[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fAZkKDJ1qCwvTn141MdB10dfikrWG_cbgfd19lVWOBVc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":13,"vuln_count":11,"unpatched_count":11,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":38,"analysis":147,"fingerprints":209},"serious-toxic-comments","Serious Toxic Comments","1.1.1","Jordi Cabot","https:\u002F\u002Fprofiles.wordpress.org\u002Fsoftmodeling\u002F","\u003Cp>Toxic comments are becoming a major challenge to have meaningful online discussions.\u003C\u002Fp>\n\u003Cp>This plugin uses a pre-trained toxic classifier from \u003Ca href=\"https:\u002F\u002Fwww.tensorflow.org\u002F\" rel=\"nofollow ugc\">TensorFlow\u003C\u002Fa> to classify a comment as toxic. See more technical details on the quality of the model \u003Ca href=\"https:\u002F\u002Fmedium.com\u002Ftensorflow\u002Ftext-classification-using-tensorflow-js-an-example-of-detecting-offensive-language-in-browser-e2b94e3565ce\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Once a comment is flagged as toxic, the comment is blocked and the plugin alerts the comment author and asks to modify the text before trying again.\u003C\u002Fp>\n\u003Cp>In the default \u003Cem>Settings->Discussion\u003C\u002Fem> page you can enable the detection of toxic comments and define the threshold confidence level for the prediction.\u003C\u002Fp>\n","Flag and block toxic comments from polluting your site with insults, threats, obscenities, etc.",0,1071,100,1,"","5.2.24","4.3","5.6",[20,21,22,23,24],"ai","comments","tensorflow","toxic","toxicity","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fserious-toxic-comments","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fserious-toxic-comments.zip",null,"2026-03-15T10:48:56.248Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"softmodeling",3,40,90,30,87,"2026-04-05T03:36:33.629Z",[39,65,86,106,127],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":18,"tags":54,"homepage":59,"download_link":60,"security_score":61,"vuln_count":62,"unpatched_count":11,"last_vuln_date":63,"fetched_at":64},"disqus-comment-system","Disqus Comment System","3.1.4","Disqus","https:\u002F\u002Fprofiles.wordpress.org\u002Fdisqus\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fdisqus.com\u002F\" rel=\"nofollow ugc\">Disqus\u003C\u002Fa> is the web’s most popular commenting system trusted by millions of publishers to increase reader engagement, grow audience and traffic, and monetize content. Disqus helps publishers of all sizes engage directly with their audiences to build loyalty, retain readers, and foster thriving communities.\u003C\u002Fp>\n\u003Cp>The Disqus for WordPress plugin lets site owners and developers easily add Disqus to their sites, replacing the default WordPress comment system. Disqus installs in minutes and automatically imports your existing comments.\u003C\u002Fp>\n\u003Cp>In addition to our free-to-use, ad-supported Basic plan, we also offer ad-optional subscription plans that come with more advanced features and access to priority support. Please see our \u003Ca href=\"https:\u002F\u002Fdisqus.com\u002Fpricing\u002F\" rel=\"nofollow ugc\">pricing page\u003C\u002Fa> for more details.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>NEW: \u003Ca href=\"https:\u002F\u002Fdisqus.com\u002Fpolls\" rel=\"nofollow ugc\">Disqus Polls\u003C\u002Fa>\u003C\u002Fstrong> – Engage your audiences with interactive polls, and seamlessly install them on your site.\u003C\u002Fp>\n\u003Ch4>Why Disqus?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Simple one-click installation that seamlessly integrates with WordPress without ever needing to edit a single line of code or losing any of your existing comments\u003C\u002Fli>\n\u003Cli>Keep users engaged on your site longer with a commenting experience readers love\u003C\u002Fli>\n\u003Cli>Bring users back to your site with web and email notifications and personalized digests\u003C\u002Fli>\n\u003Cli>Improve SEO ranking with user generated content\u003C\u002Fli>\n\u003Cli>Keep spam out with our best-in-class anti-spam filter powered by Akismet\u003C\u002Fli>\n\u003Cli>Single profile for commenting on over 4 million sites including social login support for Facebook, Twitter, and Google accounts\u003C\u002Fli>\n\u003Cli>Trusted by sites like ABC News, Entertainment Weekly, and Rotten Tomatoes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Disqus Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Syncs comments automatically to WordPress for backup and flexibility if you ever decide to switch to a different platform\u003C\u002Fli>\n\u003Cli>Loads asynchronously with advanced caching so that Disqus doesn’t affect your site’s performance\u003C\u002Fli>\n\u003Cli>Monetization options to grow revenue\u003C\u002Fli>\n\u003Cli>Export comments to WordPress-compatible XML to backup or migrate to another system\u003C\u002Fli>\n\u003Cli>Analytics dashboard for measuring overall engagement on your site\u003C\u002Fli>\n\u003Cli>Mobile responsive design\u003C\u002Fli>\n\u003Cli>\u003Cstrong>NEW: Disqus Polls\u003C\u002Fstrong> – Create and embed interactive polls directly on your site to boost engagement and gather insights from your audience.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Engagement Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Realtime comments system with fun discussion interactions: voting, photo and video upload, rich media embed (Youtube, Twitter, Vimeo, and more), spoiler tags, mentions\u003C\u002Fli>\n\u003Cli>Comment text formatting (e.g. bold, link, italics, quote) using HTML tags as well as code syntax highlighting\u003C\u002Fli>\n\u003Cli>Threaded comment display (nested 3 levels) with ability to collapse individual threads\u003C\u002Fli>\n\u003Cli>Sort discussion by oldest, newest, and best comments\u003C\u002Fli>\n\u003Cli>Flexible login options – Social login with Facebook, Twitter, and Google, SSO, and guest commenting support\u003C\u002Fli>\n\u003Cli>Instant activity notifications, email notifications, and digests pull readers back in\u003C\u002Fli>\n\u003Cli>User profiles that show you recent comment history and frequented communities\u003C\u002Fli>\n\u003Cli>Recommendations widget that shows where active discussions are happening elsewhere on your site\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Moderation Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Automatic anti-spam filter powered by Akismet\u003C\u002Fli>\n\u003Cli>Automated pre-moderation controls to flag comments based on links, user reputation\u003C\u002Fli>\n\u003Cli>Moderate directly in the discussion, via email, or moderation panel\u003C\u002Fli>\n\u003Cli>Email notifications for newly posted comments, replies\u003C\u002Fli>\n\u003Cli>Moderation Panel that lets you search, filter, sort, and manage your comments\u003C\u002Fli>\n\u003Cli>Self-moderation tools like user blocking, comment flagging\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Search our \u003Ca href=\"https:\u002F\u002Fhelp.disqus.com\u002Fcustomer\u002Fportal\u002Farticles\u002F472005\" rel=\"nofollow ugc\">Knowledge Base\u003C\u002Fa> for solutions to common troubleshooting questions\u003C\u002Fli>\n\u003Cli>Check out our support community, \u003Ca href=\"https:\u002F\u002Fdisqus.com\u002Fhome\u002Fchannel\u002Fdiscussdisqus\u002F\" rel=\"nofollow ugc\">Discuss Disqus\u003C\u002Fa>, to see if your question has been answered\u003C\u002Fli>\n\u003Cli>Talk to our Support team at \u003Ca href=\"disqus.com\u002Fsupport\" rel=\"nofollow ugc\">disqus.com\u002Fsupport\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Visit our \u003Ca href=\"https:\u002F\u002Fhelp.disqus.com\u002Fcustomer\u002Fen\u002Fportal\u002Farticles\u002F1264625-getting-started\" rel=\"nofollow ugc\">Getting Started\u003C\u002Fa> page to learn the basics of Disqus\u003C\u002Fli>\n\u003C\u002Ful>\n","Disqus is the web's most popular comment system. Use Disqus to increase engagement, retain readers, and grow your audience.",40000,4455999,54,219,"2026-01-15T17:47:00.000Z","6.9.4","4.4",[21,55,56,57,58],"disqus","email","engagement","threaded","https:\u002F\u002Fdisqus.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisqus-comment-system.3.1.4.zip",96,5,"2014-09-17 00:00:00","2026-03-15T15:16:48.613Z",{"slug":66,"name":67,"version":68,"author":69,"author_profile":70,"description":71,"short_description":72,"active_installs":73,"downloaded":74,"rating":75,"num_ratings":76,"last_updated":77,"tested_up_to":78,"requires_at_least":79,"requires_php":15,"tags":80,"homepage":82,"download_link":83,"security_score":84,"vuln_count":32,"unpatched_count":11,"last_vuln_date":85,"fetched_at":64},"subscribe-to-comments","Subscribe to Comments","2.3.1","Mark Jaquith","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarkjaquith\u002F","\u003Cp>Subscribe to Comments is a robust plugin that enables commenters to sign up for e-mail notification of subsequent entries.  The plugin includes a full-featured subscription manager that your commenters can use to unsubscribe to certain posts, block all notifications, or even change their notification e-mail address!\u003C\u002Fp>\n","Subscribe to Comments allows commenters on an entry to subscribe to e-mail notifications for subsequent comments.",20000,571809,78,14,"2024-10-29T05:34:00.000Z","4.3.34","2.9",[21,56,81],"subscription","http:\u002F\u002Ftxfx.net\u002Fwordpress-plugins\u002Fsubscribe-to-comments\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsubscribe-to-comments.2.3.1.zip",89,"2024-10-29 14:20:48",{"slug":87,"name":88,"version":89,"author":90,"author_profile":91,"description":92,"short_description":93,"active_installs":94,"downloaded":95,"rating":34,"num_ratings":96,"last_updated":97,"tested_up_to":98,"requires_at_least":99,"requires_php":18,"tags":100,"homepage":15,"download_link":102,"security_score":103,"vuln_count":104,"unpatched_count":11,"last_vuln_date":105,"fetched_at":64},"subscribe-to-comments-reloaded","Subscribe To Comments Reloaded","240119","WPKube","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpkube\u002F","\u003Cp>Subscribe to Comments Reloaded is a robust plugin that enables commenters to sign up for e-mail notification of subsequent entries. The plugin includes a full-featured subscription manager that your commenters can use to unsubscribe to certain posts or suspend all notifications. It solves most of the issues that affect Mark Jaquith’s version, using the latest WordPress features and functionality. Plus, allows administrators to enable a double opt-in mechanism, requiring users to confirm their subscription clicking on a link they will receive via email or even One Click Unsubscribe.\u003C\u002Fp>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>WordPress 4.0 or higher\u003C\u002Fli>\n\u003Cli>PHP 5.6 or higher\u003C\u002Fli>\n\u003Cli>MySQL 5.x or higher\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Main Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Easily manage and search among your subscriptions\u003C\u002Fli>\n\u003Cli>Imports Mark Jaquith’s Subscribe To Comments (and its clones) data\u003C\u002Fli>\n\u003Cli>Messages are fully customizable, no poEdit required (and you can use HTML!) with a Rich Text Editor – WYSIWYG\u003C\u002Fli>\n\u003Cli>Disable subscriptions for specific posts\u003C\u002Fli>\n\u003Cli>One Click Unsubscribe\u003C\u002Fli>\n\u003Cli>Get and Download your System information for better support.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Language Localization\u003C\u002Fh3>\n\u003Cp>If you would like to help out translating the plugin to your language you can do so through the \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fsubscribe-to-comments-reloaded\u002F\" rel=\"nofollow ugc\">official WordPress plugin translation system\u003C\u002Fa>\u003C\u002Fp>\n","Subscribe to Comments Reloaded allows commenters to sign up for e-mail notifications of subsequent replies. Don't miss any comment.",10000,966338,169,"2024-01-19T20:16:00.000Z","6.4.8","4.0",[21,56,101,66,87],"subscribe","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsubscribe-to-comments-reloaded.240119.zip",80,4,"2024-04-05 00:00:00",{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":114,"downloaded":115,"rating":34,"num_ratings":116,"last_updated":117,"tested_up_to":118,"requires_at_least":119,"requires_php":15,"tags":120,"homepage":124,"download_link":125,"security_score":126,"vuln_count":11,"unpatched_count":11,"last_vuln_date":27,"fetched_at":64},"comment-email-reply","Comment Email Reply","1.0.4","kilozwo","https:\u002F\u002Fprofiles.wordpress.org\u002Fkilozwo\u002F","\u003Cp>Simply notifies comment-author via email if someone replies to his comment. Zero Configuration.\u003C\u002Fp>\n","Simply notifies comment-author via email if someone replies to his comment. Zero Configuration.",600,10901,15,"2015-04-06T11:37:00.000Z","4.1.42","3.0.1",[121,21,56,122,123],"author","notification","reply","http:\u002F\u002Fkilozwo.de\u002Fwordpress-comment-email-reply-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomment-email-reply.1.0.4.zip",85,{"slug":128,"name":129,"version":130,"author":131,"author_profile":132,"description":133,"short_description":134,"active_installs":135,"downloaded":136,"rating":13,"num_ratings":14,"last_updated":137,"tested_up_to":138,"requires_at_least":18,"requires_php":139,"tags":140,"homepage":145,"download_link":146,"security_score":126,"vuln_count":11,"unpatched_count":11,"last_vuln_date":27,"fetched_at":64},"wp-comment-notification","WP Comment Notification","1.4","WpExperts Hub","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpexpertshub\u002F","\u003Cp>🔹 Manage your wordpress comment notification emails.\u003Cbr \u002F>\n🔹 Send email notifications to other users or multiple different emails.\u003Cbr \u002F>\n🔹 Add Comma separated email list in settings to send email notifications.\u003C\u002Fp>\n\u003Ch3>Acknowledgements\u003C\u002Fh3>\n\u003Cp>Thanks to every donor, supporter, and bug reporter!\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is Free Software, released and licensed under the GPL, version 2 (http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html).\u003Cbr \u002F>\nYou may use it free of charge for any purpose.\u003C\u002Fp>\n","Send email notification to predefined email ids when someone comments on your blog.",500,8779,"2022-07-30T07:40:00.000Z","6.0.11","7.2",[141,142,143,122,144],"comment-emails","comments-notification","manage-comments-notification","wordpress-comments","https:\u002F\u002Fwpexpertshub.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-comment-notification.zip",{"attackSurface":148,"codeSignals":177,"taintFlows":197,"riskAssessment":198,"analyzedAt":208},{"hooks":149,"ajaxHandlers":173,"restRoutes":174,"shortcodes":175,"cronEvents":176,"entryPointCount":11,"unprotectedCount":11},[150,156,160,163,165,168,171],{"type":151,"name":152,"callback":153,"file":154,"line":155},"action","wp_footer","anonymous","includes\\class-serious-toxic-comments-ext.php",18,{"type":151,"name":157,"callback":153,"file":158,"line":159},"plugins_loaded","includes\\class-serious-toxic-comments.php",116,{"type":151,"name":161,"callback":153,"file":158,"line":162},"admin_enqueue_scripts",127,{"type":151,"name":161,"callback":153,"file":158,"line":164},128,{"type":151,"name":166,"callback":153,"file":158,"line":167},"admin_init",131,{"type":151,"name":169,"callback":153,"file":158,"line":170},"wp_enqueue_scripts",144,{"type":151,"name":169,"callback":153,"file":158,"line":172},145,[],[],[],[],{"dangerousFunctions":178,"sqlUsage":179,"outputEscaping":181,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":196},[],{"prepared":11,"raw":11,"locations":180},[],{"escaped":182,"rawEcho":62,"locations":183},2,[184,187,190,192,194],{"file":185,"line":126,"context":186},"admin\\partials\\class-serious-toxic-comments-admin-settings.php","raw output",{"file":188,"line":189,"context":186},"public\\class-serious-toxic-comments-public-ext.php",48,{"file":188,"line":191,"context":186},66,{"file":188,"line":193,"context":186},103,{"file":188,"line":195,"context":186},121,[],[],{"summary":199,"deductions":200},"The \"serious-toxic-comments\" plugin v1.1.1 demonstrates a strong adherence to several core WordPress security best practices. The absence of any identified SQL queries that are not prepared, zero file operations, and no external HTTP requests are significant strengths that reduce the attack surface. Furthermore, the lack of any reported CVEs in its history suggests a historically stable and secure plugin. This indicates a generally good security posture from the developers.\n\nHowever, there are notable areas for concern that significantly impact its overall security. The static analysis reveals a concerningly low percentage (29%) of properly escaped output. This means a substantial portion of dynamic data generated by the plugin could be vulnerable to Cross-Site Scripting (XSS) attacks, especially if user-supplied data is not handled carefully before being outputted to the browser. Additionally, the complete lack of nonce checks and capability checks on any potential entry points (though zero are listed) raises a red flag. While the current entry point count is zero, if any are introduced in the future without proper authentication and authorization, the plugin would be immediately vulnerable.\n\nIn conclusion, while the plugin benefits from a clean vulnerability history and good practices in database interaction and external communication, the significant percentage of unescaped output and the absence of security checks on any potential entry points present a considerable risk. The developers have a solid foundation, but addressing the output escaping and ensuring future-proof security checks are implemented are critical for a truly secure plugin.",[201,204,206],{"reason":202,"points":203},"Low output escaping percentage",8,{"reason":205,"points":62},"No nonce checks",{"reason":207,"points":62},"No capability checks","2026-03-17T05:45:43.304Z",{"wat":210,"direct":219},{"assetPaths":211,"generatorPatterns":214,"scriptPaths":215,"versionParams":216},[212,213],"\u002Fwp-content\u002Fplugins\u002Fserious-toxic-comments\u002Fcss\u002Fserious-toxic-comments-admin.css","\u002Fwp-content\u002Fplugins\u002Fserious-toxic-comments\u002Fjs\u002Fserious-toxic-comments-admin.js",[],[213],[217,218],"serious-toxic-comments-admin.css?ver=","serious-toxic-comments-admin.js?ver=",{"cssClasses":220,"htmlComments":221,"htmlAttributes":222,"restEndpoints":223,"jsGlobals":224,"shortcodeOutput":226},[],[],[],[],[225],"Serious_Toxic_Comments",[]]