at path:
ROOT
/
wp-comments-post.php
run:
R
W
Run
configOWX
DIR
2026-02-28 18:29:00
R
W
Run
demo
DIR
2026-02-17 10:05:36
R
W
Run
north
DIR
2026-02-18 05:37:44
R
W
Run
wp-admin
DIR
2025-09-30 12:00:38
R
W
Run
wp-content
DIR
2026-02-28 18:21:13
R
W
Run
wp-includes
DIR
2026-02-17 10:12:02
R
W
Run
1index.php
9.39 KB
2026-04-06 06:40:50
R
W
Run
Delete
Rename
8.php
14.78 KB
2026-04-06 06:40:50
R
W
Run
Delete
Rename
V2_xml.php
0 By
2026-02-28 22:29:10
R
W
Run
Delete
Rename
about.php
0 By
2026-04-08 09:52:56
R
W
Run
Delete
Rename
aq.php
0 By
2026-04-05 00:12:31
R
W
Run
Delete
Rename
bmi.php
0 By
2026-04-05 00:12:31
R
W
Run
Delete
Rename
brad.php
0 By
2026-04-05 00:12:31
R
W
Run
Delete
Rename
btx25.php
0 By
2026-02-27 14:48:04
R
W
Run
Delete
Rename
css
507 By
2026-04-08 08:58:07
R
W
Run
Delete
Rename
error_log
43.68 KB
2026-04-07 22:12:46
R
W
Run
Delete
Rename
file-mancvgertdxz.php
0 By
2026-02-28 07:16:49
R
W
Run
Delete
Rename
fkeqzqeb.php
0 By
2026-03-07 23:53:07
R
W
Run
Delete
Rename
gettest.php
0 By
2026-02-28 22:29:10
R
W
Run
Delete
Rename
hdrkzwvf.php
0 By
2026-02-28 18:39:54
R
W
Run
Delete
Rename
img.php
0 By
2026-02-28 22:29:10
R
W
Run
Delete
Rename
inputs.php
0 By
2026-02-28 09:51:53
R
W
Run
Delete
Rename
karma_299b.php
0 By
2026-02-28 04:02:28
R
W
Run
Delete
Rename
khkmnegd.php
0 By
2026-02-28 22:29:24
R
W
Run
Delete
Rename
license.txt
19.44 KB
2026-02-17 10:12:02
R
W
Run
Delete
Rename
lxeprweq.php
202 By
2026-02-28 18:39:25
R
W
Run
Delete
Rename
mah.php
0 By
2026-02-28 07:44:28
R
W
Run
Delete
Rename
only.php
299 By
2026-04-06 06:40:50
R
W
Run
Delete
Rename
pages.php
0 By
2026-02-28 09:51:59
R
W
Run
Delete
Rename
php.ini
105 By
2026-02-28 18:57:49
R
W
Run
Delete
Rename
php.php
0 By
2026-02-27 18:50:32
R
W
Run
Delete
Rename
pkbitjfa.php.php.tar.gz
114 By
2026-04-08 08:20:39
R
W
Run
Delete
Rename
pkbitjfa.php.tar
1.5 KB
2026-04-08 08:20:39
R
W
Run
Delete
Rename
public.php
962 By
2026-04-06 06:40:50
R
W
Run
Delete
Rename
pucuwlpj.php
0 By
2026-02-28 18:39:13
R
W
Run
Delete
Rename
radio.php
0 By
2026-02-28 09:51:49
R
W
Run
Delete
Rename
readme.html
7.25 KB
2026-02-17 10:12:02
R
W
Run
Delete
Rename
style.php
0 By
2026-04-08 02:09:29
R
W
Run
Delete
Rename
wopqhvjs.php
0 By
2026-03-07 23:53:07
R
W
Run
Delete
Rename
wordpress-6.8.3.zip
27.23 MB
2026-02-17 10:06:18
R
W
Run
Delete
Rename
wp-Blogs.php
0 By
2026-04-08 17:19:29
R
W
Run
Delete
Rename
wp-activate.php
7.18 KB
2026-02-17 10:12:02
R
W
Run
Delete
Rename
wp-comments-post.php
2.27 KB
2023-06-14 08:41:16
R
W
Run
Delete
Rename
wp-config-sample.php
3.26 KB
2026-02-17 10:12:02
R
W
Run
Delete
Rename
wp-cron.php
5.49 KB
2024-08-02 14:10:16
R
W
Run
Delete
Rename
wp-links-opml.php
2.43 KB
2026-02-17 10:12:02
R
W
Run
Delete
Rename
wp-load.php
3.84 KB
2024-03-11 04:35:16
R
W
Run
Delete
Rename
wp-login.php
0 By
2026-02-28 09:51:40
R
W
Run
Delete
Rename
wp-settings.php
30.33 KB
2026-02-17 10:12:02
R
W
Run
Delete
Rename
wp-signup.php
33.71 KB
2025-03-10 12:46:28
R
W
Run
Delete
Rename
wp-sx10.php
46.92 KB
2026-04-06 06:34:03
R
W
Run
Delete
Rename
wp-trackback.php
5.09 KB
2026-02-17 10:12:02
R
W
Run
Delete
Rename
xmlrpc.php
3.13 KB
2024-11-08 10:22:18
R
W
Run
Delete
Rename
yerxhxra.php
0 By
2026-03-07 23:53:07
R
W
Run
Delete
Rename
yiwvctss.php
0 By
2026-02-28 18:39:19
R
W
Run
Delete
Rename
yuxkxuog.php
0 By
2026-02-28 18:40:35
R
W
Run
Delete
Rename
zz8.php
0 By
2026-02-28 22:29:10
R
W
Run
Delete
Rename
zzvglodx.php
0 By
2026-02-28 18:38:42
R
W
Run
Delete
Rename
error_log
up
📄
wp-comments-post.php
Save
<?php /** * Handles Comment Post to WordPress and prevents duplicate comment posting. * * @package WordPress */ if ( 'POST' !== $_SERVER['REQUEST_METHOD'] ) { $protocol = $_SERVER['SERVER_PROTOCOL']; if ( ! in_array( $protocol, array( 'HTTP/1.1', 'HTTP/2', 'HTTP/2.0', 'HTTP/3' ), true ) ) { $protocol = 'HTTP/1.0'; } header( 'Allow: POST' ); header( "$protocol 405 Method Not Allowed" ); header( 'Content-Type: text/plain' ); exit; } /** Sets up the WordPress Environment. */ require __DIR__ . '/wp-load.php'; nocache_headers(); $comment = wp_handle_comment_submission( wp_unslash( $_POST ) ); if ( is_wp_error( $comment ) ) { $data = (int) $comment->get_error_data(); if ( ! empty( $data ) ) { wp_die( '<p>' . $comment->get_error_message() . '</p>', __( 'Comment Submission Failure' ), array( 'response' => $data, 'back_link' => true, ) ); } else { exit; } } $user = wp_get_current_user(); $cookies_consent = ( isset( $_POST['wp-comment-cookies-consent'] ) ); /** * Fires after comment cookies are set. * * @since 3.4.0 * @since 4.9.6 The `$cookies_consent` parameter was added. * * @param WP_Comment $comment Comment object. * @param WP_User $user Comment author's user object. The user may not exist. * @param bool $cookies_consent Comment author's consent to store cookies. */ do_action( 'set_comment_cookies', $comment, $user, $cookies_consent ); $location = empty( $_POST['redirect_to'] ) ? get_comment_link( $comment ) : $_POST['redirect_to'] . '#comment-' . $comment->comment_ID; // If user didn't consent to cookies, add specific query arguments to display the awaiting moderation message. if ( ! $cookies_consent && 'unapproved' === wp_get_comment_status( $comment ) && ! empty( $comment->comment_author_email ) ) { $location = add_query_arg( array( 'unapproved' => $comment->comment_ID, 'moderation-hash' => wp_hash( $comment->comment_date_gmt ), ), $location ); } /** * Filters the location URI to send the commenter after posting. * * @since 2.0.5 * * @param string $location The 'redirect_to' URI sent via $_POST. * @param WP_Comment $comment Comment object. */ $location = apply_filters( 'comment_post_redirect', $location, $comment ); wp_safe_redirect( $location ); exit;