[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f50is3VBdP3MzJE1RjCY5zPlUHF1LvbZkutgUN_5Z42Y":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":39,"analysis":143,"fingerprints":214},"squelch-unspam","Squelch Unspam","1.5.1","Matt Lowe","https:\u002F\u002Fprofiles.wordpress.org\u002Fsquelch\u002F","\u003Cp>Unspam by Squelch Design is the simplest \u003Ca href=\"http:\u002F\u002Fsquelchdesign.com\u002Fwordpress-plugin-squelch-unspam\u002F\" rel=\"nofollow ugc\">WordPress anti-spam plugin\u003C\u002Fa> you can find for \u003Cstrong>reducing your comment spam\u003C\u002Fstrong> problem. Once installed there’s nothing\u003Cbr \u002F>\nto configure, and nothing changes to your visitors: No captcha or silly games. Once installed\u003Cbr \u002F>\nthe plugin will simply randomize the names of the fields in the comments form on your blog and reject comments that are sent to the\u003Cbr \u002F>\nstandard WordPress field names, or where bots have blindly submitted data to the honeypot fields.\u003C\u002Fp>\n\u003Cp>What this means for spammers is that they have to do quite a lot more work to send spam to your website. It may also make sending\u003Cbr \u002F>\nspam to your website unreliable as changes to your theme may upset their spam submission tools. Or they may have to resort to using\u003Cbr \u002F>\nhumans to send spam to your website (not much I can do about that I’m afraid) which will cost them more money.\u003C\u002Fp>\n\u003Cp>Currently implemented:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Names of fields are randomized every night at 12:00,\u003C\u002Fli>\n\u003Cli>Submissions to the standard WordPress field names are automatically deleted,\u003C\u002Fli>\n\u003Cli>Honeypot fields added to comments form,\u003C\u002Fli>\n\u003Cli>WooCommerce support.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Additional (planned) features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Contact Form 7 integration\u003C\u002Fli>\n\u003Cli>Statistical collection,\u003C\u002Fli>\n\u003Cli>Automated blocking of persistent IPs,\u003C\u002Fli>\n\u003Cli>Opt-in centralized collection of comment spam and statistics for additional research.\u003C\u002Fli>\n\u003C\u002Ful>\n","Unspam makes it harder for spammers to automatedly send spam to your blog by changing the names of the fields in the comment forms.",50,3844,60,1,"2024-04-10T11:08:00.000Z","6.5.8","4.4","",[20,21,22,23,24],"comment-spam-filter","comments","filter","spam","spam-filter","http:\u002F\u002Fsquelchdesign.com\u002Fwordpress-plugin-squelch-unspam\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsquelch-unspam.1.5.1.zip",92,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":34,"trust_score":37,"computed_at":38},"squelch",2,1050,91,94,"2026-04-04T04:23:28.985Z",[40,64,86,104,124],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":50,"num_ratings":51,"last_updated":52,"tested_up_to":53,"requires_at_least":54,"requires_php":55,"tags":56,"homepage":60,"download_link":61,"security_score":62,"vuln_count":14,"unpatched_count":28,"last_vuln_date":63,"fetched_at":30},"antispam-bee","Antispam Bee","2.11.8","pluginkollektiv","https:\u002F\u002Fprofiles.wordpress.org\u002Fpluginkollektiv\u002F","\u003Cp>Say Goodbye to comment spam on your WordPress blog or website. \u003Cem>Antispam Bee\u003C\u002Fem> blocks spam comments and trackbacks effectively, without captchas and without sending personal information to third party services. It is free of charge, ad-free and 100% GDPR compliant.\u003C\u002Fp>\n\u003Ch3>Feature\u002FSettings Overview\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Trust approved commenters.\u003C\u002Fli>\n\u003Cli>Trust commenters with a Gravatar.\u003C\u002Fli>\n\u003Cli>Consider the comment time.\u003C\u002Fli>\n\u003Cli>Allow comments only in a certain language.\u003C\u002Fli>\n\u003Cli>Block or allow commenters from certain countries.\u003C\u002Fli>\n\u003Cli>Treat BBCode links as spam.\u003C\u002Fli>\n\u003Cli>Use regular expressions.\u003C\u002Fli>\n\u003Cli>Search local spam database for commenters previously marked as spammers.\u003C\u002Fli>\n\u003Cli>Notify admins by e-mail about incoming spam.\u003C\u002Fli>\n\u003Cli>Delete existing spam after n days.\u003C\u002Fli>\n\u003Cli>Limit approval to comments\u002Fpings (will delete other comment types).\u003C\u002Fli>\n\u003Cli>Select spam indicators to send comments to deletion directly.\u003C\u002Fli>\n\u003Cli>Optionally exclude trackbacks and pingbacks from spam detection.\u003C\u002Fli>\n\u003Cli>Optionally spam-check comment forms on archive pages.\u003C\u002Fli>\n\u003Cli>Display spam statistics on the dashboard, including daily updates of spam detection rate and a total of blocked spam comments.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Community support via the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fantispam-bee\" rel=\"ugc\">support forums on wordpress.org\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Read \u003Ca href=\"https:\u002F\u002Fantispambee.pluginkollektiv.org\u002Fdocumentation\u002F\" rel=\"nofollow ugc\">the documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>We don’t handle support via e-mail, Twitter, GitHub issues etc.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contribute\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Active development of this plugin is handled \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fpluginkollektiv\u002Fantispam-bee\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Pull requests for documented bugs are highly appreciated.\u003C\u002Fli>\n\u003Cli>If you think you’ve found a bug (e.g. you’re experiencing unexpected behavior), please post at the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fantispam-bee\" rel=\"ugc\">support forums\u003C\u002Fa> first.\u003C\u002Fli>\n\u003Cli>If you want to help us translate this plugin you can do so \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fantispam-bee\" rel=\"nofollow ugc\">on WordPress Translate\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Author: \u003Ca href=\"https:\u002F\u002Fsergejmueller.github.io\u002F\" rel=\"nofollow ugc\">Sergej Müller\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Maintainers: \u003Ca href=\"https:\u002F\u002Fpluginkollektiv.org\" rel=\"nofollow ugc\">pluginkollektiv\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Sophisticated antispam plugin for effective daily comment and trackback spam-fighting. Built with data protection and privacy in mind.",700000,10958057,96,225,"2025-07-22T11:23:00.000Z","6.8.5","4.6","5.2",[57,58,21,24,59],"anti-spam","antispam","spam-protection","https:\u002F\u002Fantispambee.pluginkollektiv.org\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fantispam-bee.2.11.8.zip",100,"2023-11-27 00:00:00",{"slug":65,"name":66,"version":67,"author":68,"author_profile":69,"description":70,"short_description":71,"active_installs":72,"downloaded":73,"rating":74,"num_ratings":75,"last_updated":76,"tested_up_to":53,"requires_at_least":77,"requires_php":78,"tags":79,"homepage":82,"download_link":83,"security_score":50,"vuln_count":84,"unpatched_count":28,"last_vuln_date":85,"fetched_at":30},"cf7-message-filter","Message Filter for Contact Form 7","1.6.3.8","Kofi Mokome","https:\u002F\u002Fprofiles.wordpress.org\u002Fkofimokome\u002F","\u003Cp>Do you receive spams every day? have you installed a dozen plugins and you still get spammed? Well this may be the solution to your problem.\u003Cbr \u002F>\nThis plugin filters messages submitted from contact form 7. You can decide to either filter messages based on restricted words found in the content of the message or filter based on the email of the person submitting the form.\u003Cbr \u002F>\nFilters will be extended to other contact form plugins with time.\u003C\u002Fp>\n\u003Ch3>Supported Plugins\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Contact form 7\u003C\u002Fli>\n\u003Cli>WPForms\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Note: This is just an extension. This plugin is not affiliated with or endorsed by Contact Form 7 or WPForms.\u003C\u002Fp>\n\u003Ch3>Pro Features\u003C\u002Fh3>\n\u003Cp>Upgrade to the pro version from the Account submenu page to have access the following features:\u003Cbr \u002F>\n1. Unlimited words and emails: Add as many words and emails as you want\u003Cbr \u002F>\n2. Month Reports: Receive monthly spam reports directly to your email\u003Cbr \u002F>\n3. Spam Suggestion: Receive suggestions for new spam words and emails\u003Cbr \u002F>\n4. Blacklist\u002FWhitelist forms: Decide which forms to validate or not to validate\u003Cbr \u002F>\n5. CSV Upload: Upload CSV with spam words\u002Femails\u003Cbr \u002F>\n6. Add custom filters: Create your own custom filters\u003C\u002Fp>\n\u003Ch3>PRIVACY\u003C\u002Fh3>\n\u003Cp>We may collect ONLY the following information, if accepted by the site administrator:\u003Cbr \u002F>\n– The messages blocked by the plugin and\u003Cbr \u002F>\n– Words added to the plugin as spam\u003Cbr \u002F>\nThis is used solely for the purpose of making improvements to the plugin.\u003C\u002Fp>\n\u003Cp>In addition to the above, Freemius, a third party plugin used to manage plugin licences may also collect additional information, if the site administrator accepts.\u003C\u002Fp>\n\u003Ch3>How to Contribute\u003C\u002Fh3>\n\u003Cp>The source codes can be downloaded here \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fkofimokome\u002Fcf7-message-filter\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>\u003C\u002Fp>\n","Filter messages submitted through contact form 7 based on words and\u002For emails listed as restricted.",1000,48557,98,13,"2025-10-25T13:35:00.000Z","6.6","8.0",[80,22,23,24,81],"contact-form-7","wpforms","https:\u002F\u002Fgithub.com\u002Fkofimokome\u002Fcf7-message-filter","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcf7-message-filter.1.6.3.8.zip",4,"2025-04-22 00:00:00",{"slug":87,"name":88,"version":89,"author":90,"author_profile":91,"description":92,"short_description":93,"active_installs":94,"downloaded":95,"rating":28,"num_ratings":28,"last_updated":96,"tested_up_to":53,"requires_at_least":77,"requires_php":97,"tags":98,"homepage":102,"download_link":103,"security_score":62,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"spam-filter-for-elementor-form","Spam Filter For Elementor Form","1.4","wizbee IT","https:\u002F\u002Fprofiles.wordpress.org\u002Fwizbee\u002F","\u003Cp>Tired of spammy SEO pitches, fake marketing offers, and bot submissions flooding your Elementor Pro forms? By filtering only the message field, you can eliminate up to 95% spam submissions.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Spam Filter For Elementor Form\u003C\u002Fstrong> do that and gives you the control you need to stop them, without relying on external services.\u003C\u002Fp>\n\u003Cp>This plugin filters the input field of your forms to block submissions containing unwanted words, suspicious URLs, or emails from unauthorized domains. You can block all URLs except those from your domain or specific domains you allow. If someone tries to submit a form with a disallowed link, they’ll see a clear error message asking them to remove it.\u003C\u002Fp>\n\u003Cp>Here’s the beauty of it: real visitors who want to share something useful will usually say, “I have a link to share, can you contact me so I can send it?” Spam bots, on the other hand, just drop links and hit submit. That’s where this filter stops them.\u003C\u002Fp>\n\u003Cp>Whether you want to block certain phrases, links, or reject emails from shady domains, this plugin lets you do it easily, right from the WordPress dashboard.\u003C\u002Fp>\n\u003Ch3>Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>Enable or disable filtering for specific or all Elementor Pro forms.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Block messages that contain specific words or patterns.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Reject any submission containing links—except those from allowed domains.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Block or allow email addresses based on domain (whitelist or blocklist mode).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Custom error messages shown directly inside the form.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>No third-party services or APIs—fully local and lightweight.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Built exclusively for Elementor Pro forms.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Perfect for any site owner who’s fed up with form spam and wants a simple, effective way to stop it.\u003C\u002Fp>\n\u003Ch3>How to Use:\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Enable Filtering:\u003C\u002Fstrong>\u003Cbr \u002F>\nGo to \u003Cstrong>Elementor \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Contact Form Filter\u003C\u002Fstrong> and check the “Enable Spam Filter” option.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Target the Right Form:\u003C\u002Fstrong>\u003Cbr \u002F>\nEnter the name of the form you want to filter in the “Form Name” setting. This must match the “Form Name” from your Elementor Pro form settings.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Set Blocked Words:\u003C\u002Fstrong>\u003Cbr \u002F>\nAdd a list of blocked words (one per line). Any form submission containing these words will be rejected.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Filter URLs:\u003C\u002Fstrong>\u003Cbr \u002F>\nOnly allow URLs from specific domains. Other links will trigger a validation error.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Control Email Domains:\u003C\u002Fstrong>\u003Cbr \u002F>\nEnable email filtering and choose between whitelist or blocklist mode. Add domains or full email addresses to control who can submit the form.\u003C\u002Fp>\n\u003Ch3>Enjoying the Plugin?\u003C\u002Fh3>\n\u003Cp>If you find \u003Cstrong>Spam Filter For Elementor Form\u003C\u002Fstrong> helpful, please consider leaving a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Felementor-form-spam-filter\u002F#reviews\" rel=\"ugc\">review on WordPress.org\u003C\u002Fa>. Your feedback helps us improve and reach more users.\u003C\u002Fp>\n\u003Ch3>Other useful and absolutely free plugins from WizBee IT\u003C\u002Fh3>\n\u003Cblockquote>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feasy-duplicate-woo-order\u002F\" rel=\"ugc\">Easy Duplicate Woo Order\u003C\u002Fa>: Adds a custom action to duplicate WooCommerce orders easily.\u003Cbr \u002F>\n  \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcustom-product-in-woo-order\u002F\" rel=\"ugc\">Custom Product in Woo Order\u003C\u002Fa>: Add custom one-time items directly to WooCommerce orders without adding them to the catalog.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>Visit our website for more at \u003Ca href=\"https:\u002F\u002Fwww.wizbeeit.com\u002F\" rel=\"nofollow ugc\">WizBee IT\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPLv2 or later license. For more information, see https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html.\u003C\u002Fp>\n","A simple yet powerful plugin that adds advanced spam and content filtration to your Elementor Pro forms.",90,421,"2025-07-24T16:06:00.000Z","7.8",[57,99,100,24,101],"block-spam","elementor-pro-form","word-filter","https:\u002F\u002Fwww.wizbeeit.com\u002Fspam-filter-for-elementor-form\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fspam-filter-for-elementor-form.1.4.zip",{"slug":105,"name":106,"version":107,"author":108,"author_profile":109,"description":110,"short_description":111,"active_installs":112,"downloaded":113,"rating":114,"num_ratings":115,"last_updated":116,"tested_up_to":117,"requires_at_least":118,"requires_php":18,"tags":119,"homepage":18,"download_link":122,"security_score":123,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"no-captcha-spam-block","No-captcha Spam Block","1.0.0","Daniel Davis","https:\u002F\u002Fprofiles.wordpress.org\u002Ftagawa\u002F","\u003Cp>No-captcha Spam Block is a WordPress plugin that automatically blocks comments it thinks are spam. It works tirelessly, day and night, applying various checks to each comment that comes in and giving it a spam score – any score too high and the comment goes straight to the spam bucket in disgrace.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>No third-party registration\u003C\u002Fli>\n\u003Cli>No JavaScript required\u003C\u002Fli>\n\u003Cli>Best of all, no captchas\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>There are no visible changes to your website and you don’t need to set anything up – just install, activate and go!\u003C\u002Fp>\n","Dramatically reduce comment spam on your blog without using a captcha.",70,4291,46,3,"2013-09-05T02:41:00.000Z","3.6.1","3.4",[120,121,21,22,23],"block","captcha","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fno-captcha-spam-block.zip",85,{"slug":125,"name":126,"version":127,"author":128,"author_profile":129,"description":130,"short_description":131,"active_installs":132,"downloaded":133,"rating":134,"num_ratings":14,"last_updated":135,"tested_up_to":136,"requires_at_least":137,"requires_php":18,"tags":138,"homepage":18,"download_link":142,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"anti-spam-filter-gravity-forms","Anti-Spam Filter for Gravity Forms","1.0.1","teamtp","https:\u002F\u002Fprofiles.wordpress.org\u002Fteamtp\u002F","\u003Cp>\u003Cstrong>Anti-Spam Filter for Gravity Forms\u003C\u002Fstrong> is a lightweight yet powerful tool designed to protect your Gravity Forms from spam submissions. This plugin integrates seamlessly with \u003Cstrong>Gravity Forms\u003C\u002Fstrong> and adds advanced anti-spam features to your form submissions.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important\u003C\u002Fstrong>: This plugin requires Gravity Forms 2.5 or higher to function properly.\u003C\u002Fp>\n\u003Cp>The plugin automatically detects and filters out spam submissions based on customizable settings. It ensures that only legitimate entries are received by your forms. Whether you’re dealing with keyword-based spam, Cyrillic text, or want to add an extra layer of security, this plugin has you covered.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features\u003C\u002Fstrong>:\u003Cbr \u002F>\n– \u003Cstrong>Gravity Forms Integration\u003C\u002Fstrong>: Works seamlessly with Gravity Forms to protect your forms from spam.\u003Cbr \u002F>\n– \u003Cstrong>Keyword-Based Spam Filtering\u003C\u002Fstrong>: Block form submissions containing specified keywords you define.\u003Cbr \u002F>\n– \u003Cstrong>Cyrillic Text Detection\u003C\u002Fstrong>: Automatically filter out submissions with Cyrillic characters, commonly used in spam.\u003Cbr \u002F>\n– \u003Cstrong>Customizable Subject Prefix\u003C\u002Fstrong>: Add a customizable prefix (e.g., “SPAM Alert”) to flagged form submissions.\u003Cbr \u002F>\n– \u003Cstrong>Multiple Form Protection\u003C\u002Fstrong>: Specify which Gravity Forms to protect by defining form IDs.\u003Cbr \u002F>\n– \u003Cstrong>Simple Configuration\u003C\u002Fstrong>: Easy-to-use interface with toggle switches to enable or disable features.\u003C\u002Fp>\n\u003Cp>Ensure your Gravity Forms stay clean, secure, and spam-free with \u003Cstrong>Anti-Spam Filter for Gravity Forms\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPLv2 or later. See the full license at \u003Ca href=\"https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\u003C\u002Fa>.\u003C\u002Fp>\n","A lightweight anti-spam solution for Gravity Forms that blocks unwanted submissions using keyword filtering and Cyrillic text detection.",30,625,40,"2025-01-22T10:49:00.000Z","6.7.5","6.5",[57,139,140,141,24],"form-protection","gravity-forms","keyword-filtering","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanti-spam-filter-gravity-forms.1.0.1.zip",{"attackSurface":144,"codeSignals":182,"taintFlows":207,"riskAssessment":208,"analyzedAt":213},{"hooks":145,"ajaxHandlers":178,"restRoutes":179,"shortcodes":180,"cronEvents":181,"entryPointCount":28,"unprotectedCount":28},[146,152,156,159,163,167,170,174],{"type":147,"name":148,"callback":149,"file":150,"line":151},"action","init","lstunspam_update_checker","squelch-unspam.php",75,{"type":147,"name":153,"callback":154,"file":150,"line":155},"admin_notices","lstunspam_welcome_message",116,{"type":147,"name":148,"callback":157,"file":150,"line":158},"lstunspam_init",185,{"type":22,"name":160,"callback":161,"file":150,"line":162},"comment_form_top","lstunspam_add_hidden_fields_logged_in_users",411,{"type":22,"name":164,"callback":165,"priority":14,"file":150,"line":166},"comment_form_defaults","lstunspam_rename_comment_field",416,{"type":22,"name":168,"callback":165,"priority":14,"file":150,"line":169},"woocommerce_product_review_comment_form_args",417,{"type":147,"name":171,"callback":172,"file":150,"line":173},"wp_enqueue_scripts","lstunspam_enqueue_scripts",462,{"type":147,"name":175,"callback":176,"file":150,"line":177},"wp_footer","lstunspam_head",499,[],[],[],[],{"dangerousFunctions":183,"sqlUsage":184,"outputEscaping":186,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":206},[],{"prepared":28,"raw":28,"locations":185},[],{"escaped":28,"rawEcho":187,"locations":188},8,[189,192,194,196,198,200,202,204],{"file":150,"line":190,"context":191},113,"raw output",{"file":150,"line":193,"context":191},431,{"file":150,"line":195,"context":191},480,{"file":150,"line":197,"context":191},481,{"file":150,"line":199,"context":191},486,{"file":150,"line":201,"context":191},487,{"file":150,"line":203,"context":191},488,{"file":150,"line":205,"context":191},489,[],[],{"summary":209,"deductions":210},"The \"squelch-unspam\" plugin v1.5.1 exhibits a strong static security posture with a remarkably small attack surface. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits potential entry points for malicious actors. The code also demonstrates good practices by exclusively using prepared statements for SQL queries, mitigating SQL injection risks. However, a critical concern arises from the complete lack of output escaping, meaning any data displayed to users, whether user-supplied or dynamically generated, is vulnerable to cross-site scripting (XSS) attacks. This is a significant oversight that can lead to serious security breaches. The plugin's vulnerability history is clean, with no recorded CVEs, which is positive. This, combined with the limited attack surface, suggests a history of secure development or a lack of targeted exploitation. Despite the clean history and good SQL practices, the unescaped output represents a substantial risk that overshadows these strengths.",[211],{"reason":212,"points":187},"Output not properly escaped","2026-03-16T21:59:33.812Z",{"wat":215,"direct":220},{"assetPaths":216,"generatorPatterns":217,"scriptPaths":218,"versionParams":219},[],[],[],[],{"cssClasses":221,"htmlComments":222,"htmlAttributes":223,"restEndpoints":224,"jsGlobals":225,"shortcodeOutput":226},[],[],[],[],[],[]]