Does Page Comments Off Please have any unpatched vulnerabilities?

No. All known vulnerabilities in Page Comments Off Please have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Page Comments Off Please compatible with WordPress 4.4.34?

According to WordPress.org data, Page Comments Off Please 2.0.4 has been tested up to WordPress 4.4.34. Check the plugin's changelog for the latest compatibility information.

How often is Page Comments Off Please updated?

Page Comments Off Please was last updated on Nov 28, 2017. Frequent updates are generally a positive security signal.

What is Page Comments Off Please's security score?

Page Comments Off Please has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Page Comments Off Please Security & Risk Analysis

wordpress.org/plugins/page-comments-off-please

Page Comments Off Please - Unchecks Discussion comment checkboxes by default on pages, posts or both! Plus a simple one-click toggle to turn off comme …

1K active installs v2.0.4 PHP + WP 2.8+ Updated Nov 28, 2017

checkboxdisablepagepage-commentsuncheck

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Page Comments Off Please Safe to Use in 2026?

Generally Safe

Score 85/100

Page Comments Off Please has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

The "page-comments-off-please" v2.0.4 plugin exhibits a generally good security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events with unprotected entry points significantly minimizes the plugin's attack surface. Furthermore, the absence of dangerous functions, file operations, and external HTTP requests is commendable.

However, there are a couple of specific concerns. The plugin utilizes two SQL queries, neither of which employs prepared statements, posing a potential risk for SQL injection vulnerabilities if the inputs are not rigorously sanitized. While the taint analysis only identified one flow with unsanitized paths, and it was not categorized as critical or high severity, this still represents a potential area of weakness. The fact that the plugin has no recorded vulnerability history suggests a stable and likely secure past, which is a positive indicator.

Key Concerns

SQL queries without prepared statements
Flows with unsanitized paths (low severity)

Vulnerabilities

None known

Page Comments Off Please Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Page Comments Off Please Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

3 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared2 total queries

Output Escaping

75% escaped4 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths

handle_messages (pagecommentsoffplease.php:168)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Page Comments Off Please Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actionadmin_initpagecommentsoffplease.php:66

actionadmin_menupagecommentsoffplease.php:67

filterpre_option_{$pcop_default_comm_stat}pagecommentsoffplease.php:80

filterpre_option_{$pcop_default_ping_stat}pagecommentsoffplease.php:81

actionadmin_footerpagecommentsoffplease.php:83

actionadmin_print_scripts-settings_page_page-comments-off-pleasepagecommentsoffplease.php:86

Maintenance & Trust

Page Comments Off Please Maintenance & Trust

Maintenance Signals

WordPress version tested4.4.34

Last updatedNov 28, 2017

PHP min version

Downloads56K

Community Trust

Rating82/100

Number of ratings9

Active installs1K

Alternatives

Page Comments Off Please Alternatives

Disable Author Archives

disable-author-archives

100

Disable Author Archives completely removes author archives and makes the web server return status code 404 ('Not Found') instead.

10K No CVEs

Plugin Organizer

plugin-organizer

Change plugin order and selectively enable/disable plugins on each post/page.

10K 1 CVE

MM Title Manager — Hide Page and Post Title

hide-titles

100

Control visibility of post and page titles on your WordPress site.

9K No CVEs

Disable Site

disable-site

A WordPress plugin to disable your website front-end and display a message to your visitors while still allowing back-end access.

4K No CVEs

Remove Author Pages

remove-author-pages

Remove author pages and link authors to home page

3K No CVEs

Developer Profile

Page Comments Off Please Developer Profile

techism

1 plugin · 1K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Page Comments Off Please

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/page-comments-off-please/js/page_comments_off_please.js

Script Paths