WP-Safety

Ajaxify Comments – Ajax and Lazy Loading Comments Security & Risk Analysis

wordpress.org/plugins/wp-ajaxify-comments

Ajaxify Comments speeds up your comment section, allowing for lazy loading comments, instant comment posting, and seamless success and error messages.

3K active installs v3.2.2 PHP 7.2+ WP 6.5+ Updated Apr 6, 2026
ajaxcommentserrorslazy-loadrefresh
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Ajaxify Comments – Ajax and Lazy Loading Comments Safe to Use in 2026?

Generally Safe

Score 100/100

Ajaxify Comments – Ajax and Lazy Loading Comments has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The wp-ajaxify-comments v3.2 plugin exhibits a generally strong security posture, adhering to many best practices. The absence of known CVEs and the thorough implementation of nonce and capability checks across its AJAX handlers are significant strengths. Furthermore, the use of prepared statements for all SQL queries and the high percentage of properly escaped output indicate diligent development in preventing common web vulnerabilities like SQL injection and XSS.

However, the analysis does reveal a few areas for caution. The presence of two 'flows with unsanitized paths' in the taint analysis, while not classified as critical or high severity, warrants attention. These flows, if not properly handled, could potentially lead to path traversal or file inclusion vulnerabilities, especially given the single file operation detected. The plugin's attack surface is entirely composed of AJAX handlers, and while all have checks, a large number of entry points (18) can still increase the overall complexity and potential for unforeseen interactions.

In conclusion, wp-ajaxify-comments v3.2 appears to be a well-developed plugin with a solid security foundation. The vulnerability history of zero known issues is a very positive sign. The primary concerns are the two unsanitized path flows, which should be investigated to ensure they don't pose a risk despite their current severity classification.

Key Concerns

  • Unsanitized path flows detected
  • File operation detected
Vulnerabilities
None known

Ajaxify Comments – Ajax and Lazy Loading Comments Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Ajaxify Comments – Ajax and Lazy Loading Comments Release Timeline

v3.2.2Current
v3.2.0
v3.1.2
v3.1.1
v3.0.3
v3.0.2
v3.0.1
v3.0.0
v2.2.2
v2.2.1
v2.2.0
v2.1.1
v2.1.0
v2.0.15
v2.0.14
v2.0.11
v2.0.9
v2.0.7
v2.0.5
v2.0.1
Code Analysis
Analyzed Mar 16, 2026

Ajaxify Comments – Ajax and Lazy Loading Comments Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
3
237 escaped
Nonce Checks
23
Capability Checks
22
File Operations
1
External Requests
0
Bundled Libraries
0

Output Escaping

99% escaped240 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
wpac_init (functions.php:446)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Ajaxify Comments – Ajax and Lazy Loading Comments Attack Surface

Entry Points18
Unprotected0

AJAX Handlers 18

authwp_ajax_wpac_save_optionsphp\Admin\Init.php:48
authwp_ajax_wpac_reset_optionsphp\Admin\Init.php:51
authwp_ajax_wpac_install_pluginphp\Admin\Init.php:54
authwp_ajax_wpac_activate_pluginphp\Admin\Init.php:57
authwp_ajax_wpac_get_plugin_statusphp\Admin\Init.php:60
authwp_ajax_wpac_get_advanced_optionsphp\Admin\Tabs\Advanced.php:29
authwp_ajax_wpac_get_appearance_optionsphp\Admin\Tabs\Appearance.php:29
authwp_ajax_wpac_get_callbacks_optionsphp\Admin\Tabs\Callbacks.php:29
authwp_ajax_wpac_get_labels_optionsphp\Admin\Tabs\Labels.php:29
authwp_ajax_wpac_get_lazy_load_optionsphp\Admin\Tabs\Lazy_Load.php:29
authwp_ajax_wpac_get_home_optionsphp\Admin\Tabs\Main.php:35
authwp_ajax_wpac_get_pagination_optionsphp\Admin\Tabs\Pagination.php:29
authwp_ajax_wpac_get_selectors_optionsphp\Admin\Tabs\Selectors.php:31
authwp_ajax_wpac_get_support_optionsphp\Admin\Tabs\Support.php:29
authwp_ajax_wpac_check_comment_statusphp\Menu_Helper.php:35
authwp_ajax_wpac_save_selectorsphp\Menu_Helper.php:38
authwp_ajax_wpac_shortcut_open_commentsphp\Menu_Helper.php:41
authwp_ajax_wpac_shortcut_close_commentsphp\Menu_Helper.php:44
WordPress Hooks 83
actionwp_print_stylesfunctions.php:184
actionplugins_loadedfunctions.php:250
actioninitfunctions.php:464
actioncomment_post_redirectfunctions.php:508
filterallowed_redirect_hostsfunctions.php:520
filterthe_contentfunctions.php:525
actioninitphp\Admin\Init.php:44
actionadmin_enqueue_scriptsphp\Admin\Init.php:45
actionnetwork_admin_menuphp\Admin\Init.php:385
actionadmin_menuphp\Admin\Init.php:387
actionin_admin_headerphp\Admin\Init.php:457
filterajaxify_comments_admin_tabsphp\Admin\Tabs\Advanced.php:25
filterajaxify_comments_admin_sub_tabsphp\Admin\Tabs\Advanced.php:26
filterajaxify_comments_output_advancedphp\Admin\Tabs\Advanced.php:27
actionwpac_admin_enqueue_scripts_advancedphp\Admin\Tabs\Advanced.php:28
filterajaxify_comments_admin_tabsphp\Admin\Tabs\Appearance.php:25
filterajaxify_comments_admin_sub_tabsphp\Admin\Tabs\Appearance.php:26
filterajaxify_comments_output_appearancephp\Admin\Tabs\Appearance.php:27
actionwpac_admin_enqueue_scripts_appearancephp\Admin\Tabs\Appearance.php:28
filterajaxify/comments/theme_color_palettephp\Admin\Tabs\Appearance.php:89
filterajaxify_comments_admin_tabsphp\Admin\Tabs\Callbacks.php:25
filterajaxify_comments_admin_sub_tabsphp\Admin\Tabs\Callbacks.php:26
filterajaxify_comments_output_callbacksphp\Admin\Tabs\Callbacks.php:27
actionwpac_admin_enqueue_scripts_callbacksphp\Admin\Tabs\Callbacks.php:28
filterajaxify_comments_admin_tabsphp\Admin\Tabs\Integrations.php:25
filterajaxify_comments_admin_sub_tabsphp\Admin\Tabs\Integrations.php:26
filterajaxify_comments_output_integrationsphp\Admin\Tabs\Integrations.php:27
actionwpac_admin_enqueue_scripts_integrationsphp\Admin\Tabs\Integrations.php:28
filterajaxify_comments_admin_tabsphp\Admin\Tabs\Labels.php:25
filterajaxify_comments_admin_sub_tabsphp\Admin\Tabs\Labels.php:26
filterajaxify_comments_output_labelsphp\Admin\Tabs\Labels.php:27
actionwpac_admin_enqueue_scripts_labelsphp\Admin\Tabs\Labels.php:28
filterajaxify_comments_admin_tabsphp\Admin\Tabs\Lazy_Load.php:25
filterajaxify_comments_admin_sub_tabsphp\Admin\Tabs\Lazy_Load.php:26
filterajaxify_comments_output_lazy_loadphp\Admin\Tabs\Lazy_Load.php:27
actionwpac_admin_enqueue_scripts_lazy-loadphp\Admin\Tabs\Lazy_Load.php:28
filterajaxify/comments/theme_color_palettephp\Admin\Tabs\Lazy_Load.php:123
filterajaxify_comments_admin_tabsphp\Admin\Tabs\Main.php:31
filterajaxify_comments_admin_sub_tabsphp\Admin\Tabs\Main.php:32
filterajaxify_comments_output_homephp\Admin\Tabs\Main.php:33
actionwpac_admin_enqueue_scripts_homephp\Admin\Tabs\Main.php:34
filterajaxify_comments_admin_tabsphp\Admin\Tabs\Pagination.php:25
filterajaxify_comments_admin_sub_tabsphp\Admin\Tabs\Pagination.php:26
filterajaxify_comments_output_paginationphp\Admin\Tabs\Pagination.php:27
actionwpac_admin_enqueue_scripts_paginationphp\Admin\Tabs\Pagination.php:28
filterajaxify/comments/theme_color_palettephp\Admin\Tabs\Pagination.php:80
filterajaxify_comments_admin_tabsphp\Admin\Tabs\Selectors.php:27
filterajaxify_comments_admin_sub_tabsphp\Admin\Tabs\Selectors.php:28
filterajaxify_comments_output_selectorsphp\Admin\Tabs\Selectors.php:29
actionwpac_admin_enqueue_scripts_selectorsphp\Admin\Tabs\Selectors.php:30
filterajaxify_comments_admin_tabsphp\Admin\Tabs\Support.php:25
filterajaxify_comments_admin_sub_tabsphp\Admin\Tabs\Support.php:26
filterajaxify_comments_output_supportphp\Admin\Tabs\Support.php:27
actionwpac_admin_enqueue_scripts_supportphp\Admin\Tabs\Support.php:28
actionwp_footerphp\Lazy_Load.php:27
actionwp_footerphp\Lazy_Load.php:28
actionwp_footerphp\Lazy_Load.php:29
actionwp_footerphp\Lazy_Load.php:30
filtersafe_style_cssphp\Lazy_Load.php:267
actionadmin_bar_menuphp\Menu_Helper.php:51
actiondlxplugins/ajaxify/comments/wpphp\Menu_Helper.php:54
actionwp_enqueue_scriptsphp\Menu_Helper.php:152
filterdlxplugins/ajaxify/comments/force_loadphp\Menu_Helper.php:165
filterdlxplugins/ajaxify/comments/can_loadphp\Menu_Helper.php:166
actionadmin_bar_menuphp\Menu_Helper.php:169
filterdlxplugins/ajaxify/comments/force_loadphp\Menu_Helper.php:176
filterdlxplugins/ajaxify/comments/can_loadphp\Menu_Helper.php:179
actionadmin_bar_menuphp\Menu_Helper.php:182
actionadmin_bar_menuphp\Menu_Helper.php:185
actioninitwp-ajaxify-comments.php:56
filterwp_die_handlerwp-ajaxify-comments.php:71
actionswitch_themewp-ajaxify-comments.php:74
actionplugins_loadedwp-ajaxify-comments.php:76
filterthe_commentswp-ajaxify-comments.php:100
actionwp_enqueue_scriptswp-ajaxify-comments.php:101
actionwp_enqueue_scriptswp-ajaxify-comments.php:102
filteroption_page_commentswp-ajaxify-comments.php:103
filteroption_comments_per_pagewp-ajaxify-comments.php:104
filtergenesis_before_commentswp-ajaxify-comments.php:107
actionwpwp-ajaxify-comments.php:110
filtergettextwp-ajaxify-comments.php:121
actionpre_comment_on_postwp-ajaxify-comments.php:123
actionadmin_initwp-ajaxify-comments.php:127
Maintenance & Trust

Ajaxify Comments – Ajax and Lazy Loading Comments Maintenance & Trust

Maintenance Signals

WordPress version tested7.0
Last updatedApr 6, 2026
PHP min version7.2
Downloads205K

Community Trust

Rating96/100
Number of ratings91
Active installs3K
Alternatives

Ajaxify Comments – Ajax and Lazy Loading Comments Alternatives

Comments – wpDiscuz

Comments – wpDiscuz

wpdiscuz

B
75

AJAX powered realtime comments. Designed to extend WordPress native comments. Custom comment forms/fields. Making comments has never been so awesome!

80K 24 CVEs
Ajax Load More – Infinite Scroll, Load More, & Lazy Load

Ajax Load More – Infinite Scroll, Load More, & Lazy Load

ajax-load-more

B
82

Add infinite scroll, lazy loading, and load more buttons to posts, pages, and WooCommerce products — fast and fully customizable for WordPress.

40K 17 CVEs
Load More Products for WooCommerce

Load More Products for WooCommerce

load-more-products-for-woocommerce

A
100

Load products from next page via AJAX with infinite scrolling or load more products button

20K No CVEs
AnyComment

AnyComment

anycomment

F
17

AnyComment is blazing-fast commenting plugin based on React for WordPress.

3K 3 unpatched
Lazy Load for Comments

Lazy Load for Comments

lazy-load-for-comments

A
100

Lazy load default WordPress commenting system on scroll or click. Improve page speed.

2K No CVEs
Developer Profile

Ajaxify Comments – Ajax and Lazy Loading Comments Developer Profile

Ronald Huereca

12 plugins · 30K total installs

87
trust score
Avg Security Score
98/100
Avg Patch Time
89 days
View full developer profile
Detection Fingerprints

How We Detect Ajaxify Comments – Ajax and Lazy Loading Comments

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-ajaxify-comments/assets/js/frontend.js/wp-content/plugins/wp-ajaxify-comments/assets/css/frontend.css/wp-content/plugins/wp-ajaxify-comments/assets/js/admin.js
Script Paths
/wp-content/plugins/wp-ajaxify-comments/assets/js/frontend.js/wp-content/plugins/wp-ajaxify-comments/assets/js/admin.js
Version Parameters
wp-ajaxify-comments/assets/js/frontend.js?ver=wp-ajaxify-comments/assets/css/frontend.css?ver=wp-ajaxify-comments/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
wpac-comment-formwpac-lazy-load-commentswpac-spinner
HTML Comments
<!-- START AJAXIFY COMMENTS<!-- END AJAXIFY COMMENTS -->
Data Attributes
data-wpac-post-iddata-wpac-comment-iddata-wpac-comment-loaded
JS Globals
wpac_frontend_paramswpac_admin_params
REST Endpoints
/wp-json/wpac/v1/comments
FAQ

Frequently Asked Questions about Ajaxify Comments – Ajax and Lazy Loading Comments