[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fIG0rVQloQhhGEoCxgi1sT39FyqHv8FU7lm1nrqIwFB0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":146,"fingerprints":224},"commentmailer","CommentMailer","0.1","Huda Toriq","https:\u002F\u002Fprofiles.wordpress.org\u002Fhudatoriq\u002F","\u003Cp>CommentMailer is a WordPress plugin that generates and sends e-mail to your blog’s commenters to tell them that you\u003Cbr \u002F>\nhave replied his\u002Fher comment on your blog’s comment system. It adds extra options on your blog’s comment form to select\u003Cbr \u002F>\nwhich commenters you are replying to. Submitting the reply comment will trigger the e-mail generation function thus\u003Cbr \u002F>\nsend them automatically. You can customize your own notification e-mail or use the default one.\u003C\u002Fp>\n","Send automated email to your blog's commenters everytime you reply their comments on the blog's comment system.",10,5335,0,"2007-11-28T06:33:00.000Z","2.3.1","2.0.2","",[19,20,21,22],"comment","discussion","e-mail","email","http:\u002F\u002Fhudatoriq.web.id\u002Fwp-hacks\u002Fcommentmailer","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcommentmailer.0.1.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":25,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"hudatoriq",2,20,30,84,"2026-04-05T17:20:02.655Z",[37,57,81,104,124],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":11,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":17,"tags":51,"homepage":55,"download_link":56,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"dispito","Dispito – discussions and comments","1.0.1","erik_cz","https:\u002F\u002Fprofiles.wordpress.org\u002Ferik_cz\u002F","\u003Cp>Dispito is online service and tool for web comments and discussions. Dispito makes commenting easier and more interactive.\u003C\u002Fp>\n\u003Cp>The service name is derived from the Spanish word “disputa” (the english term is “discussion”)\u003C\u002Fp>\n\u003Ch3>Changes\u003C\u002Fh3>\n\u003Ch4>2.10\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>public version with web registration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>Visit \u003Ca href=\"http:\u002F\u002Fwww.dispito.com\u002F\" rel=\"nofollow ugc\">www.dispito.com\u003C\u002Fa> – official website.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Visit \u003Ca href=\"http:\u002F\u002Fhelp.dispito.com\u002F\" rel=\"nofollow ugc\">help.dispito.com\u003C\u002Fa> for help documentation.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","The Dispito comment system replaces your WordPress comment system with your comments hosted and powered by Dispito.",3195,100,1,"2013-10-09T14:34:00.000Z","3.0.5","3.0",[52,20,22,53,54],"comments","forum","threaded","http:\u002F\u002Fwww.dispito.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdispito.zip",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":67,"num_ratings":68,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":72,"tags":73,"homepage":76,"download_link":77,"security_score":78,"vuln_count":79,"unpatched_count":13,"last_vuln_date":80,"fetched_at":27},"disqus-comment-system","Disqus Comment System","3.1.4","Disqus","https:\u002F\u002Fprofiles.wordpress.org\u002Fdisqus\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fdisqus.com\u002F\" rel=\"nofollow ugc\">Disqus\u003C\u002Fa> is the web’s most popular commenting system trusted by millions of publishers to increase reader engagement, grow audience and traffic, and monetize content. Disqus helps publishers of all sizes engage directly with their audiences to build loyalty, retain readers, and foster thriving communities.\u003C\u002Fp>\n\u003Cp>The Disqus for WordPress plugin lets site owners and developers easily add Disqus to their sites, replacing the default WordPress comment system. Disqus installs in minutes and automatically imports your existing comments.\u003C\u002Fp>\n\u003Cp>In addition to our free-to-use, ad-supported Basic plan, we also offer ad-optional subscription plans that come with more advanced features and access to priority support. Please see our \u003Ca href=\"https:\u002F\u002Fdisqus.com\u002Fpricing\u002F\" rel=\"nofollow ugc\">pricing page\u003C\u002Fa> for more details.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>NEW: \u003Ca href=\"https:\u002F\u002Fdisqus.com\u002Fpolls\" rel=\"nofollow ugc\">Disqus Polls\u003C\u002Fa>\u003C\u002Fstrong> – Engage your audiences with interactive polls, and seamlessly install them on your site.\u003C\u002Fp>\n\u003Ch4>Why Disqus?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Simple one-click installation that seamlessly integrates with WordPress without ever needing to edit a single line of code or losing any of your existing comments\u003C\u002Fli>\n\u003Cli>Keep users engaged on your site longer with a commenting experience readers love\u003C\u002Fli>\n\u003Cli>Bring users back to your site with web and email notifications and personalized digests\u003C\u002Fli>\n\u003Cli>Improve SEO ranking with user generated content\u003C\u002Fli>\n\u003Cli>Keep spam out with our best-in-class anti-spam filter powered by Akismet\u003C\u002Fli>\n\u003Cli>Single profile for commenting on over 4 million sites including social login support for Facebook, Twitter, and Google accounts\u003C\u002Fli>\n\u003Cli>Trusted by sites like ABC News, Entertainment Weekly, and Rotten Tomatoes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Disqus Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Syncs comments automatically to WordPress for backup and flexibility if you ever decide to switch to a different platform\u003C\u002Fli>\n\u003Cli>Loads asynchronously with advanced caching so that Disqus doesn’t affect your site’s performance\u003C\u002Fli>\n\u003Cli>Monetization options to grow revenue\u003C\u002Fli>\n\u003Cli>Export comments to WordPress-compatible XML to backup or migrate to another system\u003C\u002Fli>\n\u003Cli>Analytics dashboard for measuring overall engagement on your site\u003C\u002Fli>\n\u003Cli>Mobile responsive design\u003C\u002Fli>\n\u003Cli>\u003Cstrong>NEW: Disqus Polls\u003C\u002Fstrong> – Create and embed interactive polls directly on your site to boost engagement and gather insights from your audience.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Engagement Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Realtime comments system with fun discussion interactions: voting, photo and video upload, rich media embed (Youtube, Twitter, Vimeo, and more), spoiler tags, mentions\u003C\u002Fli>\n\u003Cli>Comment text formatting (e.g. bold, link, italics, quote) using HTML tags as well as code syntax highlighting\u003C\u002Fli>\n\u003Cli>Threaded comment display (nested 3 levels) with ability to collapse individual threads\u003C\u002Fli>\n\u003Cli>Sort discussion by oldest, newest, and best comments\u003C\u002Fli>\n\u003Cli>Flexible login options – Social login with Facebook, Twitter, and Google, SSO, and guest commenting support\u003C\u002Fli>\n\u003Cli>Instant activity notifications, email notifications, and digests pull readers back in\u003C\u002Fli>\n\u003Cli>User profiles that show you recent comment history and frequented communities\u003C\u002Fli>\n\u003Cli>Recommendations widget that shows where active discussions are happening elsewhere on your site\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Moderation Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Automatic anti-spam filter powered by Akismet\u003C\u002Fli>\n\u003Cli>Automated pre-moderation controls to flag comments based on links, user reputation\u003C\u002Fli>\n\u003Cli>Moderate directly in the discussion, via email, or moderation panel\u003C\u002Fli>\n\u003Cli>Email notifications for newly posted comments, replies\u003C\u002Fli>\n\u003Cli>Moderation Panel that lets you search, filter, sort, and manage your comments\u003C\u002Fli>\n\u003Cli>Self-moderation tools like user blocking, comment flagging\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Search our \u003Ca href=\"https:\u002F\u002Fhelp.disqus.com\u002Fcustomer\u002Fportal\u002Farticles\u002F472005\" rel=\"nofollow ugc\">Knowledge Base\u003C\u002Fa> for solutions to common troubleshooting questions\u003C\u002Fli>\n\u003Cli>Check out our support community, \u003Ca href=\"https:\u002F\u002Fdisqus.com\u002Fhome\u002Fchannel\u002Fdiscussdisqus\u002F\" rel=\"nofollow ugc\">Discuss Disqus\u003C\u002Fa>, to see if your question has been answered\u003C\u002Fli>\n\u003Cli>Talk to our Support team at \u003Ca href=\"disqus.com\u002Fsupport\" rel=\"nofollow ugc\">disqus.com\u002Fsupport\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Visit our \u003Ca href=\"https:\u002F\u002Fhelp.disqus.com\u002Fcustomer\u002Fen\u002Fportal\u002Farticles\u002F1264625-getting-started\" rel=\"nofollow ugc\">Getting Started\u003C\u002Fa> page to learn the basics of Disqus\u003C\u002Fli>\n\u003C\u002Ful>\n","Disqus is the web's most popular comment system. Use Disqus to increase engagement, retain readers, and grow your audience.",40000,4455999,54,219,"2026-01-15T17:47:00.000Z","6.9.4","4.4","5.6",[52,74,22,75,54],"disqus","engagement","https:\u002F\u002Fdisqus.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisqus-comment-system.3.1.4.zip",96,5,"2014-09-17 00:00:00",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":91,"num_ratings":92,"last_updated":93,"tested_up_to":94,"requires_at_least":95,"requires_php":96,"tags":97,"homepage":17,"download_link":102,"security_score":103,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"cb-change-mail-sender","Change Mail Sender","1.3.0","Syed Balkhi","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmub\u002F","\u003Cp>\u003Cstrong>Do you want to change the WordPress default from email address and from name?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This is the plugin for you! It allows you to change the from email address and name for all emails sent from your WordPress site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Are your WordPress emails not being delivered?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you have issues with email deliverability, then just changing the from email address and name will usually not resolve the issue.\u003C\u002Fp>\n\u003Cp>In order to fix your WordPress emails not reaching your inbox, we suggest installing the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-mail-smtp\u002F\" rel=\"ugc\">WP Mail SMTP\u003C\u002Fa> plugin.\u003C\u002Fp>\n\u003Cp>WP Mail SMTP is trusted by more than 3 million websites. It will fix the deliverability problems with one of your favourite email providers: Gmail, Outlook, SendLayer, Mailgun, and many more.\u003C\u002Fp>\n","Easily change the default WordPress from email name and from email address.",20000,186985,88,18,"2025-04-02T06:24:00.000Z","6.7.5","5.2","5.6.20",[98,22,99,100,101],"change-mail-sender","from-email","mail","name","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcb-change-mail-sender.1.3.0.zip",92,{"slug":105,"name":106,"version":15,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":89,"downloaded":111,"rating":112,"num_ratings":113,"last_updated":114,"tested_up_to":115,"requires_at_least":116,"requires_php":17,"tags":117,"homepage":119,"download_link":120,"security_score":121,"vuln_count":122,"unpatched_count":13,"last_vuln_date":123,"fetched_at":27},"subscribe-to-comments","Subscribe to Comments","Mark Jaquith","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarkjaquith\u002F","\u003Cp>Subscribe to Comments is a robust plugin that enables commenters to sign up for e-mail notification of subsequent entries.  The plugin includes a full-featured subscription manager that your commenters can use to unsubscribe to certain posts, block all notifications, or even change their notification e-mail address!\u003C\u002Fp>\n","Subscribe to Comments allows commenters on an entry to subscribe to e-mail notifications for subsequent comments.",571809,78,14,"2024-10-29T05:34:00.000Z","4.3.34","2.9",[52,22,118],"subscription","http:\u002F\u002Ftxfx.net\u002Fwordpress-plugins\u002Fsubscribe-to-comments\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsubscribe-to-comments.2.3.1.zip",89,3,"2024-10-29 14:20:48",{"slug":125,"name":126,"version":127,"author":128,"author_profile":129,"description":130,"short_description":131,"active_installs":132,"downloaded":133,"rating":78,"num_ratings":134,"last_updated":135,"tested_up_to":136,"requires_at_least":137,"requires_php":138,"tags":139,"homepage":17,"download_link":143,"security_score":144,"vuln_count":31,"unpatched_count":13,"last_vuln_date":145,"fetched_at":27},"no-page-comment","No Page Comment","1.3.1","Seth Alling","https:\u002F\u002Fprofiles.wordpress.org\u002Fsethta\u002F","\u003Cp>Up until recently, WordPress gave two options: You could either disable comments and trackbacks by default for all pages and posts, or you could have them active by default. In WordPress version 4.3, this finally changed so comments are always disabled on new pages.\u003C\u002Fp>\n\u003Cp>While the new change makes it easier for many of the sites, it make it harder for people who need to get the reverse and enable comments on all pages, or if they need to change the default for a custom post type. This plugin allows you to choose whether comments are enabled or disabled by default on all new posts, pages and custom post types, while still giving the ability to individually enable comments on posts or pages.\u003C\u002Fp>\n\u003Cp>Also, this plugin provides a way to quickly disable all comments or pingbacks for a specific custom post type. It directly interacts with your database to modify the status, so it is highly recommended that you backup your database first. There shouldn’t be any issues using this feature, but it’s always good to play it safe.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsethta\u002Fno-page-comment\" title=\"No Page Comment Development on Github\" rel=\"nofollow ugc\">View No Page Comment Development on Github\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsethta\u002Fno-page-comment\u002Fissues\" title=\"Report an Issue about No Page Comment on Github\" rel=\"nofollow ugc\">Please Report any Issues about No Page Comment on Github\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fcgi-bin\u002Fwebscr?cmd=_s-xclick&hosted_button_id=5WWP2EDSCAJR4\" title=\"Donate to support the No Page Comment Plugin development\" rel=\"nofollow ugc\">Donate to Support No Page Comment Development\u003C\u002Fa>\u003C\u002Fp>\n","An admin interface to control the default comment and trackback settings on new posts, pages and custom post types.",10000,250545,23,"2025-11-17T15:09:00.000Z","6.8.5","6.2","7.4",[52,140,20,141,142],"custom-post-types","pages","posts","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fno-page-comment.zip",99,"2022-09-21 00:00:00",{"attackSurface":147,"codeSignals":178,"taintFlows":212,"riskAssessment":213,"analyzedAt":223},{"hooks":148,"ajaxHandlers":174,"restRoutes":175,"shortcodes":176,"cronEvents":177,"entryPointCount":13,"unprotectedCount":13},[149,154,158,162,165,169],{"type":150,"name":151,"callback":151,"file":152,"line":153},"action","admin_menu","commentmailer.php",303,{"type":150,"name":155,"callback":156,"file":152,"line":157},"activate_commentmailer.php","install",304,{"type":150,"name":159,"callback":160,"file":152,"line":161},"comment_post","check_comment",306,{"type":150,"name":163,"callback":163,"file":152,"line":164},"init",307,{"type":150,"name":166,"callback":167,"file":152,"line":168},"comment_form","form",308,{"type":170,"name":171,"callback":172,"file":152,"line":173},"filter","comments_array","get_comments",309,[],[],[],[],{"dangerousFunctions":179,"sqlUsage":180,"outputEscaping":182,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":211},[],{"prepared":13,"raw":13,"locations":181},[],{"escaped":13,"rawEcho":113,"locations":183},[184,186,188,189,191,193,195,197,199,201,203,205,207,209],{"file":152,"line":103,"context":185},"raw output",{"file":152,"line":187,"context":185},107,{"file":152,"line":187,"context":185},{"file":152,"line":190,"context":185},117,{"file":152,"line":192,"context":185},228,{"file":152,"line":194,"context":185},241,{"file":152,"line":196,"context":185},246,{"file":152,"line":198,"context":185},251,{"file":152,"line":200,"context":185},256,{"file":152,"line":202,"context":185},261,{"file":152,"line":204,"context":185},272,{"file":152,"line":206,"context":185},273,{"file":152,"line":208,"context":185},280,{"file":152,"line":210,"context":185},281,[],[],{"summary":214,"deductions":215},"The \"commentmailer\" plugin version 0.1 exhibits a generally positive security posture regarding common web vulnerabilities. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits its attack surface. Furthermore, the plugin demonstrates good practice by exclusively using prepared statements for its SQL queries and showing no critical or high-severity taint analysis results, indicating a lack of exploitable data flow issues. The plugin also has no known vulnerability history, which suggests a commitment to secure coding or a lack of prior discovery. \n\nHowever, a significant concern arises from the output escaping analysis. With 14 total outputs and 0% properly escaped, this indicates a high likelihood of Cross-Site Scripting (XSS) vulnerabilities. Any data displayed by the plugin that originates from user input or external sources, without proper sanitization, could be manipulated by attackers to inject malicious scripts. The complete lack of nonce checks and capability checks, while not directly exploitable due to the limited attack surface, could become a risk if new entry points are introduced in future versions without these security measures. \n\nIn conclusion, while \"commentmailer\" v0.1 has strengths in its limited attack surface and secure database interactions, the severe deficiency in output escaping presents a substantial risk of XSS vulnerabilities. This needs immediate attention. The absence of vulnerability history is a positive sign, but it does not negate the critical issue found in the static analysis.",[216,219,221],{"reason":217,"points":218},"0% output properly escaped",15,{"reason":220,"points":79},"0 nonce checks on potential entry points",{"reason":222,"points":79},"0 capability checks on potential entry points","2026-03-16T23:51:27.786Z",{"wat":225,"direct":230},{"assetPaths":226,"generatorPatterns":227,"scriptPaths":228,"versionParams":229},[],[],[],[],{"cssClasses":231,"htmlComments":234,"htmlAttributes":235,"restEndpoints":240,"jsGlobals":241,"shortcodeOutput":242},[232,233],"commentmailerto","commentmailerlang",[],[236,237,238,239],"name=\"commenters[]\"","id=\"commenters\"","name=\"cmailer_lang\"","id=\"cmailer_lang\"",[],[],[]]