[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fQfBmioGJnH-eN7DiV-StuQPFo0p5HtDKhNkIUInqM2o":3,"$fj3AkSC2LfSArf4_9TECNY7JSkU6RtaXFvR9flkLuEJ8":310,"$fXQRj-JPdsXHPgMnH2HDtLW9klBCF85umlWoOhzPr0TY":315},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"discovery_status":30,"vulnerabilities":31,"developer":32,"crawl_stats":28,"alternatives":37,"analysis":139,"fingerprints":284},"email-notification-on-comment-approval","Email Notification On Comment Approval","0.1","pranjan","https:\u002F\u002Fprofiles.wordpress.org\u002Fpranjan\u002F","\u003Cp>This is a WordPress Plugin for inform a comment author on the approval of author comment on WordPress site.\u003Cbr \u002F>\nThis Plugin have a admin panel setting page where you can add CC and BCC for mail.\u003C\u002Fp>\n\u003Cp>This plugin will send a HTML email content so you can send content design as you want.\u003C\u002Fp>\n\u003Cp>This Plugin have a HTML editor in its setting page section to design mail body.\u003C\u002Fp>\n\u003Cp>You can insert code for site URL, Comment page URL And Site name as dynamic mail content . You can do it by inserting [site_url], [comment_url] and [site_name].\u003Cbr \u002F>\nKey Featurs\u003C\u002Fp>\n\u003Cpre>\u003Ccode>HTML editor\nHTML email\nDynamic URLs in mail\nOption to add CC and BCC\nEmail Content Editor\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>A brief Markdown Example\u003C\u002Fh3>\n\u003Cp>Ordered list:\u003C\u002Fp>\n\u003Col>\n\u003Cli>HTML editor\u003C\u002Fli>\n\u003Cli>HTML email\u003C\u002Fli>\n\u003Cli>Dynamic URLs in mail\u003C\u002Fli>\n\u003Cli>Option to add CC and BCC\u003C\u002Fli>\n\u003Cli>Email Content Editor\u003C\u002Fli>\n\u003C\u002Fol>\n","This plugin notifies the comment auther by email on approval of his\u002Fher Comment.",10,2448,66,4,"2013-02-05T07:01:00.000Z","3.5.2","2.5","",[20,21,22,23],"approval","comments","email","notification","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Femail-notification-on-comment-approval\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femail-notification-on-comment-approval.zip",85,0,null,"2026-04-06T09:54:40.288Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},1,30,84,"2026-05-20T03:02:07.040Z",[38,59,81,104,120],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":18,"tags":53,"homepage":56,"download_link":57,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":58},"comment-email-reply","Comment Email Reply","1.0.4","kilozwo","https:\u002F\u002Fprofiles.wordpress.org\u002Fkilozwo\u002F","\u003Cp>Simply notifies comment-author via email if someone replies to his comment. Zero Configuration.\u003C\u002Fp>\n","Simply notifies comment-author via email if someone replies to his comment. Zero Configuration.",600,10979,90,15,"2015-04-06T11:37:00.000Z","4.1.42","3.0.1",[54,21,22,23,55],"author","reply","http:\u002F\u002Fkilozwo.de\u002Fwordpress-comment-email-reply-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomment-email-reply.1.0.4.zip","2026-04-16T10:56:18.058Z",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":69,"num_ratings":33,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":73,"tags":74,"homepage":79,"download_link":80,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":58},"wp-comment-notification","WP Comment Notification","1.4","WpExperts Hub","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpexpertshub\u002F","\u003Cp>🔹 Manage your wordpress comment notification emails.\u003Cbr \u002F>\n🔹 Send email notifications to other users or multiple different emails.\u003Cbr \u002F>\n🔹 Add Comma separated email list in settings to send email notifications.\u003C\u002Fp>\n\u003Ch3>Acknowledgements\u003C\u002Fh3>\n\u003Cp>Thanks to every donor, supporter, and bug reporter!\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is Free Software, released and licensed under the GPL, version 2 (http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html).\u003Cbr \u002F>\nYou may use it free of charge for any purpose.\u003C\u002Fp>\n","Send email notification to predefined email ids when someone comments on your blog.",500,8912,100,"2022-07-30T07:40:00.000Z","6.0.11","5.6","7.2",[75,76,77,23,78],"comment-emails","comments-notification","manage-comments-notification","wordpress-comments","https:\u002F\u002Fwpexpertshub.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-comment-notification.zip",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":69,"downloaded":89,"rating":90,"num_ratings":91,"last_updated":92,"tested_up_to":93,"requires_at_least":94,"requires_php":95,"tags":96,"homepage":102,"download_link":103,"security_score":69,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":58},"comments-subscribe-checkbox","Subscribe To Comments Checkbox","1.2.6","yydevelopment","https:\u002F\u002Fprofiles.wordpress.org\u002Fyydevelopment\u002F","\u003Cp>The subscribe to comments checkbox is a simple plugin that will allow you to add subscribe checkbox message below comments on your website and it will also send automatic email when the comment get replied.\u003C\u002Fp>\n\u003Cp>To add the comment email subscribe notification message all you need to do is to activate the plugin and it will be added automatically.\u003C\u002Fp>\n\u003Cp>The plugin also allow you to see under the “comments” section in wordpress admin panel all the user that subscribed to the comment reply in your blog posts & pages and you will be able to see who get mail and who didn’t.\u003C\u002Fp>\n\u003Ch4>Comments Subscribe Checkbox Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Comment subscribe notification message below the comment box\u003C\u002Fli>\n\u003Cli>Comments users management system\u003C\u002Fli>\n\u003Cli>Automatic email message that will be send to every user who subscribed to the comment\u003C\u002Fli>\n\u003Cli>The ability to unsubscribe from getting new comments on the site\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Available languages:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Hebrew (only frontend code)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>About the author & license\u003C\u002Fh4>\n\u003Cp>This plugin was brought to you for free by \u003Ca href=\"https:\u002F\u002Fwww.yydevelopment.com\u002F\" rel=\"nofollow ugc\">YYDevelopment\u003C\u002Fa> under GPLv2 license.\u003C\u002Fp>\n\u003Cp>The plugin is 100% free and we intend to keep it that way in the future as well. You are free to use this plugin and all our other \u003Ca href=\"https:\u002F\u002Fwww.yydevelopment.com\u002Fyydevelopment-wordpress-plugins\u002F\" rel=\"nofollow ugc\">free wordpress plugins\u003C\u002Fa> for your projects, your client’s projects or for anything else you need.\u003C\u002Fp>\n\u003Cp>If this plugin was helpful for you please share it online and if you get a chance to give it a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcomments-subscribe-checkbox\u002F#reviews\" rel=\"ugc\">positive review\u003C\u002Fa> we will appreciate that.\u003C\u002Fp>\n\u003Cp>If have any problems or questions regarding our comments subscribe checkbox plugin \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcomments-subscribe-checkbox\u002F\" rel=\"ugc\">submit a ticket\u003C\u002Fa> and we will be happy to help.\u003C\u002Fp>\n\u003Cp>By the way, we are based in Israel so we welcome you to visit our Hebrew site as well \u003Ca href=\"https:\u002F\u002Fwww.yydevelopment.co.il\u002F\" rel=\"nofollow ugc\">YYDevelopment Israel\u003C\u002Fa> if you are fellow Israeli.\u003C\u002Fp>\n\u003Ch4>Help support us with a coffee donation\u003C\u002Fh4>\n\u003Cp>Don’t you just hate it when you download a plugin and you find out that in order to use it you have to buy a pro version?\u003C\u002Fp>\n\u003Cp>Even bigger problem is when you use a plugin and then just out of the blue the developer decides to add a pro version and he either changes the way the plugin works or he converts some of the free functions to paid ones.\u003C\u002Fp>\n\u003Cp>We sure did hate that and a few years back we decided to start creating some of the plugins ourselves and we decided to share them all with the WordPress community \u003Cstrong>100% FREE\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>Nowadays we have more than 15 plugins and you can download and use them all for free by \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsearch\u002Fyydevelopment\u002F\" rel=\"ugc\">Clicking Here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>If you liked this plugin and you want to help support our cause, \u003Ca href=\"https:\u002F\u002Fwww.yydevelopment.com\u002Fcoffee-break\u002F?plugin=comments-subscribe-checkbox\" rel=\"nofollow ugc\">buy us a coffee\u003C\u002Fa>. Studies show that coffee helps with creating WordPress plugins.\u003C\u002Fp>\n","This plugin will allow you to add subscribe notification checkbox to comments on your site.",4660,98,8,"2025-12-10T03:51:00.000Z","6.9.4","5.0","5.2.4",[97,98,99,100,101],"comments-checkbox","comments-subscribe","notification-subscription","subscribe-email","subscribe-to-comments","https:\u002F\u002Fwww.yydevelopment.com\u002Fyydevelopment-wordpress-plugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomments-subscribe-checkbox.1.2.6.zip",{"slug":105,"name":106,"version":6,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":69,"downloaded":111,"rating":27,"num_ratings":27,"last_updated":112,"tested_up_to":113,"requires_at_least":114,"requires_php":18,"tags":115,"homepage":118,"download_link":119,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"no-comment","No Comment","oiler","https:\u002F\u002Fprofiles.wordpress.org\u002Foiler\u002F","\u003Cp>If you have a large number of blog administrators – or at least more than one – WordPress doesn’t allow each user to manage whether or not they wish to receive email notification of comments in moderation.\u003C\u002Fp>\n\u003Cp>So all this plugin does is take the function that is written to send out those notifications, and filter out the blog’s main administrator email address before sending.\u003C\u002Fp>\n\u003Cp>If you want to add a different email to the filter, it’s not that hard but it’s not yet written in natively.\u003C\u002Fp>\n\u003Cp>Why would you ever use this? I wrote this for the NY Times Regional Media group because we have what seems like thousands of blogs and we’re the admin for each and every one. There are admins at the newspapers that do need the notifications, however, so I wrote this in order to stop the flow of emails (appx 300 per day!) coming to just our admin address.\u003C\u002Fp>\n","No Comment is a simple way to remove email notification for just one person out of your list of blog administrators.",7854,"2011-08-11T14:24:00.000Z","3.2.1","2.0",[21,116,117],"email-notification","moderation","http:\u002F\u002Foiler2.wordpress.com\u002F2011\u002F08\u002F10\u002Fwordpress-plugin-end-comment-email-notifications\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fno-comment.zip",{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":69,"downloaded":128,"rating":129,"num_ratings":130,"last_updated":131,"tested_up_to":132,"requires_at_least":133,"requires_php":134,"tags":135,"homepage":137,"download_link":138,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":58},"simple-comment-notification","Simple Comment Notification","1.2.4","Beherit","https:\u002F\u002Fprofiles.wordpress.org\u002Fbeherit\u002F","\u003Cp>Sends an simply email notification to the comment author, when someone replies to his comment. No configuration, support WordPress translation process.\u003C\u002Fp>\n","Sends an simply email notification to the comment author, when someone replies to his comment.",6432,74,3,"2020-04-08T08:41:00.000Z","5.4.19","4.6","7.0",[54,136,21,22,23],"comment","https:\u002F\u002Fbeherit.pl\u002Fen\u002Fwordpress\u002Fsimple-comment-notification\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-comment-notification.1.2.4.zip",{"attackSurface":140,"codeSignals":169,"taintFlows":190,"riskAssessment":270,"analyzedAt":283},{"hooks":141,"ajaxHandlers":165,"restRoutes":166,"shortcodes":167,"cronEvents":168,"entryPointCount":27,"unprotectedCount":27},[142,148,153,157,161],{"type":143,"name":144,"callback":145,"file":146,"line":147},"action","admin_menu","enocp_setting_menu","email-notification-on-comment-approval.php",36,{"type":149,"name":150,"callback":151,"file":146,"line":152},"filter","wp_mail_content_type","anonymous",157,{"type":143,"name":154,"callback":155,"priority":11,"file":146,"line":156},"transition_comment_status","approve_comment_callback",168,{"type":149,"name":158,"callback":159,"file":146,"line":160},"comment_form_default_fields","enocp_custom_fields",171,{"type":143,"name":162,"callback":163,"file":146,"line":164},"comment_post","enocp_save_comment_meta_data",180,[],[],[],[],{"dangerousFunctions":170,"sqlUsage":174,"outputEscaping":176,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":189},[171],{"fn":172,"file":146,"line":152,"context":173},"create_function","add_filter('wp_mail_content_type',create_function('', 'return \"text\u002Fhtml\";'));",{"prepared":27,"raw":27,"locations":175},[],{"escaped":27,"rawEcho":177,"locations":178},5,[179,181,183,185,187],{"file":146,"line":69,"context":180},"raw output",{"file":146,"line":182,"context":180},109,{"file":146,"line":184,"context":180},113,{"file":146,"line":186,"context":180},117,{"file":146,"line":188,"context":180},121,[],[191,246],{"entryPoint":192,"graph":193,"unsanitizedCount":244,"severity":245},"enocp_setting_fn (email-notification-on-comment-approval.php:39)",{"nodes":194,"edges":236},[195,199,204,208,210,214,216,220,222,226,228,232],{"id":196,"type":197,"label":198,"file":146,"line":129},"n0","source","$_POST['enocp_from']",{"id":200,"type":201,"label":202,"file":146,"line":129,"wp_function":203},"n1","sink","update_option() [Settings Manipulation]","update_option",{"id":205,"type":197,"label":206,"file":146,"line":207},"n2","$_POST['enocp_cc']",75,{"id":209,"type":201,"label":202,"file":146,"line":207,"wp_function":203},"n3",{"id":211,"type":197,"label":212,"file":146,"line":213},"n4","$_POST['enocp_bcc']",76,{"id":215,"type":201,"label":202,"file":146,"line":213,"wp_function":203},"n5",{"id":217,"type":197,"label":218,"file":146,"line":219},"n6","$_POST['enocp_subject']",77,{"id":221,"type":201,"label":202,"file":146,"line":219,"wp_function":203},"n7",{"id":223,"type":197,"label":224,"file":146,"line":225},"n8","$_POST['enocp_email_content']",78,{"id":227,"type":201,"label":202,"file":146,"line":225,"wp_function":203},"n9",{"id":229,"type":197,"label":230,"file":146,"line":231},"n10","$_POST",61,{"id":233,"type":201,"label":234,"file":146,"line":69,"wp_function":235},"n11","echo() [XSS]","echo",[237,239,240,241,242,243],{"from":196,"to":200,"sanitized":238},false,{"from":205,"to":209,"sanitized":238},{"from":211,"to":215,"sanitized":238},{"from":217,"to":221,"sanitized":238},{"from":223,"to":227,"sanitized":238},{"from":229,"to":233,"sanitized":238},6,"medium",{"entryPoint":247,"graph":248,"unsanitizedCount":244,"severity":269},"\u003Cemail-notification-on-comment-approval> (email-notification-on-comment-approval.php:0)",{"nodes":249,"edges":262},[250,251,252,253,254,255,256,257,258,259,260,261],{"id":196,"type":197,"label":198,"file":146,"line":129},{"id":200,"type":201,"label":202,"file":146,"line":129,"wp_function":203},{"id":205,"type":197,"label":206,"file":146,"line":207},{"id":209,"type":201,"label":202,"file":146,"line":207,"wp_function":203},{"id":211,"type":197,"label":212,"file":146,"line":213},{"id":215,"type":201,"label":202,"file":146,"line":213,"wp_function":203},{"id":217,"type":197,"label":218,"file":146,"line":219},{"id":221,"type":201,"label":202,"file":146,"line":219,"wp_function":203},{"id":223,"type":197,"label":224,"file":146,"line":225},{"id":227,"type":201,"label":202,"file":146,"line":225,"wp_function":203},{"id":229,"type":197,"label":230,"file":146,"line":231},{"id":233,"type":201,"label":234,"file":146,"line":69,"wp_function":235},[263,264,265,266,267,268],{"from":196,"to":200,"sanitized":238},{"from":205,"to":209,"sanitized":238},{"from":211,"to":215,"sanitized":238},{"from":217,"to":221,"sanitized":238},{"from":223,"to":227,"sanitized":238},{"from":229,"to":233,"sanitized":238},"low",{"summary":271,"deductions":272},"The security posture of the \"email-notification-on-comment-approval\" plugin v0.1 shows a mixed bag of good practices and significant concerns. On the positive side, there are no registered CVEs, no external HTTP requests, and all SQL queries utilize prepared statements, which are excellent indicators of security awareness. The absence of a broad attack surface with no AJAX handlers, REST API routes, shortcodes, or cron events is also a strength. However, the code analysis reveals critical weaknesses. The presence of the `create_function` is a major concern as it's deprecated and can lead to serious security vulnerabilities if not handled with extreme care, potentially allowing for code injection. Furthermore, a staggering 100% of the outputs are not properly escaped, presenting a high risk of Cross-Site Scripting (XSS) vulnerabilities. The taint analysis indicating unsanitized paths, even without critical or high severity flags, warrants attention as it suggests potential for unintended data handling.\n\nWhile the plugin boasts a clean vulnerability history, this could be due to its limited complexity or lack of extensive review. The current findings, particularly the unescaped outputs and the use of `create_function`, represent immediate and significant risks. The lack of capability checks and nonce checks, combined with the unescaped outputs, makes the plugin highly susceptible to XSS attacks, especially if any of its entry points were ever to become exposed. The overall conclusion is that while the plugin avoids common pitfalls like unpatched CVEs and raw SQL, its internal code quality regarding output sanitization and the use of dangerous functions poses substantial risks that need to be addressed.",[273,275,277,279,281],{"reason":274,"points":49},"Unescaped output (100%)",{"reason":276,"points":11},"Dangerous function: create_function",{"reason":278,"points":177},"Taint analysis: unsanitized paths",{"reason":280,"points":177},"No capability checks",{"reason":282,"points":177},"No nonce checks","2026-04-16T11:54:06.289Z",{"wat":285,"direct":290},{"assetPaths":286,"generatorPatterns":287,"scriptPaths":288,"versionParams":289},[],[],[],[],{"cssClasses":291,"htmlComments":292,"htmlAttributes":293,"restEndpoints":307,"jsGlobals":308,"shortcodeOutput":309},[23],[],[294,295,296,297,298,299,300,301,302,303,304,305,306],"id=\"enocp_from\"","name=\"enocp_from\"","id=\"enocp_cc\"","name=\"enocp_cc\"","id=\"enocp_bcc\"","name=\"enocp_bcc\"","id=\"enocp_subject\"","name=\"enocp_subject\"","id=\"enocp_email_content\"","name=\"enocp_email_content\"","name=\"allow_notification\"","id=\"allow_notification\"","name=\"submit\"",[],[],[],{"error":311,"url":312,"statusCode":313,"statusMessage":314,"message":314},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Femail-notification-on-comment-approval\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":27,"versions":316},[]]