[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fWmvsX0w9YZtLeRwOeXxA0fZmcj3D_fuvC8WZS2Ga0wg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":47,"crawl_stats":37,"alternatives":53,"analysis":164,"fingerprints":226},"pipdisqus","pipDisqus – Lightweight Disqus Comments","1.7","pipdig","https:\u002F\u002Fprofiles.wordpress.org\u002Fpipdig\u002F","\u003Cp>This plugin will remove any of the default WordPress comments features from your site, and replace this with Disqus.\u003C\u002Fp>\n\u003Cp>Please note: Disqus comments will not be automatically imported into your WordPress dashboard. Instead, you can continue to moderate your comments via your Disqus moderation page. This plugin will add a quick link to your Disqus moderation page in the WordPress Admin Bar.\u003C\u002Fp>\n\u003Cp>Reasons to use this plugin:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Simplify your WordPress dashboard by removing the “Comments” admin menu.\u003C\u002Fli>\n\u003Cli>Easy setup: simply add the Disqus shortname in the settings and you’re all set.\u003C\u002Fli>\n\u003Cli>Comments are NOT imported to WordPress – save server resources and database size.\u003C\u002Fli>\n\u003Cli>Improved spam protection to keep junk out your site’s database.\u003C\u002Fli>\n\u003Cli>It has a silly name.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This free plugin is brought to you by \u003Ca href=\"https:\u002F\u002Fwww.pipdig.co\u002F\" rel=\"nofollow ugc\">pipdig\u003C\u002Fa>\u003C\u002Fp>\n","A lightweight solution for adding Disqus to your WordPress blog.",300,17511,90,6,"2025-12-03T16:06:00.000Z","6.9.4","4.2","",[20,21,22,23],"comments","comments-system","disqus","post","https:\u002F\u002Fwww.pipdig.co\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpipdisqus.zip",99,1,0,"2025-03-11 00:00:00","2026-03-15T15:16:48.613Z",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":6,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":46},"CVE-2025-28908","pipdisqus-authenticated-administrator-stored-cross-site-scripting","pipDisqus \u003C= 1.6 - Authenticated (Administrator+) Stored Cross-Site Scripting","The pipDisqus plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only impacts multi-site installations and installations where unfiltered_html has been disabled.",null,"\u003C=1.6","medium",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2026-02-26 15:04:26",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd961f6ed-778f-48ab-8d88-762be7a03617?source=api-prod",353,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":48,"total_installs":49,"avg_security_score":50,"avg_patch_time_days":46,"trust_score":51,"computed_at":52},10,80260,97,77,"2026-04-04T03:51:52.504Z",[54,76,100,122,143],{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":48,"downloaded":62,"rating":63,"num_ratings":64,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":18,"tags":68,"homepage":72,"download_link":73,"security_score":74,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":75},"disqus-popular-threads-widget","Disqus Popular Threads Widget","1.2","Ron Zvagelsky","https:\u002F\u002Fprofiles.wordpress.org\u002Frzvagelsky\u002F","\u003Cp>Integrates with the Disqus API to show your most popular threads (most commented posts). Can be added via sidebar widget, template tag, or shortcode.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fpresshive.com\u002Fplugins\u002Fdisqus-popular-threads-widget-for-wordpress\u002F\" rel=\"nofollow ugc\">\u003Cstrong>For more information or to request additional features, please visit the plugin page\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fp>\n","Shows your most commented posts from Disqus via widget, shortcode, or template tag.",4666,60,2,"2013-05-24T20:04:00.000Z","3.5.2","3.2",[20,22,69,70,71],"most-popular","most-commented","popular-posts","http:\u002F\u002Fpresshive.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisqus-popular-threads-widget.zip",85,"2026-03-15T14:54:45.397Z",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":86,"num_ratings":87,"last_updated":88,"tested_up_to":16,"requires_at_least":89,"requires_php":90,"tags":91,"homepage":95,"download_link":96,"security_score":97,"vuln_count":98,"unpatched_count":28,"last_vuln_date":99,"fetched_at":30},"disqus-comment-system","Disqus Comment System","3.1.4","Disqus","https:\u002F\u002Fprofiles.wordpress.org\u002Fdisqus\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fdisqus.com\u002F\" rel=\"nofollow ugc\">Disqus\u003C\u002Fa> is the web’s most popular commenting system trusted by millions of publishers to increase reader engagement, grow audience and traffic, and monetize content. Disqus helps publishers of all sizes engage directly with their audiences to build loyalty, retain readers, and foster thriving communities.\u003C\u002Fp>\n\u003Cp>The Disqus for WordPress plugin lets site owners and developers easily add Disqus to their sites, replacing the default WordPress comment system. Disqus installs in minutes and automatically imports your existing comments.\u003C\u002Fp>\n\u003Cp>In addition to our free-to-use, ad-supported Basic plan, we also offer ad-optional subscription plans that come with more advanced features and access to priority support. Please see our \u003Ca href=\"https:\u002F\u002Fdisqus.com\u002Fpricing\u002F\" rel=\"nofollow ugc\">pricing page\u003C\u002Fa> for more details.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>NEW: \u003Ca href=\"https:\u002F\u002Fdisqus.com\u002Fpolls\" rel=\"nofollow ugc\">Disqus Polls\u003C\u002Fa>\u003C\u002Fstrong> – Engage your audiences with interactive polls, and seamlessly install them on your site.\u003C\u002Fp>\n\u003Ch4>Why Disqus?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Simple one-click installation that seamlessly integrates with WordPress without ever needing to edit a single line of code or losing any of your existing comments\u003C\u002Fli>\n\u003Cli>Keep users engaged on your site longer with a commenting experience readers love\u003C\u002Fli>\n\u003Cli>Bring users back to your site with web and email notifications and personalized digests\u003C\u002Fli>\n\u003Cli>Improve SEO ranking with user generated content\u003C\u002Fli>\n\u003Cli>Keep spam out with our best-in-class anti-spam filter powered by Akismet\u003C\u002Fli>\n\u003Cli>Single profile for commenting on over 4 million sites including social login support for Facebook, Twitter, and Google accounts\u003C\u002Fli>\n\u003Cli>Trusted by sites like ABC News, Entertainment Weekly, and Rotten Tomatoes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Disqus Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Syncs comments automatically to WordPress for backup and flexibility if you ever decide to switch to a different platform\u003C\u002Fli>\n\u003Cli>Loads asynchronously with advanced caching so that Disqus doesn’t affect your site’s performance\u003C\u002Fli>\n\u003Cli>Monetization options to grow revenue\u003C\u002Fli>\n\u003Cli>Export comments to WordPress-compatible XML to backup or migrate to another system\u003C\u002Fli>\n\u003Cli>Analytics dashboard for measuring overall engagement on your site\u003C\u002Fli>\n\u003Cli>Mobile responsive design\u003C\u002Fli>\n\u003Cli>\u003Cstrong>NEW: Disqus Polls\u003C\u002Fstrong> – Create and embed interactive polls directly on your site to boost engagement and gather insights from your audience.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Engagement Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Realtime comments system with fun discussion interactions: voting, photo and video upload, rich media embed (Youtube, Twitter, Vimeo, and more), spoiler tags, mentions\u003C\u002Fli>\n\u003Cli>Comment text formatting (e.g. bold, link, italics, quote) using HTML tags as well as code syntax highlighting\u003C\u002Fli>\n\u003Cli>Threaded comment display (nested 3 levels) with ability to collapse individual threads\u003C\u002Fli>\n\u003Cli>Sort discussion by oldest, newest, and best comments\u003C\u002Fli>\n\u003Cli>Flexible login options – Social login with Facebook, Twitter, and Google, SSO, and guest commenting support\u003C\u002Fli>\n\u003Cli>Instant activity notifications, email notifications, and digests pull readers back in\u003C\u002Fli>\n\u003Cli>User profiles that show you recent comment history and frequented communities\u003C\u002Fli>\n\u003Cli>Recommendations widget that shows where active discussions are happening elsewhere on your site\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Moderation Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Automatic anti-spam filter powered by Akismet\u003C\u002Fli>\n\u003Cli>Automated pre-moderation controls to flag comments based on links, user reputation\u003C\u002Fli>\n\u003Cli>Moderate directly in the discussion, via email, or moderation panel\u003C\u002Fli>\n\u003Cli>Email notifications for newly posted comments, replies\u003C\u002Fli>\n\u003Cli>Moderation Panel that lets you search, filter, sort, and manage your comments\u003C\u002Fli>\n\u003Cli>Self-moderation tools like user blocking, comment flagging\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Search our \u003Ca href=\"https:\u002F\u002Fhelp.disqus.com\u002Fcustomer\u002Fportal\u002Farticles\u002F472005\" rel=\"nofollow ugc\">Knowledge Base\u003C\u002Fa> for solutions to common troubleshooting questions\u003C\u002Fli>\n\u003Cli>Check out our support community, \u003Ca href=\"https:\u002F\u002Fdisqus.com\u002Fhome\u002Fchannel\u002Fdiscussdisqus\u002F\" rel=\"nofollow ugc\">Discuss Disqus\u003C\u002Fa>, to see if your question has been answered\u003C\u002Fli>\n\u003Cli>Talk to our Support team at \u003Ca href=\"disqus.com\u002Fsupport\" rel=\"nofollow ugc\">disqus.com\u002Fsupport\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Visit our \u003Ca href=\"https:\u002F\u002Fhelp.disqus.com\u002Fcustomer\u002Fen\u002Fportal\u002Farticles\u002F1264625-getting-started\" rel=\"nofollow ugc\">Getting Started\u003C\u002Fa> page to learn the basics of Disqus\u003C\u002Fli>\n\u003C\u002Ful>\n","Disqus is the web's most popular comment system. Use Disqus to increase engagement, retain readers, and grow your audience.",40000,4455999,54,219,"2026-01-15T17:47:00.000Z","4.4","5.6",[20,22,92,93,94],"email","engagement","threaded","https:\u002F\u002Fdisqus.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisqus-comment-system.3.1.4.zip",96,5,"2014-09-17 00:00:00",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":97,"num_ratings":110,"last_updated":111,"tested_up_to":112,"requires_at_least":113,"requires_php":114,"tags":115,"homepage":18,"download_link":120,"security_score":26,"vuln_count":64,"unpatched_count":28,"last_vuln_date":121,"fetched_at":30},"no-page-comment","No Page Comment","1.3.1","Seth Alling","https:\u002F\u002Fprofiles.wordpress.org\u002Fsethta\u002F","\u003Cp>Up until recently, WordPress gave two options: You could either disable comments and trackbacks by default for all pages and posts, or you could have them active by default. In WordPress version 4.3, this finally changed so comments are always disabled on new pages.\u003C\u002Fp>\n\u003Cp>While the new change makes it easier for many of the sites, it make it harder for people who need to get the reverse and enable comments on all pages, or if they need to change the default for a custom post type. This plugin allows you to choose whether comments are enabled or disabled by default on all new posts, pages and custom post types, while still giving the ability to individually enable comments on posts or pages.\u003C\u002Fp>\n\u003Cp>Also, this plugin provides a way to quickly disable all comments or pingbacks for a specific custom post type. It directly interacts with your database to modify the status, so it is highly recommended that you backup your database first. There shouldn’t be any issues using this feature, but it’s always good to play it safe.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsethta\u002Fno-page-comment\" title=\"No Page Comment Development on Github\" rel=\"nofollow ugc\">View No Page Comment Development on Github\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsethta\u002Fno-page-comment\u002Fissues\" title=\"Report an Issue about No Page Comment on Github\" rel=\"nofollow ugc\">Please Report any Issues about No Page Comment on Github\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fcgi-bin\u002Fwebscr?cmd=_s-xclick&hosted_button_id=5WWP2EDSCAJR4\" title=\"Donate to support the No Page Comment Plugin development\" rel=\"nofollow ugc\">Donate to Support No Page Comment Development\u003C\u002Fa>\u003C\u002Fp>\n","An admin interface to control the default comment and trackback settings on new posts, pages and custom post types.",10000,250545,23,"2025-11-17T15:09:00.000Z","6.8.5","6.2","7.4",[20,116,117,118,119],"custom-post-types","discussion","pages","posts","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fno-page-comment.zip","2022-09-21 00:00:00",{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":130,"downloaded":131,"rating":97,"num_ratings":132,"last_updated":133,"tested_up_to":16,"requires_at_least":134,"requires_php":114,"tags":135,"homepage":139,"download_link":140,"security_score":141,"vuln_count":64,"unpatched_count":28,"last_vuln_date":142,"fetched_at":30},"mihdan-no-external-links","No External Links","5.1.8","mihdan","https:\u002F\u002Fprofiles.wordpress.org\u002Fmihdan\u002F","\u003Cp>No External Links converts external links to internal links. Featuring \u003Cem>Full Page or Targeted Content Filtering\u003C\u002Fem>, \u003Cem>Custom Redirect Page\u002FMessage\u003C\u002Fem>, \u003Cem>Encoded Masks\u003C\u002Fem>, \u003Cem>External Link Click Logging\u003C\u002Fem>, \u003Cem>Individual Link Exclusion\u003C\u002Fem>, \u003Cem>Post\u002FPage Specific Exclusion\u003C\u002Fem>, and many more…\u003C\u002Fp>\n\u003Ch4>Example\u003C\u002Fh4>\n\u003Cp>Links like “\u003Cem>https:\u002F\u002Fwordpress.org\u003C\u002Fem>” will be masked into\u003Cbr \u002F>\n“\u003Cem>http:\u002F\u002Fwww.example.com\u002Fgoto\u002Fhttps:\u002F\u002Fwordpress.org\u003C\u002Fem>“.\u003C\u002Fp>\n\u003Ch4>Warning\u003C\u002Fh4>\n\u003Cp>No External Links may conflict with cache plugins.\u003Cbr \u002F>\nUsually adding the redirect page to the caching plugin exclusions works fine, but there are no guarantees.\u003Cbr \u002F>\nCreate a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fmihdan-no-external-links\" rel=\"ugc\">support topic\u003C\u002Fa> if you need assistance resolving a caching issue.\u003Cbr \u002F>\n\u003Cstrong>\u003Cem>Please provide as much detail as possible, for example, what version of WordPress & PHP you are using. Which caching plugin you are using. The more information you include the better.\u003C\u002Fem>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Details\u003C\u002Fh4>\n\u003Cp>No External Links is designed for specialists who sell different kinds of advertisements on their web site and care about the number of outgoing links that can be found by search engines. Now you can make all external links internal.\u003C\u002Fp>\n\u003Ch4>How To Use\u003C\u002Fh4>\n\u003Cp>Just do everything like you would normally, and as long as the plugin is active, external links will be automatically masked.\u003C\u002Fp>\n\u003Ch4>Recommended Settings\u003C\u002Fh4>\n\u003Cp>The default settings that are used on a fresh install of the plugin are what we recommend.\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>Need help with anything? Please create a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fmihdan-no-external-links\" rel=\"ugc\">support topic\u003C\u002Fa>.\u003Cbr \u002F>\n\u003Cstrong>\u003Cem>Please provide as much detail as possible, for example, what version of WordPress & PHP you are using. Examples of links that do not work. If you are using a caching plugin, please specify which one. The more information you include the better.\u003C\u002Fem>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Feature Request\u003C\u002Fh4>\n\u003Cp>Want a feature added to this plugin? Create a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fmihdan-no-external-links\" rel=\"ugc\">support topic\u003C\u002Fa>.\u003Cbr \u002F>\nWe are always looking to add features to improve our plugin.\u003C\u002Fp>\n\u003Ch4>Localization\u003C\u002Fh4>\n\u003Cp>We apologize that the latest version has changed so much that existing localizations no longer work.\u003Cbr \u002F>\nIf you would like to contribute to the translations please get in touch.\u003C\u002Fp>\n\u003Ch4>Note\u003C\u002Fh4>\n\u003Cp>No External Links \u003Cstrong>does not\u003C\u002Fstrong> make any changes to your database, it just processes the output. So you will not see these changes within the WYSIWYG editor.\u003C\u002Fp>\n","Convert external links into internal links, site wide or post\u002Fpage specific. Add NoFollow, Click logging, and more...",6000,78779,16,"2025-11-29T11:53:00.000Z","5.7.4",[20,136,119,137,138],"links","seo","seo-hide","https:\u002F\u002Fwww.kobzarev.com\u002Fprojects\u002Fno-external-links\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmihdan-no-external-links.5.1.8.zip",98,"2025-09-22 00:00:00",{"slug":144,"name":145,"version":146,"author":147,"author_profile":148,"description":149,"short_description":150,"active_installs":151,"downloaded":152,"rating":153,"num_ratings":154,"last_updated":155,"tested_up_to":156,"requires_at_least":157,"requires_php":90,"tags":158,"homepage":162,"download_link":163,"security_score":74,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"remove-noreferrer","Remove noreferrer","2.0.0","gruz0","https:\u002F\u002Fprofiles.wordpress.org\u002Fgruz0\u002F","\u003Cp>\u003Cstrong>“Remove noreferrer” automatically removes \u003Ccode>rel=\"noreferrer\"\u003C\u002Fcode> attribute from links on your website on-the-fly.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Plugin does not modify original links or content in the database.\u003C\u002Fp>\n\u003Ch3>Which kind of content supported?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Posts\u003C\u002Fli>\n\u003Cli>Pages\u003C\u002Fli>\n\u003Cli>Blog page (homepage, etc.)\u003C\u002Fli>\n\u003Cli>Comments\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Also it supports standard WordPress widgets:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>“Text”\u003C\u002Fli>\n\u003Cli>“Custom HTML”\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Docs & Support\u003C\u002Fh4>\n\u003Cp>This plugin is an open source project and we would love you to help us make it better. If you want a new feature will be implemented in this plugin, you can open a \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fgruz0\u002Fremove-noreferrer\u002Fissues\u002Fnew\" rel=\"nofollow ugc\">GitHub Issue\u003C\u002Fa>. If you don’t have a GitHub Account you can send me email to \u003Ca href=\"mailto:alexander@kadyrov.dev\" rel=\"nofollow ugc\">alexander@kadyrov.dev\u003C\u002Fa>. You can find more detailed information about plugin on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fgruz0\u002Fremove-noreferrer\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Donations\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.buymeacoffee.com\u002Fgruz0\" rel=\"nofollow ugc\">Buy Me a Coffee\u003C\u002Fa>\u003C\u002Fp>\n","\"Remove noreferrer\" automatically removes rel=\"noreferrer\" attribute from links on your website on-the-fly.",5000,15740,100,14,"2021-01-04T11:56:00.000Z","5.6.17","5.1",[20,159,160,23,161],"noreferrer","page","widgets","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fremove-noreferrer\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fremove-noreferrer.2.0.0.zip",{"attackSurface":165,"codeSignals":209,"taintFlows":218,"riskAssessment":219,"analyzedAt":225},{"hooks":166,"ajaxHandlers":205,"restRoutes":206,"shortcodes":207,"cronEvents":208,"entryPointCount":28,"unprotectedCount":28},[167,173,178,183,187,191,194,198,201],{"type":168,"name":169,"callback":170,"file":171,"line":172},"action","admin_notices","pipdisqus_admin_notice","pipdisqus.php",28,{"type":174,"name":175,"callback":176,"file":171,"line":177},"filter","comments_template","pipdisqus_comments_template",43,{"type":168,"name":179,"callback":180,"priority":181,"file":171,"line":182},"wp_footer","pipdisqus_count_script",999999,69,{"type":174,"name":184,"callback":185,"file":171,"line":186},"feed_links_show_comments_feed","__return_false",73,{"type":168,"name":188,"callback":189,"file":171,"line":190},"wp_before_admin_bar_render","pipdisqus_remove_comments_adminbar",86,{"type":168,"name":192,"callback":193,"file":171,"line":141},"admin_menu","pipdisqus_remove_comments_menu",{"type":168,"name":195,"callback":196,"priority":153,"file":171,"line":197},"admin_bar_menu","pipdisqus_adminbar",121,{"type":168,"name":192,"callback":199,"file":171,"line":200},"pipdisqus_add_admin_menu",129,{"type":168,"name":202,"callback":203,"file":171,"line":204},"admin_init","pipdisqus_settings_init",152,[],[],[],[],{"dangerousFunctions":210,"sqlUsage":211,"outputEscaping":213,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":216,"bundledLibraries":217},[],{"prepared":28,"raw":28,"locations":212},[],{"escaped":214,"rawEcho":28,"locations":215},11,[],3,[],[],{"summary":220,"deductions":221},"The pipdisqus v1.7 plugin exhibits a generally strong security posture based on the provided static analysis. The absence of any identified dangerous functions, SQL queries not using prepared statements, or unescaped output suggests good coding practices for preventing common vulnerabilities. Furthermore, the lack of critical or high severity taint analysis flows indicates that data is likely being handled safely within the plugin. The plugin also has no external HTTP requests or file operations, which reduces its attack surface and potential for certain types of exploits.\n\nHowever, a significant concern is the presence of one known Common Vulnerabilities and Exposures (CVE) in its history, even though it is currently patched. The vulnerability type being Cross-site Scripting (XSS) is a common and potentially severe threat. While the static analysis shows no immediate vulnerabilities in the current code, the past XSS issue warrants attention and suggests a need for ongoing vigilance and testing to ensure such issues do not reappear in future versions. The plugin's limited attack surface (zero entry points found) is a positive indicator, but the single past CVE tempers the overall assessment.\n\nIn conclusion, pipdisqus v1.7 has commendable strengths in its static analysis, demonstrating diligent efforts to avoid common pitfalls. The absence of immediate critical risks in the code is reassuring. Nevertheless, the documented history of a past XSS vulnerability is a notable weakness that should not be overlooked. This necessitates a cautious approach, emphasizing the importance of thorough testing and security reviews for any updates to maintain its security.",[222],{"reason":223,"points":224},"One known CVE in history",15,"2026-03-16T20:00:59.450Z",{"wat":227,"direct":235},{"assetPaths":228,"generatorPatterns":229,"scriptPaths":230,"versionParams":232},[],[],[231],"\u002Fwp-content\u002Fplugins\u002Fpipdisqus\u002Fjs\u002Fpipdisqus.js",[233,234],"pipdisqus\u002Fstyle.css?ver=","pipdisqus\u002Fjs\u002Fpipdisqus.js?ver=",{"cssClasses":236,"htmlComments":239,"htmlAttributes":242,"restEndpoints":247,"jsGlobals":248,"shortcodeOutput":250},[237,170,238],"pipdisqus-container","pipdig-mod-comments",[240,241],"\u003C!-- Disqus Comments Start -->","\u003C!-- Disqus Comments End -->",[243,244,245,246],"data-disqus-shortname","data-disqus-identifier","data-disqus-url","data-disqus-title",[],[249],"pipdisqus_load_comments",[]]