[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fJHf0cuM9B1xNPP4xxw5_NRZ9lWesX-A_57E6fTceDKs":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":52,"crawl_stats":36,"alternatives":58,"analysis":171,"fingerprints":310},"customcomment","Custom Comment","2.1.6","imaprogrammer","https:\u002F\u002Fprofiles.wordpress.org\u002Fimaprogrammer\u002F","\u003Cp>This plugin lets you define more fields for comment to let your visitors include their facebook, twitter and … in their comments\u003C\u002Fp>\n\u003Ch3>Development Blog\u003C\u002Fh3>\n\u003Cp>Please visit the plugin page at (http:\u002F\u002Fimaprogrammer.wordpress.com\u002F2011\u002F01\u002F11\u002Fcustom-comment), and feel free to leave feedback, bug reports and comments.\u003C\u002Fp>\n","This plugin lets you define more fields for comment to let your visitors include their facebook, twitter and ... in their comments",40,8026,0,"2011-10-15T08:19:00.000Z","3.2.1","2.7","",[19,20,21,22,23],"comment","comment-customization","comment-field","custom-comment","customize-comment","http:\u002F\u002Fimaprogrammer.wordpress.com\u002F2011\u002F01\u002F11\u002Fcustom-comment\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustomcomment.2.1.6.zip",42,2,"2025-08-20 00:00:00","2026-03-15T15:16:48.613Z",[31,45],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":36,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":36},"CVE-2025-48365","custom-comment-authenticated-administrator-stored-cross-site-scripting-2","Custom Comment \u003C= 2.1.6 - Authenticated (Administrator+) Stored Cross-Site Scripting","The Custom Comment plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only impacts multi-site installations and installations where unfiltered_html has been disabled.",null,"\u003C=2.1.6","medium",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-08-26 14:00:07",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fcc4af854-13a5-416f-ac97-aba7a6e85732?source=api-prod",{"id":46,"url_slug":47,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":36,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":48,"updated_date":49,"references":50,"days_to_patch":36},"CVE-2025-49889","custom-comment-authenticated-administrator-stored-cross-site-scripting","2025-08-17 00:00:00","2025-08-25 17:23:04",[51],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F7827df3d-10ba-4bf1-aecb-fdf3f6f36ea6?source=api-prod",{"slug":7,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":53,"avg_security_score":54,"avg_patch_time_days":55,"trust_score":56,"computed_at":57},60,64,30,69,"2026-04-04T14:08:05.391Z",[59,86,110,132,152],{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":69,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":74,"tags":75,"homepage":81,"download_link":82,"security_score":83,"vuln_count":84,"unpatched_count":84,"last_vuln_date":85,"fetched_at":29},"comment-form-wp","Comment Form WP – Customize Default Comment Form","2.0.1","Habibur Rahman","https:\u002F\u002Fprofiles.wordpress.org\u002Fhrhabibpro\u002F","\u003Cp>\u003Cstrong>Comment Form WP\u003C\u002Fstrong> is a WordPress Popular Plugin for customize and modify your WordPress Website Comment Form. If you want to text change of your comment form related text by this Plugin. You can add and remove name field, email field, website field and textarea field by this plugin. If you want to add comment form placeholder, you can add placeholder by this plugin and Add\u002FRemove comment form label also by this popular Comment Form WP Plugin.\u003C\u002Fp>\n\u003Ch3>Docs and Support\u003C\u002Fh3>\n\u003Cp>You can find \u003Ca href=\"https:\u002F\u002Fhabibcoder.com\u002Fcomment-form\" rel=\"nofollow ugc\">Docs\u003C\u002Fa> here and more detailed information about Comment Form WP WordPress Plugin. When you cannot find the answer to your question on the FAQ or in any of the documentation, check the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcomment-form-wp\" rel=\"ugc\">support forum\u003C\u002Fa> on WordPress.org.\u003C\u002Fp>\n\u003Ch3>Comment Form WP Need Support\u003C\u002Fh3>\n\u003Cp>It is hard to continue development and support for this free plugin without contributions from users like you. If you enjoy using Comment Form WP and find it useful, please consider \u003Ca href=\"https:\u002F\u002Fwww.buymeacoffee.com\u002Fhabibcoder\" rel=\"nofollow ugc\">making a donation\u003C\u002Fa>. Your donation will help encourage and support the plugin’s continued development and better user support.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Customize\u002FModify Comment Form\u003C\u002Fli>\n\u003Cli>Add Comment Form label\u003C\u002Fli>\n\u003Cli>Remove comment form label\u003C\u002Fli>\n\u003Cli>Label Required option add\u002Fremove\u003C\u002Fli>\n\u003Cli>Comment form fields placeholder add\u003C\u002Fli>\n\u003Cli>Remove placeholder option\u003C\u002Fli>\n\u003Cli>Placeholder Required mark add\u002Fremove\u003C\u002Fli>\n\u003Cli>Comment form all text changes\u003C\u002Fli>\n\u003Cli>Post Comment button position change\u003C\u002Fli>\n\u003Cli>Comment form fields add\u002Fremove option\u003C\u002Fli>\n\u003Cli>Don’t load extra codes\u003C\u002Fli>\n\u003Cli>Hand Coding Plugin\u003C\u002Fli>\n\u003Cli>No use of any Framework\u002FLibrary\u003C\u002Fli>\n\u003Cli>Light Weight Plugin\u003C\u002Fli>\n\u003Cli>Author Contact info, If you face any problems.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage The Plugin\u003C\u002Fh3>\n\u003Cp>You can use this plugin with some steps, like:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Search and Install the Comment Form WP. You will be redirected to the plugin admin page after installing it.\u003C\u002Fli>\n\u003Cli>You can change everything from here customize and modify all things of comment form.\u003C\u002Fli>\n\u003Cli>Then you go to your website and when you will see your changed and lovely comment form.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Benefit\u003C\u002Fh3>\n\u003Cp>An awesome and lovely comment form your will find in your website.\u003C\u002Fp>\n","Comment Form WP is a Default comment form customize\u002Fmodify WordPress Plugin. You can add\u002Fchange\u002Fremove your website comment form fields, texts.",600,4687,100,3,"2026-01-11T18:38:00.000Z","6.9.4","6.0","7.0",[76,77,78,79,80],"advanced-comment-form","comment-field-change","comment-form","customize-comment-form","wordpress-comment-form","https:\u002F\u002Fplugin.habibcoder.com\u002Fcomment-form-wp\u002Fhello-world\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomment-form-wp.2.0.1.zip",78,1,"2025-09-05 00:00:00",{"slug":87,"name":88,"version":89,"author":90,"author_profile":91,"description":92,"short_description":93,"active_installs":94,"downloaded":95,"rating":96,"num_ratings":97,"last_updated":98,"tested_up_to":72,"requires_at_least":99,"requires_php":100,"tags":101,"homepage":105,"download_link":106,"security_score":107,"vuln_count":108,"unpatched_count":13,"last_vuln_date":109,"fetched_at":29},"wpdiscuz","Comments – wpDiscuz","7.6.47","AdvancedCoding","https:\u002F\u002Fprofiles.wordpress.org\u002Fadvancedcoding\u002F","\u003Cp>AJAX realtime comment system with custom comment form and fields. Designed to supercharge WordPress native comments. Super fast and responsive with dozens of features. This is the best alternative to Disqus and Jetpack Comments, if you want to keep your comments in your database.\u003C\u002Fp>\n\u003Cp>wpDiscuz version 7 is a revolutionary perspective on the commenting world! This plugin changes your website commenting experience and provides you with new user engagement features. It’s totally improved with brand new innovative features bringing live to your website.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>wpDiscuz Demo: \u003Ca href=\"https:\u002F\u002Fwpdiscuz.com\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwpdiscuz.com\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Support Forum: \u003Ca href=\"https:\u002F\u002Fwpdiscuz.com\u002Fcommunity\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwpdiscuz.com\u002Fcommunity\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>wpDiscuz GDPR: \u003Ca href=\"https:\u002F\u002Fwpdiscuz.com\u002Fgdpr\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwpdiscuz.com\u002Fgdpr\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>wpDiscuz Addons: \u003Ca href=\"https:\u002F\u002Fwpdiscuz.com\u002Faddons\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwpdiscuz.com\u002Faddons\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>wpDiscuz Documentation: \u003Ca href=\"https:\u002F\u002Fwpdiscuz.com\u002Fdocs\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwpdiscuz.com\u002Fdocs\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>wpDiscuz Addons Bundle: \u003Ca href=\"https:\u002F\u002Fgvectors.com\u002Fproduct\u002Fwpdiscuz-addons-bundle\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fgvectors.com\u002Fproduct\u002Fwpdiscuz-addons-bundle\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Comments – wpDiscuz Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Three nice and modern comment layouts\u003C\u002Fli>\n\u003Cli>Brings fastest commenting experience (boosted core)\u003C\u002Fli>\n\u003Cli>Adds interactive comment box on posts and other content types\u003C\u002Fli>\n\u003Cli>Inline commenting and feedback. Commenting on post content.\u003C\u002Fli>\n\u003Cli>Live Notification with real-time updating Comment Bubble.\u003C\u002Fli>\n\u003Cli>Social Commenting with lots of Social login options\u003C\u002Fli>\n\u003Cli>Post Rating. Allows to rate posts directly on rating stars.\u003C\u002Fli>\n\u003Cli>Commenting can be allowed\u002Fdisallowed on posts and other content types\u003C\u002Fli>\n\u003Cli>Responsive comments form and comment threads design\u003C\u002Fli>\n\u003Cli>Clean, simple and easy user interface and user experience\u003C\u002Fli>\n\u003Cli>Comment list sorting by newest, oldest and most voted comments\u003C\u002Fli>\n\u003Cli>Anonymous comments ( name and email can be set as not required )\u003C\u002Fli>\n\u003Cli>Full integration with Social Network Login plugins (Facebook, Twitter…)\u003C\u002Fli>\n\u003Cli>Multi-level (nested) comment threads, with maximum levels depth setting option\u003C\u002Fli>\n\u003Cli>Allows to create a new discussion thread and reply to existing comment\u003C\u002Fli>\n\u003Cli>Ajax button “Load More Comments” instead of simple comments pagination\u003C\u002Fli>\n\u003Cli>Lazy load wpDiscuz comments on scrolling\u003C\u002Fli>\n\u003Cli>Different comment date formats, reflects WordPress date format settings\u003C\u002Fli>\n\u003Cli>Logged in users and guests can edit their comments (time-frame can be limited by admin)\u003C\u002Fli>\n\u003Cli>Automatic URLs to link conversion in comment texts\u003C\u002Fli>\n\u003Cli>Automatic image source URLs to image (HTML) conversion in comment texts\u003C\u002Fli>\n\u003Cli>Long comment text breaking function (“Read more” button)\u003C\u002Fli>\n\u003Cli>Multiple line-breaks (limited by WordPress comment filter)\u003C\u002Fli>\n\u003Cli>Comment author notification options with special checkboxes on comment form\u003C\u002Fli>\n\u003Cli>Subscription activation via additional “Confirm Subscription” email\u003C\u002Fli>\n\u003Cli>Ability to add comment system on attachment pages if it’s allowed by WordPress\u003C\u002Fli>\n\u003Cli>Fast and easy comment form with ajax validation and data submitting\u003C\u002Fli>\n\u003Cli>Fully integrated and compatible with WordPress\u003C\u002Fli>\n\u003Cli>Uses WordPress Comment system with all managing functions and features\u003C\u002Fli>\n\u003Cli>Secure and Anti-Spam features will not allow spammers to comment\u003C\u002Fli>\n\u003Cli>Comment voting with positive and negative result\u003C\u002Fli>\n\u003Cli>Smart voting system with tracking by logged-in user and cookies\u003C\u002Fli>\n\u003Cli>Quick Tags on comment form textarea\u003C\u002Fli>\n\u003Cli>Custom Comment Forms with custom fields\u003C\u002Fli>\n\u003Cli>Rating shortcode for posts via comment custom field [wpdrating] with a lot of attributes\u003C\u002Fli>\n\u003Cli>Option to overwrite comment template and style\u003C\u002Fli>\n\u003Cli>Highlighting new comments since last visit with different background\u003C\u002Fli>\n\u003Cli>Notification to comment author when comment was approved\u003C\u002Fli>\n\u003Cli>Display only parent comments with view replies (x) button\u003C\u002Fli>\n\u003Cli>Control commenters by roles (allow\u002Frestrict access to website comment area)\u003C\u002Fli>\n\u003Cli>Option to load all comments on first page load\u003C\u002Fli>\n\u003Cli>Built-in Gravatar caching\u003C\u002Fli>\n\u003Cli>Sticky Comments\u003C\u002Fli>\n\u003Cli>Closed Comments Threads (disable replies)\u003C\u002Fli>\n\u003Cli>Subscribe to User \u002F User Follow\u003C\u002Fli>\n\u003Cli>Built-in comment and comment author caching system\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Add-ons\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>| \u003Ca href=\"https:\u002F\u002Fgvectors.com\u002Fproduct\u002Fwpdiscuz-addons-bundle\u002F\" rel=\"nofollow ugc\">wpDiscuz – Bundle\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>| \u003Ca href=\"https:\u002F\u002Fgvectors.com\u002Fproduct\u002Fwpdiscuz-emoticons\u002F\" rel=\"nofollow ugc\">wpDiscuz – Emoticons\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>| \u003Ca href=\"https:\u002F\u002Fgvectors.com\u002Fproduct\u002Fwpdiscuz-user-notifications\u002F\" rel=\"nofollow ugc\">wpDiscuz – User Notifications\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>| \u003Ca href=\"https:\u002F\u002Fgvectors.com\u002Fproduct\u002Fwpdiscuz-media-uploader\u002F\" rel=\"nofollow ugc\">wpDiscuz – Media Uploader\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>| \u003Ca href=\"https:\u002F\u002Fgvectors.com\u002Fproduct\u002Fwpdiscuz-embeds\u002F\" rel=\"nofollow ugc\">wpDiscuz – Embeds\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>| \u003Ca href=\"https:\u002F\u002Fgvectors.com\u002Fproduct\u002Fwpdiscuz-comment-author-info\u002F\" rel=\"nofollow ugc\">wpDiscuz – Comment Author Info\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>| \u003Ca href=\"https:\u002F\u002Fgvectors.com\u002Fproduct\u002Fwpdiscuz-recaptcha\u002F\" rel=\"nofollow ugc\">wpDiscuz – Google ReCaptcha\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>| \u003Ca href=\"https:\u002F\u002Fgvectors.com\u002Fproduct\u002Fwpdiscuz-mycred\u002F\" rel=\"nofollow ugc\">wpDiscuz – myCRED Integration\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>| \u003Ca href=\"https:\u002F\u002Fgvectors.com\u002Fproduct\u002Fwpdiscuz-widgets\u002F\" rel=\"nofollow ugc\">wpDiscuz – Widgets\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>| \u003Ca href=\"https:\u002F\u002Fgvectors.com\u002Fproduct\u002Fwpdiscuz-frontend-moderation\u002F\" rel=\"nofollow ugc\">wpDiscuz – Front-end Moderation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>| \u003Ca href=\"https:\u002F\u002Fgvectors.com\u002Fproduct\u002Fwpdiscuz-subscribe-manager\u002F\" rel=\"nofollow ugc\">wpDiscuz – Subscription Manager\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>| \u003Ca href=\"https:\u002F\u002Fgvectors.com\u002Fproduct\u002Fwpdiscuz-comment-search\u002F\" rel=\"nofollow ugc\">wpDiscuz – Comment Search\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>| \u003Ca href=\"https:\u002F\u002Fgvectors.com\u002Fproduct\u002Fwpdiscuz-report-flagging\u002F\" rel=\"nofollow ugc\">wpDiscuz – Comment Report and Flagging\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>| \u003Ca href=\"https:\u002F\u002Fgvectors.com\u002Fproduct\u002Fwpdiscuz-ads-manager\u002F\" rel=\"nofollow ugc\">wpDiscuz – Ads Manager\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>| \u003Ca href=\"https:\u002F\u002Fgvectors.com\u002Fproduct\u002Fwpdiscuz-user-comment-mentioning\u002F\" rel=\"nofollow ugc\">wpDiscuz – User & Comment Mentioning\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>| \u003Ca href=\"https:\u002F\u002Fgvectors.com\u002Fproduct\u002Fwpdiscuz-advanced-likers\u002F\" rel=\"nofollow ugc\">wpDiscuz – Advanced Likers\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>| \u003Ca href=\"https:\u002F\u002Fgvectors.com\u002Fproduct\u002Fwpdiscuz-online-users\u002F\" rel=\"nofollow ugc\">wpDiscuz – Online Users\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>| \u003Ca href=\"https:\u002F\u002Fgvectors.com\u002Fproduct\u002Fwpdiscuz-private-comments\u002F\" rel=\"nofollow ugc\">wpDiscuz – Private Comments\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>| \u003Ca href=\"https:\u002F\u002Fgvectors.com\u002Fproduct\u002Fwpdiscuz-syntax-highlighter\u002F\" rel=\"nofollow ugc\">wpDiscuz – Syntax Highlighter\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>| \u003Ca href=\"https:\u002F\u002Fgvectors.com\u002Fproduct\u002Fcomments-censure-pro\u002F\" rel=\"nofollow ugc\">Comments Censure PRO\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Integration Add-ons\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>| \u003Ca href=\"https:\u002F\u002Fgvectors.com\u002Fproduct\u002Fwpdiscuz-buddypress-integration\u002F\" rel=\"nofollow ugc\">wpDiscuz – BuddyPress Integration\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>| \u003Ca href=\"https:\u002F\u002Fgvectors.com\u002Fproduct\u002Fwpdiscuz-tenor-integration\u002F\" rel=\"nofollow ugc\">wpDiscuz – Tenor GIFs Integration\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>| \u003Ca href=\"https:\u002F\u002Fgvectors.com\u002Fproduct\u002Fwpdiscuz-giphy-integration\u002F\" rel=\"nofollow ugc\">wpDiscuz – GIPHY Integration\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>| \u003Ca href=\"https:\u002F\u002Fgvectors.com\u002Fproduct\u002Fwpdiscuz-voice-commenting\u002F\" rel=\"nofollow ugc\">wpDiscuz – Voice Commenting\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","AJAX powered realtime comments. Designed to extend WordPress native comments. Custom comment forms\u002Ffields. Making comments has never been so awesome!",80000,4352645,94,578,"2026-03-11T17:44:00.000Z","5.0","5.6",[102,19,103,78,104],"ajax-comments","comment-fields","comments","https:\u002F\u002Fwpdiscuz.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpdiscuz.7.6.47.zip",75,24,"2025-12-25 00:00:00",{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":67,"downloaded":118,"rating":119,"num_ratings":120,"last_updated":121,"tested_up_to":122,"requires_at_least":123,"requires_php":124,"tags":125,"homepage":129,"download_link":130,"security_score":119,"vuln_count":70,"unpatched_count":13,"last_vuln_date":131,"fetched_at":29},"wp-comment-fields","Comments Extra Fields For Post,Pages and CPT","5.1","N-Media","https:\u002F\u002Fprofiles.wordpress.org\u002Fnmedia\u002F","\u003Cp>This plugin allow admin to add custom fields in comment area. These fields are saved as comment meta and is displayed under comment text. Four fields types are supported.\u003C\u002Fp>\n\u003Ch3>Live Demo\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Ftastewp.com\u002Ftemplate\u002FGE_ohqa72dY?ni=true&redirect=edit-comments.php%3Fpage%3Dwpcomment\" rel=\"nofollow ugc\">Create Fields\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Drag and Drop fields\u003C\u002Fli>\n\u003Cli>Text,Radio, Radio and Select inputs\u003C\u002Fli>\n\u003Cli>Attach unlimited comments fields\u003C\u002Fli>\n\u003Cli>Compatible with all themes\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Pro Features – 16 Input Types\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Pro Inputs\n\u003Cul>\n\u003Cli>Email\u003C\u002Fli>\n\u003Cli>Date\u003C\u002Fli>\n\u003Cli>Timezone\u003C\u002Fli>\n\u003Cli>File Input\u003C\u002Fli>\n\u003Cli>Image Picker\u003C\u002Fli>\n\u003Cli>Color Picker\u003C\u002Fli>\n\u003Cli>Color Palttes\u003C\u002Fli>\n\u003Cli>Hidden Input\u003C\u002Fli>\n\u003Cli>Dividers 4 styles\u003C\u002Fli>\n\u003Cli>HTML Content\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Disable extra field on frontend via setting. Only admin can see in comment admin.\u003C\u002Fli>\n\u003Cli>Max file upload limit set\u003C\u002Fli>\n\u003Cli>Custom Post Types Support\u003C\u002Fli>\n\u003Cli>View & Edit Comments Admin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fnajeebmedia.com\u002Fwordpress-plugin\u002Fwordpress-comment-fields-addon\u002F\" rel=\"nofollow ugc\">Buy PRO Version\u003C\u002Fa>\u003C\u002Fp>\n","This plugin allow admin to add extra fields in comment area. These fields are saved as comment meta and is displayed under comment text.",51915,84,9,"2024-02-25T05:42:00.000Z","6.4.8","3.5","5.3",[103,78,126,127,128],"comment-meta","comments-inputs","extend-comments","http:\u002F\u002Fnajeebmedia.com\u002Fwpcomments","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-comment-fields.5.1.zip","2024-02-26 00:00:00",{"slug":133,"name":134,"version":135,"author":136,"author_profile":137,"description":138,"short_description":139,"active_installs":140,"downloaded":141,"rating":13,"num_ratings":13,"last_updated":142,"tested_up_to":143,"requires_at_least":99,"requires_php":74,"tags":144,"homepage":149,"download_link":150,"security_score":151,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"cw-comment-elementor-addon","CW Comment Elementor Addon","1.0.3","Curl Ware","https:\u002F\u002Fprofiles.wordpress.org\u002Fcurlware\u002F","\u003Cp>The Comment Elementor Addon plugin offers two custom Elementor widgets: the CurlWare Comment Form and the CurlWare Comment List. These widgets enable users to create and customize comment sections for their websites with ease. The plugin seamlessly integrates with Elementor, providing a user-friendly interface for designing and managing comment sections. We use https:\u002F\u002Fui-avatars.com to generate avatars. You can pick length of initials, background color, font color and avatar size. It’s free and without limits.\u003C\u002Fp>\n\u003Ch3>Terms of usage\u003C\u002Fh3>\n\u003Cp>We do not track usage, and there is no limits. It’s free to use and everything is done to assure fast responses with least delay.\u003Cbr \u002F>\nOnly terms are that we (the API) is not liable, and you agree to typical MIT licensing. Please use the service with respect, considering that some people depend on it, and it’s limitless and free. Be nice, that’s the only terms of usage.\u003C\u002Fp>\n\u003Ch3>Use of a 3rd Party or external service\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>ui-avatars.com for avater\u003C\u002Fli>\n\u003Cli>https:\u002F\u002Fui-avatars.com\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>1.0.3\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>update of the Comment Elementor Addon plugin.\u003C\u002Fli>\n\u003Cli>plugin slug is updated: cw-comment-elementor-addon\u003C\u002Fli>\n\u003Cli>ui-avatars.com for avater\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>1.0.2\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>update of the Comment Elementor Addon plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>1.0.1\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>update of the Comment Elementor Addon plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>1.0.0\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Initial release of the Comment Elementor Addon plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>Comment Elementor Addon is licensed under the GPL-2.0-or-later.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For support and assistance with the Comment Elementor Addon plugin, please visit the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcw-comment-elementor-addon\" rel=\"ugc\">support forums\u003C\u002Fa> or contact us directly through \u003Ca href=\"https:\u002F\u002Fcurlware.com\u002Fcontact\" rel=\"nofollow ugc\">our website\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Acknowledgments\u003C\u002Fh3>\n\u003Cp>Special thanks to the Elementor team for their powerful page builder and to all contributors who helped improve the Comment Elementor Addon plugin.\u003C\u002Fp>\n","Comment Elementor Addon is a plugin designed to provide simple custom comment widgets for Elementor.",50,1046,"2024-09-21T17:21:00.000Z","6.6.5",[104,145,146,147,148],"custom-comment-form","custom-comment-list","elementor","widgets","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcw-comment-elementor-addon","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcw-comment-elementor-addon.1.0.3.zip",92,{"slug":153,"name":154,"version":155,"author":156,"author_profile":157,"description":158,"short_description":159,"active_installs":11,"downloaded":160,"rating":69,"num_ratings":27,"last_updated":161,"tested_up_to":162,"requires_at_least":163,"requires_php":100,"tags":164,"homepage":168,"download_link":169,"security_score":170,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"custom-comment-links","Custom Comment Links","0.2.1","Sergio Scabuzzo","https:\u002F\u002Fprofiles.wordpress.org\u002Fseedsca\u002F","\u003Cp>Ever wish you could remove links inside comments, or their author’s website?\u003C\u002Fp>\n\u003Cp>With this simple plugin you can customize how your site’s comment links are shown for author and content.\u003Cbr \u002F>\nEnable this plugin and select if:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Users with post editing capabilities are affected by the settings.\u003C\u002Fli>\n\u003Cli>The comment author’s website link is loaded.\u003C\u002Fli>\n\u003Cli>Any links in the comments are unset or moved next to the link text inside parenthesis.\u003C\u002Fli>\n\u003C\u002Ful>\n","Customize comment links on your site. Control comment author's URL, remove links from comments. Disable these options for privileged users.",1862,"2023-03-01T15:27:00.000Z","6.2.9","4.5",[19,165,166,153,167],"comment-link","custom","links","http:\u002F\u002Fhttps\u002F\u002Fwww.ecotechie.io\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-comment-links.0.2.1.zip",85,{"attackSurface":172,"codeSignals":213,"taintFlows":227,"riskAssessment":297,"analyzedAt":309},{"hooks":173,"ajaxHandlers":203,"restRoutes":210,"shortcodes":211,"cronEvents":212,"entryPointCount":84,"unprotectedCount":13},[174,180,183,186,190,194,198],{"type":175,"name":176,"callback":177,"file":178,"line":179},"action","init","CComment_init","CustomComment.php",27,{"type":175,"name":181,"callback":182,"file":178,"line":55},"comment_form_after_fields","CComment_form",{"type":175,"name":184,"callback":182,"file":178,"line":185},"comment_form_logged_in_after",31,{"type":175,"name":187,"callback":188,"file":178,"line":189},"comment_post","CComment_comment_post",32,{"type":175,"name":191,"callback":192,"file":178,"line":193},"admin_menu","CComment_modify_admin_menu",33,{"type":175,"name":195,"callback":196,"file":178,"line":197},"delete_comment","CComment_delete_comment",34,{"type":199,"name":200,"callback":201,"file":178,"line":202},"filter","comment_author","CComment_link",35,[204],{"action":205,"nopriv":206,"callback":207,"hasNonce":208,"hasCapCheck":208,"file":178,"line":209},"CComment-submit",false,"CComment_ajax_submit",true,28,[],[],[],{"dangerousFunctions":214,"sqlUsage":215,"outputEscaping":217,"fileOperations":13,"externalRequests":13,"nonceChecks":84,"capabilityChecks":84,"bundledLibraries":226},[],{"prepared":13,"raw":13,"locations":216},[],{"escaped":13,"rawEcho":70,"locations":218},[219,222,224],{"file":178,"line":220,"context":221},136,"raw output",{"file":178,"line":223,"context":221},197,{"file":178,"line":225,"context":221},238,[],[228,244,271],{"entryPoint":229,"graph":230,"unsanitizedCount":84,"severity":38},"CComment_option_page (CustomComment.php:180)",{"nodes":231,"edges":242},[232,237],{"id":233,"type":234,"label":235,"file":178,"line":236},"n0","source","$_GET",195,{"id":238,"type":239,"label":240,"file":178,"line":223,"wp_function":241},"n1","sink","echo() [XSS]","echo",[243],{"from":233,"to":238,"sanitized":206},{"entryPoint":245,"graph":246,"unsanitizedCount":13,"severity":270},"CComment_ajax_submit (CustomComment.php:55)",{"nodes":247,"edges":266},[248,251,255,259,261,264],{"id":233,"type":234,"label":249,"file":178,"line":250},"$_POST (x4)",81,{"id":238,"type":239,"label":252,"file":178,"line":253,"wp_function":254},"update_option() [Settings Manipulation]",89,"update_option",{"id":256,"type":234,"label":257,"file":178,"line":258},"n2","$_POST['CC_name'] (x3)",99,{"id":260,"type":239,"label":252,"file":178,"line":258,"wp_function":254},"n3",{"id":262,"type":234,"label":263,"file":178,"line":258},"n4","$_POST['CC_desc']",{"id":265,"type":239,"label":252,"file":178,"line":258,"wp_function":254},"n5",[267,268,269],{"from":233,"to":238,"sanitized":208},{"from":256,"to":260,"sanitized":208},{"from":262,"to":265,"sanitized":208},"low",{"entryPoint":272,"graph":273,"unsanitizedCount":13,"severity":270},"\u003CCustomComment> (CustomComment.php:0)",{"nodes":274,"edges":291},[275,276,277,278,279,280,281,285,287,289],{"id":233,"type":234,"label":249,"file":178,"line":250},{"id":238,"type":239,"label":252,"file":178,"line":253,"wp_function":254},{"id":256,"type":234,"label":257,"file":178,"line":258},{"id":260,"type":239,"label":252,"file":178,"line":258,"wp_function":254},{"id":262,"type":234,"label":263,"file":178,"line":258},{"id":265,"type":239,"label":252,"file":178,"line":258,"wp_function":254},{"id":282,"type":234,"label":283,"file":178,"line":284},"n6","$_POST",115,{"id":286,"type":239,"label":240,"file":178,"line":220,"wp_function":241},"n7",{"id":288,"type":234,"label":235,"file":178,"line":236},"n8",{"id":290,"type":239,"label":240,"file":178,"line":223,"wp_function":241},"n9",[292,293,294,295,296],{"from":233,"to":238,"sanitized":208},{"from":256,"to":260,"sanitized":208},{"from":262,"to":265,"sanitized":208},{"from":282,"to":286,"sanitized":208},{"from":288,"to":290,"sanitized":208},{"summary":298,"deductions":299},"The \"customcomment\" plugin v2.1.6 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and implementing nonce and capability checks on its single AJAX handler. This suggests an awareness of common security pitfalls related to database interactions and access control.\n\nHowever, significant concerns arise from the static analysis. The most critical finding is that 0% of output escaping is properly implemented, meaning any data displayed back to users could be vulnerable to Cross-Site Scripting (XSS) attacks. The taint analysis also revealed one flow with an unsanitized path, which could potentially be exploited if an attacker can control the input leading to that path. The vulnerability history further compounds these concerns, with two unpatched medium severity CVEs, both related to Cross-Site Scripting. This pattern indicates a recurring issue with input sanitization and output escaping within the plugin.\n\nIn conclusion, while the plugin has some strengths in areas like database security and access control, the critical lack of output escaping and the persistent XSS vulnerabilities in its history present a substantial risk. Attackers could leverage these weaknesses to inject malicious scripts, potentially leading to session hijacking, defacement, or other malicious activities. Immediate attention is required to address the output escaping deficiencies and the unpatched vulnerabilities.",[300,303,306],{"reason":301,"points":302},"Unpatched CVEs (2 medium)",20,{"reason":304,"points":305},"Output escaping: 0% properly escaped",15,{"reason":307,"points":308},"Taint flow with unsanitized paths",8,"2026-03-16T22:13:30.629Z",{"wat":311,"direct":317},{"assetPaths":312,"generatorPatterns":314,"scriptPaths":315,"versionParams":316},[313],"\u002Fwp-content\u002Fplugins\u002Fcustomcomment\u002Fjs\u002FCComment.js",[],[313],[],{"cssClasses":318,"htmlComments":320,"htmlAttributes":321,"restEndpoints":324,"jsGlobals":325,"shortcodeOutput":327},[319],"required",[],[322,323],"name=\"CuCo_\"","id=\"CuCo_\"",[],[326],"CComment_ajax_var",[]]