[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fwyYXuJwtb02LE9bhCh6Lvn--L9eexBXZh8LXWSPuWJw":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":34,"analysis":126,"fingerprints":179},"vkcomments","vk.com comments","1.15","tpoxa","https:\u002F\u002Fprofiles.wordpress.org\u002Ftpoxa\u002F","\u003Cp>Displays vk.com comments widget with or instead of standart wordpress comments\u003C\u002Fp>\n","Displays vk.com comments widget",10,4939,0,"2010-11-13T17:03:00.000Z","3.01","2.6","",[19,20,21],"%d0%b2%d0%ba%d0%be%d0%bd%d1%82%d0%b0%d0%ba%d1%82%d0%b5","vk-com","vkontakte-ru","http:\u002F\u002Fimpressweb.org\u002Fvkcomments\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvkcomments.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":24,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},2,20,30,84,"2026-04-05T21:47:39.681Z",[35,56,76,96,109],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":17,"download_link":55,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"vkontakte","VKontakte","3.2.0","Yaroslav Bogutsky","https:\u002F\u002Fprofiles.wordpress.org\u002Fyaryj\u002F","\u003Cp>The plugin adds a wide range of VKontakte functionality to your site.\u003Cbr \u002F>\nThe following feature are currently supported:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>comments\u003C\u002Fli>\n\u003Cli>like button\u003C\u002Fli>\n\u003Cli>share button\u003C\u002Fli>\n\u003Cli>group widget\u003C\u002Fli>\n\u003Cli>poll widget\u003C\u002Fli>\n\u003Cli>recommendations widget\u003C\u002Fli>\n\u003C\u002Ful>\n","The plugin adds a wide range of VKontakte functionality to your site.",300,23832,68,5,"2022-04-03T10:37:00.000Z","5.9.13","4.6","5.3",[52,19,53,54,36],"comments","social","vk","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvkontakte.3.2.0.zip",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":66,"num_ratings":67,"last_updated":68,"tested_up_to":48,"requires_at_least":69,"requires_php":17,"tags":70,"homepage":74,"download_link":75,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"vk-sharing-jetpack","Vk.com sharing for Jetpack","1.2.3","Jeremy Herve","https:\u002F\u002Fprofiles.wordpress.org\u002Fjeherve\u002F","\u003Cp>Extends the Jetpack plugin and allows you to add a Vk.com sharing button to the list of sharing services available under Settings > Sharing in your dashboard.\u003C\u002Fp>\n\u003Cp>Important: for this plugin to work, you must activate \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fjetpack\u002F\" rel=\"ugc\">Jetpack\u003C\u002Fa> first, and activate the Sharing module.\u003C\u002Fp>\n\u003Cp>If you find issues, you can report them \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fvk-sharing-jetpack\u002F\" rel=\"ugc\">here\u003C\u002Fa>, or submit a pull request \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjeherve\u002Fvk-sharing-jetpack\u002F\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> Once you’ve added the button under Settings > Sharing, it won’t appear on that page. Save your changes, and look at one of your posts to see the button in action.\u003C\u002Fp>\n","Add a Vk.com sharing button to the Jetpack Sharing module",70,8147,80,7,"2022-02-14T16:28:00.000Z","4.1.1",[71,72,54,20,73],"jetpack","sharing","wordpress-com","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fvk-sharing-jetpack\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvk-sharing-jetpack.1.2.3.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":31,"downloaded":84,"rating":85,"num_ratings":86,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":17,"tags":90,"homepage":94,"download_link":95,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"bologer-vk-comments","Bologer VK Comments","0.0.21","Alexander","https:\u002F\u002Fprofiles.wordpress.org\u002Fateshabaev\u002F","\u003Cp>Bologer VK Comments adds comment widget from VK.com for posts and pages, with possibility to have it together with native WordPress comments or override them completely.\u003Cbr \u002F>\nIn together with customization options.\u003C\u002Fp>\n\u003Cp>Major features in Bologer VK Comments include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Completely override native WordPress comments\u003C\u002Fli>\n\u003Cli>Set VK widget together with native WordPress comments. Set position of VK widget (over, under or below the header of the native comments)\u003C\u002Fli>\n\u003Cli>Copy code from VK.com and paste into special field to auto fill most of the settings in widget\u003C\u002Fli>\n\u003Cli>Fully customized settings of the widget directly from admin panel\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Todo\u003C\u002Fh3>\n\u003Ch4>0.0.3\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Option: duplicate comments from VK widget to native WordPress comments\u003C\u002Fli>\n\u003Cli>Option: load comments only when user scrolled to the comments section\u003C\u002Fli>\n\u003Cli>reorganize structure of the widget (add tabs and more description for options) to make it easily customizable\u003C\u002Fli>\n\u003Cli>Option: see number of comments for each post in the list of posts in the admin panel\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.0.2\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Option: set custom space between header and widget when “Override” option is active\u003C\u002Fli>\n\u003Cli>Option: set custom space before and after VK widget\u003C\u002Fli>\n\u003Cli>Option: set custom header type, when “Override” option is active, as some of the themes use different type of \u003Ccode>h\u003C\u002Fcode> tag\u003C\u002Fli>\n\u003C\u002Ful>\n","Bologer VK Comments adds comment widget from VK.com for posts and pages with custom settings.",1980,100,1,"2018-02-27T20:28:00.000Z","4.9.29","3.7",[91,52,54,92,93],"bologer","vk-comments","vkcom","http:\u002F\u002Fbologer.ru","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbologer-vk-comments.zip",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":30,"downloaded":104,"rating":85,"num_ratings":86,"last_updated":105,"tested_up_to":88,"requires_at_least":16,"requires_php":17,"tags":106,"homepage":17,"download_link":108,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"cackle-last-comments-widget","Cackle Last Comments Widget","1.4","alexdenisov","https:\u002F\u002Fprofiles.wordpress.org\u002Falexdenisov\u002F","\u003Cp>This plugin integrates “Cackle Last Comments Widget” as sidebar widget into your website.\u003C\u002Fp>\n","This plugin integrates \"Cackle Last Comments Widget\" as sidebar widget into your website.",4150,"2018-11-16T20:02:00.000Z",[107,52,19,53],"cackle","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcackle-last-comments-widget.1.4.zip",{"slug":110,"name":111,"version":112,"author":113,"author_profile":114,"description":115,"short_description":116,"active_installs":30,"downloaded":117,"rating":13,"num_ratings":13,"last_updated":118,"tested_up_to":119,"requires_at_least":120,"requires_php":121,"tags":122,"homepage":124,"download_link":125,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"import-vk-comments","Import Vk Comments","1.0.0","denandteam","https:\u002F\u002Fprofiles.wordpress.org\u002Fdenandteam\u002F","\u003Cp>Плагин создан для тех, кто планирует перенести свои комментарии из виджета от соцсети Вконтакте в базу данных сайта WordPress.\u003C\u002Fp>\n\u003Cp>Для импорта понадобится сервисный ключ доступа и ID виджета комментариев. Подробнее о их получении будет описано на главной странице плагина.\u003C\u002Fp>\n\u003Cp>На данный момент комментарии можно получить только к типу постов “Записи”. После импорта они появятся во вкладке “Ожидающие модерации”.\u003C\u002Fp>\n\u003Ch4>Отладка\u003C\u002Fh4>\n\u003Cp>Так как получение комментариев идет с задержками, что-то может пойти не так, к примеру со стороны VK API. Необходим доступ сайта к серверам Вконтакте.\u003C\u002Fp>\n\u003Cp>В Console.log передаются подробные сведения о состоянии задач.\u003C\u002Fp>\n","Плагин импортирует комментарии из виджета комментариев ВК в WordPress.",1738,"2020-12-23T12:01:00.000Z","5.6.17","5.0.1","7.1",[52,54,20,36,123],"widget","https:\u002F\u002Fgithub.com\u002Fdenand-team\u002Fimport-vk-comments","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fimport-vk-comments.zip",{"attackSurface":127,"codeSignals":149,"taintFlows":172,"riskAssessment":173,"analyzedAt":178},{"hooks":128,"ajaxHandlers":145,"restRoutes":146,"shortcodes":147,"cronEvents":148,"entryPointCount":13,"unprotectedCount":13},[129,134,139,141],{"type":130,"name":131,"callback":131,"file":132,"line":133},"filter","comments_template","vkcomments.php",18,{"type":135,"name":136,"callback":137,"file":132,"line":138},"action","wp_head","head_script",19,{"type":135,"name":140,"callback":140,"file":132,"line":30},"admin_menu",{"type":135,"name":142,"callback":143,"file":132,"line":144},"init","vkcomments_init",91,[],[],[],[],{"dangerousFunctions":150,"sqlUsage":151,"outputEscaping":153,"fileOperations":13,"externalRequests":13,"nonceChecks":86,"capabilityChecks":86,"bundledLibraries":171},[],{"prepared":13,"raw":13,"locations":152},[],{"escaped":13,"rawEcho":154,"locations":155},8,[156,160,162,164,165,166,167,169],{"file":157,"line":158,"context":159},"comment-template.php",35,"raw output",{"file":157,"line":161,"context":159},36,{"file":132,"line":163,"context":159},67,{"file":132,"line":163,"context":159},{"file":132,"line":45,"context":159},{"file":132,"line":45,"context":159},{"file":132,"line":168,"context":159},71,{"file":132,"line":170,"context":159},82,[],[],{"summary":174,"deductions":175},"The 'vkcomments' plugin v1.15 presents a seemingly strong security posture based on the static analysis, with no apparent attack surface exposed through AJAX, REST API, shortcodes, or cron events.  The code also demonstrates good practices by using prepared statements for all SQL queries, avoiding file operations and external HTTP requests. The presence of a nonce and capability check indicates an awareness of basic security controls. However, a significant concern arises from the complete lack of output escaping. This means that any data processed or displayed by the plugin could be vulnerable to cross-site scripting (XSS) attacks if the input is not meticulously sanitized elsewhere in the WordPress environment. The absence of any recorded vulnerabilities in its history is positive, suggesting a generally well-maintained codebase, but it does not negate the risks identified in the static analysis.",[176],{"reason":177,"points":154},"All outputs are unescaped","2026-03-17T00:05:39.357Z",{"wat":180,"direct":186},{"assetPaths":181,"generatorPatterns":183,"scriptPaths":184,"versionParams":185},[182],"\u002Fwp-content\u002Fplugins\u002Fvkcomments\u002Fvkcomments.php",[],[],[],{"cssClasses":187,"htmlComments":191,"htmlAttributes":193,"restEndpoints":198,"jsGlobals":199,"shortcodeOutput":201},[188,189,190],"wrap","updated","error",[192],"\u003C!-- vk.com comments -->",[194,195,196,197],"name=\"vkcomments_wpnonce\"","name=\"api_id\"","name=\"comments_limit\"","name=\"hidewpcomments\"",[],[200],"vkopenapiloaded",[]]