[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fgfgfCpImJeX9UeVKs6F59Rh6Skpu9RJlU2WHiHkTO_s":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":135,"fingerprints":257},"wp-spam-comments","WP Spam Comments from BlashO","1.4","Ven Tesh","https:\u002F\u002Fprofiles.wordpress.org\u002Fven4online\u002F","\u003Cp>Tired of manually cleaning all those spam comments from your blog? You don’t need to work manually anymore. Install this plugin and just schedule – it works for you.\u003C\u002Fp>\n\u003Cp>WPSpamComments works in 2 different modes:\u003C\u002Fp>\n\u003Cp>Manual Mode: Where you can click “Delete All Spam Comments Now” to remove all the spam comments from your blog immediately.\u003C\u002Fp>\n\u003Cp>Auto Mode: Where you have to configure the periodicity (in hours) and click “Schedule Now”. The plugin periodically cleans all the spam comments from your blog automatically.\u003C\u002Fp>\n\u003Cp>Go and enjoy blogging, don’t worry about spam comments anymore.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.blasho.com\u002Fwp-spam-comments-plugin\u002F\" rel=\"nofollow ugc\">More information from plugin page\u003C\u002Fa>\u003Cbr \u002F>\nNA\u003C\u002Fp>\n","Automatically delete and clean all the spam comments from your blog. Just schedule it once.",10,2864,0,"2018-01-15T10:53:00.000Z","4.9.29","3.0","5.2.4",[19,20,21,22,23],"admin","blasho","comments","spam","spam-comments","https:\u002F\u002Fwww.blasho.com\u002Fwp-spam-comments-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-spam-comments.1.4.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"ven4online",2,20,30,84,"2026-04-04T07:03:20.365Z",[38,61,80,102,117],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":59,"download_link":60,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"toms-recaptcha","TomS reCAPTCHA","1.2.0","TomS Caprice","https:\u002F\u002Fprofiles.wordpress.org\u002Ftomsneddon\u002F","\u003Cp>Integrated Google ReCaptcha for WordPress. Protect the login, register, lostpassword and comment forms. Support Woocommerce, Ultimate Member and more popular forms.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fdevelopers.google.com\u002Frecaptcha\" rel=\"nofollow ugc\">\u003Cstrong>Google reCAPTCHA\u003C\u002Fstrong>\u003C\u002Fa> is a free service that protects your site from spam and abuse. It uses advanced risk analysis techniques to tell humans and bots apart.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>Go to \u003Ca href=\"https:\u002F\u002Fwww.google.com\u002Frecaptcha\u002Fadmin\u002Fcreate\" rel=\"nofollow ugc\">Google reCAPTCHA\u003C\u002Fa> to get the \u003Cstrong>Site key\u003C\u002Fstrong> and \u003Cstrong>Secret key\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch4>reCAPTCHA Type:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>reCAPTCHA \u003Cstrong>v3\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>reCAPTCHA \u003Cstrong>v2 Checkbox\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>reCAPTCHA \u003Cstrong>v2 Invisible\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Supported Form List\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress default login form\u003C\u002Fli>\n\u003Cli>WordPress default register form\u003C\u002Fli>\n\u003Cli>WordPress default lostpassword form\u003C\u002Fli>\n\u003Cli>\n\u003Cp>WordPress default comment form\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce\u002F\" rel=\"ugc\">\u003Cstrong>Woocommerce\u003C\u002Fstrong>\u003C\u002Fa> login form\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce\u002F\" rel=\"ugc\">\u003Cstrong>Woocommerce\u003C\u002Fstrong>\u003C\u002Fa> register form\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce\u002F\" rel=\"ugc\">\u003Cstrong>Woocommerce\u003C\u002Fstrong>\u003C\u002Fa> lostpassword form\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce\u002F\" rel=\"ugc\">\u003Cstrong>Woocommerce\u003C\u002Fstrong>\u003C\u002Fa> checkout Billing form\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Add a shortcode \u003Cstrong>[toms_woo_register_form]\u003C\u002Fstrong> for \u003Cstrong>woocommerce register form\u003C\u002Fstrong> on any page you want.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fultimate-member\u002F\" rel=\"ugc\">\u003Cstrong>Ultimate Member\u003C\u002Fstrong>\u003C\u002Fa> login form\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fultimate-member\u002F\" rel=\"ugc\">\u003Cstrong>Ultimate Member\u003C\u002Fstrong>\u003C\u002Fa> register form\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fultimate-member\u002F\" rel=\"ugc\">\u003Cstrong>Ultimate Member\u003C\u002Fstrong>\u003C\u002Fa> lostpassword form\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcontact-form-block\u002F\" rel=\"ugc\">\u003Cstrong>Contact Form Block\u003C\u002Fstrong>\u003C\u002Fa> Contact Form Block\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>more support forms comming soon…\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Option settings\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Verify API : \u003Cstrong>Google.com\u003C\u002Fstrong>\u002F\u003Cstrong>Recaptcha.net\u003C\u002Fstrong> \u003Cstrong>—Notice:—\u003C\u002Fstrong> Some country can not use Google verify API, that means Google verify API will not work, even using vpn. If google.com not work try use Recaptcha.net\u003C\u002Fli>\n\u003Cli>reCAPTCHA v2 (Checkbox)  Theme: \u003Cstrong>Light\u003C\u002Fstrong>\u002F\u003Cstrong>Dark\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>reCAPTCHA v2 (Invisible) Badge: \u003Cstrong>Bottom Right\u003C\u002Fstrong>\u002F\u003Cstrong>Bottom Left\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Custom reCAPTCHA Language\u003C\u002Fh4>\n\u003Ch4>Translation ready\u003C\u002Fh4>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cp>Reliance upon any non-English translation is at your own risk; TomS reCAPTCHA can give no guarantees that translations from the original English are accurate.\u003C\u002Fp>\n\u003Cp>We recognise and thank those mentioned at https:\u002F\u002Ftoms-caprice.org\u002Ftranslations for code and\u002For libraries used and\u002For modified under the terms of their open source licences.\u003C\u002Fp>\n","Integrated Google ReCaptcha for WordPress.Protect the login, register, lostpassword and comment forms. Support Woocommerce, Ultimate Member and more p &hellip;",600,16563,100,1,"2023-03-29T08:59:00.000Z","6.2.9","5.8","7.0",[55,56,57,58,39],"block-spam-comments","captcha","nocaptcha","recaptcha","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftoms-recaptcha","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftoms-recaptcha.1.2.0.zip",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":13,"num_ratings":13,"last_updated":71,"tested_up_to":72,"requires_at_least":16,"requires_php":73,"tags":74,"homepage":78,"download_link":79,"security_score":48,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"cleantalk-bbpress-spam-scanner","CleanTalk bbPress spam scanner","1.0.3","CleanTalk Inc","https:\u002F\u002Fprofiles.wordpress.org\u002Fcleantalk\u002F","\u003Cp>CleanTalk bbPress spam scanner is an add-on for \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcleantalk-spam-protect\u002F\" rel=\"ugc\">CleanTalk Anti-Spam Plugin\u003C\u002Fa> and extends its capabilities. The plugin is designed to help you find and move to trash all existing bbPress spam topics.\u003C\u002Fp>\n\u003Cp>The plugin scans all bbPress topics and checks the author parameters through the CleanTalk database. After scanning, you will receive a list of all found spam topics and you can choose which of them to move to the trash or move them all at once.\u003C\u002Fp>\n","Check existing bbPress topics for spam and move to trash all found spam.",200,5342,"2026-01-22T08:47:00.000Z","6.9.4","7.2",[75,76,22,77,23],"bbpress","cleaner","spam-check","https:\u002F\u002Fcleantalk.org","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcleantalk-bbpress-spam-scanner.1.0.3.zip",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":69,"downloaded":88,"rating":89,"num_ratings":90,"last_updated":91,"tested_up_to":92,"requires_at_least":16,"requires_php":93,"tags":94,"homepage":100,"download_link":101,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wp-database-cleaner","WP Database Cleaner","1.0","wpmize","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpmize\u002F","\u003Cp>WP Database Cleaner is a easy to use WordPress plugin that allow users to quickly cleanup and optimize the WordPress database by removing all spam comments, trash comments, unused tags, post revisions, auto drafts, and much more.\u003C\u002Fp>\n\u003Cp>When you have a WordPress site that has a lot of visitors, and presumibly a lot of comments, you may find that a high number of comments will be placed in the spam folder. It is not good to have 10k spam comments saved in the database, because all of these comments can increase consistently the size of the mysql database backups.\u003C\u002Fp>\n\u003Cp>If you have a lot of published posts, you may have post revisions and auto-drafts saved in the database, that can slow down the database performances. All this data is considered junk and it should be cleaned frequently.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Delete post revisions\u003C\u002Fli>\n\u003Cli>Delete auto drafts\u003C\u002Fli>\n\u003Cli>Delete pending comments\u003C\u002Fli>\n\u003Cli>Delete spam comments\u003C\u002Fli>\n\u003Cli>Delete trash comments\u003C\u002Fli>\n\u003Cli>Delete tags with 0 posts associated\u003C\u002Fli>\n\u003Cli>Delete categories with 0 posts associated\u003C\u002Fli>\n\u003Cli>Delete trash posts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>More Information\u003C\u002Fh4>\n\u003Cp>For more details visit \u003Ca href=\"http:\u002F\u002Fwww.wpmize.com\u002Fwordpress-plugins\u002Foptimize-wordpress-database-wp-database-cleaner\u002F\" rel=\"nofollow ugc\">the official plugin URL\u003C\u002Fa>.\u003Cbr \u002F>\nFor more plugins and WordPress tips visit us at \u003Ca href=\"http:\u002F\u002Fwww.wpmize.com\u002F\" rel=\"nofollow ugc\">wpmize.com\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Author\u003C\u002Fh3>\n\u003Cp>WPMize.com\u003Cbr \u002F>\nhttp:\u002F\u002Fwww.wpmize.com\u003C\u002Fp>\n","Cleanup and optimize the database of WordPress sites.",24193,96,6,"2012-08-27T12:32:00.000Z","3.4.2","",[95,96,97,98,99],"cleanup-database","database","optimize","optimize-database","remove-spam-comments","http:\u002F\u002Fwww.wpmize.com\u002Fwordpress-plugins\u002Foptimize-wordpress-database-wp-database-cleaner\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-database-cleaner.zip",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":48,"downloaded":110,"rating":13,"num_ratings":13,"last_updated":111,"tested_up_to":112,"requires_at_least":113,"requires_php":93,"tags":114,"homepage":115,"download_link":116,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"tantan-spam","TanTanNoodles Simple Spam Filter","0.6.2","joetan","https:\u002F\u002Fprofiles.wordpress.org\u002Fjoetan\u002F","\u003Cp>A simple pre-filter to weed out the most obvious comment spam (about 90% of all spam).\u003C\u002Fp>\n\u003Cp>Legitimate comments that get blocked (either by this plugin or by Akismet) can be presented with a captcha to confirm that the comment is legitimate. Comments that don’t pass the captcha will be immediately discarded.\u003C\u002Fp>\n\u003Cp>Helps you identify potential spam words (you can use this to tweak the plugin’s filters).\u003C\u002Fp>\n","A plugin that does a simple sanity check to stop really obvious comment spam before it is processed.",22458,"2008-10-22T18:44:00.000Z","2.6","2.3",[19,21,22],"http:\u002F\u002Ftantannoodles.com\u002Ftoolkit\u002Fspam-filter\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftantan-spam.zip",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":48,"downloaded":125,"rating":13,"num_ratings":13,"last_updated":126,"tested_up_to":72,"requires_at_least":127,"requires_php":128,"tags":129,"homepage":133,"download_link":134,"security_score":48,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"uncomment","Uncomment – Disable Comments","1.2.2","Plugin Pizza","https:\u002F\u002Fprofiles.wordpress.org\u002Fpluginpizza\u002F","\u003Cp>Your one-stop shop to completely disable comments and remove all comment functionality and interface elements from your theme and administration screens.\u003C\u002Fp>\n\u003Cp>While WordPress allows you to disable comments site-wide via the comments setting screen, the Uncomment plugin goes one step further and disables or hides all interface elements and other functionality related to comments on your WordPress site.\u003C\u002Fp>\n\u003Cp>Starting with Uncomment consists of just two steps: installing and activating the plugin. Uncomment is designed to disable or hide commenting functionality on your WordPress site without any additional settings. Uncomment also works great as a must-use plugin.\u003C\u002Fp>\n\u003Ch3>Bug Reports\u003C\u002Fh3>\n\u003Cp>Do you want to report a bug or suggest a feature for Uncomment? Best to do so in the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fpluginpizza\u002Funcomment\u002F\" rel=\"nofollow ugc\">Uncomment repository on GitHub\u003C\u002Fa>.\u003C\u002Fp>\n","Your one-stop shop to completely disable comments and remove all comment functionality from your theme and administration screens.",48879,"2026-01-02T01:30:00.000Z","4.6","5.3",[21,130,131,132,23],"disable","disable-comments","remove-comments","https:\u002F\u002Fgithub.com\u002Fpluginpizza\u002Funcomment\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Funcomment.1.2.2.zip",{"attackSurface":136,"codeSignals":167,"taintFlows":215,"riskAssessment":243,"analyzedAt":256},{"hooks":137,"ajaxHandlers":152,"restRoutes":158,"shortcodes":159,"cronEvents":160,"entryPointCount":49,"unprotectedCount":49},[138,144,148],{"type":139,"name":140,"callback":141,"file":142,"line":143},"action","admin_menu","WPSpamcommentsMenu","wpspamcomments.php",11,{"type":139,"name":145,"callback":146,"file":142,"line":147},"WPSpamCommentEvent","WPSpamCommentsAction",12,{"type":139,"name":149,"callback":150,"file":142,"line":151},"admin_footer","WPSpamComments_javascript",13,[153],{"action":154,"nopriv":155,"callback":156,"hasNonce":155,"hasCapCheck":155,"file":142,"line":157},"my_action",false,"WPSpamComments_action_callback",14,[],[],[161,163,165],{"hook":145,"callback":145,"file":142,"line":162},101,{"hook":145,"callback":145,"file":142,"line":164},150,{"hook":145,"callback":145,"file":142,"line":166},265,{"dangerousFunctions":168,"sqlUsage":169,"outputEscaping":197,"fileOperations":13,"externalRequests":13,"nonceChecks":49,"capabilityChecks":13,"bundledLibraries":214},[],{"prepared":32,"raw":147,"locations":170},[171,174,177,179,181,183,185,187,189,191,193,195],{"file":142,"line":172,"context":173},89,"$wpdb->get_var() with variable interpolation",{"file":142,"line":175,"context":176},92,"$wpdb->query() with variable interpolation",{"file":142,"line":178,"context":176},93,{"file":142,"line":180,"context":176},94,{"file":142,"line":182,"context":176},95,{"file":142,"line":184,"context":173},181,{"file":142,"line":186,"context":173},254,{"file":142,"line":188,"context":176},256,{"file":142,"line":190,"context":176},257,{"file":142,"line":192,"context":176},258,{"file":142,"line":194,"context":176},259,{"file":142,"line":196,"context":173},268,{"escaped":49,"rawEcho":198,"locations":199},7,[200,203,204,206,208,210,212],{"file":142,"line":201,"context":202},171,"raw output",{"file":142,"line":184,"context":202},{"file":142,"line":205,"context":202},184,{"file":142,"line":207,"context":202},208,{"file":142,"line":209,"context":202},216,{"file":142,"line":211,"context":202},233,{"file":142,"line":213,"context":202},273,[],[216,235],{"entryPoint":217,"graph":218,"unsanitizedCount":13,"severity":234},"WPSpamCommentsAdmin (wpspamcomments.php:112)",{"nodes":219,"edges":231},[220,225],{"id":221,"type":222,"label":223,"file":142,"line":224},"n0","source","$_POST",146,{"id":226,"type":227,"label":228,"file":142,"line":229,"wp_function":230},"n1","sink","update_option() [Settings Manipulation]",148,"update_option",[232],{"from":221,"to":226,"sanitized":233},true,"low",{"entryPoint":236,"graph":237,"unsanitizedCount":13,"severity":234},"\u003Cwpspamcomments> (wpspamcomments.php:0)",{"nodes":238,"edges":241},[239,240],{"id":221,"type":222,"label":223,"file":142,"line":224},{"id":226,"type":227,"label":228,"file":142,"line":229,"wp_function":230},[242],{"from":221,"to":226,"sanitized":233},{"summary":244,"deductions":245},"The wp-spam-comments plugin version 1.4 presents a mixed security posture. On the positive side, it has no recorded vulnerabilities (CVEs), no critical or high severity taint flows, and doesn't utilize dangerous functions or make external HTTP requests. The absence of file operations and bundled libraries is also a good sign. However, there are significant areas of concern stemming from the static analysis. The presence of one unprotected AJAX handler is a critical security flaw, as it represents a direct entry point for potential attackers without any authentication or authorization checks. Furthermore, the low percentage of SQL queries using prepared statements (14%) and the very low percentage of properly escaped output (13%) indicate a high risk of SQL injection and cross-site scripting (XSS) vulnerabilities, respectively. The sole nonce check is insufficient given the attack surface. The vulnerability history being clear is a strength, suggesting the developers may be responsive to security issues, but this is overshadowed by the clear and present risks identified in the code analysis.",[246,248,251,253],{"reason":247,"points":11},"Unprotected AJAX handler",{"reason":249,"points":250},"Low SQL prepared statement usage",8,{"reason":252,"points":250},"Low output escaping percentage",{"reason":254,"points":255},"Missing capability checks",5,"2026-03-16T23:56:14.354Z",{"wat":258,"direct":263},{"assetPaths":259,"generatorPatterns":260,"scriptPaths":261,"versionParams":262},[],[],[],[],{"cssClasses":264,"htmlComments":267,"htmlAttributes":268,"restEndpoints":272,"jsGlobals":274,"shortcodeOutput":277},[265,266],"modal","center",[],[269,270,271],"id=\"wpsc_loading\"","id=\"wpsc_updatedRow\"","id=\"cnt\"",[273],"\u002Fwp-json\u002F",[275,276],"WPSpamComments_process","ajaxurl",[]]