[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fGY07sp8ot0uGZNM6ckwmynb12RxCRHl0WGGxnIHhRLs":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":16,"requires_php":16,"tags":17,"homepage":16,"download_link":18,"security_score":19,"vuln_count":20,"unpatched_count":20,"last_vuln_date":21,"fetched_at":22,"vulnerabilities":23,"developer":24,"crawl_stats":21,"alternatives":31,"analysis":32,"fingerprints":117},"batch-translate-independently","Batch Translate Independently","1.0","harman79","https:\u002F\u002Fprofiles.wordpress.org\u002Fharman79\u002F","\u003Cp>Batch modify the translate independently settings of WPML for all or selected posts of a given language.\u003C\u002Fp>\n","Batch modify the translate independently settings of WPML for all or selected posts of a given language.",20,1537,100,1,"2016-08-20T13:12:00.000Z","",[],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbatch-translate-independently.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":25,"total_installs":26,"avg_security_score":27,"avg_patch_time_days":28,"trust_score":29,"computed_at":30},3,220,83,30,82,"2026-04-05T08:51:37.135Z",[],{"attackSurface":33,"codeSignals":59,"taintFlows":105,"riskAssessment":106,"analyzedAt":116},{"hooks":34,"ajaxHandlers":55,"restRoutes":56,"shortcodes":57,"cronEvents":58,"entryPointCount":20,"unprotectedCount":20},[35,41,46,50],{"type":36,"name":37,"callback":38,"file":39,"line":40},"action","admin_notices","bti79_message","batch-translate-independently.php",51,{"type":36,"name":42,"callback":43,"file":44,"line":45},"admin_menu","bti79_page","includes\\bti-options.php",8,{"type":36,"name":47,"callback":48,"file":44,"line":49},"admin_init","bti79_admin_init",9,{"type":51,"name":52,"callback":53,"file":44,"line":54},"filter","set-screen-option","anonymous",10,[],[],[],[],{"dangerousFunctions":60,"sqlUsage":61,"outputEscaping":63,"fileOperations":20,"externalRequests":20,"nonceChecks":20,"capabilityChecks":20,"bundledLibraries":104},[],{"prepared":20,"raw":20,"locations":62},[],{"escaped":64,"rawEcho":65,"locations":66},14,18,[67,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102],{"file":44,"line":68,"context":69},135,"raw output",{"file":44,"line":71,"context":69},137,{"file":44,"line":73,"context":69},151,{"file":44,"line":75,"context":69},164,{"file":44,"line":77,"context":69},168,{"file":44,"line":79,"context":69},183,{"file":44,"line":81,"context":69},189,{"file":44,"line":83,"context":69},210,{"file":44,"line":85,"context":69},212,{"file":44,"line":87,"context":69},234,{"file":44,"line":89,"context":69},247,{"file":44,"line":91,"context":69},251,{"file":44,"line":93,"context":69},266,{"file":44,"line":95,"context":69},272,{"file":44,"line":97,"context":69},335,{"file":44,"line":99,"context":69},341,{"file":44,"line":101,"context":69},435,{"file":44,"line":103,"context":69},441,[],[],{"summary":107,"deductions":108},"The 'batch-translate-independently' plugin version 1.0 exhibits a seemingly strong initial security posture based on the static analysis. The absence of any detected AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the potential attack surface. Furthermore, the code signals indicate a positive adherence to secure coding practices, with no dangerous functions, all SQL queries using prepared statements, and no file operations or external HTTP requests. This suggests a developer mindful of common security pitfalls.\n\nHowever, a critical area of concern is the low percentage of properly escaped output (44%). This leaves the plugin vulnerable to cross-site scripting (XSS) attacks if any of the unescaped output is user-controllable. The lack of any detected taint flows is encouraging, but this could also be due to the limited analysis performed or the simple nature of the plugin. The complete absence of vulnerability history, while positive, doesn't guarantee future security and should be viewed in conjunction with the identified code quality issues.\n\nIn conclusion, while the plugin has a small attack surface and demonstrates good practices in several areas like SQL usage, the significant portion of unescaped output presents a tangible risk. The absence of explicit capability checks or nonce checks on the limited entry points, combined with the unescaped output, means that a determined attacker could potentially leverage these weaknesses. Developers should prioritize addressing the output escaping issue to solidify the plugin's security.",[109,111,114],{"reason":110,"points":45},"Low percentage of properly escaped output",{"reason":112,"points":113},"No capability checks on entry points",5,{"reason":115,"points":113},"No nonce checks on entry points","2026-03-16T22:55:48.296Z",{"wat":118,"direct":127},{"assetPaths":119,"generatorPatterns":122,"scriptPaths":123,"versionParams":126},[120,121],"\u002Fwp-content\u002Fplugins\u002Fbatch-translate-independently\u002Fbti-js.js","\u002Fwp-content\u002Fplugins\u002Fbatch-translate-independently\u002Fbti-style.css",[],[124,125],"wp-content\u002Fplugins\u002Fbatch-translate-independently\u002Fbti-js.js","wp-content\u002Fplugins\u002Fbatch-translate-independently\u002Fbti-style.css",[],{"cssClasses":128,"htmlComments":133,"htmlAttributes":134,"restEndpoints":136,"jsGlobals":137,"shortcodeOutput":138},[129,130,131,132],"bti79_tab","bti79_form","bti79_info_div","bti79_red",[],[135],"data-repository='wpml'",[],[],[]]