Disable The Comments Security & Risk Analysis
wordpress.org/plugins/disable-the-commentsDisable the Wordpress comments functions on your website.
Is Disable The Comments Safe to Use in 2026?
Generally Safe
Score 85/100Disable The Comments has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "disable-the-comments" plugin v0.0.6 exhibits an extremely tight security posture based on the provided static analysis. The plugin demonstrates excellent adherence to secure coding practices by having zero identifiable entry points, no dangerous function usage, and all SQL queries are properly prepared. Furthermore, all output is consistently escaped, and there are no file operations or external HTTP requests, significantly reducing the plugin's attack surface. The vulnerability history is also pristine, with no recorded CVEs, which suggests a history of responsible development and maintenance.
Despite the overwhelmingly positive static analysis, there is a single taint flow identified with an unsanitized path. While this flow is not classified as critical or high severity, it still represents a potential area for concern. The absence of any capability checks or nonce checks, while not immediately problematic given the lack of entry points, could become a vulnerability if the plugin's functionality were to expand or if new entry points were introduced in future versions without proper security considerations. Overall, the plugin is currently very secure, but the single identified taint flow warrants a minor deduction, and the lack of checks, while acceptable now, indicates a potential for future risk if not monitored.
Key Concerns
- Taint flow with unsanitized path
Disable The Comments Security Vulnerabilities
Disable The Comments Release Timeline
Disable The Comments Code Analysis
Data Flow Analysis
Disable The Comments Attack Surface
WordPress Hooks 9
Maintenance & Trust
Disable The Comments Maintenance & Trust
Maintenance Signals
Community Trust
Disable The Comments Alternatives
![Disable Comments – Remove Comments & Stop Spam [Multi-Site Support]](https://ps.w.org/disable-comments/assets/icon-128x128.png){kind=icon}
Disable Comments – Remove Comments & Stop Spam [Multi-Site Support]
disable-comments
Allows administrators to globally disable comments on their site. Comments can be disabled according to post type. Multisite friendly.
WP Comment Cleaner – Delete All Comments, Disable Comments, Bulk Delete & Remove Comments
delete-all-comments-of-website
Delete comments, disable comments, and remove comments in one click. Bulk delete spam and all comments to optimize your WordPress database easily.
Disable Comments & Delete All Comments
comments-plus
Disable comments globally on all posts or certain post types. Delete all comments at once, by post type or comment status. Manage links in comments.
CRUDLab Disable Comments
crudlab-disable-comments
CRUDLab Disable Comments plugin allows you to disable comments for any page or post or for whole site.
Comments Shield – Disable Comments & Stop Spam, Bulk Delete & Remove Comments
comments-shield
Delete, disable, and clean all comments in one click. Easily manage, bulk delete, or completely disable comments across your entire WordPress site.
Disable The Comments Developer Profile
3 plugins · 40 total installs
How We Detect Disable The Comments
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/disable-the-comments/css/style.css/wp-content/plugins/disable-the-comments/js/disable-the-comments.jsdisable-the-comments/css/style.css?ver=disable-the-comments/js/disable-the-comments.js?ver=