SERVER['REQUEST_URI']",{"id":284,"type":285,"label":286,"file":211,"line":223,"wp_function":287},"n1","sink","echo() [XSS]","echo",{"id":289,"type":281,"label":290,"file":211,"line":291},"n2","$_POST (x3)",12,{"id":293,"type":285,"label":286,"file":211,"line":227,"wp_function":287},"n3",[295,297],{"from":280,"to":284,"sanitized":296},false,{"from":289,"to":293,"sanitized":296},"low",{"entryPoint":300,"graph":301,"unsanitizedCount":28,"severity":298},"\u003Ccomments_pub_sorting> (comments_pub_sorting.php:0)",{"nodes":302,"edges":317},[303,305,308,310,311,315],{"id":280,"type":281,"label":304,"file":246,"line":217},"$_GET (x2)",{"id":284,"type":285,"label":306,"file":246,"line":180,"wp_function":307},"get_results() [SQLi]","get_results",{"id":289,"type":281,"label":309,"file":246,"line":261},"$_REQUEST['page']",{"id":293,"type":285,"label":286,"file":246,"line":261,"wp_function":287},{"id":312,"type":281,"label":313,"file":246,"line":314},"n4","$_REQUEST['paged']",693,{"id":316,"type":285,"label":286,"file":246,"line":314,"wp_function":287},"n5",[318,320,321],{"from":280,"to":284,"sanitized":319},true,{"from":289,"to":293,"sanitized":319},{"from":312,"to":316,"sanitized":319},{"entryPoint":323,"graph":324,"unsanitizedCount":14,"severity":330},"create_query (comments_pub_sorting.php:34)",{"nodes":325,"edges":328},[326,327],{"id":280,"type":281,"label":304,"file":246,"line":217},{"id":284,"type":285,"label":306,"file":246,"line":180,"wp_function":307},[329],{"from":280,"to":284,"sanitized":296},"high",{"summary":332,"deductions":333},"The \"comment-pub\" v1.0.0 plugin demonstrates a generally good security posture with several strengths. Notably, all identified SQL queries utilize prepared statements, which is a crucial defense against SQL injection vulnerabilities. The absence of known CVEs and a clean vulnerability history further suggest a commitment to security or a lack of past exploitation. However, the static analysis reveals some areas for concern.  A significant portion of output (67%) is not properly escaped, presenting a risk of Cross-Site Scripting (XSS) vulnerabilities.  Furthermore, the taint analysis indicates two flows with unsanitized paths, one of which is flagged as high severity. While the total attack surface is zero, these unsanitized flows could still be exploited if an attacker can control the input to these paths. The presence of file operations and a limited number of nonce and capability checks also warrants attention, as these can sometimes be entry points for further attacks if not implemented with utmost care. In conclusion, while the plugin avoids common pitfalls like raw SQL and a public attack surface, the unescaped output and the high-severity taint flow represent significant risks that need to be addressed.",[334,336,339],{"reason":335,"points":291},"High severity taint flow",{"reason":337,"points":338},"Unsanitized path flows",8,{"reason":340,"points":341},"Low output escaping percentage",6,"2026-03-16T22:45:37.216Z",{"wat":344,"direct":352},{"assetPaths":345,"generatorPatterns":348,"scriptPaths":349,"versionParams":351},[346,347],"\u002Fwp-content\u002Fplugins\u002Fcomment-pub\u002Fcss\u002Fplugin.css","\u002Fwp-content\u002Fplugins\u002Fcomment-pub\u002Fcss\u002Fadmin.css",[],[350],"\u002Fwp-content\u002Fplugins\u002Fcomment-pub\u002Fjs\u002Fplugin.min.js",[],{"cssClasses":353,"htmlComments":355,"htmlAttributes":357,"restEndpoints":358,"jsGlobals":359,"shortcodeOutput":360},[354],"nocomments",[356],"\u003C!-- \u002F#comment-pub-notice -->",[],[],[],[],{"error":319,"url":362,"statusCode":363,"statusMessage":364,"message":364},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fcomment-pub\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":34,"versions":366},[367],{"version":6,"download_url":26,"svn_tag_url":368,"released_at":29,"has_diff":296,"diff_files_changed":369,"diff_lines":29,"trac_diff_url":29,"vulnerabilities":370,"is_current":319},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcomment-pub\u002Ftags\u002F1.0.0\u002F",[],[]]