[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f3uqAfVCnVAu3KAbk0GTvvC5YC8qOLH99_URJ03q-5QE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":34,"analysis":133,"fingerprints":281},"wp-comment-stats","WP Comment Stats","1.0.3","jammy to go","https:\u002F\u002Fprofiles.wordpress.org\u002Fjammy-to-go\u002F","\u003Cp>The admin comment stats shows the following comment stats:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>Period\u003C\u002Fstrong> Should be self-explanatory, it is the month and year for that particular row.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Approved\u003C\u002Fstrong> Shows the total number of comments that have been \u003Cstrong>APPROVED\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Posts Discussed\u003C\u002Fstrong> Shows you the total number of posts during this period that received at least 1 approved comment.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Commentator Statistics (CS.)\u003C\u002Fstrong> Shows you the unique number for each of the sub-items: \u003Cstrong>CS. Names\u003C\u002Fstrong>: Total number of unique names used. \u003Cstrong>CS. Emails\u003C\u002Fstrong>: Total number of unique email addresses used. \u003Cstrong>CS. URLs\u003C\u002Fstrong>: Total number of unique websites used. \u003Cstrong>CS. IPs\u003C\u002Fstrong>: Total number of unique IP addresses\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Most Commented Post(s)\u003C\u002Fstrong> Lists all of your posts that received at least 1 comment. The posts show here are listed by the number of comments received during that period (NOTE: It is common for a blog post to get comments for months after it is posted, as such if it shows 10 posts this month for a comment but there are 20 in total, look at previous months to see when the other comments arrived on this post).\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>The Dashboard widget shows the following comment stats (It is based on the tutorial found at http:\u002F\u002Fpremium.wpmudev.org\u002Fblog\u002Fadding-custom-widgets-to-the-wordpress-admin-dashboard\u002F):\u003C\u002Fp>\n\u003Col>\n\u003Cli>Comments in the past 7 days\u003C\u002Fli>\n\u003Cli>Comments in the past 10 years\u003C\u002Fli>\n\u003Cli>Comments in the past 12 months\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Contributions\u003C\u002Fh3>\n\u003Cp>Would you like to like to contribute to \u003Cstrong>WP Comments Stats\u003C\u002Fstrong>? You are more than welcome to submit your pull requests on the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fgrafxflow\u002Fwp-comments-stats\" rel=\"nofollow ugc\">GitHub repo\u003C\u002Fa>. Also, if you have any notes about the code, please open a ticket on the issue tracker.\u003C\u002Fp>\n","Shows detailed stats of your WordPress comments based on original plugin 'Comment Stats' - https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcomment-stats\u002F",10,1692,0,"2018-07-13T18:40:00.000Z","4.9.29","3.9.25","",[19,20,21],"comments","dashboard-comment-stats","stats","https:\u002F\u002Fgrafxflow.co.uk\u002Fblog\u002Fcontent-management-systems\u002Fwp-comment-stats-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-comment-stats.1.0.3.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":24,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"jammy-to-go",1,30,84,"2026-04-05T18:22:24.243Z",[35,52,67,92,113],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":11,"downloaded":43,"rating":13,"num_ratings":13,"last_updated":17,"tested_up_to":44,"requires_at_least":45,"requires_php":17,"tags":46,"homepage":48,"download_link":49,"security_score":50,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":51},"wp-yearendstats","WP Year End Stats","1.0","Sudar Muthu","https:\u002F\u002Fprofiles.wordpress.org\u002Fsudar\u002F","\u003Cp>Displays fancy stats about your blog which you can include in your year end review posts.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Requires PHP 5.3 or higher. Will not work in PHP 5.2.x\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>The plugin currently supports the following stats\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Total number of posts per year\u003C\u002Fli>\n\u003Cli>Total number of comments per year\u003C\u002Fli>\n\u003Cli>Total number of words written per year\u003C\u002Fli>\n\u003Cli>Average length of posts per year\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Shortcode\u003C\u002Fh3>\n\u003Cp>You can use the following shortcode to display stats in your blog.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>`[yes_stats type=\"post_num\" start_year=\"2004\" end_year=\"2014\" range=\"to\" post_type=\"post\" post_status=\"publish\" title=\"Title of the graph\" height=\"500\" width=\"500\" ] ```\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>The \u003Ccode>yes_stats\u003C\u002Fcode> shortcode can have the following attributes\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>type\u003C\u002Fcode> – The type of graph. The following are the allowed values.\n\u003Cul>\n\u003Cli>\u003Ccode>post_num\u003C\u002Fcode> – Number of posts by year (default)\u003C\u002Fli>\n\u003Cli>\u003Ccode>comment_num\u003C\u002Fcode> – Number of posts by year\u003C\u002Fli>\n\u003Cli>\u003Ccode>post_avg_length\u003C\u002Fcode> – Average length of posts by year\u003C\u002Fli>\n\u003Cli>\u003Ccode>post_totoal_length\u003C\u002Fcode> – Total length of posts by year\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Ccode>start_year\u003C\u002Fcode> – The first year for the graph (default: current year)\u003C\u002Fli>\n\u003Cli>\u003Ccode>end_year\u003C\u002Fcode> – The last year for the graph (default: current year)\u003C\u002Fli>\n\u003Cli>\u003Ccode>range\u003C\u002Fcode> – How the years should be treated. Possible values are \u003Ccode>to\u003C\u002Fcode> (default) and \u003Ccode>and\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>post_type\u003C\u002Fcode> – The post type for which the graph should be generated (default: post)\u003C\u002Fli>\n\u003Cli>\u003Ccode>post_status\u003C\u002Fcode> – The post status for which the graph should be generated (default: publish)\u003C\u002Fli>\n\u003Cli>\u003Ccode>title\u003C\u002Fcode> – Title for the graph\u003C\u002Fli>\n\u003Cli>\u003Ccode>height\u003C\u002Fcode> – Height of the graph (Default: 500px)\u003C\u002Fli>\n\u003Cli>\u003Ccode>width\u003C\u002Fcode> – Width of the graph (Default: 500px)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>TODO\u003C\u002Fh3>\n\u003Cp>The following are the features that I am thinking of adding to the Plugin, when I get some free time. If you have any feature request or want to increase the priority of a particular feature, then let me know.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Add more stats\u003C\u002Fli>\n\u003Cli>Make the graphs more configurable\u003C\u002Fli>\n\u003Cli>Cache the stats\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>If you have found a bug\u002Fissue or have a feature request, then post them in \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsudar\u002Fwp-yearendstats\u002Fissues\" rel=\"nofollow ugc\">github issues\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>If you have a question about usage or need help to troubleshoot, then post in WordPress forums or leave a comment in \u003Ca href=\"http:\u002F\u002Fsudarmuthu.com\u002Fwordpress\u002Fwp-year-end-stats\" rel=\"nofollow ugc\">plugins’s home page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>If you like the Plugin, then kindly leave a review\u002Ffeedback at \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwp-yearendstats\u002F\" rel=\"ugc\">WordPress repo page\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>If you find this Plugin useful or and wanted to say thank you, then there are ways to \u003Ca href=\"http:\u002F\u002Fsudarmuthu.com\u002Fif-you-wanna-thank-me\" rel=\"nofollow ugc\">make me happy\u003C\u002Fa> 🙂 and I would really appreciate if you can do one of those.\u003C\u002Fli>\n\u003Cli>Checkout other \u003Ca href=\"http:\u002F\u002Fsudarmuthu.com\u002Fwordpress\" rel=\"nofollow ugc\">WordPress Plugins\u003C\u002Fa> that I have written\u003C\u002Fli>\n\u003Cli>If anything else, then contact me in \u003Ca href=\"http:\u002F\u002Ftwitter.com\u002Fsudarmuthu\" rel=\"nofollow ugc\">twitter\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Translation\u003C\u002Fh3>\n\u003Cp>The pot file is available with the Plugin. If you are willing to do translation for the Plugin,\u003Cbr \u002F>\nuse the pot file to create the .po files for your language and let me know.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Thanks to Alex King for his \u003Ca href=\"http:\u002F\u002Falexking.org\u002Fblog\u002F2007\u002F01\u002F01\u002Fsql-for-blog-stats\" rel=\"nofollow ugc\">blog stats SQL scripts\u003C\u002Fa> and for the \u003Ca href=\"http:\u002F\u002Falexking.org\u002Fblog\u002F2007\u002F12\u002F31\u002F2007-in-review\" rel=\"nofollow ugc\">inspiration\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Thanks to the excellent \u003Ca href=\"http:\u002F\u002Fflotcharts.org\u002F\" rel=\"nofollow ugc\">Flot JavaScript\u003C\u002Fa> library.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Readme Generator\u003C\u002Fh3>\n\u003Cp>This Readme file was generated using \u003Ca href='http:\u002F\u002Fsudarmuthu.com\u002Fwordpress\u002Fwp-readme' rel=\"nofollow ugc\">wp-readme\u003C\u002Fa>, which generates readme files for WordPress Plugins.\u003C\u002Fp>\n","Displays fancy stats about your blog which you can include in your year end review posts.",4577,"4.1.42","2.0",[19,47,21],"posts","http:\u002F\u002Fsudarmuthu.com\u002Fwordpress\u002Fwp-year-end-stats","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-yearendstats.1.0.zip",100,"2026-03-15T10:48:56.248Z",{"slug":53,"name":54,"version":38,"author":55,"author_profile":56,"description":57,"short_description":58,"active_installs":13,"downloaded":59,"rating":13,"num_ratings":13,"last_updated":17,"tested_up_to":60,"requires_at_least":61,"requires_php":62,"tags":63,"homepage":17,"download_link":66,"security_score":50,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":51},"site-stats-dashboard","Site Stats Dashboard","szatek","https:\u002F\u002Fprofiles.wordpress.org\u002Fszatek\u002F","\u003Cp>Site Stats Dashboard is a simple WordPress plugin that displays your website’s statistics in the admin panel. It shows:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The number of published posts.\u003C\u002Fli>\n\u003Cli>The number of approved comments.\u003C\u002Fli>\n\u003Cli>The total visit count (each front-end page load is counted).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin uses the WordPress REST API to provide the statistics and renders the admin dashboard using React via the \u003Ccode>wp.element\u003C\u002Fcode> package.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Admin Dashboard:\u003C\u002Fstrong> A dedicated admin page accessible from the WordPress dashboard under the “Site Stats” menu.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Live Statistics:\u003C\u002Fstrong> Displays post count, comment count, and visit count.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>REST API Integration:\u003C\u002Fstrong> Provides a custom REST API endpoint (\u003Ccode>ssds\u002Fv1\u002Fstats\u003C\u002Fcode>) that returns the site statistics.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>React-Based UI:\u003C\u002Fstrong> Uses React (via the built-in \u003Ccode>wp.element\u003C\u002Fcode> library) for the admin dashboard interface.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Visit Tracking:\u003C\u002Fstrong> Tracks every front-end page load to increment the visit counter.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Admin Panel:\u003C\u002Fstrong> Once activated, click on the “Site Stats” menu item in the WordPress admin sidebar to see the statistics.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>REST API:\u003C\u002Fstrong>\u003Cbr \u002F>\nThe plugin registers a REST API endpoint at:\u003Cbr \u002F>\nhttp:\u002F\u002Fyour-site-url\u002Fwp-json\u002Fssds\u002Fv1\u002Fstats\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This endpoint returns a JSON response with the keys \u003Ccode>post_count\u003C\u002Fcode>, \u003Ccode>comment_count\u003C\u002Fcode>, and \u003Ccode>visit_count\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> Access to the REST API endpoint is restricted to users with the \u003Ccode>manage_options\u003C\u002Fcode> capability (typically administrators).\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Visit Tracking:\u003C\u002Fstrong>\u003Cbr \u002F>\nEvery time a front-end page is loaded (excluding admin pages and AJAX requests), the plugin increments the visit counter. This means the visit count increases on every page load, not only for unique visitors.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the \u003Ca href=\"https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\" rel=\"nofollow ugc\">GPLv2 or later\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Additional Notes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>The admin dashboard interface is built using React without a build process (JSX is not used). If you later decide to use JSX or more advanced React features, you’ll need to integrate a build system (e.g., webpack with Babel).\u003C\u002Fli>\n\u003Cli>Ensure you are logged in as an administrator (or a user with the \u003Ccode>manage_options\u003C\u002Fcode> capability) when accessing the plugin dashboard or the REST API endpoint.\u003C\u002Fli>\n\u003C\u002Ful>\n","Simple dashboard that displays site statistics (post count, comment count, visit count) in the admin panel.",299,"6.7.5","5.2","7.2",[19,64,47,21,65],"dashboard","visits","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsite-stats-dashboard.1.0.zip",{"slug":68,"name":69,"version":70,"author":71,"author_profile":72,"description":73,"short_description":74,"active_installs":75,"downloaded":76,"rating":77,"num_ratings":78,"last_updated":79,"tested_up_to":80,"requires_at_least":81,"requires_php":62,"tags":82,"homepage":87,"download_link":88,"security_score":89,"vuln_count":90,"unpatched_count":13,"last_vuln_date":91,"fetched_at":26},"akismet","Akismet Anti-spam: Spam Protection","5.6","Automattic","https:\u002F\u002Fprofiles.wordpress.org\u002Fautomattic\u002F","\u003Cp>The best anti-spam protection to block spam comments and spam in a contact form. The most trusted antispam solution for WordPress and WooCommerce.\u003C\u002Fp>\n\u003Cp>Akismet checks your comments and contact form submissions against our global database of spam to prevent your site from publishing malicious content. You can review the comment spam it catches on your blog’s “Comments” admin screen.\u003C\u002Fp>\n\u003Cp>Major features in Akismet include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatically checks all comments and filters out the ones that look like spam.\u003C\u002Fli>\n\u003Cli>Each comment has a status history, so you can easily see which comments were caught or cleared by Akismet and which were spammed or unspammed by a moderator.\u003C\u002Fli>\n\u003Cli>URLs are shown in the comment body to reveal hidden or misleading links.\u003C\u002Fli>\n\u003Cli>Moderators can see the number of approved comments for each user.\u003C\u002Fli>\n\u003Cli>A discard feature that outright blocks the worst spam, saving you disk space and speeding up your site.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>PS: You’ll be prompted to get an Akismet.com API key to use it, once activated. Keys are free for personal blogs; paid subscriptions are available for businesses and commercial sites.\u003C\u002Fp>\n","The best anti-spam protection to block spam comments and spam in a contact form. The most trusted antispam solution for WordPress and WooCommerce.",6000000,386405930,94,1173,"2025-11-12T16:31:00.000Z","6.9.4","5.8",[83,84,19,85,86],"anti-spam","antispam","contact-form","spam","https:\u002F\u002Fakismet.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fakismet.5.6.zip",99,2,"2015-10-13 00:00:00",{"slug":93,"name":94,"version":95,"author":96,"author_profile":97,"description":98,"short_description":99,"active_installs":100,"downloaded":101,"rating":77,"num_ratings":102,"last_updated":103,"tested_up_to":80,"requires_at_least":104,"requires_php":70,"tags":105,"homepage":110,"download_link":111,"security_score":89,"vuln_count":30,"unpatched_count":13,"last_vuln_date":112,"fetched_at":26},"disable-comments","Disable Comments – Remove Comments & Stop Spam [Multi-Site Support]","2.6.2","WPDeveloper","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpdevteam\u002F","\u003Ch4>Disable Comments – Remove Comments & Stop Spam [Multi-Site Support]\u003C\u002Fh4>\n\u003Cp>Enable\u002FDisable comments on any WordPress content (Pages, Posts, or Media) to stop spammers. WP-CLI, XML-RPC & REST-API support to stop spam comments.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002Fplugins\u002Fdisable-comments\u002F\" rel=\"nofollow ugc\">More About Plugin\u003C\u002Fa> ◼️ \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002Fdocs-category\u002Fdisable-comments\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> ◼️ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fdisable-comments\u002F\" rel=\"ugc\">Support Forum\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FEpuYs9Nf_nY?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Take Global Control Over Your WordPress Site\u003C\u002Fh3>\n\u003Cp>Override all comments-related settings throughout your website & manage your comments just the way you want.\u003C\u002Fp>\n\u003Ch3>Disable Comments On Posts, Pages & Media\u003C\u002Fh3>\n\u003Cp>Choose which posts, pages or media should allow comments from site visitors & configure Disable Comments accordingly\u003C\u002Fp>\n\u003Ch3>Disallow Comments On Multi-Site Network\u003C\u002Fh3>\n\u003Cp>Have multiple websites? Get rid of irrelevant comments on the entire network using Disable Comments Plugin\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FJ9AteKzQpPs?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>KEY FEATURES OF DISABLE COMMENTS\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>All “Comments” links are hidden from the Admin Menu and Admin Bar.\u003C\u002Fli>\n\u003Cli>All comment-related sections (“Recent Comments”, “Discussion” etc.) are hidden from the WordPress Dashboard.\u003C\u002Fli>\n\u003Cli>All comment-related widgets are disabled (so your theme cannot use them).\u003C\u002Fli>\n\u003Cli>The “Discussion” settings page is hidden.\u003C\u002Fli>\n\u003Cli>All comment RSS\u002FAtom feeds are disabled (and requests for these will be redirected to the parent post).\u003C\u002Fli>\n\u003Cli>The X-Pingback HTTP header is removed from all pages.\u003C\u002Fli>\n\u003Cli>Outgoing pingbacks are disabled.\u003C\u002Fli>\n\u003Cli>Stop spam comments entirely from the site with one click.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>[New]\u003C\u002Fstrong> Delete comments by type.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>[New]\u003C\u002Fstrong> Disable comments via \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002Fdocs\u002Fhow-to-disable-comments-made-via-xml-rpc\u002F\" rel=\"nofollow ugc\">XML-RPC\u003C\u002Fa> & \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002Fdocs\u002Fhow-to-disable-comments-made-via-rest-api\u002F\" rel=\"nofollow ugc\">REST-API\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>[New]\u003C\u002Fstrong> Fully Multi-site Network supported.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>[New]\u003C\u002Fstrong> Manage multiple website network-specific subsites or entire network comments in advance.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>[New]\u003C\u002Fstrong> Exclude Disable Comments Settings based on user roles.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FFBq3-W-p-DM?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>Please delete any existing comments on your site \u003Cstrong>before applying this setting\u003C\u002Fstrong>, otherwise (depending on your theme) those comments may still be displayed to visitors. You can use the \u003Cstrong>Delete Comments tool\u003C\u002Fstrong> to delete any existing comments on your site.\u003C\u002Fp>\n\u003Ch3>🌟 WHAT’S NEW WITH DISABLE COMMENTS 2.0\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>AMAZING USER FRIENDLY INTERFACE\u003C\u002Fstrong>\u003Cbr \u002F>\nEasily configure your comment-related settings with an amazing and attractive app-like user interface.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WP-CLI COMMANDS TO DISABLE COMMENTS\u003C\u002Fstrong>\u003Cbr \u002F>\nUse \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002Fdocs\u002Fhow-to-use-disable-comments-plugin-with-wp-cli-command-line\u002F\" rel=\"nofollow ugc\">WP-CLI\u003C\u002Fa> control for comment-related settings to disable comments on posts, pages, attachments or everywhere on your website.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fmzi5uhKB9Zk?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>GET STARTED WITH QUICK SETUP WIZARD\u003C\u002Fstrong>\u003Cbr \u002F>\nUse the quick setup wizard after activating the plugin to instantly configure comment-related settings for your WordPress website.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>DISABLE COMMENTS ON DOCS\u003C\u002Fstrong>\u003Cbr \u002F>\nInstantly disable comments on your documentation pages or WordPress knowledge base with a single click.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Ft7BQ-7A4y4s?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>DELETE CERTAIN COMMENT TYPE(S)\u003C\u002Fstrong>\u003Cbr \u002F>\nPermanently delete certain comment types from your WordPress website including WooCommerce product reviews as well as generic comments.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FIzm_ihC-z10?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>DISABLE COMMENTS VIA XML-RPC And REST API\u003C\u002Fstrong>\u003Cbr \u002F>\nBlock any comments made on your WordPress website via XML-RPC specification and REST API.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important note\u003C\u002Fstrong>: Use this plugin if you don’t want comments at all on your site (or on certain post types). Don’t use it if you want to selectively disable comments on individual posts – WordPress lets you do that anyway. If you don’t know how to disable comments on individual posts, there are instructions in \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisable-comments\u002F#faq\" rel=\"ugc\">the FAQ\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you come across any bugs or have suggestions, please use the plugin support forum. I can’t fix it if I don’t know it’s broken! Please check the \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisable-comments\u002F#faq\" rel=\"ugc\">FAQ\u003C\u002Fa>\u003C\u002Fstrong> for common issues.\u003C\u002Fp>\n\u003Cp>Want to contribute? Here’s the \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FWPDevelopers\u002Fdisable-comments\" rel=\"nofollow ugc\">GitHub development repository\u003C\u002Fa>\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>A \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FWPDevelopers\u002Fdisable-comments-mu\" rel=\"nofollow ugc\">must-use version\u003C\u002Fa> of the plugin is also available.\u003C\u002Fp>\n\u003Ch3>Advanced Configuration\u003C\u002Fh3>\n\u003Cp>Some of the plugin’s behavior can be modified by site administrators and plugin\u002Ftheme developers through code:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Define \u003Ccode>DISABLE_COMMENTS_REMOVE_COMMENTS_TEMPLATE\u003C\u002Fcode> and set it to \u003Ccode>false\u003C\u002Fcode> to prevent the plugin from replacing the theme’s comment template with an empty one.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Define \u003Ccode>DISABLE_COMMENTS_ALLOW_DISCUSSION_SETTINGS\u003C\u002Fcode> and set it to \u003Ccode>true\u003C\u002Fcode> to prevent the plugin from hiding the Discussion settings page.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>These definitions can be made either in your main \u003Ccode>wp-config.php\u003C\u002Fcode> or in your theme’s \u003Ccode>functions.php\u003C\u002Fcode> file.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>THIS PLUGIN IS NOW MAINTAINED BY THE TEAM\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002F\" rel=\"nofollow ugc\">WPDeveloper\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>💙 LOVED DISABLE COMMENTS?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>For documentation and tutorials go to our \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002Fdocs-category\u002Fdisable-comments\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>For video tutorials go to our \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=J9AteKzQpPs&list=PLWHp1xKHCfxD2_xOIR5dMAGf3wd4hv-8K\" rel=\"nofollow ugc\">YouTube Playlist\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Join our \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fgroups\u002Fwpdeveloper.net\u002F\" rel=\"nofollow ugc\">Facebook Group\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>If you love Disable Comments, \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fdisable-comments\u002Freviews\u002F?filter=5\" rel=\"ugc\">rate us on WordPress\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>For more information about features, FAQs, and documentation, check out our website at \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002Fplugins\u002Fdisable-comments\u002F\" rel=\"nofollow ugc\">Disable Comments\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔥 GET FREEBIES FOR YOUR WORDPRESS SITE\u003C\u002Fh3>\n\u003Cp>Consider checking out our other WordPress solutions & boost your WordPress website:\u003C\u002Fp>\n\u003Cp>🔝 \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fessential-addons-for-elementor-lite\u002F\" rel=\"ugc\">Essential Addons For Elementor\u003C\u002Fa>: Most popular Elementor addons with 2 million+ happy users & 95+ widgets & ready blocks\u003C\u002Fp>\n\u003Cp>🔔 \u003Ca href=\"https:\u002F\u002Fnotificationx.com\u002F\" rel=\"nofollow ugc\">NotificationX\u003C\u002Fa> – Best Social Proof & FOMO Marketing Solution to increase conversion rates.\u003C\u002Fp>\n\u003Cp>🔗 \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbetterlinks\u002F\" rel=\"ugc\">BetterLinks\u003C\u002Fa>: Latest best WordPress link management plugin for link shortening, tracking & analyzing.\u003C\u002Fp>\n\u003Cp>📄 \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fembedpress\u002F\" rel=\"ugc\">EmbedPress\u003C\u002Fa>: EmbedPress lets you embed anything including videos, images, posts, audio, maps and upload PDF, DOC, PPT etc.\u003C\u002Fp>\n\u003Cp>☁ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftemplately\u002F\" rel=\"ugc\">Templately\u003C\u002Fa>: 6000+ Free templates library for Elementor & Gutenberg along with the cloud collaboration for WordPress.\u003C\u002Fp>\n\u003Cp>📚 \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbetterdocs\u002F\" rel=\"ugc\">BetterDocs\u003C\u002Fa>: Best Documentation & Knowledge Base Plugin for WordPress reduce manual support tickets & improve user experience.\u003C\u002Fp>\n\u003Cp>⏰ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-scheduled-posts\u002F\" rel=\"ugc\">SchedulePress\u003C\u002Fa>: Advanced editorial calendar with WordPress Post Scheduling, Social Sharing, Missed scheduled alerts, and more.\u003C\u002Fp>\n\u003Cp>⚡ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fthemes\u002Fflexia\u002F\" rel=\"ugc\">Flexia\u003C\u002Fa>: Most lightweight, customizable & multi purpose theme for WordPress.\u003C\u002Fp>\n\u003Cp>Visit \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002F\" rel=\"nofollow ugc\">WPDeveloper\u003C\u002Fa> to learn more about how to do better in WordPress with \u003Ca href=\"https:\u002F\u002Fwpdeveloper.com\u002Fblog\" rel=\"nofollow ugc\">Help Tutorial, Tips & Tricks\u003C\u002Fa>.\u003C\u002Fp>\n","Allows administrators to globally disable comments on their site. Comments can be disabled according to post type. Multisite friendly.",1000000,31676190,276,"2026-01-20T08:14:00.000Z","5.0",[106,93,107,108,109],"delete-comments","remove-comments","spam-protection","stop-spam","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisable-comments\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-comments.2.6.2.zip","2014-08-01 00:00:00",{"slug":114,"name":115,"version":116,"author":117,"author_profile":118,"description":119,"short_description":120,"active_installs":121,"downloaded":122,"rating":123,"num_ratings":124,"last_updated":125,"tested_up_to":126,"requires_at_least":127,"requires_php":61,"tags":128,"homepage":130,"download_link":131,"security_score":50,"vuln_count":30,"unpatched_count":13,"last_vuln_date":132,"fetched_at":26},"antispam-bee","Antispam Bee","2.11.8","pluginkollektiv","https:\u002F\u002Fprofiles.wordpress.org\u002Fpluginkollektiv\u002F","\u003Cp>Say Goodbye to comment spam on your WordPress blog or website. \u003Cem>Antispam Bee\u003C\u002Fem> blocks spam comments and trackbacks effectively, without captchas and without sending personal information to third party services. It is free of charge, ad-free and 100% GDPR compliant.\u003C\u002Fp>\n\u003Ch3>Feature\u002FSettings Overview\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Trust approved commenters.\u003C\u002Fli>\n\u003Cli>Trust commenters with a Gravatar.\u003C\u002Fli>\n\u003Cli>Consider the comment time.\u003C\u002Fli>\n\u003Cli>Allow comments only in a certain language.\u003C\u002Fli>\n\u003Cli>Block or allow commenters from certain countries.\u003C\u002Fli>\n\u003Cli>Treat BBCode links as spam.\u003C\u002Fli>\n\u003Cli>Use regular expressions.\u003C\u002Fli>\n\u003Cli>Search local spam database for commenters previously marked as spammers.\u003C\u002Fli>\n\u003Cli>Notify admins by e-mail about incoming spam.\u003C\u002Fli>\n\u003Cli>Delete existing spam after n days.\u003C\u002Fli>\n\u003Cli>Limit approval to comments\u002Fpings (will delete other comment types).\u003C\u002Fli>\n\u003Cli>Select spam indicators to send comments to deletion directly.\u003C\u002Fli>\n\u003Cli>Optionally exclude trackbacks and pingbacks from spam detection.\u003C\u002Fli>\n\u003Cli>Optionally spam-check comment forms on archive pages.\u003C\u002Fli>\n\u003Cli>Display spam statistics on the dashboard, including daily updates of spam detection rate and a total of blocked spam comments.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Community support via the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fantispam-bee\" rel=\"ugc\">support forums on wordpress.org\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Read \u003Ca href=\"https:\u002F\u002Fantispambee.pluginkollektiv.org\u002Fdocumentation\u002F\" rel=\"nofollow ugc\">the documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>We don’t handle support via e-mail, Twitter, GitHub issues etc.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contribute\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Active development of this plugin is handled \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fpluginkollektiv\u002Fantispam-bee\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Pull requests for documented bugs are highly appreciated.\u003C\u002Fli>\n\u003Cli>If you think you’ve found a bug (e.g. you’re experiencing unexpected behavior), please post at the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fantispam-bee\" rel=\"ugc\">support forums\u003C\u002Fa> first.\u003C\u002Fli>\n\u003Cli>If you want to help us translate this plugin you can do so \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fantispam-bee\" rel=\"nofollow ugc\">on WordPress Translate\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Author: \u003Ca href=\"https:\u002F\u002Fsergejmueller.github.io\u002F\" rel=\"nofollow ugc\">Sergej Müller\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Maintainers: \u003Ca href=\"https:\u002F\u002Fpluginkollektiv.org\" rel=\"nofollow ugc\">pluginkollektiv\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Sophisticated antispam plugin for effective daily comment and trackback spam-fighting. Built with data protection and privacy in mind.",700000,10958057,96,225,"2025-07-22T11:23:00.000Z","6.8.5","4.6",[83,84,19,129,108],"spam-filter","https:\u002F\u002Fantispambee.pluginkollektiv.org\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fantispam-bee.2.11.8.zip","2023-11-27 00:00:00",{"attackSurface":134,"codeSignals":163,"taintFlows":238,"riskAssessment":267,"analyzedAt":280},{"hooks":135,"ajaxHandlers":159,"restRoutes":160,"shortcodes":161,"cronEvents":162,"entryPointCount":13,"unprotectedCount":13},[136,141,145,149,152,156],{"type":137,"name":138,"callback":138,"file":139,"line":140},"action","init","wp-comment-dashboard.php",12,{"type":137,"name":142,"callback":143,"file":139,"line":144},"wp_dashboard_setup","dashboard_widget_add_widget",16,{"type":137,"name":146,"callback":147,"file":139,"line":148},"admin_enqueue_scripts","dashboard_widget_css_include",17,{"type":137,"name":138,"callback":138,"file":150,"line":151},"wp-comment-stats.php",37,{"type":137,"name":153,"callback":154,"file":150,"line":155},"admin_menu","comments_stats_admin_actions",41,{"type":137,"name":146,"callback":157,"file":150,"line":158},"table_stats_css_include",42,[],[],[],[],{"dangerousFunctions":164,"sqlUsage":165,"outputEscaping":178,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":30,"bundledLibraries":237},[],{"prepared":90,"raw":166,"locations":167},4,[168,171,173,175],{"file":139,"line":169,"context":170},45,"$wpdb->get_var() with variable interpolation",{"file":139,"line":172,"context":170},66,{"file":139,"line":174,"context":170},89,{"file":150,"line":176,"context":177},75,"$wpdb->get_results() with variable interpolation",{"escaped":90,"rawEcho":179,"locations":180},44,[181,184,186,188,189,190,192,194,195,197,198,199,200,201,202,203,205,206,207,208,209,210,211,213,215,216,217,218,219,220,221,223,224,225,226,227,228,229,231,232,233,234,235,236],{"file":182,"line":90,"context":183},"trunk\\views\\table-stats.php","raw output",{"file":185,"line":30,"context":183},"trunk\\views\\widget\\widget-stats-monthly.php",{"file":185,"line":187,"context":183},8,{"file":185,"line":187,"context":183},{"file":185,"line":187,"context":183},{"file":185,"line":191,"context":183},14,{"file":185,"line":193,"context":183},15,{"file":185,"line":144,"context":183},{"file":196,"line":30,"context":183},"trunk\\views\\widget\\widget-stats-weekly.php",{"file":196,"line":187,"context":183},{"file":196,"line":187,"context":183},{"file":196,"line":187,"context":183},{"file":196,"line":191,"context":183},{"file":196,"line":193,"context":183},{"file":196,"line":144,"context":183},{"file":204,"line":30,"context":183},"trunk\\views\\widget\\widget-stats-yearly.php",{"file":204,"line":187,"context":183},{"file":204,"line":187,"context":183},{"file":204,"line":187,"context":183},{"file":204,"line":191,"context":183},{"file":204,"line":193,"context":183},{"file":204,"line":144,"context":183},{"file":212,"line":90,"context":183},"views\\table-stats.php",{"file":214,"line":30,"context":183},"views\\widget\\widget-stats-monthly.php",{"file":214,"line":187,"context":183},{"file":214,"line":187,"context":183},{"file":214,"line":187,"context":183},{"file":214,"line":191,"context":183},{"file":214,"line":193,"context":183},{"file":214,"line":144,"context":183},{"file":222,"line":30,"context":183},"views\\widget\\widget-stats-weekly.php",{"file":222,"line":187,"context":183},{"file":222,"line":187,"context":183},{"file":222,"line":187,"context":183},{"file":222,"line":191,"context":183},{"file":222,"line":193,"context":183},{"file":222,"line":144,"context":183},{"file":230,"line":30,"context":183},"views\\widget\\widget-stats-yearly.php",{"file":230,"line":187,"context":183},{"file":230,"line":187,"context":183},{"file":230,"line":187,"context":183},{"file":230,"line":191,"context":183},{"file":230,"line":193,"context":183},{"file":230,"line":144,"context":183},[],[239,257],{"entryPoint":240,"graph":241,"unsanitizedCount":13,"severity":256},"\u003Cwp-comment-stats> (wp-comment-stats.php:0)",{"nodes":242,"edges":253},[243,248],{"id":244,"type":245,"label":246,"file":150,"line":247},"n0","source","$_GET",63,{"id":249,"type":250,"label":251,"file":150,"line":176,"wp_function":252},"n1","sink","get_results() [SQLi]","get_results",[254],{"from":244,"to":249,"sanitized":255},true,"low",{"entryPoint":258,"graph":259,"unsanitizedCount":30,"severity":266},"get_sql_results (wp-comment-stats.php:57)",{"nodes":260,"edges":263},[261,262],{"id":244,"type":245,"label":246,"file":150,"line":247},{"id":249,"type":250,"label":251,"file":150,"line":176,"wp_function":252},[264],{"from":244,"to":249,"sanitized":265},false,"high",{"summary":268,"deductions":269},"The wp-comment-stats plugin, version 1.0.3, exhibits a mixed security posture. On one hand, it demonstrates good practices by having a very small attack surface with no apparent AJAX handlers, REST API routes, shortcodes, or cron events that are exposed. Furthermore, there are no known past vulnerabilities or CVEs associated with this plugin, suggesting a history of responsible development. However, the static analysis reveals significant concerns within the code itself.\n\nThe most prominent issues lie in the handling of SQL queries and output escaping. A substantial 67% of SQL queries are not using prepared statements, posing a risk of SQL injection if user-supplied data is not meticulously handled elsewhere. Compounding this, only 4% of outputs are properly escaped, indicating a high probability of cross-site scripting (XSS) vulnerabilities. The taint analysis further supports these concerns, revealing one flow with an unsanitized path and a high severity taint, directly linking potentially dangerous input to sensitive operations without adequate sanitization.\n\nDespite the lack of known external vulnerabilities, the internal code quality, particularly regarding SQL and output sanitization, presents a considerable risk. The absence of nonce checks on any entry points (which are zero in this case) and limited capability checks also mean that any discovered vulnerabilities could potentially be exploited without robust authorization mechanisms. The plugin's strengths are its minimal attack surface and clean vulnerability history, but these are overshadowed by significant risks in data handling practices within the code.",[270,272,274,277],{"reason":271,"points":193},"High percentage of SQL queries not using prepared statements",{"reason":273,"points":140},"Low percentage of outputs properly escaped",{"reason":275,"points":276},"High severity taint flow with unsanitized path",13,{"reason":278,"points":279},"No nonce checks on entry points",5,"2026-03-17T00:16:30.217Z",{"wat":282,"direct":288},{"assetPaths":283,"generatorPatterns":285,"scriptPaths":286,"versionParams":287},[284],"\u002Fwp-content\u002Fplugins\u002Fwp-comment-stats\u002Fcss\u002Fplugin.css",[],[],[],{"cssClasses":289,"htmlComments":291,"htmlAttributes":292,"restEndpoints":293,"jsGlobals":294,"shortcodeOutput":295},[290],"popular-link",[],[],[],[],[]]