Does GP Machine Translate have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is GP Machine Translate compatible with WordPress 6.4.8?

According to WordPress.org data, GP Machine Translate 2.0 has been tested up to WordPress 6.4.8. Check the plugin's changelog for the latest compatibility information.

Is GP Machine Translate compatible with PHP 7.4+?

GP Machine Translate requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is GP Machine Translate updated?

GP Machine Translate was last updated on Nov 10, 2024. Frequent updates are generally a positive security signal.

What is GP Machine Translate's security score?

GP Machine Translate has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

GP Machine Translate Security & Risk Analysis

wordpress.org/plugins/gp-machine-translate

A machine translate plugin for GlotPress as a WordPress plugin.

20 active installs v2.0 PHP 7.4+ WP 4.4+ Updated Nov 10, 2024

bingglotpressglotpress-plugingoogletranslate

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is GP Machine Translate Safe to Use in 2026?

Generally Safe

Score 92/100

GP Machine Translate has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The gp-machine-translate plugin v2.0 exhibits a mixed security posture. While the absence of known CVEs and critical taint analysis findings are positive indicators, the static analysis reveals significant concerns. The presence of an unprotected AJAX handler is a primary vulnerability, creating an accessible entry point for potential attackers. Furthermore, the plugin's SQL queries are not utilizing prepared statements, and a substantial portion of its output escaping is inadequate. These weaknesses, when combined with the unprotected AJAX handler, create a significant risk of SQL injection and cross-site scripting (XSS) vulnerabilities.

The vulnerability history shows no past issues, which could indicate good development practices or simply a lack of past scrutiny. However, relying solely on this history is insufficient given the clear security flaws identified in the current version. The plugin needs immediate attention to address the unprotected AJAX handler and implement proper sanitization and prepared statements for its SQL operations. Addressing these areas will be crucial in improving its overall security.

Key Concerns

Unprotected AJAX handler found
SQL queries not using prepared statements
Low percentage of properly escaped output
No nonce checks on entry points

Vulnerabilities

None known

GP Machine Translate Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

GP Machine Translate Release Timeline

v2.0Current

v1.2

v1.1

v1.0

v0.9.5

v0.9

v0.8

v0.7

v0.6

v0.5

Code Analysis

Analyzed Mar 16, 2026

GP Machine Translate Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared1 total queries

Output Escaping

29% escaped14 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

2 flows

adminPage (gp-machine-translate.php:48)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

GP Machine Translate Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_gp_machine_translateajax.php:24

WordPress Hooks 12

actionshow_user_profilegp-machine-translate.php:405

actionedit_user_profilegp-machine-translate.php:406

actionpersonal_options_updategp-machine-translate.php:407

actionedit_user_profile_updategp-machine-translate.php:408

actionadmin_menugp-machine-translate.php:411

actiongp_project_actionsgp-machine-translate.php:452

actiongp_pre_tmpl_loadgp-machine-translate.php:456

filtergp_entry_actionsgp-machine-translate.php:457

actiongp_translation_set_bulk_actiongp-machine-translate.php:458

actiongp_translation_set_bulk_action_postgp-machine-translate.php:459

actiongp_project_template_translation_set_extragp-machine-translate.php:468

actiongp_initgp-machine-translate.php:552

Maintenance & Trust

GP Machine Translate Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8

Last updatedNov 10, 2024

PHP min version7.4

Downloads5K

Community Trust

Rating100/100

Number of ratings2

Active installs20

Alternatives

GP Machine Translate Alternatives

LocoAI – Auto Translate For Loco Translate

automatic-translator-addon-for-loco-translate

100

LocoAI - Auto Translate For Loco Translate is a powerful tool for developers looking to quickly translate their WordPress plugins and themes.

80K No CVEs

AI Powered Marketing

kliken-marketing-for-google

100

Kliken's all-in-one marketing helps businesses reach high-intent customers, beat the competition and see sales growth while lowering conversion costs

50K No CVEs

CrawlWP SEO – Instant Search Engine Indexing & SEO Performance Monitor

mihdan-index-now

Improve your WordPress SEO with instant search-engine indexing, SEO insights, and indexing status tracking.

40K 1 CVE

Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps)

leaflet-maps-marker

The most comprehensive & user-friendly mapping solution for WordPress

10K 6 CVEs

Prisna GWT – Google Website Translator

google-website-translator

Easily translate your WordPress site into 100+ languages to make it multilingual. A simple and complete multilingual solution for WordPress.

8K 3 CVEs

Developer Profile

GP Machine Translate Developer Profile

Greg Ross

35 plugins · 8K total installs

trust score

Avg Security Score

87/100

Avg Patch Time

39 days

View full developer profile

Detection Fingerprints

How We Detect GP Machine Translate

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/gp-machine-translate/css/admin-settings.css/wp-content/plugins/gp-machine-translate/css/gp-machine-translate.css/wp-content/plugins/gp-machine-translate/js/admin-settings.js/wp-content/plugins/gp-machine-translate/js/gp-machine-translate.js

Script Paths

/wp-content/plugins/gp-machine-translate/js/admin-settings.js/wp-content/plugins/gp-machine-translate/js/gp-machine-translate.js

Version Parameters

gp-machine-translate/css/admin-settings.css?ver=gp-machine-translate/css/gp-machine-translate.css?ver=gp-machine-translate/js/admin-settings.js?ver=gp-machine-translate/js/gp-machine-translate.js?ver=

HTML / DOM Fingerprints

CSS Classes

gp-machine-translate-admin-settings

Data Attributes

data-gp-machine-translate-admin-settings

JS Globals

gp_machine_translate_strings

FAQ