[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fTIJImDfxo4H8zoSIu7AF388P8onW16DN5B35EDTKcAA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":38,"analysis":136,"fingerprints":411},"mycommentauthors","MyCommentAuthors","2.0","emuki","https:\u002F\u002Fprofiles.wordpress.org\u002Femuki\u002F","\u003Cp>Generate a list of your comment authors for a given month of the year. Then create a blog post to thank them for commenting on your blog.\u003C\u002Fp>\n\u003Cp>This is a great way to attract more repeat visit to your blog. By publishing a list of your commentators, you make them feel welcome and encouraged\u003C\u002Fp>\n\u003Cp>For those who are more active, you may want to give them a dofollow link on the list by setting a certain number of comments that will be required for the dofollow link to be enabled.\u003C\u002Fp>\n\u003Ch4>Get more help\u003C\u002Fh4>\n\u003Cp>See more on \u003Ca href=\"http:\u002F\u002Fenstinemuki.com\u002Fmy-comment-authors\" rel=\"nofollow ugc\">this plugin blog post here\u003C\u002Fa> and leave your feeback\u003C\u002Fp>\n","Publish a list of your commentators and their number of comments for a certain month on a blog post",10,2385,100,4,"2020-02-01T09:44:00.000Z","5.3.21","3.0","",[20,21,22,23,24],"comment","comment-authors","comment-plugin","commentators","list-of-commentators","http:\u002F\u002Fenstinemuki.com\u002Fmy-comment-authors","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmycommentauthors.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":27,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},2,20,30,84,"2026-04-04T19:01:57.911Z",[39,61,78,96,112],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":35,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":58,"download_link":59,"security_score":60,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"graphcomment-comment-system","GraphComment Comment system","4.0.3","graphcomment","https:\u002F\u002Fprofiles.wordpress.org\u002Fgraphcomment\u002F","\u003Ch4>Transform Your Comment Section with GraphComment\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.graphcomment.com\u002Fen\u002Fproducts\u002Fgraphcomment\u002Ffeatures\" rel=\"nofollow ugc\">GraphComment\u003C\u002Fa> is a powerful and free comment plugin designed to enhance user engagement and foster meaningful discussions on your WordPress site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why Choose GraphComment?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Live Discussions:\u003C\u002Fstrong> Keep conversations dynamic with real-time commenting.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Guest Commenting:\u003C\u002Fstrong> Increase participation by allowing comments without registration.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Social Login:\u003C\u002Fstrong> Simplify the login process with popular social media platforms.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Interactive Media Embedding:\u003C\u002Fstrong> Enrich discussions with images, videos, and more.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-Time Notifications:\u003C\u002Fstrong> Stay updated with instant alerts for new comments and replies.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Moderation Tools:\u003C\u002Fstrong> Maintain a healthy community with smart moderation features.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SEO-Friendly:\u003C\u002Fstrong> Improve your site’s visibility with indexable comments and structured data.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Responsive Design:\u003C\u002Fstrong> Offer a seamless experience across all devices.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Ownership:\u003C\u002Fstrong> Retain full ownership of your comment data, with easy export options.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress Integration:\u003C\u002Fstrong> Sync comments with your WordPress database effortlessly.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>User-Friendly Interface\u003C\u002Fli>\n\u003Cli>Customizable Appearance\u003C\u002Fli>\n\u003Cli>Multi-Language Support (English, Français, Deutsch, 中文, Español, Português, Italiano, فارسی, Čeština, עברית, русский, Tiếng Việt, العربية, Українська, Bahasa Indonesia, Türkçe, Magyar, Català, Svenska, Polski, Norsk Bokmål)\u003C\u002Fli>\n\u003Cli>Spam Protection\u003C\u002Fli>\n\u003Cli>Analytics and Community Management Tools\u003C\u002Fli>\n\u003Cli>Compatible with PHP 8.0 and WooCommerce\u003C\u002Fli>\n\u003Cli>Light\u002FDark Theme Appearance\u003C\u002Fli>\n\u003Cli>Graphical Themes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Upgrade to Premium for More:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Unlock advanced features like:\u003Cbr \u002F>\n* Editorialize & Pin Best Discussions\u003Cbr \u002F>\n* Live PUSH Discussions Mode\u003Cbr \u002F>\n* Keyword alerts\u003Cbr \u002F>\n* Limited right to comment\u003Cbr \u002F>\n* SSO connection (via your user base) WP compatible\u003Cbr \u002F>\n* Customization (Logo, brand, sender, ban emails)\u003Cbr \u002F>\n* PUSH Notification Center\u003C\u002Fp>\n\u003Cp>See the full pricing and list of features \u003Ca href=\"https:\u002F\u002Fwww.graphcomment.com\u002Fen\u002Fproducts\u002Fgraphcomment\u002Fpricing\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F5DBX51LDSTE?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch4>Included GraphComment FREE plan features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Automatic Registration\u003C\u002Fli>\n\u003Cli>Crowd Discussion\u003C\u002Fli>\n\u003Cli>Quality Discussions\u003C\u002Fli>\n\u003Cli>Sliding Sidebar Panel\u003C\u002Fli>\n\u003Cli>Mobile Intégration\u003C\u002Fli>\n\u003Cli>Discussion Sharing\u003C\u002Fli>\n\u003Cli>Media embedding\u003C\u002Fli>\n\u003Cli>Text Formatting\u003C\u002Fli>\n\u003Cli>Badges and awards\u003C\u002Fli>\n\u003Cli>Activity Indicators\u003C\u002Fli>\n\u003Cli>Notification & Reply system\u003C\u002Fli>\n\u003Cli>Community Profiles\u003C\u002Fli>\n\u003Cli>Easy Installation\u003C\u002Fli>\n\u003Cli>Smart Moderation\u003C\u002Fli>\n\u003Cli>Advanced banning tools\u003C\u002Fli>\n\u003Cli>Filtering insults\u003C\u002Fli>\n\u003Cli>Counter Widget\u003C\u002Fli>\n\u003Cli>Top Widget (comments, articles)\u003C\u002Fli>\n\u003Cli>Customized validation of your T&Cs\u003C\u002Fli>\n\u003Cli>Customizable category label\u003C\u002Fli>\n\u003Cli>Easy Administration\u003C\u002Fli>\n\u003Cli>Analytics\u003C\u002Fli>\n\u003Cli>Community relationship management\u003C\u002Fli>\n\u003Cli>Spam Protection\u003C\u002Fli>\n\u003Cli>Import old comments\u003C\u002Fli>\n\u003Cli>WordPress full integration\u003C\u002Fli>\n\u003Cli>Light\u002Fdark theme appearance\u003C\u002Fli>\n\u003Cli>Graphical themes\u003C\u002Fli>\n\u003Cli>Multilingual (English (en), Français (fr), Deutsch (de), 中文 (zh), Español (es), Português (pt), Italiano (it), فارسی (fa), Čeština (cs), עברית (he), русский (ru), Tiếng việt (vi), العربية (ar), Українська (uk), Bahasa Indonesia (id), Türkçe (tr), Magyar (hu), Català (ca), Svenska (sv), Polski (pl), Norsk Bokmål (nb))\u003C\u002Fli>\n\u003Cli>Multi-moderators\u003C\u002Fli>\n\u003Cli>SEO Friendly\u003C\u002Fli>\n\u003Cli>Structured Data\u003C\u002Fli>\n\u003Cli>User Comments Legacy\u003C\u002Fli>\n\u003Cli>Data Access And Ownership\u003C\u002Fli>\n\u003Cli>Direct Links\u003C\u002Fli>\n\u003Cli>Fresh\u003C\u002Fli>\n\u003Cli>Enhance with-content\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Search our \u003Ca href=\"https:\u002F\u002Fsupport.graphcomment.com\u002Fhc\" rel=\"nofollow ugc\">Knowledge Base\u003C\u002Fa> for solutions to common troubleshooting questions\u003C\u002Fli>\n\u003Cli>Check out our support community, \u003Ca href=\"https:\u002F\u002Fsupport.graphcomment.com\u002Fhc\u002Ffr\u002Fcommunity\u002Ftopics\" rel=\"nofollow ugc\">Discuss GraphComment\u003C\u002Fa>, to see if your question has been answered\u003C\u002Fli>\n\u003Cli>Talk to our Support team at \u003Ca href=\"mailto:support@graphcomment.com\" rel=\"nofollow ugc\">support@graphcomment.com\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Transform your site's engagement with GraphComment—an advanced, interactive commenting system featuring live discussions and real-time notifications.",500,33034,94,"2025-01-08T11:56:00.000Z","6.6.5","3.4","5.3",[20,22,55,56,57],"comment-widget","comments","live-comment","http:\u002F\u002Fgraphcomment.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgraphcomment-comment-system.4.0.3.zip",92,{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":47,"downloaded":69,"rating":13,"num_ratings":33,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":18,"tags":73,"homepage":18,"download_link":77,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"phpsword-disable-comments","PhpSword Disable Comments","1.1","Pradnyankur Nikam","https:\u002F\u002Fprofiles.wordpress.org\u002Fphpsword\u002F","\u003Cp>PhpSword Disable Comments WordPress plugin lets you disable comments from your WordPress website. You can either turn off comments for specific post types or completely remove comments from the whole website. You can also disable trackbacks & pingbacks on WordPress posts.\u003C\u002Fp>\n\u003Ch4>PhpSword Disable Comments WordPress Plugin Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Very simple and easy to use.\u003C\u002Fli>\n\u003Cli>No complex menus or setting.\u003C\u002Fli>\n\u003Cli>Just select and save couple of options.\u003C\u002Fli>\n\u003Cli>Completely enable or disable the comments from your WordPress website.\u003C\u002Fli>\n\u003Cli>Turn off comment for specific post types.\u003C\u002Fli>\n\u003Cli>Disable trackbacks & pingbacks on the posts.\u003C\u002Fli>\n\u003Cli>Compatible with WordPress version 3.5 or more.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>More Information and Support\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>More \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fphpsword\u002F\" title=\"List of WordPress plugins by author Pradnyankur Nikam\" rel=\"nofollow ugc\">WordPress plugins by Pradnyankur Nikam\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Plugin support and help\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Read more and Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>If you like our comments plugin, please provide your valuable feedback and suggestion to improve the quality of the plugin.\u003C\u002Fli>\n\u003Cli>Feel free to test the plugin in different WordPress versions and vote in the Compatibility section. So that other users can check compatibility and download appropriate version.\u003C\u002Fli>\n\u003Cli>Share your experience by rating the plugin.\u003C\u002Fli>\n\u003Cli>Read about the plugin news, updates and more on our website.\u003C\u002Fli>\n\u003Cli>Do not hesitate to ask question, report bug\u002Ferror or anything related to our plugin on support section, author website or plugin website.\u003C\u002Fli>\n\u003C\u002Ful>\n","Disable Comments from your WordPress website.",6591,"2022-07-31T16:35:00.000Z","4.0.38","3.5",[22,56,74,75,76],"disable-comments","phpsword","wordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fphpsword-disable-comments.zip",{"slug":79,"name":80,"version":64,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":11,"downloaded":85,"rating":13,"num_ratings":33,"last_updated":18,"tested_up_to":86,"requires_at_least":87,"requires_php":18,"tags":88,"homepage":93,"download_link":94,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":95},"comments-leaderboard","Comments Leaderboard","kolakube","https:\u002F\u002Fprofiles.wordpress.org\u002Falexmangini\u002F","\u003Cp>The \u003Ca href=\"https:\u002F\u002Fkolakube.com\u002Fcomments-leaderboard\u002F\" rel=\"nofollow ugc\">The Comments Leaderboard\u003C\u002Fa> was carefully designed to add a new twist to rewarding the top commentators on your blog and create a more addicting comment experience for your readers.\u003C\u002Fp>\n\u003Cp>Each month, the 5 most active commenters throughout your blog will be listed and ranked from most comments posted to the least.\u003C\u002Fp>\n\u003Cp>…but simply ranking on the Leaderboard isn’t enough.\u003C\u002Fp>\n\u003Cp>The lower their rank, the less visible their name will appear on the Leaderboards beautiful color spectrum (tip: you can even set a custom color to match your theme).\u003C\u002Fp>\n\u003Cp>For their name and website link to get maximum exposure, they must outrank the competition by posting the most comments.\u003C\u002Fp>\n\u003Cp>The overall leader gets a medal next to their name at the top of the list for the highest amount of visibility and prestige throughout your community.\u003C\u002Fp>\n\u003Cp>But sadly, there is no comfort at the top.\u003C\u002Fp>\n\u003Cp>The total amount of comments each leader posted for the month is displayed next to their name, making it easy for other commenters to overtake the top spot.\u003C\u002Fp>\n\u003Cp>The Comments Leaderboard is the perfect way to reward your most engaging readers and fits perfectly in your blog’s sidebar. Simply drag the Widget into place, write a title and description text, pick a color and your blog is ready for some serious comment action.\u003C\u002Fp>\n\u003Cp>Just remember, keep your posts quality and you will attract quality comments.\u003C\u002Fp>\n\u003Cp>Let the games begin!\u003C\u002Fp>\n","Let the games begin! The Comments Leaderboard ranks your top commentators in a way that's sure to spark competition throughout your community.",3493,"4.8.28","3.8",[89,90,91,92],"comments-list","top-commentators","top-commenters","top-comments","https:\u002F\u002Fkolakube.com\u002Fcomments-leaderboard\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomments-leaderboard.zip","2026-03-15T14:44:11.924Z",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":11,"downloaded":104,"rating":28,"num_ratings":28,"last_updated":105,"tested_up_to":106,"requires_at_least":87,"requires_php":18,"tags":107,"homepage":110,"download_link":111,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"kento-top-commenters","Kento Top Commenters","1.0","PluginsPoint","https:\u002F\u002Fprofiles.wordpress.org\u002Fkentothemes\u002F","\u003Cp>Display top Commentators or contributer list by comment count.\u003C\u002Fp>\n\u003Cp>Plugin Features\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Three Diffrent Style.\u003C\u002Fli>\n\u003Cli>Add Anywhere via widgets.\u003C\u002Fli>\n\u003Cli>Comments Count.\u003C\u002Fli>\n\u003Cli>Unlimited Commentators List.\u003C\u002Fli>\n\u003C\u002Ful>\n","Top Commentators list By Count Comments",1726,"2015-06-09T05:33:00.000Z","4.2.39",[90,108,109],"top-commentators-widget","top-contributor","http:\u002F\u002Fkentothemes.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkento-top-commenters.zip",{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":120,"downloaded":121,"rating":49,"num_ratings":122,"last_updated":123,"tested_up_to":124,"requires_at_least":125,"requires_php":126,"tags":127,"homepage":132,"download_link":133,"security_score":134,"vuln_count":33,"unpatched_count":28,"last_vuln_date":135,"fetched_at":30},"akismet","Akismet Anti-spam: Spam Protection","5.6","Automattic","https:\u002F\u002Fprofiles.wordpress.org\u002Fautomattic\u002F","\u003Cp>The best anti-spam protection to block spam comments and spam in a contact form. The most trusted antispam solution for WordPress and WooCommerce.\u003C\u002Fp>\n\u003Cp>Akismet checks your comments and contact form submissions against our global database of spam to prevent your site from publishing malicious content. You can review the comment spam it catches on your blog’s “Comments” admin screen.\u003C\u002Fp>\n\u003Cp>Major features in Akismet include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatically checks all comments and filters out the ones that look like spam.\u003C\u002Fli>\n\u003Cli>Each comment has a status history, so you can easily see which comments were caught or cleared by Akismet and which were spammed or unspammed by a moderator.\u003C\u002Fli>\n\u003Cli>URLs are shown in the comment body to reveal hidden or misleading links.\u003C\u002Fli>\n\u003Cli>Moderators can see the number of approved comments for each user.\u003C\u002Fli>\n\u003Cli>A discard feature that outright blocks the worst spam, saving you disk space and speeding up your site.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>PS: You’ll be prompted to get an Akismet.com API key to use it, once activated. Keys are free for personal blogs; paid subscriptions are available for businesses and commercial sites.\u003C\u002Fp>\n","The best anti-spam protection to block spam comments and spam in a contact form. The most trusted antispam solution for WordPress and WooCommerce.",6000000,386405930,1173,"2025-11-12T16:31:00.000Z","6.9.4","5.8","7.2",[128,129,56,130,131],"anti-spam","antispam","contact-form","spam","https:\u002F\u002Fakismet.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fakismet.5.6.zip",99,"2015-10-13 00:00:00",{"attackSurface":137,"codeSignals":161,"taintFlows":281,"riskAssessment":395,"analyzedAt":410},{"hooks":138,"ajaxHandlers":157,"restRoutes":158,"shortcodes":159,"cronEvents":160,"entryPointCount":28,"unprotectedCount":28},[139,145,149,153],{"type":140,"name":141,"callback":142,"file":143,"line":144},"action","admin_init","mca_init","mycommentauthors.php",60,{"type":140,"name":146,"callback":147,"file":143,"line":148},"admin_menu","mcaAdminMenu",61,{"type":140,"name":150,"callback":151,"file":143,"line":152},"wp_dashboard_setup","mca_dashboard_widgets",79,{"type":140,"name":154,"callback":155,"file":143,"line":156},"widgets_init","anonymous",263,[],[],[],[],{"dangerousFunctions":162,"sqlUsage":166,"outputEscaping":169,"fileOperations":279,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":280},[163],{"fn":164,"file":143,"line":156,"context":165},"create_function","add_action('widgets_init', create_function('', 'return register_widget(\"MyCommentAuthors\");'));",{"prepared":167,"raw":28,"locations":168},5,[],{"escaped":170,"rawEcho":171,"locations":172},7,56,[173,177,179,181,183,185,187,188,191,193,196,198,200,202,205,206,208,210,211,213,215,217,219,221,222,224,225,227,228,230,231,233,235,237,239,241,243,245,247,249,251,253,255,257,259,260,261,263,265,266,267,269,271,273,275,278],{"file":174,"line":175,"context":176},"gravatar_show.php",3,"raw output",{"file":174,"line":178,"context":176},40,{"file":174,"line":180,"context":176},44,{"file":182,"line":175,"context":176},"gravatar_tbl.php",{"file":182,"line":184,"context":176},71,{"file":182,"line":186,"context":176},77,{"file":182,"line":152,"context":176},{"file":189,"line":190,"context":176},"html_gravatar.php",70,{"file":192,"line":49,"context":176},"html_gravatar_tbl.php",{"file":194,"line":195,"context":176},"html_list.php",67,{"file":197,"line":175,"context":176},"list_show.php",{"file":197,"line":199,"context":176},38,{"file":197,"line":201,"context":176},42,{"file":203,"line":204,"context":176},"mailtowarning.php",14,{"file":203,"line":204,"context":176},{"file":203,"line":207,"context":176},24,{"file":203,"line":209,"context":176},33,{"file":203,"line":199,"context":176},{"file":203,"line":212,"context":176},48,{"file":203,"line":214,"context":176},49,{"file":203,"line":216,"context":176},50,{"file":203,"line":218,"context":176},51,{"file":220,"line":34,"context":176},"mca-home.php",{"file":220,"line":212,"context":176},{"file":220,"line":223,"context":176},103,{"file":220,"line":223,"context":176},{"file":220,"line":226,"context":176},109,{"file":220,"line":226,"context":176},{"file":220,"line":229,"context":176},114,{"file":220,"line":229,"context":176},{"file":220,"line":232,"context":176},117,{"file":220,"line":234,"context":176},138,{"file":220,"line":236,"context":176},323,{"file":220,"line":238,"context":176},369,{"file":220,"line":240,"context":176},404,{"file":220,"line":242,"context":176},446,{"file":220,"line":244,"context":176},450,{"file":220,"line":246,"context":176},454,{"file":220,"line":248,"context":176},461,{"file":220,"line":250,"context":176},466,{"file":220,"line":252,"context":176},473,{"file":143,"line":254,"context":176},144,{"file":143,"line":256,"context":176},172,{"file":143,"line":258,"context":176},173,{"file":143,"line":258,"context":176},{"file":143,"line":258,"context":176},{"file":143,"line":262,"context":176},176,{"file":143,"line":264,"context":176},177,{"file":143,"line":264,"context":176},{"file":143,"line":264,"context":176},{"file":143,"line":268,"context":176},202,{"file":143,"line":270,"context":176},205,{"file":143,"line":272,"context":176},253,{"file":143,"line":274,"context":176},258,{"file":276,"line":277,"context":176},"SendMail.php",105,{"file":276,"line":234,"context":176},1,[],[282,299,310,318,326,335,344,353],{"entryPoint":283,"graph":284,"unsanitizedCount":279,"severity":298},"getFeed (mca-home.php:9)",{"nodes":285,"edges":295},[286,290],{"id":287,"type":288,"label":289,"file":220,"line":34},"n0","source","$_SERVER['HTTP_HOST']",{"id":291,"type":292,"label":293,"file":220,"line":34,"wp_function":294},"n1","sink","echo() [XSS]","echo",[296],{"from":287,"to":291,"sanitized":297},false,"medium",{"entryPoint":300,"graph":301,"unsanitizedCount":279,"severity":309},"\u003Cgravatar_show> (gravatar_show.php:0)",{"nodes":302,"edges":307},[303,306],{"id":287,"type":288,"label":304,"file":174,"line":305},"$_GET['page']",46,{"id":291,"type":292,"label":293,"file":174,"line":180,"wp_function":294},[308],{"from":287,"to":291,"sanitized":297},"low",{"entryPoint":311,"graph":312,"unsanitizedCount":279,"severity":309},"\u003Cgravatar_tbl> (gravatar_tbl.php:0)",{"nodes":313,"edges":316},[314,315],{"id":287,"type":288,"label":304,"file":182,"line":152},{"id":291,"type":292,"label":293,"file":182,"line":152,"wp_function":294},[317],{"from":287,"to":291,"sanitized":297},{"entryPoint":319,"graph":320,"unsanitizedCount":279,"severity":309},"\u003Chtml_gravatar> (html_gravatar.php:0)",{"nodes":321,"edges":324},[322,323],{"id":287,"type":288,"label":304,"file":189,"line":184},{"id":291,"type":292,"label":293,"file":189,"line":190,"wp_function":294},[325],{"from":287,"to":291,"sanitized":297},{"entryPoint":327,"graph":328,"unsanitizedCount":279,"severity":309},"\u003Chtml_gravatar_tbl> (html_gravatar_tbl.php:0)",{"nodes":329,"edges":333},[330,332],{"id":287,"type":288,"label":304,"file":192,"line":331},95,{"id":291,"type":292,"label":293,"file":192,"line":49,"wp_function":294},[334],{"from":287,"to":291,"sanitized":297},{"entryPoint":336,"graph":337,"unsanitizedCount":279,"severity":309},"\u003Chtml_list> (html_list.php:0)",{"nodes":338,"edges":342},[339,341],{"id":287,"type":288,"label":304,"file":194,"line":340},68,{"id":291,"type":292,"label":293,"file":194,"line":195,"wp_function":294},[343],{"from":287,"to":291,"sanitized":297},{"entryPoint":345,"graph":346,"unsanitizedCount":279,"severity":309},"\u003Clist_show> (list_show.php:0)",{"nodes":347,"edges":351},[348,350],{"id":287,"type":288,"label":304,"file":197,"line":349},45,{"id":291,"type":292,"label":293,"file":197,"line":201,"wp_function":294},[352],{"from":287,"to":291,"sanitized":297},{"entryPoint":354,"graph":355,"unsanitizedCount":394,"severity":309},"\u003Cmca-home> (mca-home.php:0)",{"nodes":356,"edges":387},[357,358,359,361,363,366,368,371,373,376,381,385],{"id":287,"type":288,"label":289,"file":220,"line":34},{"id":291,"type":292,"label":293,"file":220,"line":34,"wp_function":294},{"id":360,"type":288,"label":304,"file":220,"line":212},"n2",{"id":362,"type":292,"label":293,"file":220,"line":212,"wp_function":294},"n3",{"id":364,"type":288,"label":365,"file":220,"line":232},"n4","$_POST['ltype']",{"id":367,"type":292,"label":293,"file":220,"line":232,"wp_function":294},"n5",{"id":369,"type":288,"label":370,"file":220,"line":234},"n6","$_POST['mca_page_break']",{"id":372,"type":292,"label":293,"file":220,"line":234,"wp_function":294},"n7",{"id":374,"type":288,"label":375,"file":220,"line":256},"n8","$_POST (x6)",{"id":377,"type":292,"label":378,"file":220,"line":379,"wp_function":380},"n9","update_option() [Settings Manipulation]",182,"update_option",{"id":382,"type":288,"label":383,"file":220,"line":384},"n10","$_POST (x3)",175,{"id":386,"type":292,"label":293,"file":220,"line":248,"wp_function":294},"n11",[388,389,390,391,392,393],{"from":287,"to":291,"sanitized":297},{"from":360,"to":362,"sanitized":297},{"from":364,"to":367,"sanitized":297},{"from":369,"to":372,"sanitized":297},{"from":374,"to":377,"sanitized":297},{"from":382,"to":386,"sanitized":297},13,{"summary":396,"deductions":397},"The \"mycommentauthors\" v2.0 plugin exhibits a mixed security posture.  On the positive side, the plugin has no known vulnerabilities (CVEs) and a seemingly small attack surface with zero identified entry points requiring authentication. All identified SQL queries utilize prepared statements, indicating good practice in preventing SQL injection.  However, there are significant concerns. The presence of the `create_function` dangerous function is a critical red flag, as it can be used to execute arbitrary code. Furthermore, a very low percentage (11%) of output escaping is concerning, suggesting a high risk of cross-site scripting (XSS) vulnerabilities.  All identified taint flows lead to unsanitized paths, which, despite not being classified as critical or high severity in this report, combined with the poor output escaping, points to a substantial risk of XSS. The lack of any nonce checks or capability checks on any entry points, even though the static analysis reports zero unprotected entry points, still leaves room for concern if any new entry points are introduced or if the static analysis missed something. The vulnerability history is clean, but this, coupled with the identified code quality issues, suggests the plugin may have been lucky rather than robustly secure.",[398,401,404,406,408],{"reason":399,"points":400},"Dangerous function 'create_function' found",15,{"reason":402,"points":403},"Low output escaping percentage (11%)",8,{"reason":405,"points":11},"All taint flows lead to unsanitized paths",{"reason":407,"points":167},"No nonce checks on any entry points",{"reason":409,"points":167},"No capability checks on any entry points","2026-03-17T00:37:55.384Z",{"wat":412,"direct":419},{"assetPaths":413,"generatorPatterns":416,"scriptPaths":417,"versionParams":418},[414,415],"\u002Fwp-content\u002Fplugins\u002Fmycommentauthors\u002Fmca-home.php","\u002Fwp-content\u002Fplugins\u002Fmycommentauthors\u002Fmca_sql_install_data.php",[],[],[],{"cssClasses":420,"htmlComments":421,"htmlAttributes":425,"restEndpoints":428,"jsGlobals":429,"shortcodeOutput":430},[5],[422,423,424],"\u003C!-- Show form here -->","\u003C!-- Show widget -->","\u003C!-- End widget -->",[426,427],"data-name=\"mcaNum\"","data-id=\"mcaNum\"",[],[],[]]