[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$flB4cA6vJuHzo5-xB8e--XPDpHaaMTBHAx5IiNw0thmA":3,"$fWIyrFehKoB652mZExc60StEpOV_6dgEKChTuJ_5hR0c":188,"$f3qptFcNYXlRkpZsyG3KmMOKQml_3F6dPBtUrBO1AE9c":193},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":15,"tags":16,"homepage":20,"download_link":21,"security_score":22,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":24,"discovery_status":25,"vulnerabilities":26,"developer":27,"crawl_stats":23,"alternatives":34,"analysis":128,"fingerprints":174},"comments-counter","Comments Counter","1.0","Mayank Kumar","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarkmemayank\u002F","\u003Cp>This plugin will help you to display the number of comments in different categories and adds a widget to the WordPress dashboard.\u003C\u002Fp>\n\u003Ch3>Installation Process\u003C\u002Fh3>\n\u003Cp>From your WordPress dashboard\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>Visit\u003C\u002Fstrong> Plugins > Add New\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Search\u003C\u002Fstrong> for “User Counter”\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Install and Activate\u003C\u002Fstrong> User Counter from your Plugins page\u003C\u002Fli>\n\u003Cli>Bingo, your plugin has been activated, and your widget is now in your WordPress Dashboard.\u003C\u002Fli>\n\u003C\u002Fol>\n","Display the count of all types of comments.",0,1687,"2024-09-03T20:18:00.000Z","6.6.5","",[17,18,19],"approved-comments","comments","count","https:\u002F\u002Fmarkmemayank.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomments-counter.1.0.zip",92,null,"2026-04-06T09:54:40.288Z","no_bundle",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":11,"avg_security_score":30,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"markmemayank",2,89,30,86,"2026-05-19T19:29:33.485Z",[35,58,77,94,115],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":43,"num_ratings":45,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":15,"tags":49,"homepage":54,"download_link":55,"security_score":56,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":57},"admin-commenters-comments-count","Admin Commenters Comments Count","1.9.6","Scott Reilly","https:\u002F\u002Fprofiles.wordpress.org\u002Fcoffee2code\u002F","\u003Cp>Next to all appearances of each commenter’s name in the admin, this plugin shows a comments bubble identical to the one shown for posts in the admin listing of posts. The comments bubble shows the number of approved comments for that person and potentially a red superscript circle indicating the number of pending comments for the person (assuming they have any). The comment counts are linked to listings of comments associated solely with that particular commenter.\u003C\u002Fp>\n\u003Cp>By default in WordPress, it is not possible to tell via a single glance whether a particular commenter has commented before or how many times the’ve commented.\u003C\u002Fp>\n\u003Cp>This plugin adds this handy capability to the WordPress admin pages that allows you to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Quickly identify a first-time commenter\u003C\u002Fli>\n\u003Cli>Quickly identify unfamiliar commenters that have in fact commented before\u003C\u002Fli>\n\u003Cli>Quickly see how many total comments a particular commenter has made, and how many comments are pending\u003C\u002Fli>\n\u003Cli>Easily navigate to a listing of all approved comments and all moderated comments by a commenter, in order to see what post and when they last commented (or first commented), get a feel for the nature of their comments, or find something they’ve said in the past\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Specifically, the linked comment count appears next to commenters in:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The “Comments” listing of comments (including comment search results)\u003C\u002Fli>\n\u003Cli>The “Comments for ‘POST_TITLE'” listing of post-specific comments\u003C\u002Fli>\n\u003Cli>The “Discussion” box of the “Edit Post” page for a post with comments\u003C\u002Fli>\n\u003Cli>The “Recent Comments” admin dashboard widget\u003C\u002Fli>\n\u003Cli>The “Users” listing of users (as the column “Comments”)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Commenters are identified by the email address they provided when commenting. If your site does not require that commenters submit their email address when commenting, this plugin will use the commenter’s name as the identifier, though since this is a publicly viewable piece of data it’s possible that multiple people could be posting under the same “name”, so this method has the potential to be not as accurate.\u003C\u002Fp>\n\u003Cp>Links: \u003Ca href=\"https:\u002F\u002Fcoffee2code.com\u002Fwp-plugins\u002Fadmin-commenters-comments-count\u002F\" rel=\"nofollow ugc\">Plugin Homepage\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadmin-commenters-comments-count\u002F\" rel=\"ugc\">Plugin Directory Page\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcoffee2code\u002Fadmin-commenters-comments-count\u002F\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fcoffee2code.com\" rel=\"nofollow ugc\">Author Homepage\u003C\u002Fa>\u003C\u002Fp>\n","Displays a count of each commenter's total number of comments (linked to those comments) next to their name on any admin page.",100,19017,8,"2021-05-02T06:46:00.000Z","5.7.15","4.6",[50,51,52,53,18],"comment","comment-author","comment-count","commenters","https:\u002F\u002Fcoffee2code.com\u002Fwp-plugins\u002Fadmin-commenters-comments-count\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-commenters-comments-count.1.9.6.zip",85,"2026-04-16T10:56:18.058Z",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":43,"num_ratings":68,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":15,"tags":72,"homepage":15,"download_link":76,"security_score":56,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":57},"simple-top-commenters","Simple Top Commenters","1.5.2","mrengy","https:\u002F\u002Fprofiles.wordpress.org\u002Fmrengy\u002F","\u003Cp>A sidebar widget that displays a list of top commenters across a site, showing the number of comments for each. Inspired by and extended from the Top Commentators Widget by WebGrrrl.\u003C\u002Fp>\n\u003Ch3>Supported Languages:\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Cp>English\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Slovene: Thanks to Mitja Mihelič: mitja.mihelic@arnes.si http:\u002F\u002Fwww.linkedin.com\u002Fin\u002Fmmihelic\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Romanian: Thanks to Alexander Ovsov: \u003Ca href=\"http:\u002F\u002Fwebhostinggeeks.com\u002F\" rel=\"nofollow ugc\">Web Hosting Geeks\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Ukranian: Thanks to Michael Yunat: \u003Ca href=\"http:\u002F\u002Fgetvoip.com\u002Fblog\" rel=\"nofollow ugc\">http:\u002F\u002Fgetvoip.com\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Options:\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Cp>“Title”: customizable title that is displayed in the sidebar for this widget.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>“Define Commenters by”: choose whether to define an individual by email address or by name entered in the comment form\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>“Commenters to Exclude”: a list of people to exclude from the count. Can enter names and\u002For email addresses here. Separate each with a comma.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>“# of Commenters to List”: determines the number of top commenters to list.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>“Show ‘comments’ Label?”: If checked, a top commenter will appear as “mike: 10 comments”. If unchecked, he\u002Fshe will appear simply as “mike: 10”.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n","A sidebar widget that displays a list of top commenters across a site, showing the number of comments for each.",40,7175,1,"2017-10-01T19:57:00.000Z","4.8.28","3.0",[18,73,74,75],"counter","sidebar","widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-top-commenters.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":31,"downloaded":85,"rating":43,"num_ratings":29,"last_updated":86,"tested_up_to":87,"requires_at_least":88,"requires_php":15,"tags":89,"homepage":15,"download_link":93,"security_score":56,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":57},"dx2-post-hit-counter","DX2 Post Hit Counter","1.3","dx2systems","https:\u002F\u002Fprofiles.wordpress.org\u002Fdx2systems\u002F","\u003Cp>This hit counter is a light weight way to track the hits on all posts, including custom post types on your WordPress blog. The plugin uses ajax to count the hit which means it will have no affect on the speed of which the page loads. This also leads to a much more reliable hit count as the hit is not actually counted until the page has loaded. To the end user this hit counter will have almost no affect on the pages load speed.\u003C\u002Fp>\n\u003Cp>Your traffic stats are can be viewed quickly from the dashboard widget that will give you a daily overview of the most popular posts along with the total hits on the website for the past few days.\u003C\u002Fp>\n\u003Cp>When logged in as an administrator you will be able to see the number of hits that a page has from the WordPress admin title bar. When editing the post you will also be able to see the number of hits the page has received and have the ability to reset the counter if needed. Admin hits will be automatically be discounted to save the hit count being inflated due to testing or other general use of the site by any of the administrators.\u003C\u002Fp>\n\u003Cp>A few notes about the sections above:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Light weight method to count page hits.\u003C\u002Fli>\n\u003Cli>AJAX powered recording system\u003C\u002Fli>\n\u003Cli>Dashboard widget for traffic overview\u003C\u002Fli>\n\u003Cli>Administration tools to manage hits\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>https:\u002F\u002Fdx2systems.com\u002F\u003C\u002Fp>\n","A lightweight counter to track the number of hits on all posts on the website.",4023,"2017-03-31T08:07:00.000Z","4.7.33","3.0.1",[18,19,90,91,92],"hit","page-views","traffic","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdx2-post-hit-counter.1.3.zip",{"slug":95,"name":96,"version":97,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":102,"downloaded":103,"rating":11,"num_ratings":11,"last_updated":104,"tested_up_to":105,"requires_at_least":15,"requires_php":15,"tags":106,"homepage":113,"download_link":114,"security_score":56,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":57},"approved-comments-only","Approved Comments Only","1.2","Gurmeet Singh","https:\u002F\u002Fprofiles.wordpress.org\u002Fguruitengineer\u002F","\u003Cp>With this plugin you can restrict your users to view the unapproved comments in dashboard of multi-user site. Even you can restrict administrator and editor also. So, only the approved comments will be visible in the dashboard.\u003C\u002Fp>\n","Restrict user to view the unapproved comments in dashboard.",10,1641,"2016-09-06T03:46:00.000Z","4.6.30",[107,17,18,108,109,110,111,112],"approved","control","hide","moderated-comments","own-comments","restrict-user","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fapproved-comments-only\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fapproved-comments-only.1.2.zip",{"slug":52,"name":116,"version":97,"author":117,"author_profile":118,"description":119,"short_description":120,"active_installs":102,"downloaded":121,"rating":122,"num_ratings":29,"last_updated":123,"tested_up_to":124,"requires_at_least":15,"requires_php":15,"tags":125,"homepage":126,"download_link":127,"security_score":56,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":57},"Comment Count","Nick Momrik","https:\u002F\u002Fprofiles.wordpress.org\u002Fnickmomrik\u002F","\u003Cp>Counts the number of comments.\u003C\u002Fp>\n","Counts the number of comments.",8457,20,"2015-12-08T22:57:00.000Z","4.4.34",[18,19],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcomment-count\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomment-count.1.2.zip",{"attackSurface":129,"codeSignals":141,"taintFlows":162,"riskAssessment":163,"analyzedAt":173},{"hooks":130,"ajaxHandlers":137,"restRoutes":138,"shortcodes":139,"cronEvents":140,"entryPointCount":11,"unprotectedCount":11},[131],{"type":132,"name":133,"callback":134,"file":135,"line":136},"action","wp_dashboard_setup","cc_comments_counter_widget","Comment-Counter.php",43,[],[],[],[],{"dangerousFunctions":142,"sqlUsage":143,"outputEscaping":145,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":161},[],{"prepared":11,"raw":11,"locations":144},[],{"escaped":146,"rawEcho":147,"locations":148},5,6,[149,152,154,156,158,160],{"file":135,"line":150,"context":151},24,"raw output",{"file":135,"line":153,"context":151},26,{"file":135,"line":155,"context":151},27,{"file":135,"line":157,"context":151},28,{"file":135,"line":159,"context":151},29,{"file":135,"line":31,"context":151},[],[],{"summary":164,"deductions":165},"The \"comments-counter\" v1.0 plugin exhibits a seemingly strong security posture based on the provided static analysis. The absence of any identified attack surface points (AJAX handlers, REST API routes, shortcodes, cron events) is a significant positive, as it limits the ways an attacker could interact with the plugin. Furthermore, the code signals indicate no dangerous functions were used, all SQL queries utilize prepared statements, and no file operations or external HTTP requests were detected. This suggests a focus on secure coding practices in these areas.\n\nHowever, the static analysis also reveals a critical concern: only 45% of output is properly escaped. This means that nearly half of the data displayed by the plugin may be vulnerable to Cross-Site Scripting (XSS) attacks. Given the lack of any identified taint flows or known historical vulnerabilities, it's difficult to assess the real-world impact of this unescaped output. The absence of capability checks and nonce checks is also noteworthy, particularly if there were any functionalities that *should* require such protections. The lack of vulnerability history suggests the plugin has been stable, but this cannot replace thorough code auditing.\n\nIn conclusion, while the plugin demonstrates good practices in avoiding common attack vectors and secure database interaction, the high percentage of unescaped output represents a significant and actionable security risk. The absence of historical vulnerabilities is a positive sign, but the unescaped output must be addressed to mitigate potential XSS vulnerabilities.",[166,168,171],{"reason":167,"points":45},"High percentage of unescaped output",{"reason":169,"points":170},"Missing capability checks",3,{"reason":172,"points":170},"Missing nonce checks","2026-03-17T05:42:46.199Z",{"wat":175,"direct":180},{"assetPaths":176,"generatorPatterns":177,"scriptPaths":178,"versionParams":179},[],[],[],[],{"cssClasses":181,"htmlComments":183,"htmlAttributes":184,"restEndpoints":185,"jsGlobals":186,"shortcodeOutput":187},[182],"comment_counter",[],[],[],[],[],{"error":189,"url":190,"statusCode":191,"statusMessage":192,"message":192},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fcomments-counter\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":68,"versions":194},[195],{"version":6,"download_url":21,"svn_tag_url":196,"released_at":23,"has_diff":197,"diff_files_changed":198,"diff_lines":23,"trac_diff_url":23,"vulnerabilities":199,"is_current":189},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcomments-counter\u002Ftags\u002F1.0\u002F",false,[],[]]