WP Toggle Comments Form Security & Risk Analysis
wordpress.org/plugins/wp-toggle-comments-form-fieldsToggle The Comments Form Fields On Wordpress Posts And Pages
Is WP Toggle Comments Form Safe to Use in 2026?
Generally Safe
Score 85/100WP Toggle Comments Form has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The wp-toggle-comments-form-fields plugin v1.0 exhibits a generally strong security posture with no known vulnerabilities or critical taint flows. The use of prepared statements for all SQL queries and the presence of a capability check are positive security indicators. However, the low percentage of properly escaped output (13%) is a significant concern, suggesting a high risk of Cross-Site Scripting (XSS) vulnerabilities. With only one entry point (a shortcode) and no unprotected ones, the direct attack surface is minimal. The absence of dangerous functions, file operations, and external HTTP requests further contributes to its security. The lack of recorded vulnerabilities in its history is a good sign, but this should not overshadow the identified output escaping issues. While the plugin has strengths, the unescaped output presents a clear and present danger to users.
Key Concerns
- Low output escaping percentage
WP Toggle Comments Form Security Vulnerabilities
WP Toggle Comments Form Code Analysis
Output Escaping
WP Toggle Comments Form Attack Surface
Shortcodes 1
WordPress Hooks 4
Maintenance & Trust
WP Toggle Comments Form Maintenance & Trust
Maintenance Signals
Community Trust
WP Toggle Comments Form Alternatives
Better Recent Comments
better-recent-comments
Provides an improved Recent Comments widget and a shortcode to display your recent comments on any post or page.
Alligator Popup
alligator-popup
Add popups to your site. Add links to pages/posts via a shortcode which will be opened in a popup browser window.
Decent Comments
decent-comments
Decent Comments shows what people say. A more engaging way to show comments.
Accordions – Responsive Accordion & FAQ Plugin for WordPress
accordions-wp
Responsive, lightweight, and fully customizable accordion plugin for WordPress. Perfect for FAQs, content organization, and improving user experience.
Animated Typed JS Shortcode
animated-typed-js-shortcode
This plugin add shortcode to create an animated typing effect with Typed JS. No settings needed, just plug and play.
WP Toggle Comments Form Developer Profile
1 plugin · 10 total installs
How We Detect WP Toggle Comments Form
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/wp-toggle-comments-form-fields/css/wp-toggle-comments-backend.css/wp-content/plugins/wp-toggle-comments-form-fields/js/wp-toggle-comments-frontend.js/wp-content/plugins/wp-toggle-comments-form-fields/css/wp-toggle-comments-frontend.css/wp-content/plugins/wp-toggle-comments-form-fields/js/wp-toggle-comments-frontend.jsHTML / DOM Fingerprints
have_shortcode<!-- exmpmle of insert img - for logo or somthing after </br> --><!-- If you choose the second option - "Enable in posts and pages that have shortcode inside",</br> you need to add this shortcode : [wp_toggle_comments] inside the content editor of post ot page --><!-- example of insert img - for logo or somthing --><!-- Buy Me A Coffee -->name="wp_toggle_comments_form_submitted"value="Y"name="using_options"selected="selected"name="Example"ourPhpVariables<div class="have_shortcode"></div>