[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fbuJXp_VybhnQavzlNbA4GhLV47SobGDpniIfxy0_L7o":3,"$fVOM_PboTza5F1JmyzWqEQwsKr4Mao5Yy6nFVbyVQRjs":186,"$fDQnPjfrPfbwEJOge0NbwAlofBN01m2Nup3YRNO2e_fA":191},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":7,"tags":17,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"discovery_status":27,"vulnerabilities":28,"developer":29,"crawl_stats":25,"alternatives":35,"analysis":129,"fingerprints":168},"wdp-ajax-comments","WDP AJAX Comments","1.0.8","","https:\u002F\u002Fprofiles.wordpress.org\u002Fsatbirsingh\u002F","\u003Cp>This plugin will integrate AJAX commenting feature into your WordPress Blog. It uses the powerful JavaScript Framework jQuery to handle AJAX requests and jQuery Validation plugin by bassitance.de to validate comment form on the client side.\u003C\u002Fp>\n\u003Ch4>Feature Summary\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Enable AJAX Commenting\u003C\u002Fli>\n\u003Cli>Client Side Form Validation\u003C\u002Fli>\n\u003Cli>Easily rolls back if JS disabled\u003C\u002Fli>\n\u003Cli>Easily configure custom styles for messages\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>\u003Ca href=\"http:\u002F\u002Fwebdeveloperplus.com\u002Fwordpress\u002Fnew-wordpress-plugin-wdp-ajax-comments\u002F\" rel=\"nofollow ugc\">See plugin page for more details\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n","This plugin will enable AJAX comment posting on your WordPress blog.",10,7125,0,"2009-08-17T10:48:00.000Z","2.8.4","2.0",[18,19,20,21],"ajax","comments","javascript","jquery","http:\u002F\u002Fwebdeveloperplus.com\u002Fwordpress\u002Fnew-wordpress-plugin-wdp-ajax-comments\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwdp-ajax-comments.1.0.8.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":30,"display_name":30,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":24,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"satbirsingh",1,30,84,"2026-05-20T06:57:59.541Z",[36,54,72,90,107],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":7,"tags":51,"homepage":52,"download_link":53,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"spectacula-threaded-comments","Spectacu.la Discussion","2.3.4","Spectacula","https:\u002F\u002Fprofiles.wordpress.org\u002Fspectacula\u002F","\u003Cp>Ever found your theme doesn’t support threaded comments?  Would you like it to\u003Cbr \u002F>\nbe able to have P2 style live commenting on your site?  Spectacu.la Discussion\u003Cbr \u002F>\nis a plugin that replaces the commenting code in your theme with a fully Ajaxed\u003Cbr \u002F>\ncomments engine.\u003C\u002Fp>\n\u003Cp>The plugin uses memory tables for fast caching within the database (no pesky\u003Cbr \u002F>\npermission setting for you to worry about here) and adjustible polling times to\u003Cbr \u002F>\nsuit a wide range of server performance.\u003C\u002Fp>\n\u003Cp>The plugin is also developer friendly, meaning that you can easily add styles to\u003Cbr \u002F>\nyour theme so that should a user implement the plugin your meticulous design can\u003Cbr \u002F>\nbe carried through.  By default there are two styles that should work in most\u003Cbr \u002F>\ncases.  Read below for further instructions.\u003C\u002Fp>\n\u003Cp>Once installed this plug-in will replace your theme’s comments template with its\u003Cbr \u002F>\nown fully Ajax comment template. This allows both submission and update of\u003Cbr \u002F>\ncomments without a page refres letting your visitors use it more as a chat room\u003Cbr \u002F>\nthan the more traditional comment system. You can also roll up replied which can\u003Cbr \u002F>\nbe told to trigger at any depth you feel is best using the settings page. Also\u003Cbr \u002F>\navailable on the plug-ins admin page is the option to use another or no\u003Cbr \u002F>\nstylesheet, toggle the live updating of comments and change the refresh period\u003Cbr \u002F>\nfor live update.\u003C\u002Fp>\n\u003Cp>As of version 2 you can now easily add new stylesheets to the available list by\u003Cbr \u002F>\neither copying them into the plug-in’s style folder with a comment at the top of\u003Cbr \u002F>\nthe sheet that looks like this \u002F* comment style: Stylesheet name *\u002F or adding a\u003Cbr \u002F>\ncommenting.css to your theme or child theme. Once added they will then be listed\u003Cbr \u002F>\nin the dropdown menu that shows on the admin page.\u003C\u002Fp>\n\u003Cp>The plugin is also, of course, Multisites compatible.\u003C\u002Fp>\n\u003Cp>=The filters=\u003C\u002Fp>\n\u003Cp>There are a few filters available for developers to intercept the javascript,\u003Cbr \u002F>\nparamerers passed to the javascript and the CSS file location\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>spec_comment_css\u003C\u002Fstrong>\u003Cbr \u002F>\nPasses the URL of the stylesheet through to your function to replace\u003Cbr \u002F>\nwith your own file.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>spec_comment_js\u003C\u002Fstrong>\u003Cbr \u002F>\nPasses the URL to the jQuery file that controls the roll up and a few\u003Cbr \u002F>\nother elements.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>spec_comment_local_js\u003C\u002Fstrong>\u003Cbr \u002F>\nPasses in an array of localisation strings that are passed to the\u003Cbr \u002F>\njQuery code.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>To replace the CSS file you could add something like the following to your\u003Cbr \u002F>\nfunctions.php that would point to a comments.css file in the folder of your\u003Cbr \u002F>\ncurrent theme. This will then override any choice made by the user on the admin\u003Cbr \u002F>\npage.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php\n    add_filter('spec_comment_css', 'my_css_file');\n\n    function my_css_file() {\n        return get_bloginfo('template_directory') . '\u002Fcomments.css';\n    }\n\n?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Warning\u003C\u002Fh4>\n\u003Cp>Every effort has been made to make this work with as wide a variety of themes as\u003Cbr \u002F>\npossible but we can’t cover every eventuality so some themes out there will\u003Cbr \u002F>\ncause problems with this plugin without you doing something to either the\u003Cbr \u002F>\nplug-in or the theme first. The most likely cause of problems is that some of\u003Cbr \u002F>\nthe CSS in the theme conflicts with the CSS in the comments. There are various\u003Cbr \u002F>\nother areas where problems could arise, such as if the theme doesn’t call the\u003Cbr \u002F>\ncomments.php using the \u003Ccode>comments_template();\u003C\u002Fcode> template tag or if your theme\u003Cbr \u002F>\ndeals with comments in an unusual way, such as placing them in a sidebar or\u003Cbr \u002F>\ncalling them in using Ajax that conflicts with our own. A missing or unusual\u003Cbr \u002F>\nDOCTYPE could cause problems too, in fact there are lots of things that could\u003Cbr \u002F>\ncause strangeness. However with most of the themes I’ve tested this with it has\u003Cbr \u002F>\nworked without issue straight out of the gate and even if it doesn’t look right\u003Cbr \u002F>\nyou need only disable the plug-in to go back to how things were, so nothing’s\u003Cbr \u002F>\nlost.\u003C\u002Fp>\n","Spectacu.la Discussion adds threaded commenting with live AJAX comments to almost any WordPress Theme.",70,18661,90,2,"2020-10-09T11:59:00.000Z","3.8.41","3.0",[18,19,21],"http:\u002F\u002Fspectacu.la\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fspectacula-threaded-comments.2.3.2.zip",{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":11,"downloaded":62,"rating":13,"num_ratings":13,"last_updated":63,"tested_up_to":64,"requires_at_least":65,"requires_php":7,"tags":66,"homepage":70,"download_link":71,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"contact-dialog","Contact Dialog","0.5","jameslafferty","https:\u002F\u002Fprofiles.wordpress.org\u002Fjameslafferty\u002F","\u003Cp>This plugin allows you to display a form when users click on links inside of elements with a class you specify. The plugin uses a custom version of jQuery UI on the front end, and does not address situations where Javascript is turned off. It does provide a simple, attractive contact form inside of a modal dialog box.\u003C\u002Fp>\n\u003Cp>If you find this plugin useful, please rate it and\u002For make a donation.\u003C\u002Fp>\n\u003Ch3>Internationalization (i18n)\u003C\u002Fh3>\n\u003Cp>This plugin has been translated into the languages listed below:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>fr_FR – French. Thank you to Frederick Marcoux for contributing!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you’re interested in doing a translation into your language, please let me know.\u003C\u002Fp>\n","Enables display of an AJAX driven contact form when a user clicks on links with a specified class.",8430,"2011-03-28T14:58:00.000Z","3.1.4","3.0.1",[18,67,20,68,69],"contact-form","jquery-ui","recaptcha","https:\u002F\u002Fgithub.com\u002Fkalchas","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontact-dialog.zip",{"slug":73,"name":74,"version":75,"author":76,"author_profile":77,"description":78,"short_description":79,"active_installs":11,"downloaded":80,"rating":81,"num_ratings":47,"last_updated":82,"tested_up_to":83,"requires_at_least":84,"requires_php":7,"tags":85,"homepage":88,"download_link":89,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"tumblr-ajax","Tumblr Ajax","1.2","Humphrey Aaron","https:\u002F\u002Fprofiles.wordpress.org\u002Fhumphreyaaron\u002F","\u003Cp>Get\u002Fdisplay Tumblr posts via AJAX \u002F Javascript \u002F Client-side HTML requests. This plugin is great where the WordPress hosting server does not allow external HTTP requests, or where external HTTP requests on the server are preferred to be minimal.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Tumblr Ajax Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Display Tumblr posts, photos, videos and audios in a sidebar, post, or page\u003C\u002Fli>\n\u003Cli>Styles to allow for customization\u003C\u002Fli>\n\u003Cli>Widget options\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Quick Start Guide:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>After installing the Tumblr Ajax plugin on your WordPress site, make sure it is activated by logging into your admin area and going to Plugins in the left menu.\u003C\u002Fli>\n\u003Cli>Before using the plugin, you must authorize your WordPress website to access your Tumblr account by adding the Widget to an existing Sidebar, and configuring it accordingly.\u003C\u002Fli>\n\u003Cli>Play around with the various styles and options to find what works best for your site.\u003C\u002Fli>\n\u003Cli>In order to change the CSS styles of Tumblr Posts, you can over-ride, using your own Stylesheet, the plugin’s default.css mark-up styles\u003C\u002Fli>\n\u003C\u002Fol>\n","Display Tumblr posts via AJAX \u002F Javascript \u002F Client-side HTML requests",2978,60,"2015-10-04T03:38:00.000Z","4.3.34","2.8",[18,20,21,86,87],"pictures","tumblr","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Ftumblr-ajax","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftumblr-ajax.1.2.zip",{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":13,"downloaded":98,"rating":13,"num_ratings":13,"last_updated":99,"tested_up_to":100,"requires_at_least":101,"requires_php":7,"tags":102,"homepage":104,"download_link":105,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":106},"nmr-jsgrid","NMR jsGrid","1.0.0","mirceatm","https:\u002F\u002Fprofiles.wordpress.org\u002Fmirceatm\u002F","\u003Cp>Add jsGrid http:\u002F\u002Fjs-grid.com tables to your website using the shortcode: \u003Ccode>[nmr_jsgrid id='your-grid-name']\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cp>Data grids or tables have configurable number of columns, filters, edit, update and delete functionalities.\u003Cbr \u002F>\nConfiguration of grids is performed on the admin back-end.\u003Cbr \u002F>\nTables can be paginated and need back-end pagination. Ajax calls help to avoid entire page reload.\u003C\u002Fp>\n\u003Cp>Example of a toy back-end pagination:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_action('wp_ajax_nopriv_sample_pagination', function () {\n    \u002F\u002F assume HTTP GET for this example\n    $data = $_GET;\n    global $wpdb;\n    $sql_base = $wpdb->prepare(\"SELECT umeta_id, meta_key FROM {$wpdb->prefix}usermeta\");\n    $sql = $wpdb->prepare(\"SELECT COUNT(*) FROM ({$sql_base}) t\");\n    $itemsCount = $wpdb->get_var($sql);\n    $pageIndex = intval($data['pageIndex']);\n    if ($pageIndex \u003C 1) {\n        $pageIndex = 1;\n    }\n    $pageSize = intval($data['pageSize']);\n    if ($pageSize \u003C 1) {\n        $pageSize = 20;\n    }\n    $endIndex = $pageIndex * $pageSize;\n    $startIndex = $endIndex - $pageSize;\n    $limit = \"LIMIT {$pageSize} OFFSET {$startIndex}\";\n    $sql = \"SELECT t.* FROM ({$sql_base}) t {$limit}\";\n    wp_send_json(json_encode(['data' => $wpdb->get_results($sql, ARRAY_A), 'itemsCount' => $itemsCount]));\n});\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Having prepared the back-end to provide paginated data, the front-end data-grid cand be built in the Admin->NMR jsGrids interface.\u003Cbr \u002F>\nAdd a row and set the column values accordingly.\u003Cbr \u002F>\nPlease consult \u003Ca href=\"http:\u002F\u002Fjs-grid.com\u002Fdocs\u002F\" rel=\"nofollow ugc\">the documentation\u003C\u002Fa> for more details:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>Name\u003C\u002Fcode> will be used as DOM id for the data-grid\u003C\u002Fli>\n\u003Cli>\u003Ccode>URL\u003C\u002Fcode> back-end endpoint, usually https:\u002F\u002Fyour-website.com\u002Fwp-admin\u002Fadmin-ajax.php\u003C\u002Fli>\n\u003Cli>\u003Ccode>Action\u003C\u002Fcode> should be sincronized with back-end. In our example \u003Ccode>Action=sample_pagination\u003C\u002Fcode> taken from: \u003Ccode>wp_ajax_nopriv_sample_pagination\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>Fields\u003C\u002Fcode> JSON array of columns as text. In our example could be:\u003Cbr \u002F>\n[{“name”: “umeta_id”,”title”: “Id”,”type”: “number”},{“name”: “meta_key”,”title”: “Key”,”type”: “text”}]\u003Cbr \u002F>\nFor a complete list of possible columns check \u003Ca href=\"http:\u002F\u002Fjs-grid.com\u002Fdocs\u002F#grid-fields\" rel=\"nofollow ugc\">the documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ccode>Height\u003C\u002Fcode> could be \u003Ccode>auto\u003C\u002Fcode>, a percent like \u003Ccode>80%\u003C\u002Fcode>, a number: \u003Ccode>400\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>Width\u003C\u002Fcode> same as above\u003C\u002Fli>\n\u003Cli>\u003Ccode>Paging\u003C\u002Fcode>, \u003Ccode>Editing\u003C\u002Fcode>, \u003Ccode>Sorting\u003C\u002Fcode>, \u003Ccode>Autoload\u003C\u002Fcode>, \u003Ccode>Deleting\u003C\u002Fcode>, \u003Ccode>Filtering\u003C\u002Fcode>, \u003Ccode>Inserting\u003C\u002Fcode>, \u003Ccode>Page size\u003C\u002Fcode> are self explanatory: allow pagination, editing, sorting, auto-loading, deleting, filtering and inserting of data. Page size determines the number of rows in one page.\u003C\u002Fli>\n\u003Cli>\u003Ccode>Pager format\u003C\u002Fcode> can have a value of: \u003Cem>Rows: {itemCount} – Pages: {first} {prev} {pages} {next} {last} &nbsp;&nbsp; {pageIndex} of {pageCount}\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Ccode>Page buttons\u003C\u002Fcode> 5 is a good choice\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Plugin will enqueue \u003Ccode>nmr-jsgrid.js\u003C\u002Fcode> javascript file.\u003Cbr \u002F>\nTo use the plugin on the Admin module one should add the Admin slug\u002Fhook in the filter: \u003Ccode>nmr_jsgrid_admin_enqueue_scripts\u003C\u002Fcode>\u003Cbr \u002F>\nEx:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter('nmr_jsgrid_admin_enqueue_scripts', function ($admin_php_files) {\n    \u002F\u002F NMR jsGrid will be available in Admin->My page->My subpage\n    $admin_php_files[] = 'admin-my_page_admin-my_subpage';\n    return $admin_php_files;\n});\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>If you enjoy using \u003Cem>NMR JSGrid\u003C\u002Fem> and find it useful, please consider \u003Ca href=\"https:\u002F\u002Fpaypal.me\u002Fmirceatm\" rel=\"nofollow ugc\">\u003Cstrong>making a donation\u003C\u002Fstrong>\u003C\u002Fa>. Your donation will help encourage and support the plugin’s continued development and better user support.\u003C\u002Fp>\n\u003Ch4>Privacy Notices\u003C\u002Fh4>\n","Add jsGrid http:\u002F\u002Fjs-grid.com tables to your website using the shortcode: [nmr_jsgrid id='your-grid-name'].",2687,"2023-01-26T14:46:00.000Z","6.1.10","5.2",[103],"jsgrid-table-jquery-javascript-ajax-pagination","https:\u002F\u002Fnamir.ro\u002Fjsgrid\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnmr-jsgrid.1.0.0.zip","2026-04-06T09:54:40.288Z",{"slug":108,"name":109,"version":110,"author":111,"author_profile":112,"description":113,"short_description":114,"active_installs":115,"downloaded":116,"rating":117,"num_ratings":118,"last_updated":119,"tested_up_to":120,"requires_at_least":121,"requires_php":122,"tags":123,"homepage":125,"download_link":126,"security_score":127,"vuln_count":31,"unpatched_count":31,"last_vuln_date":128,"fetched_at":26},"enable-jquery-migrate-helper","Enable jQuery Migrate Helper","1.4.1","Marius L. J.","https:\u002F\u002Fprofiles.wordpress.org\u002Fclorith\u002F","\u003Cp>With the update to WordPress 5.5, a migration tool known as \u003Ccode>jquery-migrate\u003C\u002Fcode> was no longer enabled by default. This may lead to lacking functionality or unexpected behavior in some themes or plugins that run older code.\u003C\u002Fp>\n\u003Cp>This plugin serves as a temporary solution, enabling the migration script for your site to give your plugin and theme authors some more time to update, and test, their code.\u003C\u002Fp>\n\u003Cp>With the update to WordPress 5.6, the included version of jQuery is also upgraded. This means that old code that previously caused warnings now may instead may cause errors or stop working entirely.\u003C\u002Fp>\n\u003Cp>Some of the features no longer working will just stop working behind the scenes without any apparent problem.\u003C\u002Fp>\n\u003Cp>The plugin will let you downgrade to a previous version of jQuery for a period, but as a site administrator you are encouraged to get the underlying issue fixed.\u003C\u002Fp>\n","Get information about calls to deprecated jQuery features in plugins or themes.",80000,2378180,96,109,"2024-12-25T13:15:00.000Z","6.7.5","5.4","5.6",[20,21,124],"update","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fenable-jquery-migrate-helper","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fenable-jquery-migrate-helper.1.4.1.zip",71,"2020-07-20 00:00:00",{"attackSurface":130,"codeSignals":150,"taintFlows":160,"riskAssessment":161,"analyzedAt":167},{"hooks":131,"ajaxHandlers":146,"restRoutes":147,"shortcodes":148,"cronEvents":149,"entryPointCount":13,"unprotectedCount":13},[132,137,141],{"type":133,"name":134,"callback":135,"priority":11,"file":136,"line":11},"action","init","wdp_ajaxcomments_load_js","wdp-ajaxed-comments.php",{"type":133,"name":138,"callback":139,"file":136,"line":140},"wp_head","wdp_ajaxcomments_load_styles",17,{"type":133,"name":142,"callback":143,"priority":144,"file":136,"line":145},"comment_post","wdp_ajaxcomments_stop_for_ajax",20,24,[],[],[],[],{"dangerousFunctions":151,"sqlUsage":152,"outputEscaping":154,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":159},[],{"prepared":13,"raw":13,"locations":153},[],{"escaped":13,"rawEcho":31,"locations":155},[156],{"file":136,"line":157,"context":158},22,"raw output",[],[],{"summary":162,"deductions":163},"The \"wdp-ajax-comments\" plugin v1.0.8 presents a surprisingly clean security profile based on the provided static analysis. There are no identified AJAX handlers, REST API routes, shortcodes, or cron events, resulting in a remarkably small attack surface.  Furthermore, the code shows no signs of dangerous functions, file operations, or external HTTP requests. The complete absence of known vulnerabilities and a history of none further bolster this positive assessment.\n\nHowever, the lack of output escaping for the single identified output is a significant concern. While there are no SQL injection risks due to the exclusive use of prepared statements, the failure to escape output could lead to cross-site scripting (XSS) vulnerabilities if any user-supplied data is directly rendered to the browser.  The complete absence of nonce checks and capability checks, while perhaps mitigated by the limited attack surface, represents a missed opportunity for robust security implementation, especially if the plugin's functionality were to expand in the future.\n\nIn conclusion, the plugin exhibits excellent security hygiene in its avoidance of common vulnerability vectors and its strong adherence to prepared statements. The lack of any historical vulnerabilities suggests a generally well-maintained codebase.  The primary weakness lies in the unescaped output, which, despite the small attack surface, requires immediate attention to mitigate potential XSS risks.",[164],{"reason":165,"points":166},"Unescaped output detected",5,"2026-03-17T00:12:03.114Z",{"wat":169,"direct":179},{"assetPaths":170,"generatorPatterns":174,"scriptPaths":175,"versionParams":176},[171,172,173],"\u002Fwp-content\u002Fplugins\u002Fwdp-ajax-comments\u002Fwdp-ajax-styles.css","\u002Fwp-content\u002Fplugins\u002Fwdp-ajax-comments\u002Fjquery.validate.min.js","\u002Fwp-content\u002Fplugins\u002Fwdp-ajax-comments\u002Fajax-comments.js",[],[172,173],[177,178],"wdp-ajax-comments\u002Fjquery.validate.min.js?ver=","wdp-ajax-comments\u002Fajax-comments.js?ver=",{"cssClasses":180,"htmlComments":181,"htmlAttributes":182,"restEndpoints":183,"jsGlobals":184,"shortcodeOutput":185},[],[],[],[],[],[],{"error":187,"url":188,"statusCode":189,"statusMessage":190,"message":190},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fwdp-ajax-comments\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":192,"versions":193},6,[194,200,207,214,221,228],{"version":6,"download_url":23,"svn_tag_url":195,"released_at":25,"has_diff":196,"diff_files_changed":197,"diff_lines":25,"trac_diff_url":198,"vulnerabilities":199,"is_current":187},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwdp-ajax-comments\u002Ftags\u002F1.0.8\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwdp-ajax-comments%2Ftags%2F1.0.7&new_path=%2Fwdp-ajax-comments%2Ftags%2F1.0.8",[],{"version":201,"download_url":202,"svn_tag_url":203,"released_at":25,"has_diff":196,"diff_files_changed":204,"diff_lines":25,"trac_diff_url":205,"vulnerabilities":206,"is_current":196},"1.0.7","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwdp-ajax-comments.1.0.7.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwdp-ajax-comments\u002Ftags\u002F1.0.7\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwdp-ajax-comments%2Ftags%2F1.0.6&new_path=%2Fwdp-ajax-comments%2Ftags%2F1.0.7",[],{"version":208,"download_url":209,"svn_tag_url":210,"released_at":25,"has_diff":196,"diff_files_changed":211,"diff_lines":25,"trac_diff_url":212,"vulnerabilities":213,"is_current":196},"1.0.6","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwdp-ajax-comments.1.0.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwdp-ajax-comments\u002Ftags\u002F1.0.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwdp-ajax-comments%2Ftags%2F1.0.2&new_path=%2Fwdp-ajax-comments%2Ftags%2F1.0.6",[],{"version":215,"download_url":216,"svn_tag_url":217,"released_at":25,"has_diff":196,"diff_files_changed":218,"diff_lines":25,"trac_diff_url":219,"vulnerabilities":220,"is_current":196},"1.0.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwdp-ajax-comments.1.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwdp-ajax-comments\u002Ftags\u002F1.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwdp-ajax-comments%2Ftags%2F1.0.1&new_path=%2Fwdp-ajax-comments%2Ftags%2F1.0.2",[],{"version":222,"download_url":223,"svn_tag_url":224,"released_at":25,"has_diff":196,"diff_files_changed":225,"diff_lines":25,"trac_diff_url":226,"vulnerabilities":227,"is_current":196},"1.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwdp-ajax-comments.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwdp-ajax-comments\u002Ftags\u002F1.0.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwdp-ajax-comments%2Ftags%2F1.0.0&new_path=%2Fwdp-ajax-comments%2Ftags%2F1.0.1",[],{"version":93,"download_url":229,"svn_tag_url":230,"released_at":25,"has_diff":196,"diff_files_changed":231,"diff_lines":25,"trac_diff_url":25,"vulnerabilities":232,"is_current":196},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwdp-ajax-comments.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwdp-ajax-comments\u002Ftags\u002F1.0.0\u002F",[],[]]