Does GP Translate Update API have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is GP Translate Update API compatible with WordPress 6.8.5?

According to WordPress.org data, GP Translate Update API 1.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is GP Translate Update API compatible with PHP 7.4+?

GP Translate Update API requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is GP Translate Update API updated?

GP Translate Update API was last updated on Dec 9, 2025. Frequent updates are generally a positive security signal.

What is GP Translate Update API's security score?

GP Translate Update API has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

GP Translate Update API Security & Risk Analysis

wordpress.org/plugins/gp-translate-update-api

A translate update API for GlotPress as a WordPress plugin.

0 active installs v1.0 PHP 7.4+ WP 4.9+ Updated Dec 9, 2025

apiglotpresstranslateupdate

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is GP Translate Update API Safe to Use in 2026?

Generally Safe

Score 100/100

GP Translate Update API has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago

Risk Assessment

The "gp-translate-update-api" v1.0 plugin exhibits a mixed security posture. On the positive side, the code demonstrates strong adherence to secure coding practices, with 100% of SQL queries using prepared statements and all output correctly escaped. There are no known vulnerabilities or CVEs associated with this plugin, suggesting a history of responsible development and maintenance. Furthermore, the absence of dangerous functions, file operations, external HTTP requests, and bundled libraries reduces the potential for common attack vectors.

However, a significant concern arises from the plugin's attack surface. It exposes one REST API route that lacks permission callbacks. This means that any unauthenticated user could potentially interact with this endpoint, creating a vulnerability if the endpoint performs sensitive actions or exposes private data. The lack of nonce checks on this endpoint further exacerbates this risk, as it could be susceptible to Cross-Site Request Forgery (CSRF) attacks. While no taint flows were detected, the unprotected REST API route represents a clear and present danger that requires immediate attention.

Key Concerns

REST API route without permission callbacks
No nonce checks on entry points

Vulnerabilities

None known

GP Translate Update API Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

GP Translate Update API Release Timeline

v1.0Current

Code Analysis

Analyzed Mar 17, 2026

GP Translate Update API Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

7 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped7 total outputs

Attack Surface

1 unprotected

GP Translate Update API Attack Surface

Entry Points1

Unprotected1

REST API Routes 1

POST/wp-json/gp/translations/update-check/0.1src\class-rest.php:41

WordPress Hooks 5

actionafter_setup_themegp-translate-update-api.php:55

actionadmin_menusrc\class-admin-page.php:21

filtergpzip_file_namesrc\class-core.php:26

actionrest_api_initsrc\class-rest.php:32

actionadmin_initsrc\class-settings.php:23

Maintenance & Trust

GP Translate Update API Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedDec 9, 2025

PHP min version7.4

Downloads229

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

GP Translate Update API Alternatives

Envato Toolkit

toolkit-for-envato

Validate purchase code, check for item update & support expiration, download newest version, lookup for user details, search for Envato item id & more

6K No CVEs

Log HTTP Requests

log-http-requests

100

Log and view all WP HTTP requests

2K 1 CVE

POEditor

poeditor

This plugin will let you manage your POEditor translations directly from Wordpress via the POEditor API.

600 4 CVEs

Inspect HTTP Requests

inspect-http-requests

Log, view, and Block WP HTTP requests

100 No CVEs

Webhook Helper

api2cart-webhook-helper

100

Enhance Your WooCommerce Integration with Extended Webhook Support

40 No CVEs

Developer Profile

GP Translate Update API Developer Profile

meloniq

16 plugins · 710 total installs

trust score

Avg Security Score

98/100

Avg Patch Time

1 days

View full developer profile

Detection Fingerprints

How We Detect GP Translate Update API

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/gp-translate-update-api/assets/css/admin.css/wp-content/plugins/gp-translate-update-api/assets/js/admin.js

Version Parameters

gp-translate-update-api/assets/css/admin.css?ver=gp-translate-update-api/assets/js/admin.js?ver=

HTML / DOM Fingerprints

REST Endpoints

/wp-json/gp/translations/update-check/0.1

FAQ