[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f_9nC3l2397CFpVmv-QSXSZaDholWl2h5dAMzncURP9U":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":35,"analysis":130,"fingerprints":194},"import-vk-comments","Import Vk Comments","1.0.0","denandteam","https:\u002F\u002Fprofiles.wordpress.org\u002Fdenandteam\u002F","\u003Cp>Плагин создан для тех, кто планирует перенести свои комментарии из виджета от соцсети Вконтакте в базу данных сайта WordPress.\u003C\u002Fp>\n\u003Cp>Для импорта понадобится сервисный ключ доступа и ID виджета комментариев. Подробнее о их получении будет описано на главной странице плагина.\u003C\u002Fp>\n\u003Cp>На данный момент комментарии можно получить только к типу постов “Записи”. После импорта они появятся во вкладке “Ожидающие модерации”.\u003C\u002Fp>\n\u003Ch4>Отладка\u003C\u002Fh4>\n\u003Cp>Так как получение комментариев идет с задержками, что-то может пойти не так, к примеру со стороны VK API. Необходим доступ сайта к серверам Вконтакте.\u003C\u002Fp>\n\u003Cp>В Console.log передаются подробные сведения о состоянии задач.\u003C\u002Fp>\n","Плагин импортирует комментарии из виджета комментариев ВК в WordPress.",20,1738,0,"2020-12-23T12:01:00.000Z","5.6.17","5.0.1","7.1",[19,20,21,22,23],"comments","vk","vk-com","vkontakte","widget","https:\u002F\u002Fgithub.com\u002Fdenand-team\u002Fimport-vk-comments","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fimport-vk-comments.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},1,30,84,"2026-04-04T17:27:45.018Z",[36,62,81,99,113],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":58,"download_link":59,"security_score":60,"vuln_count":31,"unpatched_count":13,"last_vuln_date":61,"fetched_at":28},"heateor-social-comments","Social Comments by Heateor","1.6.3","Heateor Support","https:\u002F\u002Fprofiles.wordpress.org\u002Fheateor\u002F","\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong>\u003Cbr \u002F>\nIf you want to integrate only Facebook Comments, you should install \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffancy-facebook-comments\u002F\" rel=\"ugc\">Fancy Comments\u003C\u002Fa> instead.\u003C\u002Fp>\n\u003Cp>This plugin allows you to transform the commenting system of your website. You can enable Facebook Comments, Disqus Comments and\u002For default WordPress comments simultaneously. You have full control over which of these four commenting systems you want to enable. You can choose between stacked and tabbed interface with re-ordering of the comments.\u003C\u002Fp>\n\u003Ch4>Features:\u003C\u002Fh4>\n\u003Col>\n\u003Cli>GDPR Compliant\u003C\u002Fli>\n\u003Cli>Compatible with Gutenberg editor\u003C\u002Fli>\n\u003Cli>Integrate \u003Cstrong>Facebook Comments\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Integrate \u003Cstrong>Vkontakte Comments\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Integrate \u003Cstrong>Disqus Comments\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Choose between \u003Cstrong>Tabbed and Stacked layouts\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Rearrange order\u003C\u002Fstrong> of enabled commenting systems\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customize labels\u003C\u002Fstrong> for individual comment system as well as combined comment system\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Show\u002FHide comment counts\u003C\u002Fstrong> for individual comment system\u003C\u002Fli>\n\u003Cli>Options to \u003Cstrong>enable Social Commenting on default post types (posts, pages) as well as custom post types\u003C\u002Fstrong> which support comments\u003C\u002Fli>\n\u003Cli>Enable \u003Cstrong>Social Comments with\u002Fwithout default comments system\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable behavior for individual comment system\u003C\u002Fstrong>, like – Target Url, language, width of commenting interface, label etc. \u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>What makes this plugin different and why should I choose this plugin when there are many other similar plugins?\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\u003Cstrong>Totally free\u003C\u002Fstrong>. You don’t need to pay single penny to use this plugin.\u003C\u002Fli>\n\u003Cli>Plugin configuration is kept \u003Cstrong>dead simple\u003C\u002Fstrong>. You can configure it with help of an idiot 😉\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Plugin loads optimally\u003C\u002Fstrong> having minimum possible interference with overall loading of your website  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>No third party registration\u003C\u002Fstrong>. We won’t ask you to register at our website to use this plugin, neither will we ask your email.\u003C\u002Fli>\n\u003Cli>We promise to provide \u003Cstrong>best quality\u003C\u002Fstrong> among other similar plugins. If you find our plugin is lacking some feature, you can email us and we will do our best to include that feature in our plugin as soon as possible.\u003C\u002Fli>\n\u003Cli>Our \u003Cstrong>support team is working 24\u002F7\u003C\u002Fstrong> to answer your queries and assist you. You will find us the quickest to assist you among others.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Benefits of Social Comments\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Virality\u003C\u002Fstrong>: When people comment at your blog using their Facebook, Disqus accounts, the comment not only shows up at your blog, but it also appears in their news feed. This puts your blog in front of new audience which further adds to the likelihood of you getting a new returning visitor.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Higher Conversations\u003C\u002Fstrong>: When you know the person commenting on something, it’s more likely that you will also type out your ideas there, unlike the situation when you don’t know the person involved in the conversation.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Credibility\u003C\u002Fstrong>: In traditional comment form, anyone can put any fake name (Bruce Wayne ….. ;)) to comment on your blog. If the same comment is from the original Facebook account of the person who is commenting, you can give credibility to this user and also the people will automatically trust it.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>No Spam\u003C\u002Fstrong>: You can get rid off the spammers and users, commenting using their fake accounts.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Works for the lazy\u003C\u002Fstrong>: Most people are nowadays lazy. To get these people commenting on your blog, it will just require them to login to their Facebook account (which almost everyone does after powering ON computer).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Important links\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.heateor.com\u002Fheateor-social-comments#live_demo\" rel=\"nofollow ugc\">Plugin Demo\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fsupport.heateor.com\" rel=\"nofollow ugc\">Support Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.heateor.com\" rel=\"nofollow ugc\">About Us\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fheateor\" rel=\"nofollow ugc\">Our Facebook Page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplus.google.com\u002F+Heateor\" rel=\"nofollow ugc\">Our GooglePlus Page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fheateor\" rel=\"nofollow ugc\">Our Twitter Page\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can send your feedback or\u002Fand testimonial at hello[at]heateor[dot]com\u003C\u002Fp>\n","Integrate Facebook Comments, Vkontakte Comments and\u002For Disqus Comments along with default comment form at your website",800,77227,96,24,"2025-09-12T10:50:00.000Z","6.8.5","2.5.0","",[53,54,55,56,57],"disqus-comments","facebook-comments","google-comments","vkontakte-commenting","vkontakte-comments","https:\u002F\u002Fwww.heateor.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fheateor-social-comments.1.6.3.zip",100,"2023-01-20 00:00:00",{"slug":22,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":71,"num_ratings":72,"last_updated":73,"tested_up_to":74,"requires_at_least":75,"requires_php":76,"tags":77,"homepage":51,"download_link":80,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"VKontakte","3.2.0","Yaroslav Bogutsky","https:\u002F\u002Fprofiles.wordpress.org\u002Fyaryj\u002F","\u003Cp>The plugin adds a wide range of VKontakte functionality to your site.\u003Cbr \u002F>\nThe following feature are currently supported:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>comments\u003C\u002Fli>\n\u003Cli>like button\u003C\u002Fli>\n\u003Cli>share button\u003C\u002Fli>\n\u003Cli>group widget\u003C\u002Fli>\n\u003Cli>poll widget\u003C\u002Fli>\n\u003Cli>recommendations widget\u003C\u002Fli>\n\u003C\u002Ful>\n","The plugin adds a wide range of VKontakte functionality to your site.",300,23832,68,5,"2022-04-03T10:37:00.000Z","5.9.13","4.6","5.3",[19,78,79,20,22],"%d0%b2%d0%ba%d0%be%d0%bd%d1%82%d0%b0%d0%ba%d1%82%d0%b5","social","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvkontakte.3.2.0.zip",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":32,"downloaded":89,"rating":60,"num_ratings":31,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":51,"tags":93,"homepage":97,"download_link":98,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"bologer-vk-comments","Bologer VK Comments","0.0.21","Alexander","https:\u002F\u002Fprofiles.wordpress.org\u002Fateshabaev\u002F","\u003Cp>Bologer VK Comments adds comment widget from VK.com for posts and pages, with possibility to have it together with native WordPress comments or override them completely.\u003Cbr \u002F>\nIn together with customization options.\u003C\u002Fp>\n\u003Cp>Major features in Bologer VK Comments include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Completely override native WordPress comments\u003C\u002Fli>\n\u003Cli>Set VK widget together with native WordPress comments. Set position of VK widget (over, under or below the header of the native comments)\u003C\u002Fli>\n\u003Cli>Copy code from VK.com and paste into special field to auto fill most of the settings in widget\u003C\u002Fli>\n\u003Cli>Fully customized settings of the widget directly from admin panel\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Todo\u003C\u002Fh3>\n\u003Ch4>0.0.3\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Option: duplicate comments from VK widget to native WordPress comments\u003C\u002Fli>\n\u003Cli>Option: load comments only when user scrolled to the comments section\u003C\u002Fli>\n\u003Cli>reorganize structure of the widget (add tabs and more description for options) to make it easily customizable\u003C\u002Fli>\n\u003Cli>Option: see number of comments for each post in the list of posts in the admin panel\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.0.2\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Option: set custom space between header and widget when “Override” option is active\u003C\u002Fli>\n\u003Cli>Option: set custom space before and after VK widget\u003C\u002Fli>\n\u003Cli>Option: set custom header type, when “Override” option is active, as some of the themes use different type of \u003Ccode>h\u003C\u002Fcode> tag\u003C\u002Fli>\n\u003C\u002Ful>\n","Bologer VK Comments adds comment widget from VK.com for posts and pages with custom settings.",1980,"2018-02-27T20:28:00.000Z","4.9.29","3.7",[94,19,20,95,96],"bologer","vk-comments","vkcom","http:\u002F\u002Fbologer.ru","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbologer-vk-comments.zip",{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":107,"downloaded":108,"rating":13,"num_ratings":13,"last_updated":109,"tested_up_to":110,"requires_at_least":51,"requires_php":51,"tags":111,"homepage":51,"download_link":112,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"last-comments-vk-widget","Last comments VK widget","1.3","Somonator","https:\u002F\u002Fprofiles.wordpress.org\u002Fsomonator\u002F","\u003Cp>Widget last comments VK\u003C\u002Fp>\n","Widget last comments VK",10,1951,"2019-10-19T08:52:00.000Z","5.2.24",[19,20,23],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flast-comments-vk-widget.zip",{"slug":114,"name":115,"version":116,"author":117,"author_profile":118,"description":119,"short_description":120,"active_installs":107,"downloaded":121,"rating":60,"num_ratings":31,"last_updated":51,"tested_up_to":122,"requires_at_least":123,"requires_php":51,"tags":124,"homepage":127,"download_link":128,"security_score":60,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":129},"social-features-for-wp","Social Monster","1.0.10","bogdan_nazar","https:\u002F\u002Fprofiles.wordpress.org\u002Fbogdan_nazar\u002F","\u003Cp>This plugin adds some social functionality to WordPress. Such as FB comments, VK comments, share buttons etc.\u003Cbr \u002F>\nThe main capabilities of this plugin is listed below:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Internal share buttons (G+,FB,VK,Twitter,Delicious,Pinterest,LinkedIn and more) with ability to select preffered ones.\u003C\u002Fli>\n\u003Cli>The tools for ordering internal social buttons.\u003C\u002Fli>\n\u003Cli>The tools for “ShareThis” buttons embedding. Instructions are present to get customized ShareThis data.\u003C\u002Fli>\n\u003Cli>Facebook and Vkontakte comment widgets.\u003C\u002Fli>\n\u003Cli>Option to order them.\u003C\u002Fli>\n\u003Cli>Option to switch on\u002Foff each of widgets including WP internal comments.\u003C\u002Fli>\n\u003Cli>Default language is set to English.\u003C\u002Fli>\n\u003Cli>Already translated for russian users.\u003C\u002Fli>\n\u003Cli>And more other options to cusomize data and view of comment widgets.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This list of available features will grow in the future releases.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>Plugin is free for any use. Don’t delete the authorship note if you’ll going to modify source code under the your needs.\u003C\u002Fp>\n","This plugin adds some social functionality to Wordpress. Such as FB comments, VK comments, share buttons etc.",2967,"4.5.33","3.2.1",[19,125,126,79,22],"facebook","share","http:\u002F\u002Fwww.bogdan-nazar.ru\u002Fwordpress\u002Fmy-plugins\u002Fsocial-monster","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsocial-features-for-wp.1.0.10.zip","2026-03-15T10:48:56.248Z",{"attackSurface":131,"codeSignals":169,"taintFlows":183,"riskAssessment":184,"analyzedAt":193},{"hooks":132,"ajaxHandlers":157,"restRoutes":165,"shortcodes":166,"cronEvents":167,"entryPointCount":168,"unprotectedCount":168},[133,138,142,147,150,152,155],{"type":134,"name":135,"callback":135,"file":136,"line":137},"action","admin_menu","admin\\class-import-vk-comments-admin.php",58,{"type":134,"name":139,"callback":140,"file":136,"line":141},"admin_init","import_vk_comments_settings",79,{"type":134,"name":143,"callback":144,"file":145,"line":146},"plugins_loaded","anonymous","includes\\class-import-vk-comments.php",142,{"type":134,"name":148,"callback":144,"file":145,"line":149},"admin_enqueue_scripts",157,{"type":134,"name":148,"callback":144,"file":145,"line":151},158,{"type":134,"name":153,"callback":144,"file":145,"line":154},"wp_enqueue_scripts",173,{"type":134,"name":153,"callback":144,"file":145,"line":156},174,[158,162],{"action":159,"nopriv":160,"callback":159,"hasNonce":160,"hasCapCheck":160,"file":136,"line":161},"get_pages",false,60,{"action":163,"nopriv":160,"callback":163,"hasNonce":160,"hasCapCheck":160,"file":136,"line":164},"get_comments",61,[],[],[],2,{"dangerousFunctions":170,"sqlUsage":171,"outputEscaping":173,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":182},[],{"prepared":13,"raw":13,"locations":172},[],{"escaped":174,"rawEcho":168,"locations":175},7,[176,180],{"file":177,"line":178,"context":179},"admin\\partials\\import-vk-comments-admin-display.php",26,"raw output",{"file":177,"line":181,"context":179},44,[],[],{"summary":185,"deductions":186},"The \"import-vk-comments\" v1.0.0 plugin exhibits a mixed security posture. On the positive side, it has no known vulnerabilities (CVEs) and does not engage in dangerous function calls, file operations, or external HTTP requests. The absence of bundled libraries and the use of prepared statements for SQL queries are also good security practices. However, significant concerns arise from the attack surface analysis.  The plugin exposes two AJAX handlers, both of which lack authentication checks, creating a direct pathway for unauthenticated attackers to interact with the plugin's functionality. Furthermore, there are no nonce checks implemented, which is a standard WordPress security measure to prevent CSRF attacks.  While the taint analysis shows no immediate critical or high-severity issues, the lack of proper authentication on AJAX endpoints means that any sensitive operations performed by these handlers are inherently vulnerable to exploitation.\n\nThe vulnerability history is clean, which is a positive indicator, suggesting that the plugin developers have either been diligent or lucky. However, this does not mitigate the current risks identified in the code. The primary weakness lies in the unprotected AJAX endpoints, which represent a significant risk given the lack of any authorization or CSRF protection. Despite the lack of historical vulnerabilities, the current static analysis findings point to an urgent need for security improvements, particularly concerning access control for its entry points.",[187,189,191],{"reason":188,"points":107},"AJAX handlers without auth checks",{"reason":190,"points":174},"AJAX handlers without nonce checks",{"reason":192,"points":72},"Insufficient output escaping","2026-03-16T23:08:09.515Z",{"wat":195,"direct":208},{"assetPaths":196,"generatorPatterns":200,"scriptPaths":201,"versionParams":204},[197,198,199],"\u002Fwp-content\u002Fplugins\u002Fimport-vk-comments\u002Fcss\u002Fimport-vk-comments-admin.css","\u002Fwp-content\u002Fplugins\u002Fimport-vk-comments\u002Fjs\u002Fimport-vk-comments-admin.js","\u002Fwp-content\u002Fplugins\u002Fimport-vk-comments\u002Fjs\u002Floading-bar.js",[],[202,203],"wp-content\u002Fplugins\u002Fimport-vk-comments\u002Fjs\u002Fimport-vk-comments-admin.js","wp-content\u002Fplugins\u002Fimport-vk-comments\u002Fjs\u002Floading-bar.js",[205,206,207],"import-vk-comments\u002Fcss\u002Fimport-vk-comments-admin.css?ver=","import-vk-comments\u002Fjs\u002Fimport-vk-comments-admin.js?ver=","import-vk-comments\u002Fjs\u002Floading-bar.js?ver=",{"cssClasses":209,"htmlComments":210,"htmlAttributes":212,"restEndpoints":214,"jsGlobals":216,"shortcodeOutput":218},[],[211],"\u003C!-- Admin page for Import Vk Comments -->",[213],"data-plugin-name=\"import-vk-comments\"",[215],"\u002Fwp-json\u002Fimport-vk-comments\u002Fv1\u002Fsettings",[140,217],"ImportVkComments",[]]