[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f8BxRK_Dz1W2fEa8QFTrQvynKr1F_jWCYVnV8ZuXxfWs":3,"$fwvTWRzzAfkHCWkpu14JOrIo1y02_9-08pjgBuwkqGVU":249,"$fgWPV1u_F1FIDyVWhOsIGsmmgBqKpR91G3zqywj0i4W4":253},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"discovery_status":27,"vulnerabilities":28,"developer":29,"crawl_stats":25,"alternatives":37,"analysis":146,"fingerprints":218},"no-duplicate-content-in-comments","No Duplicate Content in Comments","1.0","Julian Yanover","https:\u002F\u002Fprofiles.wordpress.org\u002Fjulianyanover\u002F","\u003Cp>Check comments for duplicate content using Google AJAX Search API as they are published. This helps to avoid having duplicate content in your posts. It only checks approved comments that have over 50 words. The plugin searches two random strings, both 8 words length. If one of them finds an exact match, it emails you letting you know so you can check it yourself and decide if you want to delete it.\u003C\u002Fp>\n","Check comments for duplicate content using Google AJAX Search API as they are published. Emails you whenever it finds a match so you can check it and  &hellip;",10,2938,0,"2009-03-31T14:57:00.000Z","2.7.1","2.3.1","",[19,20,21],"comments","duplicate","duplicate-content","http:\u002F\u002Fbitsignals.com\u002F2009\u002F03\u002F31\u002Fno-duplicate-content-in-comments","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fno-duplicate-content-in-comments.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"julianyanover",5,90,91,30,88,"2026-07-15T08:31:25.869Z",[38,61,84,108,128],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":58,"download_link":59,"security_score":60,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"advance-canonical-url","Advance Canonical URL","1.0.4","Usman Ali Qureshi","https:\u002F\u002Fprofiles.wordpress.org\u002Fusmanaliqureshi\u002F","\u003Cp>Advanced Canonical URL is a powerful WordPress plugin designed to enhance your website’s SEO by preventing duplicate content issues. With its advanced settings, you can easily configure canonical URLs across your site, ensuring search engines prioritize the right pages for better rankings and improved visibility.\u003C\u002Fp>\n","Advanced Canonical URL is a powerful WordPress plugin designed to enhance your website’s SEO by preventing duplicate content issues.",1000,17997,80,4,"2025-05-19T05:22:00.000Z","6.8.5","5.2","7.3",[55,56,20,21,57],"canonical","canonical-url","url","https:\u002F\u002Fgithub.com\u002Fusmanaliqureshi\u002Fadvance-canonical-url","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvance-canonical-url.1.0.4.zip",92,{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":46,"downloaded":69,"rating":70,"num_ratings":11,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":17,"tags":74,"homepage":79,"download_link":80,"security_score":81,"vuln_count":82,"unpatched_count":13,"last_vuln_date":83,"fetched_at":26},"copyscape-premium","Copyscape Premium","1.4.2","Copyscape","https:\u002F\u002Fprofiles.wordpress.org\u002Fcopyscape\u002F","\u003Cp>The Copyscape Premium plugin lets you check if a WordPress post is original before it’s published, by using the Copyscape Premium API to check for duplicate content on the web.\u003C\u002Fp>\n\u003Cp>The plugin will add a ‘Copyscape Check’ button to your WordPress interface, allowing you to check your posts whenever you wish. You may also set the plugin to automatically check your posts when you click ‘Publish’ and\u002For ‘Update’.\u003C\u002Fp>\n\u003Cp>When duplicate content is found, a report of matching pages is shown. You may also see a detailed comparison that highlights your content on the found page.\u003C\u002Fp>\n\u003Cp>If you do not already have a Copyscape Premium account, please \u003Ca href=\"http:\u002F\u002Fwww.copyscape.com\u002Fredirect\u002F?to=prosignup\" title=\"Copyscape Premium sign up\" rel=\"nofollow ugc\">sign up\u003C\u002Fa>,  \u003Ca href=\"http:\u002F\u002Fwww.copyscape.com\u002Fredirect\u002F?to=propurchase\" title=\"Purchase Copyscape Premium Credits\" rel=\"nofollow ugc\">purchase some credits\u003C\u002Fa>, and enable your \u003Ca href=\"http:\u002F\u002Fwww.copyscape.com\u002Fredirect\u002F?to=apiconfigure#key\" title=\"Copyscape Premium API page\" rel=\"nofollow ugc\">API access\u003C\u002Fa>. You may then begin using the plugin.\u003C\u002Fp>\n","The Copyscape Premium plugin lets you check if a WordPress post is unique before it's published, by searching for duplicate content on the web.",54373,64,"2025-12-24T18:07:00.000Z","6.9.4","3.0.1",[75,21,76,77,78],"copyscape","original","plagiarism","unique","http:\u002F\u002Fwww.copyscape.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcopyscape-premium.1.4.2.zip",98,2,"2026-01-10 00:00:00",{"slug":85,"name":86,"version":87,"author":88,"author_profile":89,"description":90,"short_description":91,"active_installs":92,"downloaded":93,"rating":81,"num_ratings":94,"last_updated":95,"tested_up_to":96,"requires_at_least":97,"requires_php":17,"tags":98,"homepage":103,"download_link":104,"security_score":105,"vuln_count":82,"unpatched_count":106,"last_vuln_date":107,"fetched_at":26},"rps-include-content","RPS Include Content","1.2.2","redpixelstudios","https:\u002F\u002Fprofiles.wordpress.org\u002Fredpixelstudios\u002F","\u003Cp>The RPS Include Content plugin is useful when you need to include the same content across many posts or pages. For example, you may want to place your company boilerplate at the bottom of press releases in your News section. Instead of pasting the boilerplate copy at the end of each of these pages, you can now insert the shortcode (along with the post ID, and for multisite configurations, the blog ID) where that content should appear.\u003C\u002Fp>\n\u003Cp>When you modify your source copy, changes will appear on all pages that contain the shortcode. There’s no need to open and modify multiple pages.\u003C\u002Fp>\n\u003Cp>When a user previews the post from the WordPress Administration, the included content is distinguished with an on-hover highlight. A link is provided so that the source content can be conveniently accessed and modified. The preview of the include will not distort the target page – the width, height and position will remain as defined by the site.\u003C\u002Fp>\n\u003Cp>To easily obtain the blog ID and post ID, install the free \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Frps-blog-info\u002F\" rel=\"ugc\">RPS Blog Info\u003C\u002Fa> plugin, which places that information (and much more) on your WordPress 3.3 Toolbar.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Include featured image of the included post with optional wrapper and custom class.\u003C\u002Fli>\n\u003Cli>Allows specific shortcodes to display within included posts.\u003C\u002Fli>\n\u003Cli>Allows oEmbeds to display within included posts.\u003C\u002Fli>\n\u003Cli>Respects the more tag in posts automatically.\u003C\u002Fli>\n\u003Cli>Set the length of the content to be displayed by word count.\u003C\u002Fli>\n\u003Cli>Option to remove the hover interface.\u003C\u002Fli>\n\u003Cli>Option to include private content.\u003C\u002Fli>\n\u003Cli>Display the title of the included post without any content.\u003C\u002Fli>\n\u003Cli>Include the title of the included post with or without a hyperlink.\u003C\u002Fli>\n\u003Cli>Include a page or a post in another page or post.\u003C\u002Fli>\n\u003Cli>Specify whether the content or the excerpt should be used.\u003C\u002Fli>\n\u003Cli>Updates made to source content are reflected on all target pages.\u003C\u002Fli>\n\u003Cli>Source content pulled into a page is easily distinguishable and accessible when viewing the page on the front-end while logged into the WordPress back-end.\u003C\u002Fli>\n\u003Cli>Protects against generating include loops and calling nonexistent source content.\u003C\u002Fli>\n\u003Cli>Displays errors on the front-end to logged-in page\u002Fpost editors.\u003C\u002Fli>\n\u003Cli>Compatible with single and multisite installs.\u003C\u002Fli>\n\u003Cli>Support for password protected posts.\u003C\u002Fli>\n\u003Cli>Strip shortcodes from included posts.\u003C\u002Fli>\n\u003Cli>Default Settings page.\u003C\u002Fli>\n\u003C\u002Ful>\n","Makes it easy to pull content from one post or page and place it on another using a simple shortcode, even in a multisite environment.",800,23994,18,"2025-03-24T20:16:00.000Z","6.7.5","5.0",[99,21,100,101,102],"copy-content","include","include-content","includes","http:\u002F\u002Fredpixel.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frps-include-content.1.2.2.zip",68,1,"2026-02-14 00:00:00",{"slug":109,"name":110,"version":6,"author":111,"author_profile":112,"description":113,"short_description":114,"active_installs":115,"downloaded":116,"rating":13,"num_ratings":13,"last_updated":117,"tested_up_to":118,"requires_at_least":73,"requires_php":17,"tags":119,"homepage":124,"download_link":125,"security_score":126,"vuln_count":106,"unpatched_count":106,"last_vuln_date":127,"fetched_at":26},"duplicate-content-cure","Duplicate Content Cure","Badi Jones","https:\u002F\u002Fprofiles.wordpress.org\u002Fbadijones\u002F","\u003Cp>Duplicate Content Cure is an extremely simple plugin that makes WordPress more Search Engine\u003Cbr \u002F>\nfriendly (And therefore improving SEO). It does this by preventing search engine spiders\u002Fbots\u003Cbr \u002F>\nfrom accessing pages like Archives, Tags, and Categories, which tend to contain duplicated content\u003Cbr \u002F>\nfrom elsewhere on your site.  This is achieved by adding nofollow, noindex to\u003Cbr \u002F>\nthese problem pages.\u003C\u002Fp>\n\u003Cp>Duplicate Content Cure doesn’t have a lot of features that other SEO plugins have, but\u003Cbr \u002F>\nit also is lightning fast by comparison.\u003C\u002Fp>\n","Duplicate content cure is a simple plugin that improves SEO by preventing search engines from indexing pages that contain duplicate content.",300,3942,"2015-06-02T06:20:00.000Z","4.2.39",[120,121,21,122,123],"categories","category","noindex","seo","http:\u002F\u002Fwww.howtostartablog.org\u002Fduplicate-content-cure\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fduplicate-content-cure.zip",63,"2025-11-29 00:00:00",{"slug":129,"name":130,"version":131,"author":132,"author_profile":133,"description":134,"short_description":135,"active_installs":32,"downloaded":136,"rating":137,"num_ratings":82,"last_updated":138,"tested_up_to":139,"requires_at_least":140,"requires_php":17,"tags":141,"homepage":17,"download_link":145,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"replytocom-controller","Replytocom Controller","1.2","ClaytonL","https:\u002F\u002Fprofiles.wordpress.org\u002Fclaytonl\u002F","\u003Cp>Hate duplicate content? Hate wasting server resources?\u003C\u002Fp>\n\u003Cp>Replytocom Controller gives you the option to remove “?replytocom” from comment urls and optionally redirect visitors & bots who try to use it anyway to a destination of your choice.\u003C\u002Fp>\n\u003Cp>For those concerned about duplicate content for SEO purposes, the benefits should be obvious.\u003C\u002Fp>\n\u003Cp>If you want to speed up your WordPress server, the redirection will let you stop wasting resources serving up the same page over and over again to a crawler bot. Even worse, pages with a question mark in the url aren’t typically cached by caching plugins like WP Super Cache. That means that those bot crawls are eating up way more resources then a normal url would. Now you can send them to a cached copy of that page, a less resource intensive page, or any other url.\u003C\u002Fp>\n\u003Cp>Of course, the cost of all this is that visitors can’t have JavaScript turned off if they want to leave replies in threaded comments.\u003C\u002Fp>\n\u003Cp>Borrows code from:\u003Cbr \u002F>\n* https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fall-in-one-seo-pack\u002F\u003Cbr \u002F>\n* https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Freplytocom-redirector\u002F\u003C\u002Fp>\n","Replytocom Controller lets remove \"?replytocom\" from comment reply urls and redirect bots who try to use it anyway.",5892,100,"2016-12-11T23:29:00.000Z","3.5.2","2.7",[142,143,21,144,123],"bandwidth-saving","bots","replytocom","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freplytocom-controller.1.2.zip",{"attackSurface":147,"codeSignals":167,"taintFlows":180,"riskAssessment":208,"analyzedAt":217},{"hooks":148,"ajaxHandlers":163,"restRoutes":164,"shortcodes":165,"cronEvents":166,"entryPointCount":13,"unprotectedCount":13},[149,155,159],{"type":150,"name":151,"callback":152,"file":153,"line":154},"action","init","ndcc_textdomain","no-duplicate-content-in-comments.php",33,{"type":150,"name":156,"callback":157,"file":153,"line":158},"admin_menu","ndcc_config_page",235,{"type":150,"name":160,"callback":161,"priority":11,"file":153,"line":162},"comment_post","check_duplicate_ndcc",238,[],[],[],[],{"dangerousFunctions":168,"sqlUsage":169,"outputEscaping":174,"fileOperations":13,"externalRequests":106,"nonceChecks":106,"capabilityChecks":106,"bundledLibraries":179},[],{"prepared":13,"raw":106,"locations":170},[171],{"file":153,"line":172,"context":173},110,"$wpdb->get_row() with variable interpolation",{"escaped":13,"rawEcho":106,"locations":175},[176],{"file":153,"line":177,"context":178},219,"raw output",[],[181,200],{"entryPoint":182,"graph":183,"unsanitizedCount":13,"severity":199},"no_duplicate_comment_conf (no-duplicate-content-in-comments.php:188)",{"nodes":184,"edges":196},[185,190],{"id":186,"type":187,"label":188,"file":153,"line":189},"n0","source","$_POST",195,{"id":191,"type":192,"label":193,"file":153,"line":194,"wp_function":195},"n1","sink","update_option() [Settings Manipulation]",201,"update_option",[197],{"from":186,"to":191,"sanitized":198},true,"low",{"entryPoint":201,"graph":202,"unsanitizedCount":13,"severity":199},"\u003Cno-duplicate-content-in-comments> (no-duplicate-content-in-comments.php:0)",{"nodes":203,"edges":206},[204,205],{"id":186,"type":187,"label":188,"file":153,"line":189},{"id":191,"type":192,"label":193,"file":153,"line":194,"wp_function":195},[207],{"from":186,"to":191,"sanitized":198},{"summary":209,"deductions":210},"The 'no-duplicate-content-in-comments' plugin v1.0 exhibits a generally strong security posture based on the provided static analysis. The absence of a significant attack surface, including AJAX handlers, REST API routes, and shortcodes, is a positive indicator. Furthermore, the presence of nonce and capability checks suggests a conscious effort towards secure development practices, mitigating common exploitation vectors. The plugin's vulnerability history is also remarkably clean, with no recorded CVEs, which implies a history of stability and developer attention to security.\n\nHowever, a critical concern emerges from the SQL query analysis. The single SQL query is not using prepared statements, and only one output is present with none of them being properly escaped. This combination presents a significant risk. The unsanitized SQL query is a direct pathway to potential SQL injection vulnerabilities, especially if any part of the query is influenced by user input, which is not explicitly detailed but is a strong possibility for a comment-related plugin. Similarly, the lack of output escaping leaves the plugin vulnerable to cross-site scripting (XSS) attacks where malicious scripts could be injected through comment content and then rendered on the page.\n\nIn conclusion, while the plugin benefits from a small attack surface and a clean vulnerability record, the identified SQL and output handling weaknesses are serious. The absence of readily exploitable entry points is commendable, but the potential for SQL injection and XSS due to unescaped output and raw SQL queries cannot be overlooked. Addressing these specific code concerns should be the immediate priority to fortify the plugin's security.",[211,214],{"reason":212,"points":213},"SQL query not using prepared statements",8,{"reason":215,"points":216},"Output not properly escaped",6,"2026-03-17T00:09:49.917Z",{"wat":219,"direct":225},{"assetPaths":220,"generatorPatterns":222,"scriptPaths":223,"versionParams":224},[221],"\u002Fwp-content\u002Fplugins\u002Fno-duplicate-content-in-comments\u002F",[],[],[],{"cssClasses":226,"htmlComments":227,"htmlAttributes":245,"restEndpoints":246,"jsGlobals":247,"shortcodeOutput":248},[],[228,229,230,231,232,233,234,235,236,237,238,239,240,241,242,243,244],"\u003C!--  Copyright 2009  Julian Yanover  (email : julianyanover@gmail.com) -->","\u003C!--     This program is free software; you can redistribute it and\u002For modify -->","\u003C!--     it under the terms of the GNU General Public License as published by -->","\u003C!--     the Free Software Foundation; either version 2 of the License, or -->","\u003C!--     (at your option) any later version. -->","\u003C!--     This program is distributed in the hope that it will be useful, -->","\u003C!--     but WITHOUT ANY WARRANTY; without even the implied warranty of -->","\u003C!--     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the -->","\u003C!--     GNU General Public License for more details. -->","\u003C!--     You should have received a copy of the GNU General Public License -->","\u003C!--     along with this program; if not, write to the Free Software -->","\u003C!--     Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA -->","\u003C!-- Call the language function and load the textdomain -->","\u003C!-- Send the email alerting of the copy -->","\u003C!-- Check the strings with Google -->","\u003C!-- Main function -->","\u003C!-- Plugin configuration page -->",[],[],[],[],{"error":198,"url":250,"statusCode":251,"statusMessage":252,"message":252},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fno-duplicate-content-in-comments\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":13,"versions":254},[]]