[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fW8raY8UBNNn0ycMYaTGfO3mjH8uMDEan_Gxjbga90n4":3,"$f220TJvBVCFFGwXrZUHUnLr0b5YqwBX7DlBIPS5Z_YyA":196,"$fYoVrU3oxGoJZ-5mKYTqYnB08g9Mvwd5blP5GwtqFhh0":201},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":16,"download_link":23,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26,"discovery_status":27,"vulnerabilities":28,"developer":29,"crawl_stats":25,"alternatives":36,"analysis":141,"fingerprints":183},"spam-ip-export","Block Spam Comment","0.1.1","Iweblab","https:\u002F\u002Fprofiles.wordpress.org\u002Fiwebelab\u002F","\u003Cp>Segnalando un commento come spam, il nostro plugin bloccherà il commento ed eviterà che possa ritornare nuovamente.\u003Cbr \u002F>\nQuesto plugin lavora e funziona solo sui servizi hosting di Iweblab.it\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Per informazioni e supporto, per favore apri un ticket nella tua area personale (\u003Ca href=\"https:\u002F\u002Fhosting.iweblab.it\u002Fsubmitticket.php?step=2&deptid=3\" rel=\"nofollow ugc\">clicca qui per aprirla\u003C\u002Fa>) o scrivici su supporto@iweblab.it .\u003C\u002Fp>\n","Questo plugin ci aiuta a bloccare i commenti che vengono segnalati come spam dagli utenti",0,869,"2022-02-10T17:06:00.000Z","5.9.0","5.0.0","",[18,19,20,21,22],"block","comments","hosting","iweblab","spam","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fspam-ip-export.0.1.1.zip",85,null,"2026-04-06T09:54:40.288Z","no_bundle",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":24,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"iwebelab",2,50,30,84,"2026-07-15T05:07:53.788Z",[37,61,81,103,125],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":57,"download_link":58,"security_score":59,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":60},"blacklist-updater","Block List Updater","1.0.2","pluginkollektiv","https:\u002F\u002Fprofiles.wordpress.org\u002Fpluginkollektiv\u002F","\u003Cp>Few users are familiar with the comment block list built into WordPress. Located in the WordPress admin area under “Settings”—“Discussion”, that block list for incoming comments accepts values (words) to identify spam by.\u003C\u002Fp>\n\u003Cp>Additionally to plugins like \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fantispam-bee\u002F\" rel=\"ugc\">Antispam Bee\u003C\u002Fa> in order to fight spam successfully a curated comment block list is recommendable. You can either update the list manually, or utilize a very detailed global \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsplorp\u002Fwordpress-comment-blacklist\" rel=\"nofollow ugc\">comment block list\u003C\u002Fa> that gets updated on a regular basis.\u003C\u002Fp>\n\u003Cp>Block List Updater has been developed to keep your comment block list in your WordPress installation up to speed with the curated global list on GitHub.\u003C\u002Fp>\n\u003Cp>The plugin will check the global comment block list on GitHub multiple times a day. Whenever new anti-spam values have been added to the global list, Block List Updater will read the global list and update your WordPress database accordingly. While the check-up process will run several times a day, the plugin will only update the database when it detects an actual change of the global comment block list on GitHub.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Community support via the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fblacklist-updater\" rel=\"ugc\">support forums on wordpress.org\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>We don’t handle support via e-mail, Twitter, GitHub issues etc.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contribute\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Active development of this plugin is handled \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fpluginkollektiv\u002Fblacklist-updater\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Pull requests for documented bugs are highly appreciated.\u003C\u002Fli>\n\u003Cli>If you think you’ve found a bug (e.g. you’re experiencing unexpected behavior), please post at the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fblacklist-updater\" rel=\"ugc\">support forums\u003C\u002Fa> first.\u003C\u002Fli>\n\u003Cli>If you want to help us translate this plugin you can do so \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fblacklist-updater\" rel=\"nofollow ugc\">on WordPress Translate\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Author: \u003Ca href=\"https:\u002F\u002Fsergejmueller.github.io\u002F\" rel=\"nofollow ugc\">Sergej Müller\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Maintainers: \u003Ca href=\"https:\u002F\u002Fpluginkollektiv.org\u002F\" rel=\"nofollow ugc\">pluginkollektiv\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Automatic updating of the comment block list in WordPress with antispam keys from GitHub.",4000,31510,86,4,"2026-03-14T09:16:00.000Z","6.9.4","3.8","5.2",[54,55,56,19,22],"antispam","blacklist","blocklist","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fblacklist-updater\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblacklist-updater.1.0.2.zip",100,"2026-04-16T10:56:18.058Z",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":59,"num_ratings":48,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":74,"tags":75,"homepage":79,"download_link":80,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":60},"block-comment-spam-bots","Block Comment Spam Bots","2.62","Rick Hellewell","https:\u002F\u002Fprofiles.wordpress.org\u002Frhellewellgmailcom\u002F","\u003Cp>Professional spammers use programs to automate their spamming. The ‘Block Comment Spam Bots’ (BCSB) plugin efficiently blocks their process. No more comment spam!\u003C\u002Fp>\n\u003Cp>As no legitimate user will use the professional spammer’s automated process which relies on cURL and WGET commands, real users will never notice the BCSB plugin at work. There are no CAPTCHAS for your visitors to interact with. No silly questions. Just the comment form as designed in any theme.\u003C\u002Fp>\n\u003Cp>On the admin side, there are no blacklists, special keys (like Askimet), overloaded spam queues, or overworked databases that store spam comments until you manually delete them.\u003C\u002Fp>\n\u003Cp>Install the plugin and that’s it. Invisible, to you and your visitors. The only change you will notice is in your admin area. The list of comments now has a green check next to them. That way you know that comment was made on your website by a real person and was not bypassed by hacking spammers connecting directly to your server.\u003C\u002Fp>\n\u003Cp>All that remains is comments made by real people, and while real people can spam, it takes them time and effort. The amount of spam from real people is a lot more manageable than the tsunami from automated spammers, saving you time to concentrate on the important things in life, like your readers, and making connections.\u003C\u002Fp>\n\u003Cp>We’ve tested it on multiple websites and it wipes out automated spam completely. If it doesn’t on your site, please let us know.\u003C\u002Fp>\n\u003Cp>** Geeky Stuff **\u003Cbr \u002F>\n…in case you are interested in how it works…\u003C\u002Fp>\n\u003Cp>tl;dr – \u003Cstrong>This provides a total and easy solution to comment spam from spam bots.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Comments are processed by the WordPress wp-post-comments.php file. Automated spammers (‘spam bots’) can provide (‘post’) data directly to that page, bypassing any comment processing, by using CURL\u002FWGET commands.\u003C\u002Fp>\n\u003Cp>Bypassing the comment form by posting directly (via CURL or WGET commands), is quite easy. Just send the post ID number, and the bot’s fake name and email, and the spammy content. Boom! Comment spam is on your site!\u003C\u002Fp>\n\u003Cp>The result is comment spam – and that is not always caught by other comment spam checkers. Even if it is caught by programs such as Akismet, processing that spam takes some server resources, including writing to the database.\u003C\u002Fp>\n\u003Cp>This plugin uses several techniques to ‘sense’ a spambot. There are hidden fields that are changed after a delay. There is a delay in displaying the submit button. And it blocks direct access to the WordPress post\u002Fprocessing functions.\u003C\u002Fp>\n\u003Cp>The techniques, also used in our standalone “FormSpemmerTrap” (FST) program, and our other anti-spam plugins (like FormSpammerTrap for Comments), are very effective. They use a bit of JavaScript to block spambots – since automated processes via CURL\u002FWGET\u002Fetc cannot process JS code.\u003C\u002Fp>\n\u003Cp>It’s simple: you install this plugin, activate it, and bot comments will stop. Immediately.\u003C\u002Fp>\n\u003Cp>And it doesn’t add any visual impediments to your comments. No reCaptcha things (which many see as a pain). No silly questions (‘what is 2+8’) on the form. Your comment form does not change. Regular users will not notice a difference. But you will. No more spam comments for you!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>This is the best solution to block comment spam.\u003C\u002Fstrong> We’ve tested it on a site that had 20-40 spam comments a day. With this plugin enabled, the spam comment stopped. Immediately. And there have been none since installing this plugin. ** Not one. Zero.**\u003C\u002Fp>\n\u003Cp>The Admin, Comments list page is modified to show a column with a green checkmark icon if the comment was entered by a real person and not a bot. This is an assurance that the comment was not entered via an automated CURL\u002FWGET to the wp-comments-post.php file. A comment that is on the list that does not show the checkmark was done by a bot. But you won’t see those blocked comments with this plugin enabled. They never get into your database. You can hover over the checkmark icon to see the GUID value indicating a person entered the comment.\u003C\u002Fp>\n\u003Cp>The plugins ‘Settings’ screen has no settings. You don’t even need to look at the Settings screen. If you do, you’ll see information about the plugin. And there is a CURL command you can use to test the effectiveness of blocking (or not blocking) direct access to the wp-comments-post.php file.\u003C\u002Fp>\n\u003Cp>The plugin also adds the hidden GUID field to the comment form after a delay to help block bots that are using the comment form to submit. If the hidden field is not submitted then a bot tried to bypass the comment form. And a short delay happens before the comment submit button is displayed – another bot protection.\u003C\u002Fp>\n","A simple to use plugin that stops automated spam. Install and forget, and any automated spam targeting your native WordPress comments is immediately t &hellip;",800,6956,"2024-04-10T22:16:00.000Z","6.5.8","4.9","5.4",[76,77,78,19,22],"automated-spam","blocking","bots","https:\u002F\u002Fwww.cellarweb.com\u002Fwordpress-plugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblock-comment-spam-bots.zip",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":59,"num_ratings":91,"last_updated":92,"tested_up_to":93,"requires_at_least":94,"requires_php":95,"tags":96,"homepage":101,"download_link":102,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":60},"toms-recaptcha","TomS reCAPTCHA","1.2.0","TomS Caprice","https:\u002F\u002Fprofiles.wordpress.org\u002Ftomsneddon\u002F","\u003Cp>Integrated Google ReCaptcha for WordPress. Protect the login, register, lostpassword and comment forms. Support Woocommerce, Ultimate Member and more popular forms.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fdevelopers.google.com\u002Frecaptcha\" rel=\"nofollow ugc\">\u003Cstrong>Google reCAPTCHA\u003C\u002Fstrong>\u003C\u002Fa> is a free service that protects your site from spam and abuse. It uses advanced risk analysis techniques to tell humans and bots apart.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>Go to \u003Ca href=\"https:\u002F\u002Fwww.google.com\u002Frecaptcha\u002Fadmin\u002Fcreate\" rel=\"nofollow ugc\">Google reCAPTCHA\u003C\u002Fa> to get the \u003Cstrong>Site key\u003C\u002Fstrong> and \u003Cstrong>Secret key\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch4>reCAPTCHA Type:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>reCAPTCHA \u003Cstrong>v3\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>reCAPTCHA \u003Cstrong>v2 Checkbox\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>reCAPTCHA \u003Cstrong>v2 Invisible\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Supported Form List\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress default login form\u003C\u002Fli>\n\u003Cli>WordPress default register form\u003C\u002Fli>\n\u003Cli>WordPress default lostpassword form\u003C\u002Fli>\n\u003Cli>\n\u003Cp>WordPress default comment form\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce\u002F\" rel=\"ugc\">\u003Cstrong>Woocommerce\u003C\u002Fstrong>\u003C\u002Fa> login form\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce\u002F\" rel=\"ugc\">\u003Cstrong>Woocommerce\u003C\u002Fstrong>\u003C\u002Fa> register form\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce\u002F\" rel=\"ugc\">\u003Cstrong>Woocommerce\u003C\u002Fstrong>\u003C\u002Fa> lostpassword form\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce\u002F\" rel=\"ugc\">\u003Cstrong>Woocommerce\u003C\u002Fstrong>\u003C\u002Fa> checkout Billing form\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Add a shortcode \u003Cstrong>[toms_woo_register_form]\u003C\u002Fstrong> for \u003Cstrong>woocommerce register form\u003C\u002Fstrong> on any page you want.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fultimate-member\u002F\" rel=\"ugc\">\u003Cstrong>Ultimate Member\u003C\u002Fstrong>\u003C\u002Fa> login form\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fultimate-member\u002F\" rel=\"ugc\">\u003Cstrong>Ultimate Member\u003C\u002Fstrong>\u003C\u002Fa> register form\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fultimate-member\u002F\" rel=\"ugc\">\u003Cstrong>Ultimate Member\u003C\u002Fstrong>\u003C\u002Fa> lostpassword form\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcontact-form-block\u002F\" rel=\"ugc\">\u003Cstrong>Contact Form Block\u003C\u002Fstrong>\u003C\u002Fa> Contact Form Block\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>more support forms comming soon…\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Option settings\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Verify API : \u003Cstrong>Google.com\u003C\u002Fstrong>\u002F\u003Cstrong>Recaptcha.net\u003C\u002Fstrong> \u003Cstrong>—Notice:—\u003C\u002Fstrong> Some country can not use Google verify API, that means Google verify API will not work, even using vpn. If google.com not work try use Recaptcha.net\u003C\u002Fli>\n\u003Cli>reCAPTCHA v2 (Checkbox)  Theme: \u003Cstrong>Light\u003C\u002Fstrong>\u002F\u003Cstrong>Dark\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>reCAPTCHA v2 (Invisible) Badge: \u003Cstrong>Bottom Right\u003C\u002Fstrong>\u002F\u003Cstrong>Bottom Left\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Custom reCAPTCHA Language\u003C\u002Fh4>\n\u003Ch4>Translation ready\u003C\u002Fh4>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cp>Reliance upon any non-English translation is at your own risk; TomS reCAPTCHA can give no guarantees that translations from the original English are accurate.\u003C\u002Fp>\n\u003Cp>We recognise and thank those mentioned at https:\u002F\u002Ftoms-caprice.org\u002Ftranslations for code and\u002For libraries used and\u002For modified under the terms of their open source licences.\u003C\u002Fp>\n","Integrated Google ReCaptcha for WordPress.Protect the login, register, lostpassword and comment forms. Support Woocommerce, Ultimate Member and more p &hellip;",600,16788,1,"2023-03-29T08:59:00.000Z","6.2.9","5.8","7.0",[97,98,99,100,82],"block-spam-comments","captcha","nocaptcha","recaptcha","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftoms-recaptcha","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftoms-recaptcha.1.2.0.zip",{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":111,"downloaded":112,"rating":59,"num_ratings":113,"last_updated":114,"tested_up_to":115,"requires_at_least":116,"requires_php":117,"tags":118,"homepage":122,"download_link":123,"security_score":24,"vuln_count":91,"unpatched_count":11,"last_vuln_date":124,"fetched_at":60},"vigilantor","VigilanTor","1.3.12","drew010","https:\u002F\u002Fprofiles.wordpress.org\u002Fdrew010\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.torproject.org\u002F\" title=\"Tor\" rel=\"nofollow ugc\">Tor\u003C\u002Fa> is an invaluable tool for protecting free-speech, privacy, and preventing surveillance but when abused it can protect the identity of malicious users and make tracking their activities more difficult.  “Hackers” might use Tor to run security scans on your website or spam websites with comments and fake registrations.\u003C\u002Fp>\n\u003Cp>The purpose of this plugin is to give you the power to block certain Tor activity from your WordPress site.\u003C\u002Fp>\n\u003Cp>Features include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Block Tor users from registering on your site\u003C\u002Fli>\n\u003Cli>Allow Tor registrations, but flag them for review\u003C\u002Fli>\n\u003Cli>Block logins from Tor (useful for preventing brute force attacks and securing your admin panel)\u003C\u002Fli>\n\u003Cli>Block Tor users from posting comments to your site\u003C\u002Fli>\n\u003Cli>Block spammy pingbacks & trackbacks from Tor IP addresses\u003C\u002Fli>\n\u003Cli>Block Tor users from your entire WordPress site\u003C\u002Fli>\n\u003Cli>Permit access after solving a CAPTCHA (requires hCaptcha for WordPress plugin)\u003C\u002Fli>\n\u003Cli>Real-time blocking using the Tor DNS exit list service\u003C\u002Fli>\n\u003Cli>Near real time blocking using a cached blocklist which can be updated every 10 minutes or more\u003C\u002Fli>\n\u003Cli>Custom blocklist support.  Block IP addresses or host networks.\u003C\u002Fli>\n\u003Cli>Statistics to show how many Tor actions have been blocked by this plugin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin is compatible with BuddyPress, the popular Login With Ajax plugin, and hCaptcha.\u003C\u002Fp>\n\u003Cp>If there is a feature missing that you would like, request it!\u003C\u002Fp>\n\u003Cp>If you opt to use the real-time blocking, each IP address looked up is cached for 5 minutes for efficiency.\u003C\u002Fp>\n\u003Cp>The Tor IP lists that are downloaded only contain “exit node” IP addresses so it is relatively small and the list is searched using a binary search so the plugin is very fast!\u003C\u002Fp>\n\u003Cp>This plugin also adds two shortcodes which can be used to display specific content to Tor or non-Tor users. Shortcode usage:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[tor_users]Hi, I see you're using Tor.  I support privacy and free-speech too! Visitors not using Tor will not see this message.[\u002Ftor_users]\n[non_tor_users]Defend yourself against tracking and surveillance. Circumvent censorship. Visit torproject.org to learn more. Visitors already using Tor will not see this message.[\u002Fnon_tor_users]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Support Tor\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Tor is a great thing.  If you agree, consider \u003Ca href=\"https:\u002F\u002Fwww.torproject.org\u002Fgetinvolved\u002Fvolunteer.html.en\" rel=\"nofollow ugc\">volunteering\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwww.torproject.org\u002Fdonate\u002Fdonate.html.en\" rel=\"nofollow ugc\">donating\u003C\u002Fa> to the Tor project, or expand the Tor network by \u003Ca href=\"https:\u002F\u002Fdrew-phillips.com\u002Ftor-nodes\u002F\" rel=\"nofollow ugc\">sponsoring a Tor relay\u003C\u002Fa> which will be maintained by the plugin author.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Support this plugin\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The author of this plugin values Tor as well as the security of your website.  Considerable effort went into the development of this plugin as well as the code and infrastructure that provides you with the up-to-date exit lists.\u003C\u002Fp>\n\u003Cp>You can support this plugin by installing it, rating it positively, \u003Ca href=\"https:\u002F\u002Fdrew-phillips.com\u002Fdonate\u002F\" title=\"Donating\" rel=\"nofollow ugc\">donating\u003C\u002Fa> to the author, or \u003Ca href=\"https:\u002F\u002Fdrew-phillips.com\u002Ftor-nodes\u002F\" rel=\"nofollow ugc\">sponsoring a Tor relay\u003C\u002Fa> which will be operated by the plugin developer in your honor.\u003C\u002Fp>\n","Add a layer of security to your WordPress site with the ability to block Tor users from commenting, registering, logging in and more.",400,12034,12,"2023-10-19T19:59:00.000Z","6.3.8","4.0","5.6",[19,119,22,120,121],"proxy","tor","tor-blocker","https:\u002F\u002Fdrew-phillips.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvigilantor.1.3.12.zip","2023-03-21 00:00:00",{"slug":126,"name":127,"version":128,"author":129,"author_profile":130,"description":131,"short_description":132,"active_installs":59,"downloaded":133,"rating":59,"num_ratings":91,"last_updated":134,"tested_up_to":135,"requires_at_least":16,"requires_php":16,"tags":136,"homepage":139,"download_link":140,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":60},"spam-ip-blocker","Spam IP Blocker","0.9.2","Aleksei Znaev","https:\u002F\u002Fprofiles.wordpress.org\u002Fznaeff\u002F","\u003Cp>This is a spam IP blocker. It is free. It marks any new comment as spam automatically when commenter’s IP exists in at least one of ‘.zen.spamhaus.org’ & ‘.bl.spamcop.net’.\u003Cbr \u002F>\nPlugin is based on public DNSBL class.\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fwww.phpclasses.org\u002Fpackage\u002F6994-PHP-Check-spam-IP-address-in-DNS-black-lists.html\" title=\"DNSBL class on PHPClasses.org\" rel=\"nofollow ugc\">Official page of DNSBL class on PHPClasses.org\u003C\u002Fa>\u003C\u002Fp>\n","Free spam IP blocker according to public DNSBL bases.",7833,"2011-06-27T07:32:00.000Z","3.1.4",[77,19,137,22,138],"dnsbl","spamhaus","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fspam-ip-blocker\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fspam-ip-blocker.0.9.2.zip",{"attackSurface":142,"codeSignals":161,"taintFlows":168,"riskAssessment":169,"analyzedAt":182},{"hooks":143,"ajaxHandlers":155,"restRoutes":156,"shortcodes":157,"cronEvents":158,"entryPointCount":11,"unprotectedCount":11},[144,150],{"type":145,"name":146,"callback":147,"file":148,"line":149},"action","export_spam_comment_iweblab","do_export","block-spam-comment-iweblab.php",46,{"type":145,"name":151,"callback":152,"file":153,"line":154},"admin_menu","block_spam_comment_add_plugin_page","includes\u002Fsettings.php",10,[],[],[],[159],{"hook":146,"callback":146,"file":148,"line":160},23,{"dangerousFunctions":162,"sqlUsage":163,"outputEscaping":165,"fileOperations":91,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":167},[],{"prepared":91,"raw":11,"locations":164},[],{"escaped":11,"rawEcho":11,"locations":166},[],[],[],{"summary":170,"deductions":171},"The \"spam-ip-export\" plugin version 0.1.1 exhibits a generally positive security posture based on the provided static analysis. The absence of any detected dangerous functions, unsanitized taint flows, and a clean vulnerability history are strong indicators of good coding practices. All SQL queries are properly prepared, and all output is escaped, which significantly mitigates common web vulnerabilities like SQL injection and Cross-Site Scripting.  The limited attack surface, with no identified AJAX handlers, REST API routes, or shortcodes, further reduces the potential for exploitation.\n\nHowever, the analysis does highlight a few areas that warrant attention. The presence of a cron event without explicit mention of capability checks or nonce verification raises a minor concern. While the static analysis didn't flag any direct vulnerabilities related to this, cron jobs can sometimes be exploited if not properly secured, especially if they involve sensitive operations or data manipulation. The plugin also performs one file operation, which, while not inherently risky, could be a vector for certain types of attacks if not handled with extreme care regarding input validation. The lack of nonces and capability checks on any entry points, though the entry points themselves are currently zero, suggests a potential oversight in the plugin's security design that could become a weakness if new entry points are added in future versions.\n\nOverall, \"spam-ip-export\" v0.1.1 appears to be a secure plugin, demonstrating good adherence to fundamental security principles. The absence of known vulnerabilities and critical code flaws is a significant strength. The identified areas for improvement are minor and relate to potential, rather than confirmed, risks. Continued vigilance and adherence to security best practices in future updates will be crucial for maintaining this strong security profile.",[172,175,177,180],{"reason":173,"points":174},"Cron event without auth checks",5,{"reason":176,"points":31},"File operation detected",{"reason":178,"points":179},"No nonce checks on entry points",3,{"reason":181,"points":179},"No capability checks on entry points","2026-04-16T13:08:08.491Z",{"wat":184,"direct":189},{"assetPaths":185,"generatorPatterns":186,"scriptPaths":187,"versionParams":188},[],[],[],[],{"cssClasses":190,"htmlComments":191,"htmlAttributes":192,"restEndpoints":193,"jsGlobals":194,"shortcodeOutput":195},[],[],[],[],[],[],{"error":197,"url":198,"statusCode":199,"statusMessage":200,"message":200},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fspam-ip-export\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":31,"versions":202},[203,209],{"version":6,"download_url":23,"svn_tag_url":204,"released_at":25,"has_diff":205,"diff_files_changed":206,"diff_lines":25,"trac_diff_url":207,"vulnerabilities":208,"is_current":197},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fspam-ip-export\u002Ftags\u002F0.1.1\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fspam-ip-export%2Ftags%2F0.1.0&new_path=%2Fspam-ip-export%2Ftags%2F0.1.1",[],{"version":210,"download_url":211,"svn_tag_url":212,"released_at":25,"has_diff":205,"diff_files_changed":213,"diff_lines":25,"trac_diff_url":25,"vulnerabilities":214,"is_current":205},"0.1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fspam-ip-export.0.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fspam-ip-export\u002Ftags\u002F0.1.0\u002F",[],[]]