Does Lazy Disqus have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Lazy Disqus compatible with WordPress 4.1.0?

According to WordPress.org data, Lazy Disqus 1.0.0 has been tested up to WordPress 4.1.0. Check the plugin's changelog for the latest compatibility information.

How often is Lazy Disqus updated?

Lazy Disqus was last updated on Dec 16, 2014. Frequent updates are generally a positive security signal.

What is Lazy Disqus's security score?

Lazy Disqus has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Lazy Disqus Security & Risk Analysis

wordpress.org/plugins/lazy-disqus

Lazy load Disqus comments, Max speed!

10 active installs v1.0.0 PHP + WP 3.6.0+ Updated Dec 16, 2014

commentcommentsdisqusdisqus-lazy-loadlazy-load

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Lazy Disqus Safe to Use in 2026?

Generally Safe

Score 85/100

Lazy Disqus has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The lazy-disqus plugin v1.0.0 demonstrates a strong security posture based on the provided static analysis. The absence of identified AJAX handlers, REST API routes, shortcodes, and cron events suggests a minimal attack surface, which is further reinforced by the lack of any observed taint flows or dangerous functions. The plugin also utilizes prepared statements for all its SQL queries and includes a nonce check and a capability check, indicating good practice in preventing common vulnerabilities. The vulnerability history is clean, with no recorded CVEs, which is a positive indicator of the plugin's security over time. However, a significant concern arises from the output escaping. With 46% of outputs not properly escaped, there is a potential risk of Cross-Site Scripting (XSS) vulnerabilities, especially if user-supplied data is ever processed and displayed without adequate sanitization. This is the primary area requiring attention despite the otherwise positive security indicators.

Key Concerns

Insufficient output escaping (46%)

Vulnerabilities

None known

Lazy Disqus Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Lazy Disqus Release Timeline

v1.0.0Current

Code Analysis

Analyzed Mar 17, 2026

Lazy Disqus Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

18 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

46% escaped39 total outputs

Attack Surface

Lazy Disqus Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 15

filterlazy_disqus_settings_sanitize_textadmin\settings\class-lazy-disqus-sanitization-helper.php:43

filterlazy_disqus_settings_sanitize_emailadmin\settings\class-lazy-disqus-sanitization-helper.php:44

filterlazy_disqus_settings_sanitize_checkboxadmin\settings\class-lazy-disqus-sanitization-helper.php:45

filterlazy_disqus_settings_sanitize_urladmin\settings\class-lazy-disqus-sanitization-helper.php:46

actionplugins_loadedincludes\class-lazy-disqus.php:137

actionadmin_initincludes\class-lazy-disqus.php:152

actionadmin_enqueue_scriptsincludes\class-lazy-disqus.php:156

actionadmin_enqueue_scriptsincludes\class-lazy-disqus.php:157

actionadmin_noticesincludes\class-lazy-disqus.php:160

actionadmin_menuincludes\class-lazy-disqus.php:163

actionadmin_initincludes\class-lazy-disqus.php:173

actionload-toplevel_page_lazy-disqusincludes\class-lazy-disqus.php:177

actionload-toplevel_page_lazy-disqusincludes\class-lazy-disqus.php:180

actioninitincludes\class-lazy-disqus.php:193

filtercomments_templateincludes\class-lazy-disqus.php:197

Maintenance & Trust

Lazy Disqus Maintenance & Trust

Maintenance Signals

WordPress version tested4.1.0

Last updatedDec 16, 2014

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Lazy Disqus Alternatives

Disqus Comment System

disqus-comment-system

Disqus is the web's most popular comment system. Use Disqus to increase engagement, retain readers, and grow your audience.

40K 5 CVEs

Disqus Conditional Load

disqus-conditional-load

100

Use Disqus comments with advanced features like lazy load, shortcode, widgets etc. Don't let Disqus to slow your site down.

3K 1 CVE

Ajaxify Comments – Ajax and Lazy Loading Comments

wp-ajaxify-comments

100

Ajaxify Comments speeds up your comment section, allowing for lazy loading comments, instant comment posting, and seamless success and error messages.

3K No CVEs

Lazy Load for Comments

lazy-load-for-comments

100

Lazy load default WordPress commenting system on scroll or click. Improve page speed.

2K No CVEs

Social Comments by Heateor

heateor-social-comments

100

Integrate Facebook Comments, Vkontakte Comments and/or Disqus Comments along with default comment form at your website

700 1 CVE

Developer Profile

Lazy Disqus Developer Profile

Tang Rufus

4 plugins · 130 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Lazy Disqus

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/lazy-disqus/admin/css/lazy-disqus-admin.css

Version Parameters

lazy-disqus-admin.css?ver=

HTML / DOM Fingerprints

CSS Classes

nav-tab-activemetabox-holdercolumns-2postbox-container

Data Attributes

data-tab

FAQ