[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fqGuWMA2CzEJ76FCVEtfMo10Y5E3SAoV-ac8ZkE_dJhY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":39,"analysis":40,"fingerprints":74},"stop-media-comment-spamming","Stop Media Comment Spamming","1.8.3","DeveloperWil","https:\u002F\u002Fprofiles.wordpress.org\u002Fdeveloperwil\u002F","\u003Cp>If you find your media file attachments are being targeted by spam comments then here is the solution for you.\u003C\u002Fp>\n\u003Cp>Stop Media Comment Spamming removes the ability for visitors to comment on media attachments.  It does \u003Cem>not\u003C\u002Fem> remove commenting from any other part of your WordPress installation.\u003C\u002Fp>\n\u003Cp>Visitors will still be able to comment on your posts and pages.\u003C\u002Fp>\n\u003Cp>\u003Cem>Why would you need this plugin?\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>WordPress natively allows comments to be left on any file in the Media Library.\u003C\u002Fp>\n\u003Cp>Unfortunately spammers can target this and quickly leave horrible and unrelated comments on your site.\u003C\u002Fp>\n\u003Cp>WordPress provides no way in Admin Dashboard to disable this feature.\u003C\u002Fp>\n\u003Cp>Some of the spam seems to get through popular spam filtering plugins.\u003C\u002Fp>\n\u003Cp>You still want to allow visitors to comments on your posts and pages.\u003C\u002Fp>\n\u003Cp>If only there was a plugin that allowed you to stop visitors leaving comments on media files.\u003C\u002Fp>\n\u003Cp>Ta da!  Here’s one.\u003C\u002Fp>\n\u003Ch4>Plugin Page\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fzeropointdevelopment.com\u002Fstopping-wordpress-media-attachment-comment-spamming\u002F\" title=\"Stop Media Commpent Spamming WordPress Plugin\" rel=\"nofollow ugc\">Stop Media Comment Spamming\u003C\u002Fa>\u003C\u002Fp>\n","Stops media comment spamming by removing the ability to comment on attachments.",900,17898,60,6,"2024-07-04T01:36:00.000Z","6.6.5","5.2","5.6",[20,21,22,23,24],"remove-attachment-comments","remove-media-comments","stop-comment-spam","stop-media-comment-spam","stop-media-comments","https:\u002F\u002Fzeropointdevelopment.com\u002Fstopping-wordpress-media-attachment-comment-spamming\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fstop-media-comment-spamming.1.8.3.zip",92,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":27,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"developerwil",5,3400,30,88,"2026-04-04T07:16:40.296Z",[],{"attackSurface":41,"codeSignals":58,"taintFlows":65,"riskAssessment":66,"analyzedAt":73},{"hooks":42,"ajaxHandlers":54,"restRoutes":55,"shortcodes":56,"cronEvents":57,"entryPointCount":28,"unprotectedCount":28},[43,50],{"type":44,"name":45,"callback":46,"priority":47,"file":48,"line":49},"filter","comments_open","zpd_stop_media_comments",10,"stop-media-comment-spamming.php",43,{"type":44,"name":51,"callback":52,"file":48,"line":53},"get_header","zpd_turn_attachment_comments_off",58,[],[],[],[],{"dangerousFunctions":59,"sqlUsage":60,"outputEscaping":62,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":64},[],{"prepared":28,"raw":28,"locations":61},[],{"escaped":28,"rawEcho":28,"locations":63},[],[],[],{"summary":67,"deductions":68},"The plugin \"stop-media-comment-spamming\" v1.8.3 demonstrates a strong security posture based on the provided static analysis.  There are no identified dangerous functions, SQL queries are exclusively using prepared statements, and all output appears to be properly escaped.  Furthermore, the absence of file operations, external HTTP requests, and the limited attack surface (zero AJAX handlers, REST API routes, shortcodes, or cron events) significantly reduces the potential for exploitation.  The taint analysis also reveals no critical or high-severity issues with unsanitized paths.\n\nThe vulnerability history is equally positive, with zero known CVEs, unpatched vulnerabilities, or recorded common vulnerability types. This indicates a mature and well-maintained plugin with a history of security.  However, it is important to note the complete absence of nonce checks and capability checks. While the current attack surface is zero, any future additions to the plugin could introduce vulnerabilities if these checks are not implemented for new entry points.\n\nIn conclusion, \"stop-media-comment-spamming\" v1.8.3 is exceptionally secure based on this analysis, with no immediate exploitable flaws identified. The plugin's developers appear to follow best practices in code hygiene. The only potential area for future concern lies in the complete lack of authentication and authorization checks, which, while not an issue now, could become one if the plugin's functionality expands without proper security measures.",[69,71],{"reason":70,"points":34},"No nonce checks implemented",{"reason":72,"points":34},"No capability checks implemented","2026-03-16T19:15:52.629Z",{"wat":75,"direct":80},{"assetPaths":76,"generatorPatterns":77,"scriptPaths":78,"versionParams":79},[],[],[],[],{"cssClasses":81,"htmlComments":82,"htmlAttributes":83,"restEndpoints":84,"jsGlobals":85,"shortcodeOutput":86},[],[],[],[],[],[]]