GP Machine Translate Security & Risk Analysis
wordpress.org/plugins/gp-machine-translateA machine translate plugin for GlotPress as a WordPress plugin.
Is GP Machine Translate Safe to Use in 2026?
Generally Safe
Score 100/100GP Machine Translate has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The gp-machine-translate plugin v2.0 exhibits a mixed security posture. While the absence of known CVEs and critical taint analysis findings are positive indicators, the static analysis reveals significant concerns. The presence of an unprotected AJAX handler is a primary vulnerability, creating an accessible entry point for potential attackers. Furthermore, the plugin's SQL queries are not utilizing prepared statements, and a substantial portion of its output escaping is inadequate. These weaknesses, when combined with the unprotected AJAX handler, create a significant risk of SQL injection and cross-site scripting (XSS) vulnerabilities.
The vulnerability history shows no past issues, which could indicate good development practices or simply a lack of past scrutiny. However, relying solely on this history is insufficient given the clear security flaws identified in the current version. The plugin needs immediate attention to address the unprotected AJAX handler and implement proper sanitization and prepared statements for its SQL operations. Addressing these areas will be crucial in improving its overall security.
Key Concerns
- Unprotected AJAX handler found
- SQL queries not using prepared statements
- Low percentage of properly escaped output
- No nonce checks on entry points
GP Machine Translate Security Vulnerabilities
GP Machine Translate Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
GP Machine Translate Attack Surface
AJAX Handlers 1
WordPress Hooks 12
Maintenance & Trust
GP Machine Translate Maintenance & Trust
Maintenance Signals
Community Trust
GP Machine Translate Alternatives
LocoAI – Auto Translate For Loco Translate
automatic-translator-addon-for-loco-translate
LocoAI - Auto Translate For Loco Translate is a powerful tool for developers looking to quickly translate their WordPress plugins and themes.
AI Powered Marketing
kliken-marketing-for-google
Kliken's all-in-one marketing helps businesses reach high-intent customers, beat the competition and see sales growth while lowering conversion costs
CrawlWP SEO – Instant Search Engine Indexing & SEO Performance Monitor
mihdan-index-now
Improve your WordPress SEO with instant search-engine indexing, SEO insights, and indexing status tracking.
Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps)
leaflet-maps-marker
The most comprehensive & user-friendly mapping solution for WordPress
Prisna GWT – Google Website Translator
google-website-translator
Easily translate your WordPress site into 100+ languages to make it multilingual. A simple and complete multilingual solution for WordPress.
GP Machine Translate Developer Profile
34 plugins · 8K total installs
How We Detect GP Machine Translate
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/gp-machine-translate/css/admin-settings.css/wp-content/plugins/gp-machine-translate/css/gp-machine-translate.css/wp-content/plugins/gp-machine-translate/js/admin-settings.js/wp-content/plugins/gp-machine-translate/js/gp-machine-translate.js/wp-content/plugins/gp-machine-translate/js/admin-settings.js/wp-content/plugins/gp-machine-translate/js/gp-machine-translate.jsgp-machine-translate/css/admin-settings.css?ver=gp-machine-translate/css/gp-machine-translate.css?ver=gp-machine-translate/js/admin-settings.js?ver=gp-machine-translate/js/gp-machine-translate.js?ver=HTML / DOM Fingerprints
gp-machine-translate-admin-settingsdata-gp-machine-translate-admin-settingsgp_machine_translate_strings