[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fCx8noZ0CJeO9-xw7_I5MHi4TETVw2FROJLskjU5l7aE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":58,"crawl_stats":37,"alternatives":63,"analysis":171,"fingerprints":801},"duoshuo","多说社会化评论框","1.2","shen2","https:\u002F\u002Fprofiles.wordpress.org\u002Fshen2\u002F","\u003Cp>追求最佳用户体验的社会化评论框，为中小网站提供新浪微博、QQ(腾讯微博和QQ空间)、人人、开心、豆瓣、网易微博、搜狐微博、百度等多帐号登录并评论功能，显示网页相关的新浪微博和腾讯微博。\u003Cbr \u002F>\n“多说”帮你搭建更活跃，互动性更强的评论平台，提高用户黏性和流量。它还有众多实用特性，功能强大且永久免费。\u003Cbr \u002F>\n官方网站：\u003Ca href=\"http:\u002F\u002Fduoshuo.com\u002F\" title=\"多说网\" rel=\"nofollow ugc\">duoshuo.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>特色\u003C\u002Fh4>\n\u003Col>\n\u003Cli>多账号登录：可用新浪微博、QQ(腾讯微博和QQ空间)、人人、开心、豆瓣、网易微博、搜狐微博、百度账号登录发表评论，不必输入邮箱\u003C\u002Fli>\n\u003Cli>单点登录功能支持：已经登陆WordPress的用户，评论框身份和WordPress身份保持一致\u003C\u002Fli>\n\u003Cli>轻松安装：安装WordPress插件或插入一段代码，安装从未如此简单\u003C\u002Fli>\n\u003Cli>优质的速度和稳定性：保证300毫秒或更短加载时间，99.9%正常服务时间\u003C\u002Fli>\n\u003Cli>与社交网站紧密结合：评论同时能分享到各大社交网站，评论框中能自动显示网页相关新浪微博和腾讯微博\u003C\u002Fli>\n\u003Cli>数据实时本地保存：评论内容实时保存到您的WordPress本地服务器，并可将多说评论数据导出，数据永远归你所有\u003C\u002Fli>\n\u003Cli>手机界面深度优化适配：自动识别访问者使用的移动设备，自动适应各种宽度的手机浏览器\u003C\u002Fli>\n\u003Cli>主题样式随意切换：CSS代码全面开源，你可以深度定制属于自己的主题样式\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>评论框原来可以如此精彩\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>多账号登录：让网站的用户轻松加入你的社区参与讨论，支持新浪微博(Sina Weibo)、QQ(Tencent Weibo和Qzone)、人人(Renren)、豆瓣(Douban)、开心网(Kaixin001)、网易微博(Netease)、搜狐微博(Sohu)、百度(Baidu)账号和邮箱登录，更多登录方式陆续添加中。\u003C\u002Fli>\n\u003Cli>回复提醒：如果评论收到回复，评论者在任何安装了多说系统的网页都可以收到提示，回访你的网站\u003C\u002Fli>\n\u003Cli>评论标记喜欢：鼓励用户留下言之有物的评论\u003C\u002Fli>\n\u003Cli>评论界面自定制：自定义CSS，评论框位置，评论排列顺序，多级回复…多说的自定制选项让评论框自然融入你的网站\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>高效强大的管理后台服务帮你过滤垃圾评论\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>数据本地保存：评论数据实时保存到WordPress本地服务器，并可随时将多说评论导出，不用担心数据丢失\u003C\u002Fli>\n\u003Cli>智能识别：利用Akismat和其他安装了多说评论系统网站的数据库，智能识别垃圾评论\u003C\u002Fli>\n\u003Cli>易用的管理后台：一站式后台帮你轻松、高效的处理海量评论。你可以在后台方便的将评论进行分类和删除，只有正常评论才会显示在网站的页面上。\u003C\u002Fli>\n\u003Cli>多账号管理：多个管理员可登陆管理同一个网站的评论，并可设定管理员、编辑等不同管理权限\u003C\u002Fli>\n\u003Cli>优质的速度和稳定性：300毫秒或更短加载时间，99.9%正常服务时间，加载评论时访问多说服务器，降低网站自身服务器压力\u003C\u002Fli>\n\u003Cli>特别为评论内容设计的SEO优化\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>让多说成为纽带，将你的网站与外界相连\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>分享评论或文章：只需简单勾选，评论或文章即可分享到各大社交网站。带有评论的分享会让评论者的好友更有兴趣访问你的网站\u003C\u002Fli>\n\u003Cli>发文章同步到各大社交网站：WordPress网站可以在发布文章的同时将文章同步到各大社交网站，轻松更新多个微博和博客\u003C\u002Fli>\n\u003Cli>微博评论同步：无需设置，自动显示带有文章url的新浪微博和腾讯微博，及其评论和转发\u003C\u002Fli>\n\u003Cli>跨网站登录：访客在别的网站上登录多说后，再访问你的网站时，可以不用再登录，直接评论\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>细节特色\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>显示文章相关新浪和腾讯微博\u003C\u002Fli>\n\u003Cli>回复提醒：页面浮框提醒和邮件提醒\u003C\u002Fli>\n\u003Cli>最新评论挂件\u003C\u002Fli>\n\u003Cli>采用Akismet过滤垃圾评论\u003C\u002Fli>\n\u003Cli>插入表情\u003C\u002Fli>\n\u003Cli>喜欢文章并分享到社交网络功能\u003C\u002Fli>\n\u003Cli>支持HTML解析\u003C\u002Fli>\n\u003Cli>支持Gravatar头像\u003C\u002Fli>\n\u003Cli>自定义官方微博账号\u003C\u002Fli>\n\u003Cli>写文章同步到微博时第一张图片作为微博配图\u003C\u002Fli>\n\u003Cli>支持自定义CSS追加修改多说样式\u003C\u002Fli>\n\u003Cli>支持首页最新评论列表更新\u003C\u002Fli>\n\u003Cli>支持文章标题旁边的评论计数更新\u003C\u002Fli>\n\u003Cli>启用多说时拒绝垃圾广告机器人利用WP接口发布评论\u003C\u002Fli>\n\u003Cli>定时发微博功能\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>很容易就能找到我们\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>官方网站：\u003Ca href=\"http:\u002F\u002Fduoshuo.com\u002F\" title=\"多说网\" rel=\"nofollow ugc\">duoshuo.com\u003C\u002Fa>\u003Cbr \u002F>\n  新浪微博：\u003Ca href=\"http:\u002F\u002Fweibo.com\u002Fduoshuo\" rel=\"nofollow ugc\">@多说网\u003C\u002Fa>\u003Cbr \u002F>\n  腾讯微博：\u003Ca href=\"http:\u002F\u002Ft.qq.com\u002Fduo-shuo\" rel=\"nofollow ugc\">多说网\u003C\u002Fa>\u003Cbr \u002F>\n  人人主页：\u003Ca href=\"http:\u002F\u002Fpage.renren.com\u002F699168408\" rel=\"nofollow ugc\">多说网\u003C\u002Fa>\u003Cbr \u002F>\n  豆瓣小站：\u003Ca href=\"http:\u002F\u002Fsite.douban.com\u002Fduoshuo\" rel=\"nofollow ugc\">多说网\u003C\u002Fa>\u003Cbr \u002F>\n  网易微博：\u003Ca href=\"http:\u002F\u002Ft.163.com\u002Fduoshuo\" rel=\"nofollow ugc\">@多说网\u003C\u002Fa>\u003Cbr \u002F>\n  搜狐微博：\u003Ca href=\"http:\u002F\u002Fduoshuo.t.sohu.com\u002F\" rel=\"nofollow ugc\">@多说网\u003C\u002Fa>\u003Cbr \u002F>\n  电话：010-82827537\u003Cbr \u002F>\n  QQ：1175762238\u003Cbr \u002F>\n  QQ：2310391001\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>同类产品\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Disqus\u003C\u002Fli>\n\u003Cli>IntenseDebate\u003C\u002Fli>\n\u003Cli>livefyre\u003C\u002Fli>\n\u003Cli>uyan (youyan-social-comment-system)\u003C\u002Fli>\n\u003Cli>pinglunla\u003C\u002Fli>\n\u003Cli>denglu\u003C\u002Fli>\n\u003Cli>wp-connect\u003C\u002Fli>\n\u003Cli>Social Medias Connect\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>DEMO\u003C\u002Fh3>\n\u003Cp>已经有数千家网站开始使用多说，其中包括：\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.chinaz.com\u002F\" title=\"站长之家\" rel=\"nofollow ugc\">站长之家\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.donews.com\u002F\" title=\"DoNews\" rel=\"nofollow ugc\">DoNews\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.pcpop.com\u002F\" title=\"泡泡网\" rel=\"nofollow ugc\">泡泡网\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.it168.com\u002F\" title=\"IT168\" rel=\"nofollow ugc\">IT168\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fblog.xiachufang.com\u002F\" title=\"下厨房\" rel=\"nofollow ugc\">下厨房\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fkxt.fm\u002F\" title=\"邻居的耳朵\" rel=\"nofollow ugc\">邻居的耳朵\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fblog.dnspod.cn\u002F\" title=\"DNSpod\" rel=\"nofollow ugc\">DNSpod\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fhttp:\u002F\u002Fwww.web20share.com\u002F\" title=\"Web2.0Share\" rel=\"nofollow ugc\">Web2.0Share\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.ubuntusoft.com\" title=\"Ubuntusoft\" rel=\"nofollow ugc\">Ubuntusoft\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"www.showeb20.com\u002F\" title=\"分享网络2.0\" rel=\"nofollow ugc\">分享网络2.0\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.lanrentuku.com\u002F\" title=\"学会偷懒 懒出境界\" rel=\"nofollow ugc\">懒人图库\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.ivsky.com\u002F\" title=\"天堂图片网\" rel=\"nofollow ugc\">天堂图片网\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fblog.douguo.com\u002F\" title=\"豆果美食\" rel=\"nofollow ugc\">豆果美食\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.portablesoft.org\u002F\" title=\"精品绿色便携软件\" rel=\"nofollow ugc\">精品绿色便携软件\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.ermiao.com\u002F\" title=\"鸸鹋动物园\" rel=\"nofollow ugc\">鸸鹋动物园\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Faladd.net\u002F\" title=\"高品质设计分享平台\" rel=\"nofollow ugc\">Aladd设计量贩铺\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.macgg.com\u002F\" title=\"MacGG\" rel=\"nofollow ugc\">MacGG\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fmooogu.cn\u002Fblog\" title=\"蘑菇爱家居\" rel=\"nofollow ugc\">蘑菇爱家居\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.vikilife.com\u002F\" title=\"创意玩意集散地\" rel=\"nofollow ugc\">微奇生活\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Fol>\n","追求最佳用户体验的社会化评论框，为中小网站提供新浪微博、QQ、人人、开心、豆瓣等多帐号登录并评论功能。",70,171157,34,12,"2015-12-18T06:58:00.000Z","3.6.1","2.8","",[20,21,22,23,24],"comments","share","social","spam","weibo","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fduoshuo\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fduoshuo.zip",42,2,"2025-08-23 00:00:00","2026-03-15T15:16:48.613Z",[32,46],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":37,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":37},"CVE-2025-48318","cross-site-request-forgery-to-settings-update","多说社会化评论框 \u003C= 1.2 - Cross-Site Request Forgery to Settings Update","The 多说社会化评论框 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=1.2","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2025-08-25 17:17:53",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F4119cfa8-99a3-4d66-a18c-d8dff6916bd2?source=api-prod",{"id":47,"url_slug":48,"title":49,"description":50,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":37,"severity":39,"cvss_score":51,"cvss_vector":52,"vuln_type":53,"published_date":54,"updated_date":55,"references":56,"days_to_patch":37},"CVE-2025-49056","reflected-cross-site-scripting-3","多说社会化评论框 \u003C= 1.2 - Reflected Cross-Site Scripting","The 多说社会化评论框 plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-08-07 00:00:00","2025-08-11 14:37:31",[57],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd9f9d20f-a0cd-40ed-8f75-7b57fe8e70f0?source=api-prod",{"slug":7,"display_name":7,"profile_url":8,"plugin_count":59,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":60,"trust_score":61,"computed_at":62},1,30,53,"2026-04-05T11:54:28.472Z",[64,91,108,126,150],{"slug":65,"name":66,"version":67,"author":68,"author_profile":69,"description":70,"short_description":71,"active_installs":72,"downloaded":73,"rating":74,"num_ratings":75,"last_updated":76,"tested_up_to":77,"requires_at_least":78,"requires_php":18,"tags":79,"homepage":85,"download_link":86,"security_score":87,"vuln_count":88,"unpatched_count":89,"last_vuln_date":90,"fetched_at":30},"super-socializer","Social Share, Social Login and Social Comments Plugin – Super Socializer","7.14.5","Rajat Varlani","https:\u002F\u002Fprofiles.wordpress.org\u002Fthe_champ\u002F","\u003Cp>Integrate Social Login, Social Share and Social Comments at your website easiest and simplest possible way.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important:\u003C\u002Fstrong>\u003Cbr \u002F>\n1. Plugin will not work on local server. You should have an online website for the plugin to function properly.\u003Cbr \u002F>\n2. If you want to integrate only Facebook Login button, you should install \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fheateor-login\u002F\" rel=\"ugc\">Heateor Login\u003C\u002Fa>\u003Cbr \u002F>\n3. If you want to integrate more Social Login buttons including Facebook, you should install \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fheateor-social-login\u002F\" rel=\"ugc\">Heateor Social Login\u003C\u002Fa>\u003Cbr \u002F>\n4. If you want to integrate only Facebook Comments, you should install \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffancy-facebook-comments\u002F\" rel=\"ugc\">Fancy Comments\u003C\u002Fa>\u003Cbr \u002F>\n5. If you want to integrate only Social Share, you should install \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsassy-social-share\" rel=\"ugc\">Sassy Social Share\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Feature list\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Compatible with PHP 8\u003C\u002Fli>\n\u003Cli>GDPR Compliant\u003C\u002Fli>\n\u003Cli>Compatible with Gutenberg editor\u003C\u002Fli>\n\u003Cli>Compatible with myCRED (append myCRED referral ID at the end of the URL being shared)\u003C\u002Fli>\n\u003Cli>Social Share from around 100 social networks\u003C\u002Fli>\n\u003Cli>Summarize content over popular AI platforms like ChatGPT, Grok, Google AI, Claude, Perplexity\u003C\u002Fli>\n\u003Cli>Social Media follow icons \u003C\u002Fli>\n\u003Cli>Share counts are supported for Twitter, Buffer, Reddit, Pinterest, Odnoklassniki, Fintel and Vkontakte\u003C\u002Fli>\n\u003Cli>FREE icon customization options\u003C\u002Fli>\n\u003Cli>Options to specify sharing icon shape – Square, Round and Rectangular\u003C\u002Fli>\n\u003Cli>Options to specify sharing icon size – minimum 16 pixels, no upper limit\u003C\u002Fli>\n\u003Cli>Options to specify sharing icon backround color and logo color\u003C\u002Fli>\n\u003Cli>Sharing counter customization options\u003C\u002Fli>\n\u003Cli>Enable share count cache with option to control cache refresh time-frame\u003C\u002Fli>\n\u003Cli>Enable URL shortening to use in sharing\u003C\u002Fli>\n\u003Cli>Horizontal and Vertical (floating) layout for sharing\u003C\u002Fli>\n\u003Cli>Customizable target URL for sharing\u003C\u002Fli>\n\u003Cli>Rearrange order of sharing icons\u003C\u002Fli>\n\u003Cli>Specify position of sharing icons with respect to content – Top and Bottom\u003C\u002Fli>\n\u003Cli>Enable\u002FDisable sharing on default\u002Fcustom post types\u003C\u002Fli>\n\u003Cli>Enable\u002FDisable sharing on individual pages\u002Fposts\u003C\u002Fli>\n\u003Cli>Enable\u002FDisable total\u002Findividual share count(s)\u003C\u002Fli>\n\u003Cli>Mobile responsive social share bar\u003C\u002Fli>\n\u003Cli>Compatible with AMP\u003C\u002Fli>\n\u003Cli>Enable\u002FDisable vertical\u002Ffloating sharing interface on mobile device\u003C\u002Fli>\n\u003Cli>Social Login from 27 Social Networks – Facebook, Google, Linkedin, Twitter, Vkontakte, Line, Windows Live (Microsoft), Yahoo, WordPress, Dribbble, Kakao, Spotify, Github, Twitch, Instagram, Steam, Dropbox, Foursquare, Disqus, Reddit, Stack Overflow, Discord, Mail.ru, Amazon, Odnoklassniki, Youtube and Yandex\u003C\u002Fli>\n\u003Cli>Enable double opt-in for the users using social login\u003C\u002Fli>\n\u003Cli>Enable Social Login icons at WordPress Login, Register pages and comment form\u003C\u002Fli>\n\u003Cli>Syncs user’s basic social profile data with WordPress profile\u003C\u002Fli>\n\u003Cli>Enable Social Login at WooCommerce checkout page and customer login form\u003C\u002Fli>\n\u003Cli>Enable Sharing at WooCommerce products\u003C\u002Fli>\n\u003Cli>Syncs user’s basic social profile data with WooCommerce profile\u003C\u002Fli>\n\u003Cli>Sync social profile data with BuddyPress XProfile fields\u003C\u002Fli>\n\u003Cli>Auto-approve comments made by users logged in using Social Login\u003C\u002Fli>\n\u003Cli>Use user’s social profile avatar as profile picture at your website\u003C\u002Fli>\n\u003Cli>Customizable login\u002Fpost-registration redirection\u003C\u002Fli>\n\u003Cli>Enable Facebook Like\u002FRecommend, Twitter Tweet, Yummly, Buffer, Xing buttons\u003C\u002Fli>\n\u003Cli>Enable Social Comments – Facebook Comments, Disqus Comments\u003C\u002Fli>\n\u003Cli>Widgets and shortcodes for Social Share, Social Login, Social Comments and Like Buttons\u003C\u002Fli>\n\u003Cli>Let your users link their social accounts to the account at your website\u003C\u002Fli>\n\u003Cli>Compatible with BuddyPress, bbPress, WooCommerce\u003C\u002Fli>\n\u003Cli>Multisite Compatible\u003C\u002Fli>\n\u003Cli>Supports HTTPS enabled websites\u003C\u002Fli>\n\u003Cli>24\u002F7 quickest customer support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Detailed Overview:\u003C\u002Fp>\n\u003Ch4>Social Login\u003C\u002Fh4>\n\u003Cp>Enables users to login to your website through their existing IDs on popular social networks.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Benefits\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Rapid signup\u002Flogin\u003C\u002Fstrong>: When using Social network for login, users do not need to type anything (most of the users are already logged into their social accounts). It helps in boosting signup\u002Flogin rate at your blog.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Profile Data\u003C\u002Fstrong>: User’s profile data will be saved in your blog database. This data also includes users’ email, enabling you to communicate with them.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Spam Reduction\u003C\u002Fstrong>: Because social networks authenticate individuals and generally don’t allow multiple accounts, the likelihood of false identities and spammers goes down.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Social Sharing\u003C\u002Fh4>\n\u003Cp>Enables users to share your website content over popular sharing networks resulting in increased user traffic.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Benefits\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Increased User Traffic\u003C\u002Fstrong>: When users share content over their Social network, it shows up in front of more people which results in increased user traffic at your website.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>SEO Optimization\u003C\u002Fstrong>: Social sharing helps your website content get indexed faster and improves other factors that help in search engine optimization of your blog.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Social Comments\u003C\u002Fh4>\n\u003Cp>Enables users to comment on your website using their Social Media accounts.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Benefits\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Virality\u003C\u002Fstrong>: When people comment at your blog using their Facebook and Disqus accounts, the comment not only shows up at your blog, but it also appears in their news feed. This puts your blog in front of new audience which further adds to the likelihood of you getting a new returning visitor.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Higher Conversations\u003C\u002Fstrong>: When you know the person commenting on something, it’s more likely that you will also type out your ideas there, unlike the situation when you don’t know the person involved in the conversation.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Credibility\u003C\u002Fstrong>: In traditional comment form, anyone can put any fake name (Bruce Wayne ….. ;)) to comment on your blog. If the same comment is from the original Facebook account of the person who is commenting, you can give credibility to this user and also the people will automatically trust it.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>No Spam\u003C\u002Fstrong>: You can get rid off the spammers and users, commenting using their fake accounts.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Works for the lazy\u003C\u002Fstrong>: Most people are nowadays lazy. To get these people commenting on your blog, it will just require them to login to their Facebook account (which almost everyone does after powering ON computer).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>User Profile Data\u003C\u002Fh4>\n\u003Cp>Every time a user logs in, plugin fetches profile data of the user and store that in your WordPress database.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Benefits\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Better Customer Relationship\u003C\u002Fstrong>: User profile data includes user’s personal information which can be used to foster customer relationships.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Updated and Genuine Data\u003C\u002Fstrong>: As people update their (real) profile details on their Social network, you get updated and genuine data which is unlikely in case of traditional registration process.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Enhances Marketing Efforts\u003C\u002Fstrong>: Social data can integrate with third-party platforms such as email marketing platforms, ad servers, recommendation engines, and more, to target the right users with the right messages which increases ROI (Return on Investment).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Social Media Follow Icons\u003C\u002Fh4>\n\u003Cp>Redirect website visitors to your Social Media pages\u003C\u002Fp>\n\u003Ch4>Single sign-on\u003C\u002Fh4>\n\u003Cp>Enable single sign-on in your WordPress multisite network\u003C\u002Fp>\n\u003Ch4>What makes this plugin different and why should I choose this plugin when there are many other social plugins?\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\u003Cstrong>Free\u003C\u002Fstrong>: Yea, right. It is a free plugin. You need not pay single penny to use the features of this plugin.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No need to register anywhere\u003C\u002Fstrong>: Unlike other third party Social plugins, you do not need to create an account at third party website.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Absolutely Simple\u003C\u002Fstrong>: Plugin configuration is kept dead simple. Screenshots are provided with options wherever required.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fresh Icon Themes\u003C\u002Fstrong>: Fresh and trendy themes are used for Social Login and Sharing icons.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Optimal Loading time\u003C\u002Fstrong>: Loading time of Social Login and Sharing icons is optimal and if you compare with other plugins, you will find it less than that of all those plugins.\u003C\u002Fli>\n\u003Cli>We promise to provide \u003Cstrong>best quality\u003C\u002Fstrong> among other similar plugins. If you find our plugin is lacking some feature, you can email us and we will do our best to include that feature in our plugin as soon as possible.\u003C\u002Fli>\n\u003Cli>Our \u003Cstrong>support team is working 24\u002F7\u003C\u002Fstrong> to answer your queries and assist you. You will find us the quickest to respond.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Important links\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsuper-socializer-wordpress.heateor.com\" rel=\"nofollow ugc\">Plugin Demo\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002FSocializerChamp\" rel=\"nofollow ugc\">Plugin Facebook fan page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fheateor\" rel=\"nofollow ugc\">Our Facebook Page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fheateor\" rel=\"nofollow ugc\">Our Twitter Page\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fsupport.heateor.com\" rel=\"nofollow ugc\">Support Documentation\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.heateor.com\u002Fsocial-analytics-sharing\" rel=\"nofollow ugc\">Social Analytics\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.heateor.com\u002Fadd-ons\" rel=\"nofollow ugc\">Add-ons\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>You can provide your feedback at hello[at]heateor[dot]com\u003C\u002Fp>\n","The unique Social Plugin to let you integrate Social Login, Social Share, Social Comments and Social Media follow at your website",20000,3732725,96,685,"2025-09-26T11:49:00.000Z","6.8.5","2.5.0",[80,81,82,83,84],"chatgpt","facebook-comments","grok","social-login","social-share","https:\u002F\u002Fsuper-socializer-wordpress.heateor.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsuper-socializer.7.14.5.zip",92,10,0,"2025-01-20 22:38:24",{"slug":92,"name":93,"version":94,"author":95,"author_profile":96,"description":97,"short_description":98,"active_installs":88,"downloaded":99,"rating":89,"num_ratings":89,"last_updated":100,"tested_up_to":101,"requires_at_least":102,"requires_php":18,"tags":103,"homepage":105,"download_link":106,"security_score":107,"vuln_count":89,"unpatched_count":89,"last_vuln_date":37,"fetched_at":30},"foxy-bookmark","FoxyBookmark","1.0.0","dkjicsow","https:\u002F\u002Fprofiles.wordpress.org\u002Fdkjicsow\u002F","\u003Cp>This plugin for content by the visitor is in social networking\u003C\u002Fp>\n","For content by the visitor in social networks",6290,"2010-09-14T17:46:00.000Z","3.1.4","2.0.2",[20,95,104,21,22],"network","http:\u002F\u002Fwww.dkjicsow.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffoxy-bookmark.1.zip",85,{"slug":109,"name":110,"version":111,"author":112,"author_profile":113,"description":114,"short_description":115,"active_installs":88,"downloaded":116,"rating":117,"num_ratings":59,"last_updated":18,"tested_up_to":118,"requires_at_least":119,"requires_php":18,"tags":120,"homepage":123,"download_link":124,"security_score":117,"vuln_count":89,"unpatched_count":89,"last_vuln_date":37,"fetched_at":125},"social-features-for-wp","Social Monster","1.0.10","bogdan_nazar","https:\u002F\u002Fprofiles.wordpress.org\u002Fbogdan_nazar\u002F","\u003Cp>This plugin adds some social functionality to WordPress. Such as FB comments, VK comments, share buttons etc.\u003Cbr \u002F>\nThe main capabilities of this plugin is listed below:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Internal share buttons (G+,FB,VK,Twitter,Delicious,Pinterest,LinkedIn and more) with ability to select preffered ones.\u003C\u002Fli>\n\u003Cli>The tools for ordering internal social buttons.\u003C\u002Fli>\n\u003Cli>The tools for “ShareThis” buttons embedding. Instructions are present to get customized ShareThis data.\u003C\u002Fli>\n\u003Cli>Facebook and Vkontakte comment widgets.\u003C\u002Fli>\n\u003Cli>Option to order them.\u003C\u002Fli>\n\u003Cli>Option to switch on\u002Foff each of widgets including WP internal comments.\u003C\u002Fli>\n\u003Cli>Default language is set to English.\u003C\u002Fli>\n\u003Cli>Already translated for russian users.\u003C\u002Fli>\n\u003Cli>And more other options to cusomize data and view of comment widgets.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This list of available features will grow in the future releases.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>Plugin is free for any use. Don’t delete the authorship note if you’ll going to modify source code under the your needs.\u003C\u002Fp>\n","This plugin adds some social functionality to Wordpress. Such as FB comments, VK comments, share buttons etc.",2967,100,"4.5.33","3.2.1",[20,121,21,22,122],"facebook","vkontakte","http:\u002F\u002Fwww.bogdan-nazar.ru\u002Fwordpress\u002Fmy-plugins\u002Fsocial-monster","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsocial-features-for-wp.1.0.10.zip","2026-03-15T10:48:56.248Z",{"slug":127,"name":128,"version":129,"author":130,"author_profile":131,"description":132,"short_description":133,"active_installs":134,"downloaded":135,"rating":136,"num_ratings":137,"last_updated":138,"tested_up_to":139,"requires_at_least":140,"requires_php":141,"tags":142,"homepage":146,"download_link":147,"security_score":148,"vuln_count":28,"unpatched_count":89,"last_vuln_date":149,"fetched_at":30},"akismet","Akismet Anti-spam: Spam Protection","5.6","Automattic","https:\u002F\u002Fprofiles.wordpress.org\u002Fautomattic\u002F","\u003Cp>The best anti-spam protection to block spam comments and spam in a contact form. The most trusted antispam solution for WordPress and WooCommerce.\u003C\u002Fp>\n\u003Cp>Akismet checks your comments and contact form submissions against our global database of spam to prevent your site from publishing malicious content. You can review the comment spam it catches on your blog’s “Comments” admin screen.\u003C\u002Fp>\n\u003Cp>Major features in Akismet include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatically checks all comments and filters out the ones that look like spam.\u003C\u002Fli>\n\u003Cli>Each comment has a status history, so you can easily see which comments were caught or cleared by Akismet and which were spammed or unspammed by a moderator.\u003C\u002Fli>\n\u003Cli>URLs are shown in the comment body to reveal hidden or misleading links.\u003C\u002Fli>\n\u003Cli>Moderators can see the number of approved comments for each user.\u003C\u002Fli>\n\u003Cli>A discard feature that outright blocks the worst spam, saving you disk space and speeding up your site.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>PS: You’ll be prompted to get an Akismet.com API key to use it, once activated. Keys are free for personal blogs; paid subscriptions are available for businesses and commercial sites.\u003C\u002Fp>\n","The best anti-spam protection to block spam comments and spam in a contact form. The most trusted antispam solution for WordPress and WooCommerce.",6000000,386405930,94,1173,"2025-11-12T16:31:00.000Z","6.9.4","5.8","7.2",[143,144,20,145,23],"anti-spam","antispam","contact-form","https:\u002F\u002Fakismet.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fakismet.5.6.zip",99,"2015-10-13 00:00:00",{"slug":151,"name":152,"version":153,"author":154,"author_profile":155,"description":156,"short_description":157,"active_installs":158,"downloaded":159,"rating":136,"num_ratings":160,"last_updated":161,"tested_up_to":139,"requires_at_least":162,"requires_php":129,"tags":163,"homepage":168,"download_link":169,"security_score":148,"vuln_count":59,"unpatched_count":89,"last_vuln_date":170,"fetched_at":30},"disable-comments","Disable Comments – Remove Comments & Stop Spam [Multi-Site Support]","2.6.2","WPDeveloper","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpdevteam\u002F","\u003Ch4>Disable Comments – Remove Comments & Stop Spam [Multi-Site Support]\u003C\u002Fh4>\n\u003Cp>Enable\u002FDisable comments on any WordPress content (Pages, Posts, or Media) to stop spammers. WP-CLI, XML-RPC & REST-API support to stop spam comments.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002Fplugins\u002Fdisable-comments\u002F\" rel=\"nofollow ugc\">More About Plugin\u003C\u002Fa> ◼️ \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002Fdocs-category\u002Fdisable-comments\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> ◼️ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fdisable-comments\u002F\" rel=\"ugc\">Support Forum\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FEpuYs9Nf_nY?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Take Global Control Over Your WordPress Site\u003C\u002Fh3>\n\u003Cp>Override all comments-related settings throughout your website & manage your comments just the way you want.\u003C\u002Fp>\n\u003Ch3>Disable Comments On Posts, Pages & Media\u003C\u002Fh3>\n\u003Cp>Choose which posts, pages or media should allow comments from site visitors & configure Disable Comments accordingly\u003C\u002Fp>\n\u003Ch3>Disallow Comments On Multi-Site Network\u003C\u002Fh3>\n\u003Cp>Have multiple websites? Get rid of irrelevant comments on the entire network using Disable Comments Plugin\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FJ9AteKzQpPs?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>KEY FEATURES OF DISABLE COMMENTS\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>All “Comments” links are hidden from the Admin Menu and Admin Bar.\u003C\u002Fli>\n\u003Cli>All comment-related sections (“Recent Comments”, “Discussion” etc.) are hidden from the WordPress Dashboard.\u003C\u002Fli>\n\u003Cli>All comment-related widgets are disabled (so your theme cannot use them).\u003C\u002Fli>\n\u003Cli>The “Discussion” settings page is hidden.\u003C\u002Fli>\n\u003Cli>All comment RSS\u002FAtom feeds are disabled (and requests for these will be redirected to the parent post).\u003C\u002Fli>\n\u003Cli>The X-Pingback HTTP header is removed from all pages.\u003C\u002Fli>\n\u003Cli>Outgoing pingbacks are disabled.\u003C\u002Fli>\n\u003Cli>Stop spam comments entirely from the site with one click.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>[New]\u003C\u002Fstrong> Delete comments by type.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>[New]\u003C\u002Fstrong> Disable comments via \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002Fdocs\u002Fhow-to-disable-comments-made-via-xml-rpc\u002F\" rel=\"nofollow ugc\">XML-RPC\u003C\u002Fa> & \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002Fdocs\u002Fhow-to-disable-comments-made-via-rest-api\u002F\" rel=\"nofollow ugc\">REST-API\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>[New]\u003C\u002Fstrong> Fully Multi-site Network supported.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>[New]\u003C\u002Fstrong> Manage multiple website network-specific subsites or entire network comments in advance.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>[New]\u003C\u002Fstrong> Exclude Disable Comments Settings based on user roles.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FFBq3-W-p-DM?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>Please delete any existing comments on your site \u003Cstrong>before applying this setting\u003C\u002Fstrong>, otherwise (depending on your theme) those comments may still be displayed to visitors. You can use the \u003Cstrong>Delete Comments tool\u003C\u002Fstrong> to delete any existing comments on your site.\u003C\u002Fp>\n\u003Ch3>🌟 WHAT’S NEW WITH DISABLE COMMENTS 2.0\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>AMAZING USER FRIENDLY INTERFACE\u003C\u002Fstrong>\u003Cbr \u002F>\nEasily configure your comment-related settings with an amazing and attractive app-like user interface.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WP-CLI COMMANDS TO DISABLE COMMENTS\u003C\u002Fstrong>\u003Cbr \u002F>\nUse \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002Fdocs\u002Fhow-to-use-disable-comments-plugin-with-wp-cli-command-line\u002F\" rel=\"nofollow ugc\">WP-CLI\u003C\u002Fa> control for comment-related settings to disable comments on posts, pages, attachments or everywhere on your website.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fmzi5uhKB9Zk?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>GET STARTED WITH QUICK SETUP WIZARD\u003C\u002Fstrong>\u003Cbr \u002F>\nUse the quick setup wizard after activating the plugin to instantly configure comment-related settings for your WordPress website.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>DISABLE COMMENTS ON DOCS\u003C\u002Fstrong>\u003Cbr \u002F>\nInstantly disable comments on your documentation pages or WordPress knowledge base with a single click.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Ft7BQ-7A4y4s?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>DELETE CERTAIN COMMENT TYPE(S)\u003C\u002Fstrong>\u003Cbr \u002F>\nPermanently delete certain comment types from your WordPress website including WooCommerce product reviews as well as generic comments.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FIzm_ihC-z10?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>DISABLE COMMENTS VIA XML-RPC And REST API\u003C\u002Fstrong>\u003Cbr \u002F>\nBlock any comments made on your WordPress website via XML-RPC specification and REST API.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important note\u003C\u002Fstrong>: Use this plugin if you don’t want comments at all on your site (or on certain post types). Don’t use it if you want to selectively disable comments on individual posts – WordPress lets you do that anyway. If you don’t know how to disable comments on individual posts, there are instructions in \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisable-comments\u002F#faq\" rel=\"ugc\">the FAQ\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you come across any bugs or have suggestions, please use the plugin support forum. I can’t fix it if I don’t know it’s broken! Please check the \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisable-comments\u002F#faq\" rel=\"ugc\">FAQ\u003C\u002Fa>\u003C\u002Fstrong> for common issues.\u003C\u002Fp>\n\u003Cp>Want to contribute? Here’s the \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FWPDevelopers\u002Fdisable-comments\" rel=\"nofollow ugc\">GitHub development repository\u003C\u002Fa>\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>A \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FWPDevelopers\u002Fdisable-comments-mu\" rel=\"nofollow ugc\">must-use version\u003C\u002Fa> of the plugin is also available.\u003C\u002Fp>\n\u003Ch3>Advanced Configuration\u003C\u002Fh3>\n\u003Cp>Some of the plugin’s behavior can be modified by site administrators and plugin\u002Ftheme developers through code:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Define \u003Ccode>DISABLE_COMMENTS_REMOVE_COMMENTS_TEMPLATE\u003C\u002Fcode> and set it to \u003Ccode>false\u003C\u002Fcode> to prevent the plugin from replacing the theme’s comment template with an empty one.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Define \u003Ccode>DISABLE_COMMENTS_ALLOW_DISCUSSION_SETTINGS\u003C\u002Fcode> and set it to \u003Ccode>true\u003C\u002Fcode> to prevent the plugin from hiding the Discussion settings page.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>These definitions can be made either in your main \u003Ccode>wp-config.php\u003C\u002Fcode> or in your theme’s \u003Ccode>functions.php\u003C\u002Fcode> file.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>THIS PLUGIN IS NOW MAINTAINED BY THE TEAM\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002F\" rel=\"nofollow ugc\">WPDeveloper\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>💙 LOVED DISABLE COMMENTS?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>For documentation and tutorials go to our \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002Fdocs-category\u002Fdisable-comments\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>For video tutorials go to our \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=J9AteKzQpPs&list=PLWHp1xKHCfxD2_xOIR5dMAGf3wd4hv-8K\" rel=\"nofollow ugc\">YouTube Playlist\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Join our \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fgroups\u002Fwpdeveloper.net\u002F\" rel=\"nofollow ugc\">Facebook Group\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>If you love Disable Comments, \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fdisable-comments\u002Freviews\u002F?filter=5\" rel=\"ugc\">rate us on WordPress\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>For more information about features, FAQs, and documentation, check out our website at \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002Fplugins\u002Fdisable-comments\u002F\" rel=\"nofollow ugc\">Disable Comments\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔥 GET FREEBIES FOR YOUR WORDPRESS SITE\u003C\u002Fh3>\n\u003Cp>Consider checking out our other WordPress solutions & boost your WordPress website:\u003C\u002Fp>\n\u003Cp>🔝 \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fessential-addons-for-elementor-lite\u002F\" rel=\"ugc\">Essential Addons For Elementor\u003C\u002Fa>: Most popular Elementor addons with 2 million+ happy users & 95+ widgets & ready blocks\u003C\u002Fp>\n\u003Cp>🔔 \u003Ca href=\"https:\u002F\u002Fnotificationx.com\u002F\" rel=\"nofollow ugc\">NotificationX\u003C\u002Fa> – Best Social Proof & FOMO Marketing Solution to increase conversion rates.\u003C\u002Fp>\n\u003Cp>🔗 \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbetterlinks\u002F\" rel=\"ugc\">BetterLinks\u003C\u002Fa>: Latest best WordPress link management plugin for link shortening, tracking & analyzing.\u003C\u002Fp>\n\u003Cp>📄 \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fembedpress\u002F\" rel=\"ugc\">EmbedPress\u003C\u002Fa>: EmbedPress lets you embed anything including videos, images, posts, audio, maps and upload PDF, DOC, PPT etc.\u003C\u002Fp>\n\u003Cp>☁ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftemplately\u002F\" rel=\"ugc\">Templately\u003C\u002Fa>: 6000+ Free templates library for Elementor & Gutenberg along with the cloud collaboration for WordPress.\u003C\u002Fp>\n\u003Cp>📚 \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbetterdocs\u002F\" rel=\"ugc\">BetterDocs\u003C\u002Fa>: Best Documentation & Knowledge Base Plugin for WordPress reduce manual support tickets & improve user experience.\u003C\u002Fp>\n\u003Cp>⏰ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-scheduled-posts\u002F\" rel=\"ugc\">SchedulePress\u003C\u002Fa>: Advanced editorial calendar with WordPress Post Scheduling, Social Sharing, Missed scheduled alerts, and more.\u003C\u002Fp>\n\u003Cp>⚡ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fthemes\u002Fflexia\u002F\" rel=\"ugc\">Flexia\u003C\u002Fa>: Most lightweight, customizable & multi purpose theme for WordPress.\u003C\u002Fp>\n\u003Cp>Visit \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002F\" rel=\"nofollow ugc\">WPDeveloper\u003C\u002Fa> to learn more about how to do better in WordPress with \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002Fblog\" rel=\"nofollow ugc\">Help Tutorial, Tips & Tricks\u003C\u002Fa>.\u003C\u002Fp>\n","Allows administrators to globally disable comments on their site. Comments can be disabled according to post type. Multisite friendly.",1000000,31676190,276,"2026-01-20T08:14:00.000Z","5.0",[164,151,165,166,167],"delete-comments","remove-comments","spam-protection","stop-spam","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisable-comments\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-comments.2.6.2.zip","2014-08-01 00:00:00",{"attackSurface":172,"codeSignals":331,"taintFlows":616,"riskAssessment":787,"analyzedAt":800},{"hooks":173,"ajaxHandlers":316,"restRoutes":326,"shortcodes":327,"cronEvents":328,"entryPointCount":28,"unprotectedCount":28},[174,180,183,186,190,193,196,200,204,208,212,216,220,223,227,231,235,239,242,246,250,254,258,262,266,270,274,278,281,284,288,292,296,300,303,308,311],{"type":175,"name":176,"callback":177,"file":178,"line":179},"action","admin_notices","duoshuo_php_version_warning","duoshuo.php",18,{"type":175,"name":176,"callback":181,"file":178,"line":182},"duoshuo_wp_version_warning",28,{"type":175,"name":176,"callback":184,"file":178,"line":185},"duoshuo_transport_warning",52,{"type":187,"name":188,"callback":189,"priority":88,"file":178,"line":11},"filter","plugin_action_links_duoshuo\u002Fduoshuo.php","pluginActionLinks",{"type":175,"name":176,"callback":191,"file":178,"line":192},"duoshuo_config_warning",78,{"type":175,"name":176,"callback":194,"file":178,"line":195},"notices",82,{"type":175,"name":197,"callback":198,"file":178,"line":199},"switch_theme","updateSite",84,{"type":187,"name":201,"callback":202,"file":178,"line":203},"post_row_actions","actionsFilter",88,{"type":175,"name":205,"callback":206,"file":178,"line":207},"post_comment_status_meta_box-options","commentStatusMetaBoxOptions",107,{"type":175,"name":209,"callback":210,"file":178,"line":211},"wp_dashboard_setup","duoshuo_add_dashboard_widget",109,{"type":175,"name":213,"callback":214,"file":178,"line":215},"admin_head-edit-comments.php","originalCommentsNotice",131,{"type":175,"name":217,"callback":218,"file":178,"line":219},"login_form","loginForm",149,{"type":175,"name":221,"callback":218,"file":178,"line":222},"register_form",150,{"type":187,"name":224,"callback":225,"file":178,"line":226},"comments_template","commentsTemplate",157,{"type":187,"name":228,"callback":229,"file":178,"line":230},"comments_popup_link_attributes","commentsPopupLinkAttributes",160,{"type":187,"name":232,"callback":233,"file":178,"line":234},"comments_number","commentsText",161,{"type":175,"name":236,"callback":237,"file":178,"line":238},"trackback_post","exportOneComment",165,{"type":175,"name":240,"callback":237,"file":178,"line":241},"pingback_post",166,{"type":187,"name":243,"callback":244,"priority":88,"file":178,"line":245},"comments_open","commentsOpen",176,{"type":175,"name":247,"callback":248,"priority":88,"file":178,"line":249},"set_auth_cookie","setJwtCookie",177,{"type":175,"name":251,"callback":252,"file":178,"line":253},"clear_auth_cookie","clearJwtCookie",178,{"type":175,"name":255,"callback":256,"file":178,"line":257},"profile_update","syncUserToRemote",180,{"type":175,"name":259,"callback":260,"file":178,"line":261},"user_register","userRegisterHook",181,{"type":175,"name":263,"callback":264,"priority":88,"file":178,"line":265},"wp_login","bindUser",182,{"type":175,"name":267,"callback":268,"file":178,"line":269},"duoshuo_sync_log_cron","syncLog",185,{"type":175,"name":271,"callback":272,"priority":88,"file":178,"line":273},"admin_menu","duoshuo_add_pages",350,{"type":175,"name":275,"callback":276,"file":178,"line":277},"admin_init","duoshuo_request_handler",351,{"type":175,"name":275,"callback":279,"file":178,"line":280},"registerSettings",352,{"type":175,"name":275,"callback":282,"file":178,"line":283},"duoshuo_admin_initialize",353,{"type":175,"name":285,"callback":286,"file":178,"line":287},"init","duoshuo_initialize",356,{"type":175,"name":289,"callback":290,"file":178,"line":291},"login_form_duoshuo_login","oauthConnect",357,{"type":175,"name":293,"callback":294,"file":178,"line":295},"widgets_init","duoshuo_register_widgets",361,{"type":175,"name":297,"callback":298,"file":178,"line":299},"save_post","savePostDuoshuoStatus",363,{"type":175,"name":297,"callback":301,"priority":88,"file":178,"line":302},"syncPostToRemote",364,{"type":175,"name":304,"callback":305,"file":306,"line":307},"wp_head","recent_comments_style","widgets.php",14,{"type":175,"name":304,"callback":309,"file":306,"line":310},"printScripts",231,{"type":187,"name":312,"callback":313,"file":314,"line":315},"wp_kses_allowed_html","allowedHtml","WordPress.php",1010,[317,322],{"action":318,"nopriv":319,"callback":320,"hasNonce":319,"hasCapCheck":319,"file":178,"line":321},"duoshuo_export",false,"export",134,{"action":323,"nopriv":319,"callback":324,"hasNonce":319,"hasCapCheck":319,"file":178,"line":325},"duoshuo_sync_log","syncLogAction",135,[],[],[329],{"hook":267,"callback":267,"file":178,"line":330},187,{"dangerousFunctions":332,"sqlUsage":333,"outputEscaping":361,"fileOperations":89,"externalRequests":89,"nonceChecks":89,"capabilityChecks":614,"bundledLibraries":615},[],{"prepared":88,"raw":14,"locations":334},[335,338,340,342,344,347,349,351,353,355,357,359],{"file":314,"line":336,"context":337},1022,"$wpdb->get_var() with variable interpolation",{"file":314,"line":339,"context":337},1043,{"file":314,"line":341,"context":337},1051,{"file":314,"line":343,"context":337},1060,{"file":314,"line":345,"context":346},1085,"$wpdb->get_col() with variable interpolation",{"file":314,"line":348,"context":346},1088,{"file":314,"line":350,"context":346},1100,{"file":314,"line":352,"context":346},1103,{"file":314,"line":354,"context":346},1115,{"file":314,"line":356,"context":346},1118,{"file":314,"line":358,"context":346},1130,{"file":314,"line":360,"context":346},1133,{"escaped":362,"rawEcho":363,"locations":364},49,143,[365,369,372,374,376,378,380,382,383,385,388,389,391,392,394,396,398,400,402,405,407,408,410,412,413,415,418,420,421,423,424,425,427,428,429,431,433,435,436,437,439,440,442,443,445,447,449,451,453,454,456,457,458,460,461,462,463,465,467,468,470,472,474,475,477,479,481,482,484,486,488,489,490,492,494,495,496,498,500,502,503,504,506,508,510,512,514,515,517,519,521,522,523,525,527,529,530,531,533,535,536,538,540,542,543,544,546,548,549,550,552,554,556,557,559,561,562,564,566,567,569,571,573,575,577,579,580,582,584,586,588,590,592,594,596,598,600,602,604,606,608,610,612],{"file":366,"line":367,"context":368},"api.php",25,"raw output",{"file":370,"line":371,"context":368},"bind.php",19,{"file":370,"line":373,"context":368},20,{"file":370,"line":375,"context":368},21,{"file":370,"line":377,"context":368},22,{"file":370,"line":379,"context":368},23,{"file":370,"line":381,"context":368},24,{"file":370,"line":367,"context":368},{"file":370,"line":384,"context":368},26,{"file":386,"line":387,"context":368},"comments.php",11,{"file":386,"line":371,"context":368},{"file":386,"line":390,"context":368},36,{"file":386,"line":61,"context":368},{"file":393,"line":59,"context":368},"config.php",{"file":393,"line":395,"context":368},3,{"file":393,"line":397,"context":368},17,{"file":178,"line":399,"context":368},74,{"file":178,"line":401,"context":368},123,{"file":403,"line":404,"context":368},"LocalServer.php",79,{"file":406,"line":59,"context":368},"manage.php",{"file":406,"line":307,"context":368},{"file":406,"line":409,"context":368},16,{"file":411,"line":59,"context":368},"preferences.php",{"file":411,"line":307,"context":368},{"file":411,"line":414,"context":368},15,{"file":416,"line":417,"context":368},"profile.php",8,{"file":416,"line":419,"context":368},13,{"file":416,"line":414,"context":368},{"file":422,"line":59,"context":368},"settings.php",{"file":422,"line":419,"context":368},{"file":422,"line":397,"context":368},{"file":422,"line":426,"context":368},138,{"file":422,"line":253,"context":368},{"file":422,"line":253,"context":368},{"file":422,"line":430,"context":368},196,{"file":422,"line":432,"context":368},200,{"file":434,"line":59,"context":368},"statistics.php",{"file":434,"line":14,"context":368},{"file":434,"line":419,"context":368},{"file":438,"line":59,"context":368},"sync.php",{"file":438,"line":395,"context":368},{"file":438,"line":441,"context":368},7,{"file":438,"line":441,"context":368},{"file":444,"line":59,"context":368},"themes.php",{"file":444,"line":446,"context":368},35,{"file":444,"line":448,"context":368},37,{"file":444,"line":450,"context":368},51,{"file":306,"line":452,"context":368},59,{"file":306,"line":136,"context":368},{"file":306,"line":455,"context":368},95,{"file":306,"line":455,"context":368},{"file":306,"line":455,"context":368},{"file":306,"line":459,"context":368},98,{"file":306,"line":148,"context":368},{"file":306,"line":148,"context":368},{"file":306,"line":117,"context":368},{"file":306,"line":464,"context":368},104,{"file":306,"line":466,"context":368},105,{"file":306,"line":466,"context":368},{"file":306,"line":469,"context":368},106,{"file":306,"line":471,"context":368},110,{"file":306,"line":473,"context":368},111,{"file":306,"line":473,"context":368},{"file":306,"line":476,"context":368},112,{"file":306,"line":478,"context":368},116,{"file":306,"line":480,"context":368},117,{"file":306,"line":480,"context":368},{"file":306,"line":483,"context":368},118,{"file":306,"line":485,"context":368},121,{"file":306,"line":487,"context":368},122,{"file":306,"line":487,"context":368},{"file":306,"line":487,"context":368},{"file":306,"line":491,"context":368},125,{"file":306,"line":493,"context":368},126,{"file":306,"line":493,"context":368},{"file":306,"line":493,"context":368},{"file":306,"line":497,"context":368},173,{"file":306,"line":499,"context":368},201,{"file":306,"line":501,"context":368},202,{"file":306,"line":501,"context":368},{"file":306,"line":501,"context":368},{"file":306,"line":505,"context":368},205,{"file":306,"line":507,"context":368},206,{"file":306,"line":509,"context":368},207,{"file":306,"line":511,"context":368},211,{"file":306,"line":513,"context":368},212,{"file":306,"line":513,"context":368},{"file":306,"line":516,"context":368},213,{"file":306,"line":518,"context":368},216,{"file":306,"line":520,"context":368},217,{"file":306,"line":520,"context":368},{"file":306,"line":520,"context":368},{"file":306,"line":524,"context":368},272,{"file":306,"line":526,"context":368},301,{"file":306,"line":528,"context":368},302,{"file":306,"line":528,"context":368},{"file":306,"line":528,"context":368},{"file":306,"line":532,"context":368},305,{"file":306,"line":534,"context":368},306,{"file":306,"line":534,"context":368},{"file":306,"line":537,"context":368},307,{"file":306,"line":539,"context":368},310,{"file":306,"line":541,"context":368},311,{"file":306,"line":541,"context":368},{"file":306,"line":541,"context":368},{"file":306,"line":545,"context":368},312,{"file":306,"line":547,"context":368},313,{"file":306,"line":547,"context":368},{"file":306,"line":547,"context":368},{"file":306,"line":551,"context":368},391,{"file":306,"line":553,"context":368},415,{"file":306,"line":555,"context":368},416,{"file":306,"line":555,"context":368},{"file":306,"line":558,"context":368},417,{"file":306,"line":560,"context":368},418,{"file":306,"line":560,"context":368},{"file":306,"line":563,"context":368},419,{"file":306,"line":565,"context":368},420,{"file":306,"line":565,"context":368},{"file":306,"line":568,"context":368},421,{"file":306,"line":570,"context":368},423,{"file":306,"line":572,"context":368},424,{"file":306,"line":574,"context":368},425,{"file":306,"line":576,"context":368},426,{"file":306,"line":578,"context":368},427,{"file":314,"line":526,"context":368},{"file":314,"line":581,"context":368},591,{"file":314,"line":583,"context":368},611,{"file":314,"line":585,"context":368},627,{"file":314,"line":587,"context":368},631,{"file":314,"line":589,"context":368},640,{"file":314,"line":591,"context":368},653,{"file":314,"line":593,"context":368},1145,{"file":314,"line":595,"context":368},1149,{"file":314,"line":597,"context":368},1160,{"file":314,"line":599,"context":368},1164,{"file":314,"line":601,"context":368},1172,{"file":314,"line":603,"context":368},1182,{"file":314,"line":605,"context":368},1254,{"file":314,"line":607,"context":368},1262,{"file":314,"line":609,"context":368},1337,{"file":314,"line":611,"context":368},1362,{"file":314,"line":613,"context":368},1363,5,[],[617,634,646,657,668,677,724,735,744,757,768,779],{"entryPoint":618,"graph":619,"unsanitizedCount":59,"severity":39},"\u003Coauth-proxy> (oauth-proxy.php:0)",{"nodes":620,"edges":632},[621,627],{"id":622,"type":623,"label":624,"file":625,"line":626},"n0","source","$_GET","oauth-proxy.php",9,{"id":628,"type":629,"label":630,"file":625,"line":387,"wp_function":631},"n1","sink","header() [Header Injection]","header",[633],{"from":622,"to":628,"sanitized":319},{"entryPoint":635,"graph":636,"unsanitizedCount":28,"severity":39},"userLogin (WordPress.php:200)",{"nodes":637,"edges":644},[638,641],{"id":622,"type":623,"label":639,"file":314,"line":640},"$_GET['redirect_to'] (x2)",215,{"id":628,"type":629,"label":642,"file":314,"line":640,"wp_function":643},"wp_redirect() [Open Redirect]","wp_redirect",[645],{"from":622,"to":628,"sanitized":319},{"entryPoint":647,"graph":648,"unsanitizedCount":59,"severity":39},"bindUser (WordPress.php:255)",{"nodes":649,"edges":655},[650,653],{"id":622,"type":623,"label":651,"file":314,"line":652},"$_POST",263,{"id":628,"type":629,"label":642,"file":314,"line":654,"wp_function":643},268,[656],{"from":622,"to":628,"sanitized":319},{"entryPoint":658,"graph":659,"unsanitizedCount":59,"severity":39},"loginForm (WordPress.php:625)",{"nodes":660,"edges":666},[661,663],{"id":622,"type":623,"label":662,"file":314,"line":587},"$_REQUEST['duoshuo_access_token']",{"id":628,"type":629,"label":664,"file":314,"line":587,"wp_function":665},"echo() [XSS]","echo",[667],{"from":622,"to":628,"sanitized":319},{"entryPoint":669,"graph":670,"unsanitizedCount":59,"severity":39},"dashboardWidgetControl (WordPress.php:1347)",{"nodes":671,"edges":675},[672,674],{"id":622,"type":623,"label":651,"file":314,"line":673},1355,{"id":628,"type":629,"label":664,"file":314,"line":613,"wp_function":665},[676],{"from":622,"to":628,"sanitized":319},{"entryPoint":678,"graph":679,"unsanitizedCount":626,"severity":39},"\u003CWordPress> (WordPress.php:0)",{"nodes":680,"edges":716},[681,682,683,685,687,689,691,695,699,703,705,708,710,714],{"id":622,"type":623,"label":639,"file":314,"line":640},{"id":628,"type":629,"label":642,"file":314,"line":640,"wp_function":643},{"id":684,"type":623,"label":651,"file":314,"line":652},"n2",{"id":686,"type":629,"label":642,"file":314,"line":654,"wp_function":643},"n3",{"id":688,"type":623,"label":662,"file":314,"line":587},"n4",{"id":690,"type":629,"label":664,"file":314,"line":587,"wp_function":665},"n5",{"id":692,"type":623,"label":693,"file":314,"line":694},"n6","$_GET['short_name']",647,{"id":696,"type":629,"label":697,"file":314,"line":694,"wp_function":698},"n7","update_option() [Settings Manipulation]","update_option",{"id":700,"type":623,"label":701,"file":314,"line":702},"n8","$_GET['secret']",648,{"id":704,"type":629,"label":697,"file":314,"line":702,"wp_function":698},"n9",{"id":706,"type":623,"label":707,"file":314,"line":652},"n10","$_POST (x2)",{"id":709,"type":629,"label":664,"file":314,"line":607,"wp_function":665},"n11",{"id":711,"type":623,"label":712,"file":314,"line":713},"n12","$_POST[$optionName]",1377,{"id":715,"type":629,"label":697,"file":314,"line":713,"wp_function":698},"n13",[717,718,719,720,721,722,723],{"from":622,"to":628,"sanitized":319},{"from":684,"to":686,"sanitized":319},{"from":688,"to":690,"sanitized":319},{"from":692,"to":696,"sanitized":319},{"from":700,"to":704,"sanitized":319},{"from":706,"to":709,"sanitized":319},{"from":711,"to":715,"sanitized":319},{"entryPoint":725,"graph":726,"unsanitizedCount":59,"severity":734},"duoshuo_request_handler (duoshuo.php:308)",{"nodes":727,"edges":732},[728,731],{"id":622,"type":623,"label":729,"file":178,"line":730},"$_GET['duoshuo_theme']",332,{"id":628,"type":629,"label":697,"file":178,"line":730,"wp_function":698},[733],{"from":622,"to":628,"sanitized":319},"low",{"entryPoint":736,"graph":737,"unsanitizedCount":89,"severity":734},"\u003Cduoshuo> (duoshuo.php:0)",{"nodes":738,"edges":741},[739,740],{"id":622,"type":623,"label":729,"file":178,"line":730},{"id":628,"type":629,"label":697,"file":178,"line":730,"wp_function":698},[742],{"from":622,"to":628,"sanitized":743},true,{"entryPoint":745,"graph":746,"unsanitizedCount":28,"severity":734},"update_option (LocalServer.php:43)",{"nodes":747,"edges":754},[748,750,751,753],{"id":622,"type":623,"label":749,"file":403,"line":362},"$_POST['option']",{"id":628,"type":629,"label":697,"file":403,"line":362,"wp_function":698},{"id":684,"type":623,"label":752,"file":403,"line":362},"$_POST['value']",{"id":686,"type":629,"label":697,"file":403,"line":362,"wp_function":698},[755,756],{"from":622,"to":628,"sanitized":319},{"from":684,"to":686,"sanitized":319},{"entryPoint":758,"graph":759,"unsanitizedCount":28,"severity":734},"\u003CLocalServer> (LocalServer.php:0)",{"nodes":760,"edges":765},[761,762,763,764],{"id":622,"type":623,"label":749,"file":403,"line":362},{"id":628,"type":629,"label":697,"file":403,"line":362,"wp_function":698},{"id":684,"type":623,"label":752,"file":403,"line":362},{"id":686,"type":629,"label":697,"file":403,"line":362,"wp_function":698},[766,767],{"from":622,"to":628,"sanitized":319},{"from":684,"to":686,"sanitized":319},{"entryPoint":769,"graph":770,"unsanitizedCount":28,"severity":734},"connectSite (WordPress.php:646)",{"nodes":771,"edges":776},[772,773,774,775],{"id":622,"type":623,"label":693,"file":314,"line":694},{"id":628,"type":629,"label":697,"file":314,"line":694,"wp_function":698},{"id":684,"type":623,"label":701,"file":314,"line":702},{"id":686,"type":629,"label":697,"file":314,"line":702,"wp_function":698},[777,778],{"from":622,"to":628,"sanitized":319},{"from":684,"to":686,"sanitized":319},{"entryPoint":780,"graph":781,"unsanitizedCount":59,"severity":734},"updateLocalOptions (WordPress.php:1374)",{"nodes":782,"edges":785},[783,784],{"id":622,"type":623,"label":712,"file":314,"line":713},{"id":628,"type":629,"label":697,"file":314,"line":713,"wp_function":698},[786],{"from":622,"to":628,"sanitized":319},{"summary":788,"deductions":789},"The duoshuo v1.2 plugin presents a significant security risk due to several critical weaknesses.  While the plugin does not utilize dangerous functions or make external HTTP requests, its static analysis reveals a concerning lack of security checks on its entry points. Specifically, both of the identified AJAX handlers lack authentication checks, creating a wide attack surface that could be exploited by unauthenticated users.  Furthermore, the plugin exhibits poor output escaping practices, with only 26% of outputs being properly escaped, which can lead to cross-site scripting vulnerabilities. The vulnerability history further exacerbates these concerns, with two known unpatched medium severity CVEs, both related to Cross-Site Request Forgery and Cross-Site Scripting.  These recurring vulnerability types suggest a pattern of insecure coding practices related to input handling and user interaction. While the presence of capability checks and prepared statements for SQL queries are positive signs, they are overshadowed by the critical flaws in authentication and output sanitization, alongside the unpatched vulnerabilities, leading to an overall poor security posture.",[790,792,794,796,798],{"reason":791,"points":88},"AJAX handlers without authentication checks",{"reason":793,"points":417},"High number of flows with unsanitized paths",{"reason":795,"points":441},"Low percentage of properly escaped outputs",{"reason":797,"points":373},"Two unpatched medium severity CVEs",{"reason":799,"points":88},"No nonce checks on entry points","2026-03-16T21:36:45.421Z",{"wat":802,"direct":812},{"assetPaths":803,"generatorPatterns":809,"scriptPaths":810,"versionParams":811},[804,805,806,807,808],"\u002Fwp-content\u002Fplugins\u002Fduoshuo\u002Fscript.js","\u002Fwp-content\u002Fplugins\u002Fduoshuo\u002Fcomments.js","\u002Fwp-content\u002Fplugins\u002Fduoshuo\u002Fadmin.js","\u002Fwp-content\u002Fplugins\u002Fduoshuo\u002Fimages\u002Fmenu-icon.png","\u002Fwp-content\u002Fplugins\u002Fduoshuo\u002Fwidgets.php",[],[804,805,806],[],{"cssClasses":813,"htmlComments":817,"htmlAttributes":822,"restEndpoints":832,"jsGlobals":833,"shortcodeOutput":835},[814,815,816],"ds-thread","ds-inline-feed","ds-meta",[818,819,820,821],"\u003C!-- 多说评论 start -->","\u003C!-- 多说评论 end -->","\u003C!-- 多说登录 start -->","\u003C!-- 多说登录 end -->",[823,824,825,826,827,828,829,830,831],"data-thread-key","data-url","data-title","data-slug","data-category","data-author-key","data-avatar-url","data-ds-id","data-ds-user",[],[834,4],"DUOSHUO",[]]