[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fAIRtsYB5zFWLHZMwY6t4tOO8kNZlRhV7XPcyh6ijGtg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":48,"crawl_stats":37,"alternatives":55,"analysis":164,"fingerprints":527},"thoughtful-comments","FV Thoughtful Comments","0.4.1","FolioVision","https:\u002F\u002Fprofiles.wordpress.org\u002Ffoliovision\u002F","\u003Cp>We’ve always found the comment moderation\u002Fmanagement a bit weak (no wonder so many people are using the Disqus crutch). Our plugin Thoughtful Comments supercharges comment moderation by moving it into the front end (i.e. in context). It also allows banning by IP, email address or domain.\u003C\u002Fp>\n\u003Cp>Unlike many comment plugins, Thoughtful Comments works hand in hand with Akismet, feeding all the information into Akismet as well as the existing WordPress whitelist and blacklist features.\u003C\u002Fp>\n\u003Cp>What’s cool about Thoughtful Comments is that you can add it to a WordPress site with no changes to existing comment moderation tables and you can remove it from a WordPress site with no loss of core functionality. I.e. I think Thoughtful Comments could be integrated into core with a minimum amount of pain. Thoughtful Comments works with all current Subscribe to Comment plugins as well. As we use all core functions and tables, Thoughtful Comments works with all current Subscribe to Comment plugins as well.\u003C\u002Fp>\n\u003Cp>Thoughtful Comments is the most powerful and useful code we’ve ever written (we have four very popular plugins). It’s integration into core would save many, many site owners the pain of Disqus.\u003C\u002Fp>\n\u003Cp>Thoughtful Comments is entirely stable and active on some of the most heavily commented political and lifestyle sites in the world.\u003C\u002Fp>\n\u003Cp>While Automattic has a horse in the ring (Intense Debate), we’d really like to see Thoughtful Comments included in core.\u003C\u002Fp>\n\u003Ch3>Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Front-end comment moderation – for logged in users with required permission\u003C\u002Fli>\n\u003Cli>Unapproved comments shown in front-end – for logged in users with required permission\u003C\u002Fli>\n\u003Cli>Per-user moderation settings\u003C\u002Fli>\n\u003Cli>Comment caching – lightening PHP load and speeding up busy sites significantly – works with any WP cache plugin!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>\u003Ca href=\"http:\u002F\u002Ffoliovision.com\u002Fseo-tools\u002Fwordpress\u002Fplugins\u002Fthoughtful-comments\u002F\" rel=\"nofollow ugc\">Download now!\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Ffoliovision.com\u002Fseo-tools\u002Fwordpress\u002Fplugins\u002Fthoughtful-comments\u002F\" rel=\"nofollow ugc\">Support\u003C\u002Fa> | \u003Ca href=\"http:\u002F\u002Ffoliovision.com\u002Fseo-tools\u002Fwordpress\u002Fplugins\u002Fthoughtful-comments\u002Fchangelog\u002F\" rel=\"nofollow ugc\">Change Log\u003C\u002Fa> | \u003Ca href=\"http:\u002F\u002Ffoliovision.com\u002Fseo-tools\u002Fwordpress\u002Fplugins\u002Fthoughtful-comments\u002Finstallation\u002F\" rel=\"nofollow ugc\">Installation\u003C\u002Fa> | \u003Ca href=\"http:\u002F\u002Ffoliovision.com\u002Fseo-tools\u002Fwordpress\u002Fplugins\u002Fthoughtful-comments\u002Fusage\u002F\" rel=\"nofollow ugc\">Usage\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Theme compatibility\u003C\u002Fh3>\n\u003Cp>If you want to get the most correct display when deleting a comment and preserving it’s replies, you need to use a theme which is using “cascade” display of the comments instead of “nested” display.\u003C\u002Fp>\n\u003Cp>Thoughtful Comments assumes that each comment is contained in some HTML element with unique ID which is containing the comment ID, so it works with most of the themes.\u003C\u002Fp>\n\u003Cp>Also, commenter name should not be in cite tag, so that the HTML highlight will appear properly and not as readable HTML (similar to code tag).\u003C\u002Fp>\n","FV Thoughtful Comments adds front end comment moderation including sophisticated banning mechanisms. Say Goodbye to Disqus!",80,16006,100,3,"2025-03-14T10:38:00.000Z","6.7.5","4.9","",[20,21,22,23],"comments","frontend","moderation","unapproved","http:\u002F\u002Ffoliovision.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fthoughtful-comments.zip",92,1,0,"2025-01-24 00:00:00","2026-03-15T15:16:48.613Z",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":39,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":29,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2025-24613","fv-thoughtful-comments-missing-authorization","FV Thoughtful Comments \u003C= 0.3.5 - Missing Authorization","The FV Thoughtful Comments plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 0.3.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform an unauthorized action.",null,"\u003C=0.3.5","0.3.6","low",3.1,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2025-01-28 16:42:44",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F07904ed6-ff3c-41b6-a0ee-87fdbfd14bea?source=api-prod",5,{"slug":49,"display_name":7,"profile_url":8,"plugin_count":50,"total_installs":51,"avg_security_score":26,"avg_patch_time_days":52,"trust_score":53,"computed_at":54},"foliovision",19,47930,1121,73,"2026-04-04T18:26:05.881Z",[56,81,104,123,145],{"slug":57,"name":58,"version":39,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":65,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":70,"tags":71,"homepage":76,"download_link":77,"security_score":78,"vuln_count":79,"unpatched_count":14,"last_vuln_date":80,"fetched_at":30},"anycomment","AnyComment","Alexander","https:\u002F\u002Fprofiles.wordpress.org\u002Fateshabaev\u002F","\u003Cp>AnyComment is blazing-fast commenting plugin base on React for WordPress.\u003C\u002Fp>\n\u003Cp>It stands for simplicity & speed. We value feedback, so if you have any failures or suggestions – please let us know in \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fanycomment\" rel=\"ugc\">support forum\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbologer\u002Fanycomment.io\u002Fissues\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>!\u003C\u002Fp>\n\u003Cp>You can simply switch without any migrations from the following plugins:\u003Cbr \u002F>\n– Jetpack\u003Cbr \u002F>\n– wpDiscuz\u003Cbr \u002F>\n– Disqus\u003Cbr \u002F>\n– Cackle\u003Cbr \u002F>\n– Hypercomments\u003Cbr \u002F>\n– Vuukle\u003C\u002Fp>\n\u003Ch4>Resources\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin.anycomment.io\u002Fen\u002F\" rel=\"nofollow ugc\">Official website\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin.anycomment.io\u002Fen\u002Fcategory\u002Ftutorials\u002F\" rel=\"nofollow ugc\">All guides\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin.anycomment.io\u002Fen\u002Fcategory\u002Ftutorials\u002Fsocials\u002F\" rel=\"nofollow ugc\">Configure socials\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbologer\u002Fanycomment.io\" rel=\"nofollow ugc\">GitHub repository\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fvk.com\u002Fanycomment\" rel=\"nofollow ugc\">VK.com group\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ft.me\u002Fjoinchat\u002FBEUJEQ9aMmQsFX65MNRCDg\" rel=\"nofollow ugc\">Telegram group\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Demo\u003C\u002Fh4>\n\u003Cp>Feel free to use \u003Ca href=\"https:\u002F\u002Fplugin.anycomment.io\u002Fdemo\u002F\" rel=\"nofollow ugc\">this demo page\u003C\u002Fa>. Every time new version is released, demo plugin will be updated as well, so you always see the latest version.\u003C\u002Fp>\n\u003Ch4>Get Started\u003C\u002Fh4>\n\u003Cp>In order to start, you need:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Install plugin\u003C\u002Fli>\n\u003Cli>Choose social networks you prefer\u003C\u002Fli>\n\u003Cli>Configure social networks you need (we have guides English & Russian to help you with this)\u003C\u002Fli>\n\u003Cli>You are good to go!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>And good new is AnyComment is free & no dependency on third party services, all comments stored in your database.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>All comments stored in your own database. We reuse native comment’s table, so all of the default WordPress functionality comes out of the box.\u003C\u002Fli>\n\u003Cli>Social network authorization via Facebook, VK, Twitter, Google, Odnoklassniki, GitHub, Twitch or Dribbble\u003C\u002Fli>\n\u003Cli>SEO Indexing\u003C\u002Fli>\n\u003Cli>Ability to switch to cloud version\u003C\u002Fli>\n\u003Cli>Ability to define who can leave comment: guests only, with social authorization or both\u003C\u002Fli>\n\u003Cli>Ability to upload files (define allowed extensions, limit, who can upload, etc)\u003C\u002Fli>\n\u003Cli>When user leaves a tweet link in the comment, plugin can embed it as external Twitter widget (can be disabled)\u003C\u002Fli>\n\u003Cli>Ability to customize  design\u003C\u002Fli>\n\u003Cli>Blazing-fast comments based on React & WordPress REST API\u003C\u002Fli>\n\u003Cli>Alert notification in comment area when new comment was added\u003C\u002Fli>\n\u003Cli>Notifications about new comment reply\u003C\u002Fli>\n\u003Cli>Notifications about new comment to administrator\u003C\u002Fli>\n\u003Cli>Ability to specify comma-separated list of words to be used to hold comments for moderators\u003C\u002Fli>\n\u003Cli>Ability to have bold, italics, underline, quotes, links or clear formatting. Each type can be disabled separately or the whole toolbar together\u003C\u002Fli>\n\u003Cli>Image and video URLs as attachment (control via admin)\u003C\u002Fli>\n\u003Cli>GDRP compliant, ability to provide \u003Ccode>Privacy Policy\u003C\u002Fcode> link, so users know how their data processed and used (when not provided, no checkbox will be shown to users)\u003C\u002Fli>\n\u003Cli>Social avatars shown globally\u003C\u002Fli>\n\u003Cli>Likes (see likes count per comment\u002Fuser in admin)\u003C\u002Fli>\n\u003Cli>Ability to rate (1-5 stars) page in comments (1-5 stars)\u003C\u002Fli>\n\u003Cli>Edit\u002Fdelete comments when you are the owner or have moderate permission(s) directly in client area\u003C\u002Fli>\n\u003Cli>Assign default group for users who authorize via social network\u003C\u002Fli>\n\u003Cli>See user’s social profile URL in admin\u003C\u002Fli>\n\u003Cli>Simple & informative dashboard with graphs to display number of comments over number of users who were engaged in the conversation per certain period & most active users\u003C\u002Fli>\n\u003Cli>Get latest plugin update news directly in the dashboard, don’t miss a thing\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Integrations\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fakismet\u002F\" rel=\"ugc\">Akismet\u003C\u002Fa> to fight spam messages\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-mail-smtp\u002F\" rel=\"ugc\">WP Mail SMTP\u003C\u002Fa> to set-up SMTP server\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-user-avatar\u002F\" rel=\"ugc\">WP User Avatar\u003C\u002Fa> to upload global or personal avatar\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.google.com\u002Frecaptcha\" rel=\"nofollow ugc\">reCAPTCHA\u003C\u002Fa> to fight spam messages\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbuddypress\u002F\" rel=\"ugc\">BuddyPress\u003C\u002Fa> when somebody sends comment with “@” sign + username.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>TODO features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Option: ability to specify thanks message and\u002For page when user left his first comment, #88\u003C\u002Fli>\n\u003Cli>Option: when user does not have email after registration via social, ask for it somewhere in the comments again\u003C\u002Fli>\n\u003Cli>Option: notify moderators about new comments, #77\u003C\u002Fli>\n\u003Cli>Option: embed Instagram photos, #115\u003C\u002Fli>\n\u003Cli>Option: embed Instafeed, #116\u003C\u002Fli>\n\u003Cli>Ability to choose comment to make it sticky at the very top of all comments, #76\u003C\u002Fli>\n\u003Cli>Add checkbox to subscribe to new replies, #73 (now it is mandatory)\u003C\u002Fli>\n\u003Cli>Option: Ability to ban user or by IP address, #70\u003C\u002Fli>\n\u003Cli>Support more languages\u003C\u002Fli>\n\u003Cli>Code highlighting\u003C\u002Fli>\n\u003Cli>Markdown support\u003C\u002Fli>\n\u003Cli>Add more guides on how to set-up certain services, Google SMTP, Amazon SES, etc\u003C\u002Fli>\n\u003Cli>Cross sharing of comments, when user posts a comment, duplicate it on their wall\u003C\u002Fli>\n\u003Cli>Add Yahoo as authorization option\u003C\u002Fli>\n\u003Cli>More widgets to be added on the page (sidebar, custom pages, etc)\u003C\u002Fli>\n\u003Cli>Special moderator panel integrated into custom AnyComment pages (for easy comment moderation)\u003C\u002Fli>\n\u003Cli>More statistics and analytics…\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbologer\u002Fanycomment.io\u002Fissues\" rel=\"nofollow ugc\">And a lot more…\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","AnyComment is blazing-fast commenting plugin based on React for WordPress.",3000,96874,96,156,"2022-05-14T20:15:00.000Z","5.9.13","4.7","5.4",[72,73,74,20,75],"ajax-comments","comment","comment-moderation","comments-seo","https:\u002F\u002Fanycomment.io","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanycomment.0.3.6.zip",17,7,"2025-12-31 00:00:00",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":65,"num_ratings":91,"last_updated":92,"tested_up_to":93,"requires_at_least":94,"requires_php":95,"tags":96,"homepage":99,"download_link":100,"security_score":101,"vuln_count":102,"unpatched_count":28,"last_vuln_date":103,"fetched_at":30},"simple-comment-editing","Comment Edit Core – Simple Comment Editing","3.3.0","Ronald Huereca","https:\u002F\u002Fprofiles.wordpress.org\u002Fronalfy\u002F","\u003Cp>Allow your users to edit their comments and WooCommerce reviews for a period of time.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FbNCDdQbwA-s?version=3&rel=0&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>Go Pro for a lot more control over the comment editing experience, including front-end moderation capabilities, and unlimited logged-in editing. \u003Ca href=\"https:\u002F\u002Fdlxplugins.com\u002Fplugins\u002Fcomment-edit-pro\u002F\" rel=\"nofollow ugc\">Find out more…\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fdocs.dlxplugins.com\u002Fv\u002Fcomment-edit-lite\u002F\" rel=\"nofollow ugc\">Getting Started\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsponsors\u002FDLXPlugins\" rel=\"nofollow ugc\">Sponsor Us\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fdlxplugins.com\u002Fplugins\u002Fcomment-edit-lite\u002F\" rel=\"nofollow ugc\">Comment Edit Core Home\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Comment Edit Core features\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Install the plugin. That’s it. It just works.\n\u003C\u002Fli>\n\u003Cli>Anonymous users can edit comments for 5 minutes.\u003C\u002Fli>\n\u003Cli>No styling is necessary. For advanced customization, see the “Other Notes” section.\u003C\u002Fli>\n\u003Cli>Advanced customization can be achieved using filters.\u003C\u002Fli>\n\u003Cli>Add Mailchimp to your comment form and get email subscribers through comments.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Get more with Comment Edit Pro\u003C\u002Fh3>\n\u003Cp>For additional features in addition to comment editing, please check out \u003Ca href=\"https:\u002F\u002Fdlxplugins.com\u002Fplugins\u002Fcomment-edit-pro\u002F\" rel=\"nofollow ugc\">Comment Edit Pro\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Features Include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Newsletter integration with Mailchimp, ConvertKit, Flodesk, and MailerLite\u003C\u002Fli>\n\u003Cli>Community features including @ Mentions, Comment Avatars, and Comment Character Control\u003C\u002Fli>\n\u003Cli>Automations with Webhooks to connect to services like Zapier and other automation tools\u003C\u002Fli>\n\u003Cli>Spam\u002Fbot protection add-ons with reCAPTCHA Enterprise or Cloudflare Turnstile support\u003C\u002Fli>\n\u003Cli>Comment shortcuts and front-end moderation tools\u003C\u002Fli>\n\u003Cli>Set comment rules per post type\u003C\u002Fli>\n\u003Cli>Set comments to expire based on activity\u003C\u002Fli>\n\u003Cli>Get notified of new and edited comments with the Slack integration\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdlxplugins.com\u002Fplugins\u002Fcomment-edit-pro\u002F\" rel=\"nofollow ugc\">Find out more…\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cblockquote>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fapp.instawp.io\u002Flaunch?t=comment-edit-pro&d=v2\" rel=\"nofollow ugc\">Launch a Live Demo of Comment Edit Pro on InstaWP\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n","Allow your users to edit their comments for a period of time. Adjust the comment timer and save some admin headaches.",2000,148497,55,"2026-03-08T06:12:00.000Z","7.0","5.0","7.2",[72,74,20,97,98],"edit-comment","edit-comments","https:\u002F\u002Fdlxplugins.com\u002Fplugins\u002Fcomment-edit-lite\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-comment-editing.3.3.0.zip",98,2,"2025-11-12 00:00:00",{"slug":105,"name":106,"version":107,"author":108,"author_profile":109,"description":110,"short_description":111,"active_installs":112,"downloaded":113,"rating":13,"num_ratings":114,"last_updated":115,"tested_up_to":116,"requires_at_least":117,"requires_php":18,"tags":118,"homepage":121,"download_link":122,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"comment-moderation-e-mail-to-post-author","Comment Moderation\u002FNotification Recipients","0.7","Rolf Allard van Hagen","https:\u002F\u002Fprofiles.wordpress.org\u002Fravanh\u002F","\u003Cp>Normally, when a comment gets submitted to a particular post, the author of that post gets a notification about it. And when a comment is held for moderation (which depends on your sites comment settings) then the moderation notification is sent to \u003Cem>both\u003C\u002Fem> the post \u003Cstrong>Author\u003C\u002Fstrong> (if he\u002Fshe has moderation rights) \u003Cem>and\u003C\u002Fem> the site’s \u003Cstrong>Administration E-mail Address\u003C\u002Fstrong> as configured under \u003Cstrong>Settings > General\u003C\u002Fstrong> at the same time.\u003C\u002Fp>\n\u003Cp>On \u003Cstrong>colaboration sites\u003C\u002Fstrong> or sites managed by a webmaster or designer where the client is the post author, the site admin, with enough on his\u002Fher mind already, is bothered with each and every new comment in the moderation queue.\u003C\u002Fp>\n\u003Cp>This plugin can change that.\u003C\u002Fp>\n\u003Cp>Just install and activate it: All post comment moderation notifications will be sent \u003Cstrong>only\u003C\u002Fstrong> to each respective \u003Cstrong>Post Author\u003C\u002Fstrong>. If, by any chance, the post author has no moderation rights (Contributor level) \u003Cem>or\u003C\u002Fem> there is no valid author e-mail set then the default site e-mail address will still get the notification.\u003C\u002Fp>\n\u003Cp>WordPress Multisite compatible, per-site or network activated or as a must-use plugin.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Plugin Settings\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Options will be added in the future but for now, you can only change the plugin behavior via constants in your wp-config.php file.\u003C\u002Fp>\n\u003Cp>Add them on a new line in your wp-config.php file, just above the line that sais: \u003Ccode>\u002F* That's all, stop editing! Happy publishing. *\u002F\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cp>These constants are currently available:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>COMMENT_NOTIFICATION_RECIPIENTS\u003C\u002Fstrong> – Controls the New Comment recipients. Default: “wp_default” corresponds with “post_author_only” WordPress default.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>COMMENT_MODERATION_RECIPIENTS\u003C\u002Fstrong> – Controls the Comment is waiting for Moderation message recipients. Default: “post_author_only”.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>These options are currently available:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>wp_default\u003C\u002Fstrong> – The WordPress default behavior. Plugin does nothing.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>post_author_only\u003C\u002Fstrong> – Send notifications only to the Post Author e-mail address.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>site_admin_only\u003C\u002Fstrong> – Send notifications only to the Administration Email Address as configured on Settings > General.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Examples:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Use \u003Ccode>define( 'COMMENT_NOTIFICATION_RECIPIENTS', 'site_admin_only' );\u003C\u002Fcode> to make new comment notifications go to the site admin e-mail address, and no longer the post author.\u003C\u002Fp>\n\u003Cp>Use \u003Ccode>define( 'COMMENT_MODERATION_RECIPIENTS', 'post_author_only' );\u003C\u002Fcode> to make comment moderation notifications only go to the authors e-mail address, and no longer the site administrator address (unless the post author does not have moderation rights).\u003C\u002Fp>\n","Control who will receive new comment and moderation notifications. Light weight, simple, safe and effective.",1000,24266,4,"2026-02-19T16:40:00.000Z","6.9.4","3.7",[119,120,20],"comment-moderation-recipients","comment-notification","http:\u002F\u002Fstatus301.net\u002Fwordpress-plugins\u002Fcomment-moderation-e-mail-to-post-author\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomment-moderation-e-mail-to-post-author.0.7.zip",{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":131,"downloaded":132,"rating":133,"num_ratings":134,"last_updated":135,"tested_up_to":136,"requires_at_least":137,"requires_php":18,"tags":138,"homepage":142,"download_link":143,"security_score":144,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"bulk-comments-management","Bulk Comments Management","1.0","Yakup Hoca","https:\u002F\u002Fprofiles.wordpress.org\u002Fyakuphoca\u002F","\u003Cp>This plugin allows administrators to globally delete comments (spam, trash, unapproved comments), enable\u002Fdisable comments on all posts.\u003C\u002Fp>\n","This plugin allows administrators to globally delete comments (spam, trash, unapproved comments), enable\u002Fdisable comments on all posts.",700,25895,94,13,"2017-11-28T20:57:00.000Z","3.5.2","3.3",[20,139,140,141,23],"delete-comments","delete-tracakbacks","spam","http:\u002F\u002Fwww.yakuphoca.com\u002Fbulk-comments-management-wordpress-plugin.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbulk-comments-management.zip",85,{"slug":146,"name":147,"version":148,"author":149,"author_profile":150,"description":151,"short_description":152,"active_installs":153,"downloaded":154,"rating":155,"num_ratings":47,"last_updated":156,"tested_up_to":157,"requires_at_least":158,"requires_php":18,"tags":159,"homepage":162,"download_link":163,"security_score":144,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"auto-approve-comments","Auto Approve Comments","2.8","Federico Andrioli","https:\u002F\u002Fprofiles.wordpress.org\u002Ffedeandri\u002F","\u003Cp>Auto approve comments by Commenter (email, name, url), User and Role (Akismet and wpDiscuz compatible).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Usage\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Open Comments -> Auto Approve Comments\u003C\u002Fli>\n\u003Cli>Go to Settings -> Discussion and check “Comment must be manually approved” \u003C\u002Fli>\n\u003Cli>Optionally install and activate Akismet (comments flagged as SPAM will never get auto approved) \u003C\u002Fli>\n\u003Cli>Configure your auto approval filters in “Commenters”, “Users” and “Roles”\u003C\u002Fli>\n\u003Cli>Save and you’re done\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>From now on all the comments that match at least one of the configurations in “Commenters”, “Users” or “Roles” will always be auto approved.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Commenters – example\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Add one Commenter per line, follow the example below:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>tom@myface.com\ntom@myface.com,Tom\ntom@myface.com,www.myface.com\ntom@myface.com,www.myface.com,Tom\ntom@myface.com,Tom,www.myface.com\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Users – example\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Add one Username per line, follow the example below:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>steveknobs76\njeffmezos012\nlarrymage98\nmarktuckerberg2004\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Roles – example\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Add one Role per line, follow the example below:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>contributor\neditor\nyourcustomrole\nsubscriber\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Developers\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Official Github repository:\u003Cbr \u002F>\nhttps:\u002F\u002Fgithub.com\u002Ffedeandri\u002Fauto-approve-comments\u003C\u002Fp>\n","Auto approve comments by Commenter (email, name, url), User and Role (Akismet and wpDiscuz compatible)",200,9999,64,"2021-06-15T12:24:00.000Z","5.8.13","3.8",[160,161,20,22],"anti-spam","auto-approve","https:\u002F\u002Fgithub.com\u002Ffedeandri\u002Fauto-approve-comments","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fauto-approve-comments.2.8.zip",{"attackSurface":165,"codeSignals":352,"taintFlows":426,"riskAssessment":513,"analyzedAt":526},{"hooks":166,"ajaxHandlers":337,"restRoutes":349,"shortcodes":350,"cronEvents":351,"entryPointCount":14,"unprotectedCount":28},[167,173,177,181,185,190,194,198,202,206,210,212,216,221,224,228,231,235,238,242,246,249,253,257,261,265,268,272,275,279,282,285,288,291,294,297,300,304,307,311,315,318,321,324,327,331,334],{"type":168,"name":169,"callback":170,"file":171,"line":172},"action","in_plugin_update_message-thoughtful-comments\u002Ffv-thoughtful-comments.php","plugin_update_message","fv-thoughtful-comments.php",90,{"type":168,"name":174,"callback":175,"file":171,"line":176},"admin_init","option_defaults",91,{"type":168,"name":178,"callback":179,"file":171,"line":180},"deleted_comment","comment_deleted",1353,{"type":168,"name":182,"callback":183,"file":171,"line":184},"wp_set_comment_status","comment_status_changed",1361,{"type":186,"name":187,"callback":188,"file":171,"line":189},"filter","thread_comments_depth_max","fv_tc_override_notification_ob_start",1697,{"type":186,"name":191,"callback":192,"file":171,"line":193},"avatar_defaults","fv_tc_override_notification_ob_end",1698,{"type":186,"name":195,"callback":196,"file":171,"line":197},"personal_options","fv_tc_nicename_personal_options",1730,{"type":186,"name":199,"callback":200,"file":171,"line":201},"edit_user_profile","fv_tc_nicename_edit_user_profile",1731,{"type":186,"name":203,"callback":204,"file":171,"line":205},"pre_user_nicename","fv_tc_nicename_pre_user_nicename",1732,{"type":186,"name":207,"callback":208,"file":171,"line":209},"comment_row_actions","admin",1785,{"type":186,"name":174,"callback":174,"file":171,"line":211},1791,{"type":186,"name":213,"callback":214,"file":171,"line":215},"manage_users_columns","column",1794,{"type":186,"name":217,"callback":218,"priority":219,"file":171,"line":220},"manage_users_custom_column","column_content",10,1796,{"type":186,"name":222,"callback":21,"file":171,"line":223},"comment_text",1800,{"type":186,"name":225,"callback":226,"file":171,"line":227},"init","frontend_block_themes",1802,{"type":186,"name":222,"callback":229,"priority":13,"file":171,"line":230},"comment_links",1805,{"type":168,"name":232,"callback":233,"priority":27,"file":171,"line":234},"thesis_hook_after_comment","thesis_frontend_show",1808,{"type":186,"name":236,"callback":229,"priority":13,"file":171,"line":237},"thesis_comment_text",1810,{"type":186,"name":239,"callback":240,"file":171,"line":241},"pre_comment_approved","moderate",1813,{"type":168,"name":243,"callback":244,"file":171,"line":245},"wp_footer","scripts",1816,{"type":168,"name":247,"callback":244,"file":171,"line":248},"admin_footer",1817,{"type":186,"name":250,"callback":251,"file":171,"line":252},"comments_number","show_unapproved_count",1820,{"type":168,"name":254,"callback":255,"file":171,"line":256},"wp_print_styles","styles",1824,{"type":186,"name":258,"callback":259,"file":171,"line":260},"comment_class","hilight_unapproved",1827,{"type":186,"name":262,"callback":263,"file":171,"line":264},"comments_template_query_args","load_unapproved",1829,{"type":186,"name":225,"callback":266,"file":171,"line":267},"load_unapproved_block_themes",1831,{"type":186,"name":269,"callback":270,"file":171,"line":271},"comments_array","users_cache",1834,{"type":168,"name":273,"callback":273,"priority":112,"file":171,"line":274},"transition_comment_status",1837,{"type":186,"name":276,"callback":277,"priority":28,"file":171,"line":278},"comment_author","comment_author_no_esc_html",1840,{"type":186,"name":239,"callback":280,"priority":219,"file":171,"line":281},"fv_tc_auto_approve_comment",1843,{"type":168,"name":174,"callback":283,"file":171,"line":284},"fv_tc_auto_approve_comment_override_notification",1847,{"type":168,"name":174,"callback":286,"file":171,"line":287},"fv_tc_user_nicename_change",1850,{"type":186,"name":289,"callback":289,"file":171,"line":290},"comment_moderation_headers",1858,{"type":186,"name":292,"callback":292,"file":171,"line":293},"comment_moderation_text",1860,{"type":168,"name":178,"callback":295,"priority":28,"file":171,"line":296},"stc_comment_deleted",1864,{"type":168,"name":182,"callback":298,"priority":28,"file":171,"line":299},"stc_comment_status_changed",1865,{"type":168,"name":301,"callback":302,"file":171,"line":303},"admin_head","admin_css",1867,{"type":168,"name":305,"callback":305,"file":171,"line":306},"admin_menu",1868,{"type":168,"name":308,"callback":309,"file":171,"line":310},"admin_enqueue_scripts","fv_tc_admin_enqueue_scripts",1869,{"type":186,"name":312,"callback":313,"file":171,"line":314},"comment_reply_link","comment_reply_links",1871,{"type":168,"name":225,"callback":316,"file":171,"line":317},"ap_action_init",1873,{"type":186,"name":319,"callback":319,"file":171,"line":320},"get_comment_link",1875,{"type":186,"name":322,"callback":322,"file":171,"line":323},"get_comments_pagenum_link",1876,{"type":186,"name":325,"callback":322,"file":171,"line":326},"paginate_links",1877,{"type":186,"name":328,"callback":329,"file":171,"line":330},"wp_list_comments_args","cache_start",1880,{"type":186,"name":174,"callback":332,"file":171,"line":333},"cache_purge",1881,{"type":186,"name":335,"callback":332,"priority":219,"file":171,"line":336},"sce_save_before",1882,[338,343,346],{"action":339,"nopriv":340,"callback":339,"hasNonce":341,"hasCapCheck":340,"file":171,"line":342},"fv_tc_approve",false,true,1768,{"action":344,"nopriv":340,"callback":344,"hasNonce":341,"hasCapCheck":340,"file":171,"line":345},"fv_tc_delete",1769,{"action":347,"nopriv":340,"callback":347,"hasNonce":341,"hasCapCheck":340,"file":171,"line":348},"fv_tc_moderated",1770,[],[],[],{"dangerousFunctions":353,"sqlUsage":358,"outputEscaping":379,"fileOperations":423,"externalRequests":27,"nonceChecks":47,"capabilityChecks":424,"bundledLibraries":425},[354],{"fn":355,"file":171,"line":356,"context":357},"unserialize",283,"$this->cache_data = unserialize( file_get_contents( WP_CONTENT_DIR.'\u002F'.$this->cache_filename ) );",{"prepared":359,"raw":79,"locations":360},8,[361,364,367,370,372,374,376],{"file":171,"line":362,"context":363},1133,"$wpdb->get_results() with variable interpolation",{"file":171,"line":365,"context":366},1183,"$wpdb->query() with variable interpolation",{"file":171,"line":368,"context":369},1190,"$wpdb->get_col() with variable interpolation",{"file":171,"line":371,"context":366},1195,{"file":171,"line":373,"context":363},1385,{"file":171,"line":375,"context":363},1386,{"file":171,"line":377,"context":378},1670,"$wpdb->get_var() with variable interpolation",{"escaped":134,"rawEcho":380,"locations":381},20,[382,386,388,390,392,394,396,398,400,402,404,406,408,410,412,414,416,419,420,422],{"file":383,"line":384,"context":385},"fp-api.php",158,"raw output",{"file":383,"line":387,"context":385},165,{"file":171,"line":389,"context":385},116,{"file":171,"line":391,"context":385},262,{"file":171,"line":393,"context":385},293,{"file":171,"line":395,"context":385},294,{"file":171,"line":397,"context":385},856,{"file":171,"line":399,"context":385},876,{"file":171,"line":401,"context":385},877,{"file":171,"line":403,"context":385},901,{"file":171,"line":405,"context":385},906,{"file":171,"line":407,"context":385},1154,{"file":171,"line":409,"context":385},1165,{"file":171,"line":411,"context":385},1230,{"file":171,"line":413,"context":385},1713,{"file":171,"line":415,"context":385},1750,{"file":417,"line":418,"context":385},"walkers.php",81,{"file":417,"line":176,"context":385},{"file":417,"line":421,"context":385},93,{"file":417,"line":65,"context":385},6,12,[],[427,444,454,481],{"entryPoint":428,"graph":429,"unsanitizedCount":28,"severity":40},"options_panel (fv-thoughtful-comments.php:942)",{"nodes":430,"edges":442},[431,436],{"id":432,"type":433,"label":434,"file":171,"line":435},"n0","source","$_POST",969,{"id":437,"type":438,"label":439,"file":171,"line":440,"wp_function":441},"n1","sink","update_option() [Settings Manipulation]",971,"update_option",[443],{"from":432,"to":437,"sanitized":341},{"entryPoint":445,"graph":446,"unsanitizedCount":28,"severity":40},"tools_panel (fv-thoughtful-comments.php:1030)",{"nodes":447,"edges":452},[448,451],{"id":432,"type":433,"label":449,"file":171,"line":450},"$_POST['blacklist_keys']",1036,{"id":437,"type":438,"label":439,"file":171,"line":450,"wp_function":441},[453],{"from":432,"to":437,"sanitized":341},{"entryPoint":455,"graph":456,"unsanitizedCount":27,"severity":480},"fv_tc_delete (fv-thoughtful-comments.php:1512)",{"nodes":457,"edges":476},[458,461,463,467,471],{"id":432,"type":433,"label":459,"file":171,"line":460},"$_REQUEST",1526,{"id":437,"type":438,"label":439,"file":171,"line":462,"wp_function":441},1530,{"id":464,"type":433,"label":465,"file":171,"line":466},"n2","$_REQUEST['id']",1540,{"id":468,"type":469,"label":470,"file":171,"line":466},"n3","transform","→ fv_tc_delete_recursive()",{"id":472,"type":438,"label":473,"file":171,"line":474,"wp_function":475},"n4","get_results() [SQLi]",1590,"get_results",[477,478,479],{"from":432,"to":437,"sanitized":341},{"from":464,"to":468,"sanitized":340},{"from":468,"to":472,"sanitized":340},"high",{"entryPoint":482,"graph":483,"unsanitizedCount":102,"severity":480},"\u003Cfv-thoughtful-comments> (fv-thoughtful-comments.php:0)",{"nodes":484,"edges":505},[485,486,487,488,489,490,492,494,496,498,501,503],{"id":432,"type":433,"label":434,"file":171,"line":435},{"id":437,"type":438,"label":439,"file":171,"line":440,"wp_function":441},{"id":464,"type":433,"label":449,"file":171,"line":450},{"id":468,"type":438,"label":439,"file":171,"line":450,"wp_function":441},{"id":472,"type":433,"label":459,"file":171,"line":460},{"id":491,"type":438,"label":439,"file":171,"line":462,"wp_function":441},"n5",{"id":493,"type":433,"label":465,"file":171,"line":466},"n6",{"id":495,"type":469,"label":470,"file":171,"line":466},"n7",{"id":497,"type":438,"label":473,"file":171,"line":474,"wp_function":475},"n8",{"id":499,"type":433,"label":459,"file":171,"line":500},"n9",1607,{"id":502,"type":469,"label":470,"file":171,"line":500},"n10",{"id":504,"type":438,"label":473,"file":171,"line":474,"wp_function":475},"n11",[506,507,508,509,510,511,512],{"from":432,"to":437,"sanitized":341},{"from":464,"to":468,"sanitized":341},{"from":472,"to":491,"sanitized":341},{"from":493,"to":495,"sanitized":340},{"from":495,"to":497,"sanitized":340},{"from":499,"to":502,"sanitized":340},{"from":502,"to":504,"sanitized":340},{"summary":514,"deductions":515},"The \"thoughtful-comments\" plugin v0.4.1 exhibits a mixed security posture. While it demonstrates some good security practices, particularly in its protected entry points and the presence of nonce and capability checks, significant concerns remain. The static analysis reveals a critical vulnerability: the use of `unserialize`, which, when combined with unsanitized paths identified in the taint analysis, presents a substantial risk of remote code execution or deserialization vulnerabilities.  The plugin also has a history of vulnerabilities, specifically a low-severity \"Missing Authorization\" issue, indicating a pattern of potential authorization flaws. While the current version has no unpatched CVEs, the past vulnerability and the identified code signals suggest a need for more robust input validation and authorization checks to mitigate future risks.  The limited attack surface and the majority of SQL queries using prepared statements are positive, but the core issues around `unserialize` and taint flows are serious enough to warrant caution.",[516,519,521,522,524],{"reason":517,"points":518},"Dangerous function 'unserialize' found",15,{"reason":520,"points":424},"Taint flow with unsanitized paths (High severity)",{"reason":520,"points":424},{"reason":523,"points":47},"Output escaping is not properly implemented (39%)",{"reason":525,"points":47},"History of 'Missing Authorization' vulnerability","2026-03-16T21:24:01.441Z",{"wat":528,"direct":534},{"assetPaths":529,"generatorPatterns":531,"scriptPaths":532,"versionParams":533},[530],"\u002Fwp-content\u002Fplugins\u002Fthoughtful-comments\u002Fcss\u002Fadmin.css",[],[],[],{"cssClasses":535,"htmlComments":536,"htmlAttributes":537,"restEndpoints":538,"jsGlobals":539,"shortcodeOutput":540},[],[],[],[],[],[]]