Does IDNA have any unpatched vulnerabilities?

No. All known vulnerabilities in IDNA have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is IDNA compatible with WordPress 3.0.5?

According to WordPress.org data, IDNA 1.2.0 has been tested up to WordPress 3.0.5. Check the plugin's changelog for the latest compatibility information.

How often is IDNA updated?

IDNA was last updated on May 10, 2010. Frequent updates are generally a positive security signal.

What is IDNA's security score?

IDNA has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

IDNA Security & Risk Analysis

wordpress.org/plugins/idna

This plugin adds IDN support to Wordpress. IDN (Internationalized domain name) is a domain name that contains non-ascii characters.

10 active installs v1.2.0 PHP + WP 2.7+ Updated May 10, 2010

i18nidnpunycode

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is IDNA Safe to Use in 2026?

Generally Safe

Score 85/100

IDNA has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 15yr ago

Risk Assessment

The "idna" plugin version 1.2.0 exhibits an exceptionally strong security posture based on the provided static analysis and vulnerability history. The static analysis reveals a complete absence of detectable attack surface points, meaning there are no exposed AJAX handlers, REST API routes, shortcodes, or cron events that could be targeted by attackers. Furthermore, the code itself shows excellent security practices, with no dangerous functions, all SQL queries utilizing prepared statements, and all output being properly escaped. There are no file operations or external HTTP requests that could introduce vulnerabilities.

The lack of any recorded CVEs, past or present, further solidifies this plugin's security. This history indicates a mature and well-maintained codebase, or a plugin that has not historically attracted malicious attention, which is a positive sign. The absence of taint analysis findings also suggests that data is handled safely within the plugin, with no unsanitized paths or critical/high severity flows identified.

In conclusion, the "idna" plugin v1.2.0 appears to be very secure. Its strengths lie in its minimal attack surface, robust coding practices demonstrated in the static analysis, and a clean vulnerability history. There are no identified weaknesses in the provided data that would warrant deductions from a security standpoint.

Vulnerabilities

None known

IDNA Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

IDNA Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

11 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped11 total outputs

Attack Surface

IDNA Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 7

filterwp_redirectidna_wp.php:146

filterthe_permalink_rssidna_wp.php:149

filterget_comment_linkidna_wp.php:150

filterbloginfo_rssidna_wp.php:151

filterpage_linkidna_wp.php:152

filterhome_urlidna_wp.php:154

filterpost_linkidna_wp.php:156

Maintenance & Trust

IDNA Maintenance & Trust

Maintenance Signals

WordPress version tested3.0.5

Last updatedMay 10, 2010

PHP min version

Downloads4K

Community Trust

Rating100/100

Number of ratings2

Active installs10

Alternatives

IDNA Alternatives

IDN AJAX Workaround

idn-ajax-workaround

Fixes AJAX requests on sites with IDN domains in IE and Opera.

10 No CVEs

Loco Translate

loco-translate

Translate WordPress plugins and themes directly in your browser. Versatile PO file editor with integrated AI translation providers.

1.0M 3 CVEs

WP Multibyte Patch

wp-multibyte-patch

100

Multibyte functionality enhancement for the WordPress Japanese package.

1.0M No CVEs

Performant Translations

performant-translations

100

Making internationalization/localization in WordPress faster than ever before.

40K No CVEs

WPBakery Visual Composer & qTranslate-X

js-composer-qtranslate-x

Enables multilingual framework for plugin "WPBakery Visual Composer".

8K No CVEs

Developer Profile

IDNA Developer Profile

dwright

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect IDNA

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

FAQ