[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fb1BxBMqyPNtxWTxFcta4sKmSTfyIXW-tSAoh5DtocfY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":74,"crawl_stats":36,"alternatives":82,"analysis":191,"fingerprints":458},"subscribe-to-comments","Subscribe to Comments","2.3.1","Mark Jaquith","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarkjaquith\u002F","\u003Cp>Subscribe to Comments is a robust plugin that enables commenters to sign up for e-mail notification of subsequent entries.  The plugin includes a full-featured subscription manager that your commenters can use to unsubscribe to certain posts, block all notifications, or even change their notification e-mail address!\u003C\u002Fp>\n","Subscribe to Comments allows commenters on an entry to subscribe to e-mail notifications for subsequent comments.",20000,571809,78,14,"2024-10-29T05:34:00.000Z","4.3.34","2.9","",[20,21,22],"comments","email","subscription","http:\u002F\u002Ftxfx.net\u002Fwordpress-plugins\u002Fsubscribe-to-comments\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsubscribe-to-comments.2.3.1.zip",89,3,0,"2024-10-29 14:20:48","2026-03-15T15:16:48.613Z",[31,46,62],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":6,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":45},"CVE-2024-8792","subscribe-to-comments-reflected-cross-site-scripting-2","Subscribe to Comments \u003C= 2.3 - Reflected Cross-Site Scripting","The Subscribe to Comments plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",null,"\u003C=2.3","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-10-30 02:32:19",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fa7566ac1-9ae2-44d2-8ad1-029957870992?source=api-prod",1,{"id":47,"url_slug":48,"title":49,"description":50,"plugin_slug":4,"theme_slug":36,"affected_versions":51,"patched_in_version":52,"severity":53,"cvss_score":54,"cvss_vector":55,"vuln_type":56,"published_date":57,"updated_date":58,"references":59,"days_to_patch":61},"CVE-2015-10133","subscribe-to-comments-local-file-includion","Subscribe to Comments \u003C= 2.1.2 - Local File Includion","The Subscribe to Comments for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 2.1.2 via the Path to header value. This allows authenticated attackers, with administrative privileges and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. This same function can also be used to execute arbitrary PHP code.","\u003C=2.1.2","2.3","high",7.2,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Control of Filename for Include\u002FRequire Statement in PHP Program ('PHP Remote File Inclusion')","2015-07-15 00:00:00","2025-07-19 09:23:53",[60],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ff92784a7-f2b3-47f8-b03f-4e234b57e40a?source=api-prod",3657,{"id":63,"url_slug":64,"title":65,"description":66,"plugin_slug":4,"theme_slug":36,"affected_versions":67,"patched_in_version":68,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":69,"updated_date":70,"references":71,"days_to_patch":73},"CVE-2006-10001","subscribe-to-comments-reflected-cross-site-scripting","Subscribe to Comments \u003C= 2.0.7 - Reflected Cross-Site Scripting","The Subscribe to Comments plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via REQUEST_URI in all versions up to, and including, 2.0.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.","\u003C=2.0.7","2.0.8","2006-09-17 00:00:00","2024-02-07 15:06:07",[72],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F81b76824-8099-433d-88e3-c05df9434fd6?source=api-prod",6353,{"slug":75,"display_name":7,"profile_url":8,"plugin_count":76,"total_installs":77,"avg_security_score":78,"avg_patch_time_days":79,"trust_score":80,"computed_at":81},"markjaquith",29,176350,86,3337,69,"2026-04-04T15:58:13.868Z",[83,106,125,146,167],{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":91,"downloaded":92,"rating":93,"num_ratings":94,"last_updated":95,"tested_up_to":96,"requires_at_least":97,"requires_php":98,"tags":99,"homepage":104,"download_link":105,"security_score":91,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"comments-subscribe-checkbox","Subscribe To Comments Checkbox","1.2.6","yydevelopment","https:\u002F\u002Fprofiles.wordpress.org\u002Fyydevelopment\u002F","\u003Cp>The subscribe to comments checkbox is a simple plugin that will allow you to add subscribe checkbox message below comments on your website and it will also send automatic email when the comment get replied.\u003C\u002Fp>\n\u003Cp>To add the comment email subscribe notification message all you need to do is to activate the plugin and it will be added automatically.\u003C\u002Fp>\n\u003Cp>The plugin also allow you to see under the “comments” section in wordpress admin panel all the user that subscribed to the comment reply in your blog posts & pages and you will be able to see who get mail and who didn’t.\u003C\u002Fp>\n\u003Ch4>Comments Subscribe Checkbox Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Comment subscribe notification message below the comment box\u003C\u002Fli>\n\u003Cli>Comments users management system\u003C\u002Fli>\n\u003Cli>Automatic email message that will be send to every user who subscribed to the comment\u003C\u002Fli>\n\u003Cli>The ability to unsubscribe from getting new comments on the site\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Available languages:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Hebrew (only frontend code)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>About the author & license\u003C\u002Fh4>\n\u003Cp>This plugin was brought to you for free by \u003Ca href=\"https:\u002F\u002Fwww.yydevelopment.com\u002F\" rel=\"nofollow ugc\">YYDevelopment\u003C\u002Fa> under GPLv2 license.\u003C\u002Fp>\n\u003Cp>The plugin is 100% free and we intend to keep it that way in the future as well. You are free to use this plugin and all our other \u003Ca href=\"https:\u002F\u002Fwww.yydevelopment.com\u002Fyydevelopment-wordpress-plugins\u002F\" rel=\"nofollow ugc\">free wordpress plugins\u003C\u002Fa> for your projects, your client’s projects or for anything else you need.\u003C\u002Fp>\n\u003Cp>If this plugin was helpful for you please share it online and if you get a chance to give it a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcomments-subscribe-checkbox\u002F#reviews\" rel=\"ugc\">positive review\u003C\u002Fa> we will appreciate that.\u003C\u002Fp>\n\u003Cp>If have any problems or questions regarding our comments subscribe checkbox plugin \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcomments-subscribe-checkbox\u002F\" rel=\"ugc\">submit a ticket\u003C\u002Fa> and we will be happy to help.\u003C\u002Fp>\n\u003Cp>By the way, we are based in Israel so we welcome you to visit our Hebrew site as well \u003Ca href=\"https:\u002F\u002Fwww.yydevelopment.co.il\u002F\" rel=\"nofollow ugc\">YYDevelopment Israel\u003C\u002Fa> if you are fellow Israeli.\u003C\u002Fp>\n\u003Ch4>Help support us with a coffee donation\u003C\u002Fh4>\n\u003Cp>Don’t you just hate it when you download a plugin and you find out that in order to use it you have to buy a pro version?\u003C\u002Fp>\n\u003Cp>Even bigger problem is when you use a plugin and then just out of the blue the developer decides to add a pro version and he either changes the way the plugin works or he converts some of the free functions to paid ones.\u003C\u002Fp>\n\u003Cp>We sure did hate that and a few years back we decided to start creating some of the plugins ourselves and we decided to share them all with the WordPress community \u003Cstrong>100% FREE\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>Nowadays we have more than 15 plugins and you can download and use them all for free by \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsearch\u002Fyydevelopment\u002F\" rel=\"ugc\">Clicking Here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>If you liked this plugin and you want to help support our cause, \u003Ca href=\"https:\u002F\u002Fwww.yydevelopment.com\u002Fcoffee-break\u002F?plugin=comments-subscribe-checkbox\" rel=\"nofollow ugc\">buy us a coffee\u003C\u002Fa>. Studies show that coffee helps with creating WordPress plugins.\u003C\u002Fp>\n","This plugin will allow you to add subscribe notification checkbox to comments on your site.",100,4550,98,8,"2025-12-10T03:51:00.000Z","6.9.4","5.0","5.2.4",[100,101,102,103,4],"comments-checkbox","comments-subscribe","notification-subscription","subscribe-email","https:\u002F\u002Fwww.yydevelopment.com\u002Fyydevelopment-wordpress-plugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomments-subscribe-checkbox.1.2.6.zip",{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":114,"downloaded":115,"rating":27,"num_ratings":27,"last_updated":116,"tested_up_to":117,"requires_at_least":118,"requires_php":18,"tags":119,"homepage":122,"download_link":123,"security_score":124,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"comentario-via-e-mail","Comentario Via E-mail","0.0.6","Gerlis","https:\u002F\u002Fprofiles.wordpress.org\u002Fgerlis\u002F","\u003Cp>Comentario Via E-mail é um plugin que Permite que os leitores receba notificações de novos comentários que são postados em seus comentários anteriores, entre outras funções. O plugin inclui um gerenciador de Assinatura que seus comentaristas podem ser usados ​​para cancelar a determinados cargos, bloquear todas as notificações, ou até mesmo mudar a sua notificação endereço de e-mail com fácil gerenciamento!\u003C\u002Fp>\n","Permite que o usuário inscreva-se e um comentário e recebe atualizações via e-mail.",10,3164,"2012-03-26T12:13:00.000Z","3.3.2","3.0",[120,121,20,21,22],"assiatura","cometarios","http:\u002F\u002Floja.ideianaweb.com\u002Fitem.php?pid=43","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomentario-via-e-mail.zip",85,{"slug":126,"name":127,"version":128,"author":129,"author_profile":130,"description":131,"short_description":132,"active_installs":133,"downloaded":134,"rating":91,"num_ratings":135,"last_updated":136,"tested_up_to":96,"requires_at_least":137,"requires_php":138,"tags":139,"homepage":144,"download_link":145,"security_score":91,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"hostinger-reach","Hostinger Reach – AI-Powered Email Marketing for WordPress","1.4.0","Hostinger","https:\u002F\u002Fprofiles.wordpress.org\u002Fhostinger\u002F","\u003Cp>Hostinger Reach is your all-in-one email marketing plugin, built for creators, small businesses, and website owners. It helps you grow your audience and stay connected through eye-catching, on-brand emails powered by AI and seamlessly integrated with your site.\u003C\u002Fp>\n\u003Ch4>🚀 Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>AI-powered email templates:\u003C\u002Fstrong> Describe your idea and let AI generate a ready-to-send email for you in seconds. Effortlessly tailor your templates and content to your brand look and voice.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Subscriber collection:\u003C\u002Fstrong> Create subscriber capture forms or connect popular plugins like Contact Form 7 or WPForms to start collecting contacts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic contact sync:\u003C\u002Fstrong> Reach syncs all subscribers to your dashboard in real time – no manual exports or spreadsheets needed.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email sending:\u003C\u002Fstrong> Use your domain and custom sender address for professional, trusted communication.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email campaigns:\u003C\u002Fstrong> Launch targeted email campaigns to engage your audience.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-time analytics:\u003C\u002Fstrong> Monitor opens, clicks, and other key metrics as they happen to fine-tune performance with every send.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Built-in deliverability:\u003C\u002Fstrong> Count on Hostinger’s proven infrastructure to ensure your emails land in inboxes, not spam folders.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🔌 Seamless Integration\u003C\u002Fh4>\n\u003Cp>Reach lets you create forms directly within the native WordPress Block Editor – no extra plugins required.\u003C\u002Fp>\n\u003Cp>Reach is also fully compatible with these popular form builders and plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>WPForms\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Contact Form 7\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Elementor\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WS Form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Sure Forms\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ninja Forms\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Forminator\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Thrive Leads\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>OptinMonster\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Brave Popup Builder\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>More integrations are coming soon.\u003C\u002Fp>\n\u003Ch4>📬 Deliverability & Compliance: Handled for You\u003C\u002Fh4>\n\u003Cp>Reach takes care of the technical setup, ensuring your emails land in inboxes, not spam folders.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatic SPF, DKIM, & DMARC setup\u003C\u002Fstrong> – Reach configures industry-standard email authentication protocols for you, so you don’t have to worry about deliverability issues.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Trusted infrastructure\u003C\u002Fstrong> – Reach sends your campaigns through reliable, high-reputation servers to keep your emails landing in inboxes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>100% compliant templates\u003C\u002Fstrong> – Our AI generates templates that fully comply with CAN-SPAM and GDPR, including sender information and unsubscribe options.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Auto-managed unsubscribes\u003C\u002Fstrong> – Every email includes an unsubscribe link that Reach handles automatically. When contacts unsubscribe, Reach removes them from future campaigns without any effort from you.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>💸 Plans & Pricing: Start Free, Grow Without Limits\u003C\u002Fh4>\n\u003Cp>Reach supports creators and businesses at every stage. Start for free, scale as your audience grows, and pay only when you need to.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Reach offers a free plan for one year – perfect for getting started.\u003C\u002Fli>\n\u003Cli>Paid plans provide higher sending limits based on your contact list size and monthly email volume.\u003C\u002Fli>\n\u003Cli>Every paid plan removes the Reach logo from your emails and includes five free AI-generated messages each month.\u003C\u002Fli>\n\u003Cli>New customers get 20 free AI messages and can purchase more anytime – no subscriptions or bundles required.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🆓 What’s Included in the Free Plan?\u003C\u002Fh4>\n\u003Cp>Start your email marketing journey with our feature-rich free plan designed for beginners and small audiences:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Email up to 100 unique subscribers\u002Fmonth\u003C\u002Fstrong> – Perfect for building your first list or staying in touch with your early subscribers. Your unique recipients limit resets on the 1st of every month.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Send up to 200 emails\u002Fmonth\u003C\u002Fstrong> – Enough to reach your audience and learn what works best. Your total email limit resets on the 1st of every month.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>AI content editor & visual builder\u003C\u002Fstrong> – Easily customize your emails’ content, images, and branding.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Unlimited contact storage\u003C\u002Fstrong> – Reach does not limit your contact list, so you can consistently grow your audience without worrying about lost data.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress contact sync\u003C\u002Fstrong> – Seamlessly import subscribers from your site to your Reach mailing list.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>24\u002F7 customer support\u003C\u002Fstrong> – Get help anytime, even on the free plan.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Our free plan gives you everything you need to launch your first campaign, grow your audience, and see real results – no credit card required.\u003C\u002Fp>\n\u003Ch4>💡 Why Reach?\u003C\u002Fh4>\n\u003Cp>With over 20 years of experience helping people succeed online, Hostinger created Reach to make professional email marketing simple, fast, and effective – especially for beginners.\u003C\u002Fp>\n\u003Ch4>External services\u003C\u002Fh4>\n\u003Cp>This plugin connects to Hostinger Reach API service to collect and share the next information:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Collect your Reach account overview stats and show them in the wp-admin dashboard\u003C\u002Fli>\n\u003Cli>Automatically sync new subscribers from your site to Reach\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Authentication with Hostinger Reach to share ecrypted keys, secure, and protect the communication channel\u003C\u002Fp>\n\u003Cp>Hostinger Reach plugin goal is to offer a seamless integration within Hostinger Reach service. Hence, a communication\u003Cbr \u002F>\nbetween the plugin and Hostinger Reach service is a core functionality.\u003C\u002Fp>\n\u003Cp>For more information about Hostinger Reach and our terms and conditions visit:\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.hostinger.com\u002Femail-marketing\" rel=\"nofollow ugc\">Hostinger Reach\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.hostinger.com\u002Flegal\u002Funiversal-terms-of-service-agreement\" rel=\"nofollow ugc\">Hostinger Terms of Service\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Compiled code\u003C\u002Fh4>\n\u003Cp>In order to optimize the plugin and reduce the size of the bundle we minify and compile our JavaScript files.\u003C\u002Fp>\n\u003Cp>For transparency and following the community guidelines you can find the source code inside the \u003Ccode>frontend\u003C\u002Fcode> folder.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>frontend\u002Fvue\u003C\u002Fcode>: Code for the Admin UI\u003C\u002Fli>\n\u003Cli>\u003Ccode>frontend\u002Fblocks\u003C\u002Fcode>: Code for Reach block\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>dist\u003C\u002Fcode>: compiled code\u003C\u002Fp>\n\u003Cp>We include also \u003Ccode>composer.json\u003C\u002Fcode> and \u003Ccode>package.json\u003C\u002Fcode> file showing the dependencies we use in the project.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Launch and grow your email marketing effortlessly with Hostinger Reach. Collect contacts, sync subscribers, and send emails – all in one, AI powered.",1000000,232704,2,"2026-03-10T08:48:00.000Z","6.0","8.1",[140,141,142,143,22],"email-marketing","lead-generation","marketing","newsletter","https:\u002F\u002Fhostinger.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhostinger-reach.1.4.0.zip",{"slug":143,"name":147,"version":148,"author":149,"author_profile":150,"description":151,"short_description":152,"active_installs":153,"downloaded":154,"rating":155,"num_ratings":156,"last_updated":157,"tested_up_to":96,"requires_at_least":158,"requires_php":159,"tags":160,"homepage":163,"download_link":164,"security_score":25,"vuln_count":165,"unpatched_count":27,"last_vuln_date":166,"fetched_at":29},"Newsletter – Send awesome emails from WordPress","9.1.7","Stefano Lissa","https:\u002F\u002Fprofiles.wordpress.org\u002Fsatollo\u002F","\u003Cp>The newsletter plugin is a \u003Cstrong>real newsletter and email marketing system\u003C\u002Fstrong> for your WordPress blog: perfect for list building, you can easily create, send, and track e-mails, headache-free. It just works out of the box!\u003C\u002Fp>\n\u003Ch4>Getting subscribers and list growing\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Unlimited subscribers\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Subscription forms\u003C\u002Fstrong>: popup, post-injected, widget, shortcodes (basic and advanced), raw HTML (for coders)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Double opt-in\u003C\u002Fstrong>, Privacy checkbox, and \u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\u002Fdocumentation\u002Fgdpr-compliancy\" rel=\"nofollow ugc\">GDPR ready\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lists\u003C\u002Fstrong>:  organize, classify, and segment your subscribers\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom fields\u003C\u002Fstrong>: when the name is not enough\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Maintenance\u003C\u002Fstrong>: import, export, move between lists, delete inactive subscribers, …\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Detailed statistics\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress user registration integration\u003C\u002Fstrong> (with free addon)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Subscription spam check\u003C\u002Fstrong> with domain black list, Akismet, captcha, …\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Creating and sending newsletters\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Unlimited newsletters\u003C\u002Fstrong> with click and open tracking\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Drag and drop composer\u003C\u002Fstrong> and fully responsive emails\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Classic and HTML\u003C\u002Fstrong> editor for those who need the maximum freedom\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Newsletter templates\u003C\u002Fstrong> to quickly bring in your style and reuse for each marketing campaign\u003C\u002Fli>\n\u003Cli>\u003Cstrong>One-Click Unsubscribe\u003C\u002Fstrong>: fully compatible (mandatory by Google and Yahoo)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Delivery speed\u003C\u002Fstrong> fine control (from 12 emails per hour to as much as your server can manage)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced targeting\u003C\u002Fstrong> with list combinations (all in, at least one, not in, …), custom fields and language filters\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>General features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\u002Fdocumentation\u002Fmultilanguage\" rel=\"nofollow ugc\">Multilanguage ready\u003C\u002Fa>: Polylang, WPML, TranslatePress\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Everything customizable\u003C\u002Fstrong>: forms, labels, messages, emails, and so on\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Compatible with every SMTP plugin\u003C\u002Fstrong>: Post SMTP, WP Mail SMTP, Easy WP SMTP, Easy SMTP Mail, WP Mail Bank, Fluent SMTP, …\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Diagnostic pages\u003C\u002Fstrong> to have full control\u003C\u002Fli>\n\u003Cli>REST API for coders and integrations\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Find Us\u003C\u002Fh4>\n\u003Cp>Newsletter is a continuously evolving plugin. Stay tuned by following us on \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fthenewsletterplugin\u002F\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\u002F\" rel=\"nofollow ugc\">our site\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Free Addons\u003C\u002Fh4>\n\u003Cp>Improve The Newsletter Plugin with these free addons:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\u002Fdocumentation\u002Fwpusers-extension\" rel=\"nofollow ugc\">WP Registration Addon\u003C\u002Fa> – connects the WordPress standard and custom registration with the Newsletter plugin subscription. Optionally imports all registered users as subscribers.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\u002Fdocumentation\u002Farchive-extension\" rel=\"nofollow ugc\">Archive Addon\u003C\u002Fa> – creates a simple blog page that lists all your sent newsletters\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\u002Fdocumentation\u002Flocked-content-extension\" rel=\"nofollow ugc\">Locked Content Addon\u003C\u002Fa> – open up your premium content only after the subscription\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\u002Fdocumentation\u002Fdevelopers\u002Fnewsletter-api-2\u002F\" rel=\"nofollow ugc\">Newsletter REST API Addon\u003C\u002Fa> – adds a tier of REST API to integrate with the Newsletter core services\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\u002Fdocumentation\u002Faddons\u002Fdelivery-addons\u002Fsmtp-extension\u002F\" rel=\"nofollow ugc\">SMTP Addon\u003C\u002Fa> – deliver your newsletters with external SMTP\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\u002Fdocumentation\u002Faddons\u002Fextended-features\u002Fadvanced-import\u002F\" rel=\"nofollow ugc\">Import Addon\u003C\u002Fa> – import contacts from file or copy and paste data with full mapping\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>(\u003Cem>easily add them from our \u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\u002Fdocumentation\u002Finstall-extensions\" rel=\"nofollow ugc\">Addons panel\u003C\u002Fa>\u003C\u002Fem>)\u003C\u002Fp>\n\u003Ch4>Addons on WordPress.org\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnewsletter-rss-block\u002F\" rel=\"ugc\">RSS Composer Block\u003C\u002Fa> – (3rd party) a composer block that builds its content from an RSS feed\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnewsletter-popupmaker\u002F\" rel=\"ugc\">Popup Maker Integration\u003C\u002Fa> – (3rd party) integration of Newsletter forms with Popup Maker plugin\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnewsletter-buddypress\u002F\" rel=\"ugc\">BuddyPress integration\u003C\u002Fa> – subscription opt-in inside BuddyPress signup form\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwpum-newsletter\u002F\" rel=\"ugc\">WP User Manager addon for Newsletter\u003C\u002Fa> – adds the subscription option on registration forms\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Professional Addons\u003C\u002Fh4>\n\u003Cp>Need \u003Cem>more power\u003C\u002Fem>? Feel \u003Cem>something’s missing\u003C\u002Fem>? The Newsletter Plugin features can be easily extended through our \u003Cstrong>premium, professional Addons\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\u002Freports\" rel=\"nofollow ugc\">Reports and Retargeting\u003C\u002Fa> – improves the internal statistics collection system and provides better reports of data collected for each sent email. And retargeting. Neat.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\u002Fautomated\" rel=\"nofollow ugc\">Automated\u003C\u002Fa> – generates and sends your newsletters using your blog’s last posts, even custom ones like events or products. Just sit and watch!\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\u002Fautoresponder\" rel=\"nofollow ugc\">Autoresponder\u003C\u002Fa> – creates email series to follow up with your subscribers\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\u002Fcomposer\" rel=\"nofollow ugc\">Extended Composer Blocks\u003C\u002Fa> – adds new blocks to the drag & drop composer\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\u002Fleads\" rel=\"nofollow ugc\">Leads\u003C\u002Fa> adds a fancy subscription popup box or a fixed bar to your website that will boost your conversion rate\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\u002Fgoogle-analytics\" rel=\"nofollow ugc\">Google Analytics\u003C\u002Fa> – track newsletter links with Google UTM tracking parameters\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\u002Fdocumentation\u002Fcomments-extension\" rel=\"nofollow ugc\">Subscribe on Comment\u003C\u002Fa> – adds the subscription option to your blog comment form\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\u002Fdocumentation\u002Fgeolocation-extension\" rel=\"nofollow ugc\">Geolocation\u003C\u002Fa> – adds geolocation capability to target subscribers by location\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Integration with Ecommerce solutions\u003C\u002Fh4>\n\u003Cp>Collects subscribers at checkout or registration and assign to lists based on purchased items.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\u002Fwoocommerce\" rel=\"nofollow ugc\">WooCommerce Integration\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Easy Digital Download\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Integration with Form Builders\u003C\u002Fh4>\n\u003Cp>Add the subscription option to your existing contact forms or create subscription forms with your preferred tool.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\u002Fdocumentation\u002Fcontact-form-7-extension\" rel=\"nofollow ugc\">Contact Form 7\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Elementor Forms\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\u002Fdocumentation\u002Fninjaforms-extension\" rel=\"nofollow ugc\">Ninja Forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\u002Fdocumentation\u002Fwpforms-extension\" rel=\"nofollow ugc\">WP Forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Gravity Forms\u003C\u002Fli>\n\u003Cli>Fluent Forms\u003C\u002Fli>\n\u003Cli>Formidable\u003C\u002Fli>\n\u003Cli>Forminator\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Integration with Delivery Services\u003C\u002Fh4>\n\u003Cp>You should be \u003Cstrong>free\u003C\u002Fstrong> to choose how to send your newsletters: using the mailing service of your hosting provider, an SMTP plugin or professional delivery services. The Newsletter plugin \u003Cstrong>has no constraints\u003C\u002Fstrong>!\u003C\u002Fp>\n\u003Cp>We have optimised integrations with many delivery services to reach high reliability and performance.\u003Cbr \u002F>\nEach integration is provided with bounces and complaints management, and an efficient HTTP REST API connection.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Amazon SES\u003C\u002Fli>\n\u003Cli>Sendgrid\u003C\u002Fli>\n\u003Cli>Postmark\u003C\u002Fli>\n\u003Cli>Sparkpost\u003C\u002Fli>\n\u003Cli>Mailjet\u003C\u002Fli>\n\u003Cli>Mailgun\u003C\u002Fli>\n\u003Cli>ElasticEmail\u003C\u002Fli>\n\u003Cli>SMTP2Go (free)\u003C\u002Fli>\n\u003Cli>SendPulse (free)\u003C\u002Fli>\n\u003Cli>SMTP.com (free)\u003C\u002Fli>\n\u003Cli>Brevo (free)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Integration with Event Managers\u003C\u002Fh4>\n\u003Cp>Include in newsletters your events with specialized composer blocks.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Events Manager\u003C\u002Fli>\n\u003Cli>The Events Calendar\u003C\u002Fli>\n\u003Cli>Prime Events\u003C\u002Fli>\n\u003Cli>WP Event Manager\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Integration with Membership plugins\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Ultimate Member\u003C\u002Fli>\n\u003Cli>Paid Membership Pro plugins integration\u003C\u002Fli>\n\u003Cli>MemberPress\u003C\u002Fli>\n\u003Cli>WP User Pro – to map WP user roles to lists\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>GDPR\u003C\u002Fh4>\n\u003Cp>The Newsletter Plugin provides all the technical tools needed to achieve GDPR compliance, and we’re continuously working to improve them and to give support even for specific use cases.\u003C\u002Fp>\n\u003Cp>We do not collect users’ own subscribers’ data, nor does it have any access to that data: hence, we are not a data processor, so a data processing agreement is not needed.\u003C\u002Fp>\n\u003Cp>Anyway, if you configure the plugin to use external services (usually an external mail delivery service) you should check with that service if some sort of agreement is required.\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>We provide support for our plugin on \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fnewsletter\" rel=\"ugc\">WordPress.org forums\u003C\u002Fa> and through our \u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\u002Fforums\" rel=\"nofollow ugc\">official forum\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Premium Users with an active license have access to one-to-one support via our \u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\u002Faccount\" rel=\"nofollow ugc\">ticketing system\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Developers\u003C\u002Fh4>\n\u003Cp>We have a \u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\u002Fdocumentation\u002Fdevelopers\u002F\" rel=\"nofollow ugc\">documentation section\u003C\u002Fa> dedicated to those who want to develop with the Newsletter plugin.\u003C\u002Fp>\n\u003Cp>You can find us on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FTheNewsletterPlugin\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa> with some examples of addons.\u003C\u002Fp>\n\u003Ch4>Follow Us\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Our Official Website\u003C\u002Fstrong> – \u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.thenewsletterplugin.com\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>GitHub\u003C\u002Fstrong> – \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FTheNewsletterPlugin\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002FTheNewsletterPlugin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>LinkedIn\u003C\u002Fstrong> – \u003Ca href=\"https:\u002F\u002Fwww.linkedin.com\u002Fcompany\u002Fthe-newsletter-plugin\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.linkedin.com\u002Fcompany\u002Fthe-newsletter-plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Our Facebook Page\u003C\u002Fstrong> – \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fthenewsletterplugin\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.facebook.com\u002Fthenewsletterplugin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Our Twitter Account\u003C\u002Fstrong> – \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fnewsletterwp\" rel=\"nofollow ugc\">https:\u002F\u002Ftwitter.com\u002Fnewsletterwp\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","An email marketing tool for your blog: subscription forms to create your lists with unlimited subscribers and newsletters.",200000,33381876,92,1202,"2026-03-12T06:53:00.000Z","6.1","7.0",[140,143,161,22,162],"signup-forms","welcome-email","https:\u002F\u002Fwww.thenewsletterplugin.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnewsletter.9.1.7.zip",20,"2026-01-19 11:44:32",{"slug":168,"name":169,"version":170,"author":171,"author_profile":172,"description":173,"short_description":174,"active_installs":175,"downloaded":176,"rating":177,"num_ratings":178,"last_updated":179,"tested_up_to":96,"requires_at_least":180,"requires_php":181,"tags":182,"homepage":186,"download_link":187,"security_score":188,"vuln_count":189,"unpatched_count":27,"last_vuln_date":190,"fetched_at":29},"disqus-comment-system","Disqus Comment System","3.1.4","Disqus","https:\u002F\u002Fprofiles.wordpress.org\u002Fdisqus\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fdisqus.com\u002F\" rel=\"nofollow ugc\">Disqus\u003C\u002Fa> is the web’s most popular commenting system trusted by millions of publishers to increase reader engagement, grow audience and traffic, and monetize content. Disqus helps publishers of all sizes engage directly with their audiences to build loyalty, retain readers, and foster thriving communities.\u003C\u002Fp>\n\u003Cp>The Disqus for WordPress plugin lets site owners and developers easily add Disqus to their sites, replacing the default WordPress comment system. Disqus installs in minutes and automatically imports your existing comments.\u003C\u002Fp>\n\u003Cp>In addition to our free-to-use, ad-supported Basic plan, we also offer ad-optional subscription plans that come with more advanced features and access to priority support. Please see our \u003Ca href=\"https:\u002F\u002Fdisqus.com\u002Fpricing\u002F\" rel=\"nofollow ugc\">pricing page\u003C\u002Fa> for more details.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>NEW: \u003Ca href=\"https:\u002F\u002Fdisqus.com\u002Fpolls\" rel=\"nofollow ugc\">Disqus Polls\u003C\u002Fa>\u003C\u002Fstrong> – Engage your audiences with interactive polls, and seamlessly install them on your site.\u003C\u002Fp>\n\u003Ch4>Why Disqus?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Simple one-click installation that seamlessly integrates with WordPress without ever needing to edit a single line of code or losing any of your existing comments\u003C\u002Fli>\n\u003Cli>Keep users engaged on your site longer with a commenting experience readers love\u003C\u002Fli>\n\u003Cli>Bring users back to your site with web and email notifications and personalized digests\u003C\u002Fli>\n\u003Cli>Improve SEO ranking with user generated content\u003C\u002Fli>\n\u003Cli>Keep spam out with our best-in-class anti-spam filter powered by Akismet\u003C\u002Fli>\n\u003Cli>Single profile for commenting on over 4 million sites including social login support for Facebook, Twitter, and Google accounts\u003C\u002Fli>\n\u003Cli>Trusted by sites like ABC News, Entertainment Weekly, and Rotten Tomatoes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Disqus Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Syncs comments automatically to WordPress for backup and flexibility if you ever decide to switch to a different platform\u003C\u002Fli>\n\u003Cli>Loads asynchronously with advanced caching so that Disqus doesn’t affect your site’s performance\u003C\u002Fli>\n\u003Cli>Monetization options to grow revenue\u003C\u002Fli>\n\u003Cli>Export comments to WordPress-compatible XML to backup or migrate to another system\u003C\u002Fli>\n\u003Cli>Analytics dashboard for measuring overall engagement on your site\u003C\u002Fli>\n\u003Cli>Mobile responsive design\u003C\u002Fli>\n\u003Cli>\u003Cstrong>NEW: Disqus Polls\u003C\u002Fstrong> – Create and embed interactive polls directly on your site to boost engagement and gather insights from your audience.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Engagement Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Realtime comments system with fun discussion interactions: voting, photo and video upload, rich media embed (Youtube, Twitter, Vimeo, and more), spoiler tags, mentions\u003C\u002Fli>\n\u003Cli>Comment text formatting (e.g. bold, link, italics, quote) using HTML tags as well as code syntax highlighting\u003C\u002Fli>\n\u003Cli>Threaded comment display (nested 3 levels) with ability to collapse individual threads\u003C\u002Fli>\n\u003Cli>Sort discussion by oldest, newest, and best comments\u003C\u002Fli>\n\u003Cli>Flexible login options – Social login with Facebook, Twitter, and Google, SSO, and guest commenting support\u003C\u002Fli>\n\u003Cli>Instant activity notifications, email notifications, and digests pull readers back in\u003C\u002Fli>\n\u003Cli>User profiles that show you recent comment history and frequented communities\u003C\u002Fli>\n\u003Cli>Recommendations widget that shows where active discussions are happening elsewhere on your site\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Moderation Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Automatic anti-spam filter powered by Akismet\u003C\u002Fli>\n\u003Cli>Automated pre-moderation controls to flag comments based on links, user reputation\u003C\u002Fli>\n\u003Cli>Moderate directly in the discussion, via email, or moderation panel\u003C\u002Fli>\n\u003Cli>Email notifications for newly posted comments, replies\u003C\u002Fli>\n\u003Cli>Moderation Panel that lets you search, filter, sort, and manage your comments\u003C\u002Fli>\n\u003Cli>Self-moderation tools like user blocking, comment flagging\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Search our \u003Ca href=\"https:\u002F\u002Fhelp.disqus.com\u002Fcustomer\u002Fportal\u002Farticles\u002F472005\" rel=\"nofollow ugc\">Knowledge Base\u003C\u002Fa> for solutions to common troubleshooting questions\u003C\u002Fli>\n\u003Cli>Check out our support community, \u003Ca href=\"https:\u002F\u002Fdisqus.com\u002Fhome\u002Fchannel\u002Fdiscussdisqus\u002F\" rel=\"nofollow ugc\">Discuss Disqus\u003C\u002Fa>, to see if your question has been answered\u003C\u002Fli>\n\u003Cli>Talk to our Support team at \u003Ca href=\"disqus.com\u002Fsupport\" rel=\"nofollow ugc\">disqus.com\u002Fsupport\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Visit our \u003Ca href=\"https:\u002F\u002Fhelp.disqus.com\u002Fcustomer\u002Fen\u002Fportal\u002Farticles\u002F1264625-getting-started\" rel=\"nofollow ugc\">Getting Started\u003C\u002Fa> page to learn the basics of Disqus\u003C\u002Fli>\n\u003C\u002Ful>\n","Disqus is the web's most popular comment system. Use Disqus to increase engagement, retain readers, and grow your audience.",40000,4455999,54,219,"2026-01-15T17:47:00.000Z","4.4","5.6",[20,183,21,184,185],"disqus","engagement","threaded","https:\u002F\u002Fdisqus.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisqus-comment-system.3.1.4.zip",96,5,"2014-09-17 00:00:00",{"attackSurface":192,"codeSignals":261,"taintFlows":353,"riskAssessment":442,"analyzedAt":457},{"hooks":193,"ajaxHandlers":257,"restRoutes":258,"shortcodes":259,"cronEvents":260,"entryPointCount":27,"unprotectedCount":27},[194,200,205,209,212,215,219,222,226,230,234,238,242,246,250,253],{"type":195,"name":196,"callback":197,"file":198,"line":199},"action","comment_form","echo_add_checkbox","subscribe-to-comments.php",167,{"type":201,"name":202,"callback":203,"file":198,"line":204},"filter","comment_form_defaults","add_checkbox_to_default",169,{"type":195,"name":206,"callback":207,"file":198,"line":208},"comment_post","send_notifications",172,{"type":195,"name":206,"callback":210,"file":198,"line":211},"maybe_add_subscriber",173,{"type":195,"name":213,"callback":207,"file":198,"line":214},"wp_set_comment_status",174,{"type":195,"name":216,"callback":217,"file":198,"line":218},"admin_menu","add_admin_menu",175,{"type":195,"name":220,"callback":220,"file":198,"line":221},"admin_head",176,{"type":195,"name":223,"callback":224,"file":198,"line":225},"edit_comment","on_edit",177,{"type":195,"name":227,"callback":228,"file":198,"line":229},"delete_comment","on_delete",178,{"type":201,"name":231,"callback":232,"file":198,"line":233},"the_content","manager",179,{"type":201,"name":235,"callback":236,"file":198,"line":237},"get_comment_author_link","stc_comment_author_filter",181,{"type":201,"name":239,"callback":240,"priority":45,"file":198,"line":241},"preprocess_comment","stc_checkbox_state",184,{"type":195,"name":243,"callback":244,"file":198,"line":245},"init","maybe_solo_subscribe",187,{"type":195,"name":247,"callback":248,"file":198,"line":249},"template_redirect","single",190,{"type":195,"name":251,"callback":251,"priority":114,"file":198,"line":252},"wp_title",243,{"type":195,"name":254,"callback":255,"file":198,"line":256},"wp_head","standalone_css",244,[],[],[],[],{"dangerousFunctions":262,"sqlUsage":263,"outputEscaping":285,"fileOperations":27,"externalRequests":27,"nonceChecks":45,"capabilityChecks":351,"bundledLibraries":352},[],{"prepared":264,"raw":265,"locations":266},31,7,[267,270,273,276,279,281,283],{"file":198,"line":268,"context":269},449,"$wpdb->get_row() with variable interpolation",{"file":198,"line":271,"context":272},932,"$wpdb->get_col() with variable interpolation",{"file":198,"line":274,"context":275},934,"$wpdb->get_results() with variable interpolation",{"file":198,"line":277,"context":278},938,"$wpdb->query() with variable interpolation",{"file":198,"line":280,"context":275},1454,{"file":198,"line":282,"context":275},1456,{"file":198,"line":284,"context":275},1494,{"escaped":286,"rawEcho":287,"locations":288},33,32,[289,292,294,296,298,300,302,304,306,308,310,312,314,316,318,320,322,324,326,328,330,332,334,336,338,340,342,344,346,347,348,349],{"file":198,"line":290,"context":291},287,"raw output",{"file":198,"line":293,"context":291},312,{"file":198,"line":295,"context":291},314,{"file":198,"line":297,"context":291},315,{"file":198,"line":299,"context":291},328,{"file":198,"line":301,"context":291},330,{"file":198,"line":303,"context":291},331,{"file":198,"line":305,"context":291},677,{"file":198,"line":307,"context":291},678,{"file":198,"line":309,"context":291},679,{"file":198,"line":311,"context":291},742,{"file":198,"line":313,"context":291},1031,{"file":198,"line":315,"context":291},1089,{"file":198,"line":317,"context":291},1091,{"file":198,"line":319,"context":291},1108,{"file":198,"line":321,"context":291},1111,{"file":198,"line":323,"context":291},1118,{"file":198,"line":325,"context":291},1124,{"file":198,"line":327,"context":291},1129,{"file":198,"line":329,"context":291},1130,{"file":198,"line":331,"context":291},1137,{"file":198,"line":333,"context":291},1143,{"file":198,"line":335,"context":291},1384,{"file":198,"line":337,"context":291},1436,{"file":198,"line":339,"context":291},1474,{"file":198,"line":341,"context":291},1483,{"file":198,"line":343,"context":291},1509,{"file":198,"line":345,"context":291},1551,{"file":198,"line":345,"context":291},{"file":198,"line":345,"context":291},{"file":198,"line":345,"context":291},{"file":198,"line":350,"context":291},1610,6,[],[354,372,382,401],{"entryPoint":355,"graph":356,"unsanitizedCount":27,"severity":371},"show_manual_subscription_form (subscribe-to-comments.php:42)",{"nodes":357,"edges":368},[358,363],{"id":359,"type":360,"label":361,"file":198,"line":362},"n0","source","$_SERVER['HTTP_HOST']",52,{"id":364,"type":365,"label":366,"file":198,"line":362,"wp_function":367},"n1","sink","echo() [XSS]","echo",[369],{"from":359,"to":364,"sanitized":370},true,"low",{"entryPoint":373,"graph":374,"unsanitizedCount":27,"severity":371},"manage_link (subscribe-to-comments.php:1019)",{"nodes":375,"edges":380},[376,379],{"id":359,"type":360,"label":377,"file":198,"line":378},"$_SERVER",1025,{"id":364,"type":365,"label":366,"file":198,"line":313,"wp_function":367},[381],{"from":359,"to":364,"sanitized":370},{"entryPoint":383,"graph":384,"unsanitizedCount":45,"severity":371},"save_options (subscribe-to-comments.php:1095)",{"nodes":385,"edges":397},[386,389,392],{"id":359,"type":360,"label":387,"file":198,"line":388},"$_POST",1099,{"id":364,"type":390,"label":391,"file":198,"line":388},"transform","→ update_settings()",{"id":393,"type":365,"label":394,"file":198,"line":395,"wp_function":396},"n2","update_option() [Settings Manipulation]",975,"update_option",[398,400],{"from":359,"to":364,"sanitized":399},false,{"from":364,"to":393,"sanitized":399},{"entryPoint":402,"graph":403,"unsanitizedCount":26,"severity":53},"\u003Csubscribe-to-comments> (subscribe-to-comments.php:0)",{"nodes":404,"edges":434},[405,406,407,408,410,414,416,420,423,428,430,432],{"id":359,"type":360,"label":361,"file":198,"line":362},{"id":364,"type":365,"label":366,"file":198,"line":362,"wp_function":367},{"id":393,"type":360,"label":377,"file":198,"line":378},{"id":409,"type":365,"label":366,"file":198,"line":313,"wp_function":367},"n3",{"id":411,"type":360,"label":412,"file":198,"line":413},"n4","$_COOKIE",998,{"id":415,"type":365,"label":366,"file":198,"line":341,"wp_function":367},"n5",{"id":417,"type":360,"label":418,"file":198,"line":419},"n6","$_COOKIE (x2)",1041,{"id":421,"type":390,"label":422,"file":198,"line":419},"n7","→ remove_subscriber()",{"id":424,"type":365,"label":425,"file":198,"line":426,"wp_function":427},"n8","query() [SQLi]",743,"query",{"id":429,"type":360,"label":387,"file":198,"line":388},"n9",{"id":431,"type":390,"label":391,"file":198,"line":388},"n10",{"id":433,"type":365,"label":394,"file":198,"line":395,"wp_function":396},"n11",[435,436,437,438,439,440,441],{"from":359,"to":364,"sanitized":370},{"from":393,"to":409,"sanitized":370},{"from":411,"to":415,"sanitized":370},{"from":417,"to":421,"sanitized":399},{"from":421,"to":424,"sanitized":399},{"from":429,"to":431,"sanitized":399},{"from":431,"to":433,"sanitized":399},{"summary":443,"deductions":444},"The \"subscribe-to-comments\" plugin version 2.3.1 exhibits a mixed security posture. On the positive side, it demonstrates a relatively small attack surface with no apparent direct entry points like AJAX handlers, REST API routes, or shortcodes exposed without authentication. The code also shows a good use of prepared statements for SQL queries (82%) and includes some nonce and capability checks, indicating an awareness of common WordPress security practices. However, significant concerns arise from the static analysis results. A notable percentage of output (49%) is not properly escaped, creating a potential for Cross-Site Scripting (XSS) vulnerabilities. Furthermore, the taint analysis revealed flows with unsanitized paths and a high severity flow, which, while not explicitly defined as a vulnerability in this version, suggests potential for insecure file handling or other input-related risks. The plugin's vulnerability history is a significant red flag, with three past CVEs, including one high and two medium severity issues, specifically related to Remote File Inclusion and Cross-Site Scripting. The fact that the last vulnerability was quite recent (October 2024) and involved these critical types of attacks, even if currently unpatched for this specific version, points to recurring security weaknesses within the plugin's codebase. While the absence of unpatched CVEs for version 2.3.1 is positive, the historical pattern and the identified code signals suggest a need for vigilance and further investigation into the actual exploitative potential of the unsanitized paths and unescaped outputs.",[445,447,449,451,454],{"reason":446,"points":351},"Unescaped output identified",{"reason":448,"points":94},"Taint flow with unsanitized path",{"reason":450,"points":114},"Taint flow with high severity",{"reason":452,"points":453},"Previous High severity CVEs",15,{"reason":455,"points":456},"Previous Medium severity CVEs",12,"2026-03-16T17:34:19.723Z",{"wat":459,"direct":468},{"assetPaths":460,"generatorPatterns":463,"scriptPaths":464,"versionParams":465},[461,462],"\u002Fwp-content\u002Fplugins\u002Fsubscribe-to-comments\u002Fjs\u002Fsubscribe-to-comments.js","\u002Fwp-content\u002Fplugins\u002Fsubscribe-to-comments\u002Fcss\u002Fstyle.css",[],[461],[466,467],"subscribe-to-comments\u002Fstyle.css?ver=","subscribe-to-comments\u002Fjs\u002Fsubscribe-to-comments.js?ver=",{"cssClasses":469,"htmlComments":472,"htmlAttributes":473,"restEndpoints":478,"jsGlobals":479,"shortcodeOutput":482},[470,471],"solo-subscribe-to-comments","solo-subscribe-email",[],[474,475,476,477],"name=\"solo-comment-subscribe\"","name=\"postid\"","name=\"ref\"","id=\"solo-subscribe-email\"",[],[480,481],"sg_subscribe","_stc",[]]