Does Uncomment – Disable Comments have any unpatched vulnerabilities?

No. All known vulnerabilities in Uncomment – Disable Comments have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Uncomment – Disable Comments compatible with WordPress 6.9.4?

According to WordPress.org data, Uncomment – Disable Comments 1.2.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Uncomment – Disable Comments compatible with PHP 5.3+?

Uncomment – Disable Comments requires PHP 5.3 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Uncomment – Disable Comments updated?

Uncomment – Disable Comments was last updated on Jan 2, 2026. Frequent updates are generally a positive security signal.

What is Uncomment – Disable Comments's security score?

Uncomment – Disable Comments has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Uncomment – Disable Comments Security & Risk Analysis

wordpress.org/plugins/uncomment

Your one-stop shop to completely disable comments and remove all comment functionality from your theme and administration screens.

100 active installs v1.2.2 PHP 5.3+ WP 4.6+ Updated Jan 2, 2026

commentsdisabledisable-commentsremove-commentsspam-comments

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Uncomment – Disable Comments Safe to Use in 2026?

Generally Safe

Score 100/100

Uncomment – Disable Comments has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

Based on the provided static analysis and vulnerability history, the 'uncomment' plugin v1.2.2 exhibits a strong security posture. The absence of any identified entry points (AJAX handlers, REST API routes, shortcodes, cron events) significantly limits its attack surface. Furthermore, the code analysis reveals no dangerous functions, all SQL queries utilize prepared statements, and all output is properly escaped. The lack of file operations and external HTTP requests further reduces potential risks. The plugin also has no recorded vulnerabilities, CVEs, or common vulnerability types, suggesting a history of secure development and maintenance.

While the static analysis and vulnerability history are overwhelmingly positive, the absence of nonces and capability checks on potential (though currently non-existent) entry points is a minor point of concern. However, given the current zero attack surface, this poses no immediate threat. The plugin's strengths lie in its minimal design and adherence to secure coding practices regarding data handling and output. The vulnerability history is a significant positive indicator. The overall conclusion is that this plugin, as analyzed, appears to be very secure with no immediate exploitable vulnerabilities found.

Key Concerns

No Nonce checks implemented
No Capability checks implemented

Vulnerabilities

None known

Uncomment – Disable Comments Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Uncomment – Disable Comments Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

3 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped3 total outputs

Attack Surface

Uncomment – Disable Comments Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 35

actionadmin_initincludes\admin.php:13

actionadmin_menuincludes\admin.php:16

actionadmin_initincludes\admin.php:19

actionadmin_head-index.phpincludes\admin.php:22

actionload-profile.phpincludes\admin.php:25

actionadmin_head-post.phpincludes\admin.php:28

actionwidgets_initincludes\admin.php:31

filtershow_recent_comments_widget_styleincludes\admin.php:34

actionenqueue_block_editor_assetsincludes\admin.php:37

actionrightnow_endincludes\admin.php:40

actionadmin_noticesincludes\admin.php:43

filterwp_count_commentsincludes\core.php:13

filtercomments_pre_queryincludes\core.php:16

actionregistered_post_typeincludes\core.php:19

filterthe_postsincludes\core.php:22

filtercomments_openincludes\core.php:25

filterpings_openincludes\core.php:26

actionadmin_bar_menuincludes\core.php:29

actionadmin_bar_menuincludes\core.php:30

filtercomments_templateincludes\core.php:33

filterquery_varsincludes\core.php:36

filterrender_blockincludes\core.php:39

filterpost_comments_feed_linkincludes\feeds.php:13

filterget_comments_numberincludes\feeds.php:16

filterwp_headersincludes\feeds.php:19

filterget_comments_linkincludes\feeds.php:22

filterfeed_links_show_comments_feedincludes\feeds.php:25

actioninitincludes\feeds.php:28

filterfeed_links_extra_show_post_comments_feedincludes\feeds.php:41

filterfeed_links_show_comments_feedincludes\feeds.php:42

actionwp_headincludes\feeds.php:45

actiontemplate_redirectincludes\feeds.php:51

filtercomments_rewrite_rulesincludes\rewrites.php:13

filterrewrite_rules_arrayincludes\rewrites.php:16

filterxmlrpc_methodsincludes\xmlrpc.php:13

Maintenance & Trust

Uncomment – Disable Comments Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 2, 2026

PHP min version5.3

Downloads49K

Community Trust

Rating0/100

Number of ratings0

Active installs100

Alternatives

Uncomment – Disable Comments Alternatives

Comments Shield – Disable Comments & Stop Spam, Bulk Delete & Remove Comments

comments-shield

100

Delete, disable, and clean all comments in one click. Easily manage, bulk delete, or completely disable comments across your entire WordPress site.

40 No CVEs

Disable Comments – Remove Comments & Stop Spam [Multi-Site Support]

disable-comments

Allows administrators to globally disable comments on their site. Comments can be disabled according to post type. Multisite friendly.

1.0M 1 CVE

WP Comment Cleaner – Delete All Comments, Disable Comments, Bulk Delete & Remove Comments

delete-all-comments-of-website

100

Delete comments, disable comments, and remove comments in one click. Bulk delete spam and all comments to optimize your WordPress database easily.

20K No CVEs

Disable Comments

wpsimpletools-disable-comments

Completely disables comments functionality from backend and frontend. Just install it, nothing to configure!

10K No CVEs

Disable Comments & Delete All Comments

comments-plus

100

Disable comments globally on all posts or certain post types. Delete all comments at once, by post type or comment status. Manage links in comments.

8K No CVEs

Developer Profile

Uncomment – Disable Comments Developer Profile

Plugin Pizza

7 plugins · 1K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Uncomment – Disable Comments

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

HTML Comments

<!-- WordPress 6.1.0 introduces filters that allows us to specify whether to display the post comments feed link. @see https://core.trac.wordpress.org/changeset/54161 For versions lower than 6.1.0 we'll replace the core feed_links_extra+1 more

FAQ