Does Disable Comments & Delete All Comments have any unpatched vulnerabilities?

No. All known vulnerabilities in Disable Comments & Delete All Comments have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Disable Comments & Delete All Comments compatible with WordPress 6.9.4?

According to WordPress.org data, Disable Comments & Delete All Comments 1.3.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Disable Comments & Delete All Comments compatible with PHP 7.4+?

Disable Comments & Delete All Comments requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Disable Comments & Delete All Comments updated?

Disable Comments & Delete All Comments was last updated on Jan 12, 2026. Frequent updates are generally a positive security signal.

What is Disable Comments & Delete All Comments's security score?

Disable Comments & Delete All Comments has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Disable Comments & Delete All Comments Security & Risk Analysis

wordpress.org/plugins/comments-plus

Disable comments globally on all posts or certain post types. Delete all comments at once, by post type or comment status. Manage links in comments.

8K active installs v1.3.0 PHP 7.4+ WP 5.6+ Updated Jan 12, 2026

bulk-delete-commentsdelete-all-commentsdelete-commentsdisable-commentsremove-comments

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Disable Comments & Delete All Comments Safe to Use in 2026?

Generally Safe

Score 100/100

Disable Comments & Delete All Comments has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

Based on the provided static analysis and vulnerability history, the "comments-plus" v1.3.0 plugin appears to have a generally strong security posture. The absence of any recorded vulnerabilities, coupled with the fact that there are no identified critical or high severity taint flows, suggests a well-developed and secure codebase. The plugin also demonstrates good security practices with a healthy number of nonce checks, indicating an effort to prevent CSRF attacks.

However, there are areas for improvement. A significant concern is the relatively low percentage of SQL queries that use prepared statements (38%). This leaves the plugin susceptible to SQL injection vulnerabilities, especially if any of the raw SQL queries handle user-supplied input without proper sanitization. Similarly, only 45% of output is properly escaped, which could lead to cross-site scripting (XSS) vulnerabilities if unsanitized user data is displayed directly. The complete lack of capability checks on entry points is also a weakness, as it means any user, regardless of their role, could potentially interact with these parts of the plugin, increasing the attack surface.

While the plugin's history is clean, suggesting the developers are diligent, the current code analysis reveals potential weaknesses that, if exploited, could undermine this positive history. The strengths lie in the limited attack surface and the presence of nonce checks. The weaknesses lie in the handling of SQL queries and output escaping, and the absence of capability checks. Overall, the plugin is in a decent state, but addressing the SQL and output escaping issues, along with implementing capability checks, would significantly enhance its security.

Key Concerns

Low percentage of prepared statements in SQL queries
Low percentage of properly escaped output
No capability checks on entry points

Vulnerabilities

None known

Disable Comments & Delete All Comments Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Disable Comments & Delete All Comments Code Analysis

Dangerous Functions

Raw SQL Queries

9 prepared

Unescaped Output

9 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

38% prepared24 total queries

Output Escaping

45% escaped20 total outputs

Attack Surface

Disable Comments & Delete All Comments Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 39

actionwbcr/factory/pages/impressive/after_form_saveadmin\boot.php:50

actionwbcr_clearfy_configurated_quick_modeadmin\boot.php:51

filterplugin_row_metaadmin\boot.php:84

filterwbcr_factory_pages_480_imppage_rating_widget_urladmin\boot.php:102

filterwbcr/factory/pages/impressive/widgetsadmin\boot.php:111

filterwbcr_clearfy_group_optionsadmin\boot.php:163

filterwbcr_clearfy_allow_quick_modsadmin\boot.php:174

actionadmin_noticesclearfy.php:47

actionnetwork_admin_noticesclearfy.php:48

actionadmin_noticescomments-plus.php:134

actionnetwork_admin_noticescomments-plus.php:135

actionplugins_loadedincludes\3rd-party\class-clearfy-plugin.php:46

actioninitincludes\3rd-party\class-clearfy-plugin.php:49

actionplugins_loadedincludes\class-plugin.php:50

actioninitincludes\class-plugin.php:53

filterthemeisle_sdk_productsincludes\class-plugin.php:59

actionwidgets_initincludes\classes\class-configurate-comments.php:30

actiontemplate_redirectincludes\classes\class-configurate-comments.php:31

actiontemplate_redirectincludes\classes\class-configurate-comments.php:34

actionadmin_initincludes\classes\class-configurate-comments.php:35

actionwp_enqueue_scriptsincludes\classes\class-configurate-comments.php:39

filtercomment_textincludes\classes\class-configurate-comments.php:43

filterget_comment_author_linkincludes\classes\class-configurate-comments.php:47

filtercomment_form_default_fieldsincludes\classes\class-configurate-comments.php:51

actionwp_loadedincludes\classes\class-configurate-comments.php:57

filtercomments_arrayincludes\classes\class-configurate-comments.php:112

filtercomments_openincludes\classes\class-configurate-comments.php:113

filterpings_openincludes\classes\class-configurate-comments.php:114

actionadmin_print_footer_scriptsincludes\classes\class-configurate-comments.php:119

actionedit_form_advancedincludes\classes\class-configurate-comments.php:123

actionedit_page_formincludes\classes\class-configurate-comments.php:124

actionadmin_menuincludes\classes\class-configurate-comments.php:126

actionadmin_print_footer_scripts-index.phpincludes\classes\class-configurate-comments.php:127

actionwp_dashboard_setupincludes\classes\class-configurate-comments.php:128

filterpre_option_default_pingback_flagincludes\classes\class-configurate-comments.php:129

actiontemplate_redirectincludes\classes\class-configurate-comments.php:133

filterfeed_links_show_comments_feedincludes\classes\class-configurate-comments.php:136

filtercomments_templateincludes\classes\class-configurate-comments.php:150

actionadmin_bar_menuincludes\classes\class-configurate-comments.php:182

Maintenance & Trust

Disable Comments & Delete All Comments Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 12, 2026

PHP min version7.4

Downloads84K

Community Trust

Rating100/100

Number of ratings39

Active installs8K

Alternatives

Disable Comments & Delete All Comments Alternatives

WP Comment Cleaner – Delete All Comments, Disable Comments, Bulk Delete & Remove Comments

delete-all-comments-of-website

100

Delete comments, disable comments, and remove comments in one click. Bulk delete spam and all comments to optimize your WordPress database easily.

20K No CVEs

Disable Comments – Remove Comments & Stop Spam [Multi-Site Support]

disable-comments

Allows administrators to globally disable comments on their site. Comments can be disabled according to post type. Multisite friendly.

1.0M 1 CVE

CRUDLab Disable Comments

crudlab-disable-comments

CRUDLab Disable Comments plugin allows you to disable comments for any page or post or for whole site.

800 No CVEs

Comments Shield – Disable Comments & Stop Spam, Bulk Delete & Remove Comments

comments-shield

100

Delete, disable, and clean all comments in one click. Easily manage, bulk delete, or completely disable comments across your entire WordPress site.

40 No CVEs

Habibur Comment Blocker

habibur-comment-blocker

100

Effortlessly disable comments and pingbacks sitewide to improve performance and security.

0 No CVEs

Developer Profile

Disable Comments & Delete All Comments Developer Profile

Themeisle

37 plugins · 2.2M total installs

trust score

Avg Security Score

96/100

Avg Patch Time

420 days

View full developer profile

Detection Fingerprints

How We Detect Disable Comments & Delete All Comments

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/comments-plus/admin/assets/css/style.css/wp-content/plugins/comments-plus/admin/assets/js/bundle.js/wp-content/plugins/comments-plus/assets/css/span.css/wp-content/plugins/comments-plus/assets/js/span.js

Script Paths

/wp-content/plugins/comments-plus/admin/assets/js/bundle.js

Version Parameters

comments-plus/admin/assets/css/style.css?ver=comments-plus/admin/assets/js/bundle.js?ver=comments-plus/assets/css/span.css?ver=comments-plus/assets/js/span.js?ver=

HTML / DOM Fingerprints

CSS Classes

wbcr-cmp-spinnerwbcr-cmp-spinner-textwbcr-cmp-content-wrapperwbcr-cmp-preloaderwbcr-cmp-preloader-center

Data Attributes

data-wbcr-cmp-spinner-typedata-wbcr-cmp-spinner-sizedata-wbcr-cmp-spinner-colordata-wbcr-cmp-spinner-background

JS Globals

window.WBCR_CMP_SPINNER_SETTINGS

FAQ