[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f8rAMbFXlGrwVOo_XLKCeNeJn2r3903uBdgDWjRtpufI":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":13,"tags":16,"homepage":22,"download_link":23,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":33,"analysis":138,"fingerprints":168},"spam-to-blacklist","Spam to blacklist","1.0","proninyaroslav","https:\u002F\u002Fprofiles.wordpress.org\u002Fproninyaroslav\u002F","\u003Cp>Adds IP from comment that marked as spam to standard WordPress blacklist. Comments already marked as spam are not added to the list.\u003C\u002Fp>\n","Adds IP from comment that marked as spam to standard WordPress blacklist.",0,1133,"","4.9.29","4.9",[17,18,19,20,21],"ban","blacklist","comments","ip","spam","https:\u002F\u002Fgithub.com\u002Fproninyaroslav\u002Fspam-to-blacklist","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fspam-to-blacklist.1.0.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":11,"avg_security_score":24,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},1,30,94,"2026-04-04T13:50:10.305Z",[34,54,75,99,121],{"slug":35,"name":36,"version":37,"author":38,"author_profile":39,"description":40,"short_description":41,"active_installs":30,"downloaded":42,"rating":24,"num_ratings":43,"last_updated":44,"tested_up_to":45,"requires_at_least":46,"requires_php":13,"tags":47,"homepage":49,"download_link":50,"security_score":51,"vuln_count":29,"unpatched_count":29,"last_vuln_date":52,"fetched_at":53},"automatic-ban-ip","Automatic Ban IP","1.0.7","KaizenCoders","https:\u002F\u002Fprofiles.wordpress.org\u002Fkaizencoders\u002F","\u003Cp>Block IP addresses which are suspicious and try to post on your blog spam comments.\u003C\u002Fp>\n\u003Cp>This plugin need that you create an account on the Honey Pot Project (https:\u002F\u002Fwww.projecthoneypot.org, free api) or that you install the Spam Captcha plugin.\u003C\u002Fp>\n\u003Cp>In addition, if you want to geolocate the spammers your may create an account on (http:\u002F\u002Fipinfodb.com\u002F, free api). Thus, you may display a world map with the concentration of spammers.\u003C\u002Fp>\n\u003Cp>Spammers may be blocked either by PHP based restrictions (i.e. WordPress generates a 403 page for such identified users) or by Apache based restriction (using Deny from in .htaccess file).\u003C\u002Fp>\n\u003Cp>The Apache restriction is far more efficient when hundreds of hosts sent you spams in few minutes.\u003C\u002Fp>\n\u003Ch4>Multisite – WordPress MU\u003C\u002Fh4>\n\u003Ch4>Localization\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Afrikaans (South Africa) translation provided by SedLex, JanvanNiekerk\u003C\u002Fli>\n\u003Cli>English (United States), default language\u003C\u002Fli>\n\u003Cli>Japanese (Japan) translation provided by OsamuKudo\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Features of the framework\u003C\u002Fh4>\n\u003Cp>This plugin uses the SL framework. This framework eases the creation of new plugins by providing tools and frames (see dev-toolbox plugin for more info).\u003C\u002Fp>\n\u003Cp>You may easily translate the text of the plugin and submit it to the developer, send a feedback, or choose the location of the plugin in the admin panel.\u003C\u002Fp>\n\u003Cp>Have fun !\u003C\u002Fp>\n","Block IP addresses which are suspicious and try to post on your blog spam comments.",5292,2,"2016-04-17T08:59:00.000Z","4.5.33","3.0",[48,17,19,20,21],"automatic","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fautomatic-ban-ip\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fautomatic-ban-ip.zip",63,"2025-04-09 00:00:00","2026-03-15T15:16:48.613Z",{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":64,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":73,"download_link":74,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":53},"blacklist-updater","Block List Updater","1.0.2","pluginkollektiv","https:\u002F\u002Fprofiles.wordpress.org\u002Fpluginkollektiv\u002F","\u003Cp>Few users are familiar with the comment block list built into WordPress. Located in the WordPress admin area under “Settings”—“Discussion”, that block list for incoming comments accepts values (words) to identify spam by.\u003C\u002Fp>\n\u003Cp>Additionally to plugins like \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fantispam-bee\u002F\" rel=\"ugc\">Antispam Bee\u003C\u002Fa> in order to fight spam successfully a curated comment block list is recommendable. You can either update the list manually, or utilize a very detailed global \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsplorp\u002Fwordpress-comment-blacklist\" rel=\"nofollow ugc\">comment block list\u003C\u002Fa> that gets updated on a regular basis.\u003C\u002Fp>\n\u003Cp>Block List Updater has been developed to keep your comment block list in your WordPress installation up to speed with the curated global list on GitHub.\u003C\u002Fp>\n\u003Cp>The plugin will check the global comment block list on GitHub multiple times a day. Whenever new anti-spam values have been added to the global list, Block List Updater will read the global list and update your WordPress database accordingly. While the check-up process will run several times a day, the plugin will only update the database when it detects an actual change of the global comment block list on GitHub.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Community support via the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fblacklist-updater\" rel=\"ugc\">support forums on wordpress.org\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>We don’t handle support via e-mail, Twitter, GitHub issues etc.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contribute\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Active development of this plugin is handled \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fpluginkollektiv\u002Fblacklist-updater\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Pull requests for documented bugs are highly appreciated.\u003C\u002Fli>\n\u003Cli>If you think you’ve found a bug (e.g. you’re experiencing unexpected behavior), please post at the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fblacklist-updater\" rel=\"ugc\">support forums\u003C\u002Fa> first.\u003C\u002Fli>\n\u003Cli>If you want to help us translate this plugin you can do so \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fblacklist-updater\" rel=\"nofollow ugc\">on WordPress Translate\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Author: \u003Ca href=\"https:\u002F\u002Fsergejmueller.github.io\u002F\" rel=\"nofollow ugc\">Sergej Müller\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Maintainers: \u003Ca href=\"https:\u002F\u002Fpluginkollektiv.org\u002F\" rel=\"nofollow ugc\">pluginkollektiv\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Automatic updating of the comment block list in WordPress with antispam keys from GitHub.",4000,31272,86,4,"2026-03-14T09:16:00.000Z","6.9.4","3.8","5.2",[71,18,72,19,21],"antispam","blocklist","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fblacklist-updater\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblacklist-updater.1.0.2.zip",{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":83,"downloaded":84,"rating":85,"num_ratings":86,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":13,"tags":90,"homepage":95,"download_link":96,"security_score":97,"vuln_count":29,"unpatched_count":11,"last_vuln_date":98,"fetched_at":53},"simple-ip-ban","IP Ban","1.3.0","Sandor Kovacs","https:\u002F\u002Fprofiles.wordpress.org\u002Falmos20\u002F","\u003Cp>UPDATE1: For the admin user the plugin it’s not active.\u003C\u002Fp>\n\u003Cp>UPDATE2: Added Ip Range feature for ip list.\u003C\u002Fp>\n\u003Cp>IP Ban is a security plugin, protects your site accessing from unwanted ip  addresses or user agents. You can add ip addresses or user agents creating your own black list.\u003C\u002Fp>\n\u003Cp>It also good to protect your site from unwanted crawlers, which uses your resource and bandwidth. Just add an ip address or user agent and things will happened.\u003C\u002Fp>\n\u003Cp>After the plugin activation, in the SETTINGS menu you’ll see  the Simple IP BAN submenu. Here you have 3 textareas:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>Add ip address or range here.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Add user agents here.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Define external url . All spammers will be redirected to this url.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n","Simple IP Ban is a lightweight ip \u002F user agent ban plugin.",2000,48791,80,9,"2017-11-28T18:59:00.000Z","4.7.32","3.1.0",[91,92,93,94],"anti-spam","ip-ban","protection","user-agent-ban","http:\u002F\u002Fwww.sandorkovacs.ro\u002Fip-ban-wordpress-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-ip-ban.1.3.0.zip",84,"2014-12-12 00:00:00",{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":107,"downloaded":108,"rating":109,"num_ratings":65,"last_updated":110,"tested_up_to":111,"requires_at_least":112,"requires_php":113,"tags":114,"homepage":117,"download_link":118,"security_score":119,"vuln_count":29,"unpatched_count":11,"last_vuln_date":120,"fetched_at":53},"comment-blacklist-updater","Comment Blacklist Updater","1.2.2","apasionados","https:\u002F\u002Fprofiles.wordpress.org\u002Fapasionados\u002F","\u003Cp>Updates the “Comment Blacklist” in Settings \u002F Discussion with a list terms from a remote or local source. By default it get’s the data from Github \u003Cstrong>(“\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsplorp\u002Fwordpress-comment-blacklist\u002F\" rel=\"nofollow ugc\">wordpress-comment-blacklist\u003C\u002Fa>“)\u003C\u002Fstrong> by \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsplorp\" rel=\"nofollow ugc\">Grant Hutchinson\u003C\u002Fa>) but you can also get them \u003Cstrong>from any URL\u003C\u002Fstrong> or from a \u003Cstrong>local blacklist.txt file\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>This plugin is an enhanced version of the plugin \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcomment-blacklist-manager\u002F\" rel=\"ugc\">Comment Blacklist Manager\u003C\u002Fa>. We decided to create this enhanced version of the plugin, because we wanted to be able to add blacklists without using filters and directly from the WordPress administration. You can still use a filter to modify the blacklist sources if that is more convienient for you. And we also wanted to have more information about the plugin in SETTINGS \u002F DISCUSSION; for example when the blacklist was updated and when it will be updated next time, when the blacklist sources were updated, etc.\u003C\u002Fp>\n\u003Cp>You can configure three sources for your blacklists:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>Default blacklist\u003C\u002Fstrong> (which can be disabled): \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsplorp\u002Fwordpress-comment-blacklist\u002F\" rel=\"nofollow ugc\">wordpress-comment-blacklist\u003C\u002Fa> by \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsplorp\" rel=\"nofollow ugc\">Grant Hutchinson\u003C\u002Fa>). Please keep in mind that if there is no other blacklist source defined, this will be used as default, even if it\\’s not selected.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Blacklist from remote URL\u003C\u002Fstrong>: You paste the URL to the blacklist and if the file exists and can be accesed (must return code 200) it will be used as a blacklist source.\u003C\u002Fli>\n\u003Cli>If you want to include a \u003Cstrong>local blacklist\u003C\u002Fstrong> for the site, you can upload a blacklist.txt file to the UPLOADS folder and it will also be taken into account. The blacklist.txt file has to be in the root of the UPLOADS folder; it will not be recognized if it\\’s for example in \u002Fuploads\u002F2025\u002F12\u002F and the file has to be accesible via http\u002Fhttps (if the access to the file is protected it can\\’t be used).\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>And you can use the filter \u003Ccode>cblm_sources\u003C\u002Fcode> to replace all the blacklists or to add more. If you replace all blacklists with the filter, the settings done in the WordPress administration will be ignored. We decided to keep the same filter as used by “Comment Blacklist Manager” to make it easy to switch between both plugins.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Please note: \u003Cstrong>After the September 2023 update only users with administrator privileges can use this plugin.\u003C\u002Fstrong> If you’re not an admin you will get following error: “You do not have sufficient permissions to access this page”.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>What can I do with this plugin?\u003C\u002Fh4>\n\u003Cp>The plugin updates the “Comment Blacklist” in Settings \u002F Discussion with a list terms from a remote or local source. By default it get’s the data from Github (“\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsplorp\u002Fwordpress-comment-blacklist\u002F\" rel=\"nofollow ugc\">wordpress-comment-blacklist\u003C\u002Fa> by \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsplorp\" rel=\"nofollow ugc\">Grant Hutchinson\u003C\u002Fa>) but you can also get them from any URL or from a local blacklist.txt file.\u003C\u002Fp>\n\u003Ch4>Why do I want to update the “Comment Blacklist” in Settings \u002F Discussion?\u003C\u002Fh4>\n\u003Cp>If you want to reduce spam received in your comment forms but also in your contact forms (for example when using Contact Form 7), using blacklisted terms can help.\u003C\u002Fp>\n\u003Cp>Contact Form 7 encourages to use: Akismet, reCaptcha and the comment blacklist to reduce contact form spam.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cem>Contact Form 7 supports spam-filtering with Akismet. Intelligent reCAPTCHA blocks annoying spambots. Plus, using comment blacklist, you can block messages containing specified keywords or those sent from specified IP addresses.\u003C\u002Fem>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>The best way to reduce the contact form 7 spam is to use a very extensive term database which is updated regulary with new spam terms. And this plugin does exactly this: Updating the blacklist regularly.\u003C\u002Fp>\n\u003Ch4>Why are you using the “Comment Blacklist for WordPress” from Grant Hutchinson as default source for the blacklist?\u003C\u002Fh4>\n\u003Cp>Since 2011 Grant Hutchinson has been identifying and compiling over 34,000 phrases, patterns, and keywords commonly used by spammers and comment bots in usernames, email addresses, link text, and URIs.\u003C\u002Fp>\n\u003Cp>His blacklist is very extensive and that’s why we love it.\u003C\u002Fp>\n\u003Cp>As with all compilations, this blacklist is a work in progress and it is updated more or less every month. And each of these updates will be included automatically with the update process that runs every 24 hours.\u003C\u002Fp>\n\u003Cp>\u003Cem>Sometimes simple is better.\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>If you know another source that is as extensive as this one, drop us a message and we will check if it’s interesting to add it also as a default.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>System requirements\u003C\u002Fh4>\n\u003Cp>PHP version 5.6 or greater.\u003C\u002Fp>\n\u003Ch4>Comment Blacklist Updater Plugin in your Language!\u003C\u002Fh4>\n\u003Cp>This first release is avaliable in English and Spanish. In the “languages” folder we have included the necessary files to translate this plugin.\u003C\u002Fp>\n\u003Cp>If you would like the plugin in your language and you’re good at translating, please drop us a line at \u003Ca href=\"https:\u002F\u002Fapasionados.es\u002Fcontacto\u002Findex.php?desde=wordpress-org-apa-comment-blacklist-updater-home\" rel=\"nofollow ugc\">Contact us\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Further Reading\u003C\u002Fh4>\n\u003Cp>You can access the description of the plugin in Spanish at: \u003Ca href=\"https:\u002F\u002Fapasionados.es\u002Fblog\u002F\" rel=\"nofollow ugc\">Actualizador lista negra de comentarios | WordPress Plugin\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Contact\u003C\u002Fh3>\n\u003Cp>For further information please send us an \u003Ca href=\"https:\u002F\u002Fapasionados.es\u002Fcontacto\u002Findex.php?desde=wordpress-org-apa-comment-blacklist-updater\" rel=\"nofollow ugc\">email\u003C\u002Fa>.\u003C\u002Fp>\n","Update \"Comment Blacklist\" spam terms to manage spam in forms and comments",1000,10162,96,"2023-09-26T13:22:00.000Z","6.3.8","4.0.1","5.6",[18,19,115,116,21],"contact-form-7","form-spam","https:\u002F\u002Fapasionados.es\u002Fblog\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomment-blacklist-updater.1.2.2.zip",85,"2023-09-23 00:00:00",{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":129,"downloaded":130,"rating":131,"num_ratings":132,"last_updated":133,"tested_up_to":67,"requires_at_least":113,"requires_php":134,"tags":135,"homepage":136,"download_link":137,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":53},"comment-blacklist-manager","Comment Blacklist Manager","1.0.1","Andrew Norcross","https:\u002F\u002Fprofiles.wordpress.org\u002Fnorcross\u002F","\u003Cp>Comment Blacklist Manager retrieves a list of terms from a remote source and updates the \u003Ccode>disallowed_keys\u003C\u002Fcode> setting in WordPress. The plugin will automatically fetch a list of terms on a regular schedule and update the contents of the “Disallowed Comment Keys” field. Terms added manually via the “Local Blacklist” field will be retained during the scheduled updates. Terms added manually to the “Excluded Terms” field will be removed from the list.\u003C\u002Fp>\n\u003Cp>The default list of terms is fetched from a \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsplorp\u002Fwordpress-comment-blacklist\u002F\" title=\"Comment Blacklist for WordPress\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa> repository maintained by \u003Ca href=\"https:\u002F\u002Fsplorp.com\u002F\" title=\"Interface considerations. Gadget accumulation. Typography. Scotch.\" rel=\"nofollow ugc\">Grant Hutchinson\u003C\u002Fa>.\u003C\u002Fp>\n","Remotely add terms to the WordPress Disallowed Comment Keys field to manage spam.",600,8186,88,5,"2025-12-13T21:44:00.000Z","7.0",[18,19,21],"https:\u002F\u002Fgithub.com\u002Fnorcross\u002Fcomment-blacklist-manager","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomment-blacklist-manager.1.0.1.zip",{"attackSurface":139,"codeSignals":156,"taintFlows":163,"riskAssessment":164,"analyzedAt":167},{"hooks":140,"ajaxHandlers":152,"restRoutes":153,"shortcodes":154,"cronEvents":155,"entryPointCount":11,"unprotectedCount":11},[141,148],{"type":142,"name":143,"callback":144,"priority":145,"file":146,"line":147},"action","spam_comment","SpamToBlacklist_ban",10,"spam-to-blacklist.php",37,{"type":142,"name":149,"callback":150,"priority":145,"file":146,"line":151},"unspam_comment","SpamToBlacklist_unban",38,[],[],[],[],{"dangerousFunctions":157,"sqlUsage":158,"outputEscaping":160,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":162},[],{"prepared":11,"raw":11,"locations":159},[],{"escaped":11,"rawEcho":11,"locations":161},[],[],[],{"summary":165,"deductions":166},"The \"spam-to-blacklist\" v1.0 plugin exhibits an excellent security posture based on the provided static analysis. The complete absence of identified dangerous functions, raw SQL queries, file operations, external HTTP requests, and a lack of taint analysis findings suggest a well-written and secure codebase. Furthermore, the plugin demonstrates strong adherence to secure coding practices by having all SQL queries use prepared statements and all outputs properly escaped. The attack surface is effectively zero, with no AJAX handlers, REST API routes, shortcodes, or cron events, meaning there are no direct entry points for potential attackers.  The vulnerability history is also pristine, with zero recorded CVEs, indicating a lack of previously discovered security flaws. This combination of robust code quality and a clean history paints a picture of a highly secure plugin.  However, the complete absence of nonce checks and capability checks, while not a direct vulnerability given the zero attack surface, could become a concern if the plugin's functionality were ever to be expanded to include user-interactive features or administrative actions without proper authorization mechanisms in place.  For its current state, the plugin is exceptionally secure.",[],"2026-03-17T05:43:06.187Z",{"wat":169,"direct":174},{"assetPaths":170,"generatorPatterns":171,"scriptPaths":172,"versionParams":173},[],[],[],[],{"cssClasses":175,"htmlComments":176,"htmlAttributes":177,"restEndpoints":178,"jsGlobals":179,"shortcodeOutput":180},[],[],[],[],[],[]]