Does Export Comment Authors have any unpatched vulnerabilities?

No. All known vulnerabilities in Export Comment Authors have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Export Comment Authors compatible with WordPress 3.0.5?

According to WordPress.org data, Export Comment Authors 1.3 has been tested up to WordPress 3.0.5. Check the plugin's changelog for the latest compatibility information.

How often is Export Comment Authors updated?

Export Comment Authors was last updated on Nov 29, 2010. Frequent updates are generally a positive security signal.

What is Export Comment Authors's security score?

Export Comment Authors has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Export Comment Authors Security & Risk Analysis

wordpress.org/plugins/export-comment-authors

Export Comment Authors lets you extract the Names, Email Addresses and more of your Comment Authors into a CSV file.

10 active installs v1.3 PHP + WP 2.8.0+ Updated Nov 29, 2010

adminauthorscommentscsvexport

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Export Comment Authors Safe to Use in 2026?

Generally Safe

Score 85/100

Export Comment Authors has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 15yr ago

Risk Assessment

The "export-comment-authors" v1.3 plugin exhibits a mixed security posture. While it boasts a completely clean vulnerability history with no known CVEs, its static analysis reveals significant areas for concern. The absence of any reported vulnerabilities in its history could indicate a history of good development practices or simply a lack of public scrutiny. However, the code analysis itself presents potential risks. The fact that 75% of its SQL queries are not using prepared statements is a major red flag, leaving the plugin susceptible to SQL injection vulnerabilities. Furthermore, a concerning 79% of output is not properly escaped, which opens the door to cross-site scripting (XSS) attacks.

The taint analysis is particularly alarming, showing two flows with unsanitized paths, both classified with high severity. This suggests that user-supplied data is being processed in a way that could lead to security compromises. The lack of any nonce or capability checks, combined with the absence of file operations or external HTTP requests, limits the immediate attack surface in those specific areas, but doesn't mitigate the inherent risks within the data handling processes.

Key Concerns

SQL queries not using prepared statements
High severity unsanitized taint flows
Output not properly escaped
Missing nonce checks
Missing capability checks

Vulnerabilities

None known

Export Comment Authors Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Export Comment Authors Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

3 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

25% prepared4 total queries

Output Escaping

21% escaped14 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

bjl_cexport_admin (export-comment-authors.php:22)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Export Comment Authors Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 3

actionadmin_menuexport-comment-authors.php:11

actionmanage_comments_navexport-comment-authors.php:12

actionadmin_headexport-comment-authors.php:13

Maintenance & Trust

Export Comment Authors Maintenance & Trust

Maintenance Signals

WordPress version tested3.0.5

Last updatedNov 29, 2010

PHP min version

Downloads11K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Export Comment Authors Alternatives

Commenter Data

commenter-data

Exports commenter's data in csv format for individual post.

30 No CVEs

All Page URLs

all-page-urls

100

Displays a list of all published post, page, and WooCommerce product URLs in your admin dashboard.

20 No CVEs

WP All Export – Drag & Drop Export to Any Custom CSV, XML & Excel

wp-all-export

Easily export data from any post type, custom field, or taxonomy to a CSV, XML, or Excel file of any custom format. Supports WooCommerce products, ord …

100K 7 CVEs

Product Import Export for WooCommerce – Import Export Product CSV Suite

product-import-export-for-woo

Easily import/export WooCommerce products (simple, grouped, external/affiliate) via CSV. Transfer product data, including images, reviews, categories, …

90K 7 CVEs

Import and export users and customers

import-users-from-csv-with-meta

Import and export users and customers including user meta, roles, and other. Compatible with many plugins. Do it from the front end or using cron.

80K 20 CVEs

Developer Profile

Export Comment Authors Developer Profile

bjplink

2 plugins · 20 total installs

trust score

Avg Security Score

93/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Export Comment Authors

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/export-comment-authors/images/comment-grey-bubble.png

HTML / DOM Fingerprints

CSS Classes

bjl_cexport-filterbjl_shameless_plugs

Data Attributes

name="bjl_cexport_post"value="bjl_cexport_post"name="bjl_cexport"value="true"

FAQ