[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fd4hlC2E2tmLKnTs68Trv6YVSGSmbTLpiA2dByFhX8Nk":3,"$fMZdu1HfrqyqmTiJN1HIbAqgzOAwUWfoDB7uP8RVSqc8":229},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":16,"tags":17,"homepage":21,"download_link":22,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":34,"analysis":134,"fingerprints":204},"wp-private-comment-notes","WP Private Comment Notes","1.0.0","Ren Ventura","https:\u002F\u002Fprofiles.wordpress.org\u002Frenventura\u002F","\u003Cp>WP Private Comment Notes will let WordPress admins\u002Fmoderators add and manage private notes for each comment left through the WordPress commenting system. Additionally, each note can be shared with the user who left the original comment.\u003C\u002Fp>\n\u003Cp>Comment notes can come in handy when managing popular blogs. WP Private Comment Notes serves as a “note to self” tool for comment moderators, or a private method of communication with the commenter.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Thanks to \u003Ca href=\"https:\u002F\u002Fwww.iconfinder.com\u002Fanir\" rel=\"nofollow ugc\">Ana Nirwana\u003C\u002Fa> for the cool little message icon.\u003C\u002Fp>\n","Add private notes to WordPress comments with an option to email the original commenter.",10,1313,0,"2018-12-09T00:11:00.000Z","5.0.25","",[18,19,20],"comment-meta","comments","notes","https:\u002F\u002Fwww.engagewp.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-private-comment-notes.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":31,"avg_patch_time_days":29,"trust_score":32,"computed_at":33},"renventura",6,1630,82,87,"2026-04-06T10:51:23.804Z",[35,61,77,97,116],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":56,"download_link":57,"security_score":45,"vuln_count":58,"unpatched_count":13,"last_vuln_date":59,"fetched_at":60},"wp-comment-fields","Comments Extra Fields For Post,Pages and CPT","5.1","N-Media","https:\u002F\u002Fprofiles.wordpress.org\u002Fnmedia\u002F","\u003Cp>This plugin allow admin to add custom fields in comment area. These fields are saved as comment meta and is displayed under comment text. Four fields types are supported.\u003C\u002Fp>\n\u003Ch3>Live Demo\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Ftastewp.com\u002Ftemplate\u002FGE_ohqa72dY?ni=true&redirect=edit-comments.php%3Fpage%3Dwpcomment\" rel=\"nofollow ugc\">Create Fields\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Drag and Drop fields\u003C\u002Fli>\n\u003Cli>Text,Radio, Radio and Select inputs\u003C\u002Fli>\n\u003Cli>Attach unlimited comments fields\u003C\u002Fli>\n\u003Cli>Compatible with all themes\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Pro Features – 16 Input Types\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Pro Inputs\n\u003Cul>\n\u003Cli>Email\u003C\u002Fli>\n\u003Cli>Date\u003C\u002Fli>\n\u003Cli>Timezone\u003C\u002Fli>\n\u003Cli>File Input\u003C\u002Fli>\n\u003Cli>Image Picker\u003C\u002Fli>\n\u003Cli>Color Picker\u003C\u002Fli>\n\u003Cli>Color Palttes\u003C\u002Fli>\n\u003Cli>Hidden Input\u003C\u002Fli>\n\u003Cli>Dividers 4 styles\u003C\u002Fli>\n\u003Cli>HTML Content\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Disable extra field on frontend via setting. Only admin can see in comment admin.\u003C\u002Fli>\n\u003Cli>Max file upload limit set\u003C\u002Fli>\n\u003Cli>Custom Post Types Support\u003C\u002Fli>\n\u003Cli>View & Edit Comments Admin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fnajeebmedia.com\u002Fwordpress-plugin\u002Fwordpress-comment-fields-addon\u002F\" rel=\"nofollow ugc\">Buy PRO Version\u003C\u002Fa>\u003C\u002Fp>\n","This plugin allow admin to add extra fields in comment area. These fields are saved as comment meta and is displayed under comment text.",600,52016,84,9,"2024-02-25T05:42:00.000Z","6.4.8","3.5","5.3",[52,53,18,54,55],"comment-fields","comment-form","comments-inputs","extend-comments","http:\u002F\u002Fnajeebmedia.com\u002Fwpcomments","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-comment-fields.5.1.zip",3,"2024-02-26 00:00:00","2026-04-06T09:54:40.288Z",{"slug":62,"name":63,"version":6,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":68,"num_ratings":29,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":16,"tags":73,"homepage":75,"download_link":76,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":60},"remove-comment-notes","Remove Comment Notes","Andrew Norcross","https:\u002F\u002Fprofiles.wordpress.org\u002Fnorcross\u002F","\u003Cp>Removes the notes field below the comment form. No settings involved, just activate.\u003C\u002Fp>\n","Removes the notes below the comment form.",100,7109,"2014-04-17T14:23:00.000Z","3.9.40","3.0",[74,19],"comment-notes","http:\u002F\u002Fandrewnorcross.com\u002Fplugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fremove-comment-notes.1.0.0.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":13,"num_ratings":13,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":16,"tags":90,"homepage":94,"download_link":95,"security_score":96,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":60},"mb-comment-meta","MB Comment Meta","1.0.2","Anh Tran","https:\u002F\u002Fprofiles.wordpress.org\u002Frilwis\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fmetabox.io\u002Fplugins\u002Fmb-comment-meta\u002F\" rel=\"nofollow ugc\">MB Comment Meta\u003C\u002Fa> is an extension for \u003Ca href=\"https:\u002F\u002Fmetabox.io\" rel=\"nofollow ugc\">Meta Box\u003C\u002Fa> plugin, which adds custom fields to comments in WordPress.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Meta Box Lite\u003C\u002Fstrong>\u003Cbr \u002F>\n  We recommend using \u003Ca href=\"https:\u002F\u002Fmetabox.io\u002Flite\u002F\" rel=\"nofollow ugc\">Meta Box Lite\u003C\u002Fa>, a feature-rich free UI version of Meta Box that provides UI and all free features for managing custom fields and dynamic content on WordPress, including post types, taxonomies, custom fields, and relationships.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>The plugin supports all field types from Meta Box: text, select, color, media, date time, etc. and all the field options.\u003C\u002Fp>\n\u003Ch3>Plugin Links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmetabox.io\u002Fplugins\u002Fmb-comment-meta\u002F\" rel=\"nofollow ugc\">Project Page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Frilwis\u002Fmb-comment-meta\u002F\" rel=\"nofollow ugc\">Github Repo\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>See more \u003Ca href=\"https:\u002F\u002Fmetabox.io\u002Fplugins\u002F\" rel=\"nofollow ugc\">Meta Box extensions\u003C\u002Fa>.\u003C\u002Fp>\n","Add custom fields for comments. Support 40+ field types with easy config.",50,5181,"2025-02-14T08:18:00.000Z","6.6.5","4.3",[91,92,18,19,93],"comment","comment-custom-fields","custom-fields","https:\u002F\u002Fmetabox.io\u002Fplugins\u002Fmb-comment-meta\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmb-comment-meta.1.0.2.zip",92,{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":68,"num_ratings":107,"last_updated":108,"tested_up_to":88,"requires_at_least":109,"requires_php":16,"tags":110,"homepage":16,"download_link":115,"security_score":96,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":60},"zotero-notes","Zotero Notes","1.2.3","janiko","https:\u002F\u002Fprofiles.wordpress.org\u002Fjaniko\u002F","\u003Cp>This plugin allows references and citations in your posts. If you find issues or if you think it lacks some features, please contact me.\u003C\u002Fp>\n\u003Cp>To use it, simply add your reference using a shortcode you can choose (‘zref’ by default), and a item ID (a reference ID from a Zotero library you have to declare in the admin part if the plugin).\u003C\u002Fp>\n\u003Cp>Because it’s a minimal implementation, you need to add the reference ID manually in the code. Maybe later I’ll do better 😉\u003C\u002Fp>\n\u003Cp>Then a list of all references will be added automatically at the end of the post.\u003C\u002Fp>\n\u003Cp>Here are some examples:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>[zref]VP5PKI56[\u002Fzref]\u003C\u002Fli>\n\u003Cli>[zref name=’numref’]VP5PKI56[\u002Fzref]\u003C\u002Fli>\n\u003Cli>[zref name=’numref’ \u002F]\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can optionnaly add a name to the citation, so you can reuse it in your post. Important note: the displayed attributes will be the attributes of the FIRST reference with that name. Any other attribute will be ignored.\u003C\u002Fp>\n","This plugin adds references and citations functionalities (in a wikipedia-like style) from a Zotero account.",20,2364,1,"2024-10-13T18:10:00.000Z","4.7",[111,19,112,113,114],"citation","footnotes","reference","zotero","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fzotero-notes.1.2.3.zip",{"slug":117,"name":118,"version":100,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":11,"downloaded":123,"rating":68,"num_ratings":107,"last_updated":124,"tested_up_to":125,"requires_at_least":126,"requires_php":16,"tags":127,"homepage":132,"download_link":133,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":60},"bbpress-admin-notes","bbPress – Admin Notes","Pippin Williamson","https:\u002F\u002Fprofiles.wordpress.org\u002Fmordauk\u002F","\u003Cp>This is a simple extension that allows forum admins and editors to leave notes on topic replies. If you run a support forum, or any other community forum, this is a great way for forum moderators to communicate privately between each other in relation to the replies.\u003C\u002Fp>\n","A simple plugin to enable admins\u002Feditors to leave notes on bbPress topic replies.",4577,"2016-09-27T18:43:00.000Z","4.1.42","4.6",[128,129,130,131,20],"bbpress","forum-comments","forums","mordauk","http:\u002F\u002Fpippinsplugins.com\u002Fbbpress-admin-notes","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbbpress-admin-notes.zip",{"attackSurface":135,"codeSignals":166,"taintFlows":194,"riskAssessment":195,"analyzedAt":203},{"hooks":136,"ajaxHandlers":151,"restRoutes":162,"shortcodes":163,"cronEvents":164,"entryPointCount":165,"unprotectedCount":13},[137,143,147],{"type":138,"name":139,"callback":140,"file":141,"line":142},"action","plugins_loaded","localization","wp-private-comment-notes.php",105,{"type":138,"name":144,"callback":145,"file":141,"line":146},"admin_enqueue_scripts","enqueue_scripts",106,{"type":138,"name":148,"callback":149,"file":141,"line":150},"add_meta_boxes_comment","register_comments_metabox",107,[152,158],{"action":153,"nopriv":154,"callback":155,"hasNonce":156,"hasCapCheck":154,"file":141,"line":157},"add_comment_note",false,"process_note",true,108,{"action":159,"nopriv":154,"callback":160,"hasNonce":156,"hasCapCheck":154,"file":141,"line":161},"delete_comment_note","delete_note",109,[],[],[],2,{"dangerousFunctions":167,"sqlUsage":168,"outputEscaping":170,"fileOperations":13,"externalRequests":13,"nonceChecks":165,"capabilityChecks":13,"bundledLibraries":193},[],{"prepared":13,"raw":13,"locations":169},[],{"escaped":107,"rawEcho":171,"locations":172},12,[173,176,177,179,181,182,184,187,189,190,191,192],{"file":174,"line":165,"context":175},"templates\\email.php","raw output",{"file":174,"line":29,"context":175},{"file":174,"line":178,"context":175},7,{"file":174,"line":180,"context":175},8,{"file":174,"line":180,"context":175},{"file":183,"line":29,"context":175},"templates\\list-notes.php",{"file":185,"line":186,"context":175},"templates\\note-form.php",13,{"file":188,"line":180,"context":175},"templates\\note-li.php",{"file":188,"line":180,"context":175},{"file":188,"line":11,"context":175},{"file":188,"line":171,"context":175},{"file":188,"line":186,"context":175},[],[],{"summary":196,"deductions":197},"The \"wp-private-comment-notes\" plugin v1.0.0 exhibits a generally strong security posture based on the provided static analysis.  It correctly implements prepared statements for all SQL queries, and importantly, both of its AJAX entry points include nonce checks.  The absence of any known CVEs, along with a clean vulnerability history, further reinforces this positive assessment, suggesting the developers are either diligent about security or the plugin's functionality is limited enough to avoid common pitfalls.\n\nHowever, a significant concern arises from the low percentage of properly escaped output (8%). This indicates a high potential for cross-site scripting (XSS) vulnerabilities, where unescaped data could be injected into the browser, compromising user sessions or injecting malicious code.  While there are no critical taint flows reported, the lack of capability checks on AJAX handlers is also a notable weakness, as it means any authenticated user, regardless of their role or permissions, could potentially trigger these handlers.  This could lead to unintended actions or information disclosure.\n\nIn conclusion, while the plugin demonstrates good practices in areas like SQL and nonce handling, the unescaped output and lack of capability checks on AJAX handlers represent significant security risks that need to be addressed. The clean vulnerability history is positive, but it should not detract from the immediate need to remediate the identified output escaping and capability check issues.",[198,200],{"reason":199,"points":180},"Low percentage of properly escaped output",{"reason":201,"points":202},"AJAX handlers without capability checks",5,"2026-03-17T05:39:51.304Z",{"wat":205,"direct":214},{"assetPaths":206,"generatorPatterns":209,"scriptPaths":210,"versionParams":211},[207,208],"\u002Fwp-content\u002Fplugins\u002Fwp-private-comment-notes\u002Fassets\u002Fjs\u002Fnotes-ajax.js","\u002Fwp-content\u002Fplugins\u002Fwp-private-comment-notes\u002Fassets\u002Fcss\u002Fnotes.css",[],[207],[212,213],"wp-private-comment-notes\u002Fassets\u002Fjs\u002Fnotes-ajax.js?ver=","wp-private-comment-notes\u002Fassets\u002Fcss\u002Fnotes.css?ver=",{"cssClasses":215,"htmlComments":219,"htmlAttributes":221,"restEndpoints":225,"jsGlobals":226,"shortcodeOutput":228},[216,217,218],"wp-private-comment-notes-form","wp-private-comment-notes-list","wp-private-comment-notes-add-note",[220,220,220,220],"\u003C!-- Render the comments meta box -->",[222,223,224],"data-comment-id","data-note-key","data-nonce",[],[227],"wp_private_comment_notes_ajax_object",[],{"slug":4,"current_version":6,"total_versions":13,"versions":230},[]]