WP-Safety

iDNich' Security & Risk Analysis

wordpress.org/plugins/idnich

Find all kind of Niches from your concurrents websites, help yourself writing strong SEO content on low-concurential keywords, translate your articles …

10 active installs v1.3.5 PHP 5.6.20+ WP 5.3+ Updated Oct 21, 2021
concurencykeywordsnichesseotraduction
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is iDNich' Safe to Use in 2026?

Generally Safe

Score 85/100

iDNich' has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago
Risk Assessment

The 'idnich' plugin version 1.3.5 exhibits a concerning security posture, primarily due to a lack of robust authentication and input sanitization mechanisms. The static analysis reveals a significant attack surface with 13 AJAX handlers, all of which are unprotected, meaning they lack proper authorization checks. This opens the door for unauthorized users to potentially interact with sensitive plugin functionality. Furthermore, the taint analysis highlights a critical weakness: 5 out of 5 analyzed flows have unsanitized paths, with 4 being classified as high severity. This strongly suggests that user-supplied data is not being adequately cleaned before being used in potentially dangerous operations, which could lead to various injection vulnerabilities.

The absence of nonce checks and capability checks further exacerbates these risks, leaving the AJAX endpoints vulnerable to cross-site request forgery (CSRF) and privilege escalation attacks. While the plugin has no recorded vulnerability history, this is not indicative of inherent security. It may simply mean that no vulnerabilities have been discovered or publicly disclosed for this specific version. The low percentage of prepared SQL statements (6%) also presents a risk of SQL injection vulnerabilities, especially when combined with unsanitized inputs.

In conclusion, despite a clean vulnerability history, the 'idnich' plugin presents significant security risks due to its exposed attack surface and critical vulnerabilities identified in taint analysis and the lack of essential security checks on its AJAX endpoints. The low rate of properly escaped output also adds to the potential for cross-site scripting (XSS) vulnerabilities. These issues collectively paint a picture of a plugin that requires immediate attention and security hardening.

Key Concerns

  • Unprotected AJAX handlers
  • High severity unsanitized taint flows
  • Missing nonce checks
  • Missing capability checks
  • Low rate of prepared SQL statements
  • Low rate of properly escaped output
  • Unsanitized paths in taint flows
Vulnerabilities
None known

iDNich' Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

iDNich' Code Analysis

Dangerous Functions
0
Raw SQL Queries
15
1 prepared
Unescaped Output
74
35 escaped
Nonce Checks
0
Capability Checks
0
File Operations
5
External Requests
8
Bundled Libraries
0

SQL Query Safety

6% prepared16 total queries

Output Escaping

32% escaped109 total outputs
Data Flows
5 unsanitized

Data Flow Analysis

5 flows5 with unsanitized paths
save_options_and_keep_list (idnich_translate.php:16)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
13 unprotected

iDNich' Attack Surface

Entry Points13
Unprotected13

AJAX Handlers 13

authwp_ajax_inscriptionidnich.php:30
authwp_ajax_print_simple_captcha_from_ajaxidnich.php:31
authwp_ajax_explore_urlidnich_explore.php:6
authwp_ajax_print_inside_linksidnich_import_translations.php:54
authwp_ajax_clean_inside_linksidnich_import_translations.php:55
authwp_ajax_get_translations_countidnich_import_translations.php:56
authwp_ajax_get_import_translationidnich_import_translations.php:57
authwp_ajax_save_options_and_keep_listidnich_translate.php:6
authwp_ajax_generate_translationidnich_translate.php:7
authwp_ajax_get_article_contentidnich_translate.php:8
authwp_ajax_get_translation_result_from_getidnich_translate.php:9
authwp_ajax_consult_traductionidnich_visualize_translations.php:6
authwp_ajax_publish_traductionidnich_visualize_translations.php:7
WordPress Hooks 7
actionadmin_initidnich.php:37
actionadmin_menuidnich.php:38
actionadmin_enqueue_scriptsidnich.php:39
actionadmin_menuidnich_explore.php:4
actionadmin_menuidnich_import_translations.php:52
actionadmin_menuidnich_translate.php:4
actionadmin_menuidnich_visualize_translations.php:4
Maintenance & Trust

iDNich' Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13
Last updatedOct 21, 2021
PHP min version5.6.20
Downloads2K

Community Trust

Rating100/100
Number of ratings6
Active installs10
Alternatives

iDNich' Alternatives

Simple SEO

Simple SEO

cds-simple-seo

A
91

Allows the modification of META titles, descriptions and keywords for all pages and posts. Also allows for default setting for of META title, descript …

10K 6 CVEs
Surfer – WordPress Plugin

Surfer – WordPress Plugin

surferseo

A
97

Connect Surfer's Content Editor to WordPress. Write and optimize your articles for SEO, find new keyword ideas and publish straight to WordPress.

6K 3 CVEs
Codevyne SEO Meta Keywords

Codevyne SEO Meta Keywords

wpcc-seo-meta-keywords

A
100

Short Description: Add wordpress website page, post and product SEO meta keywords to speedup your website google search engine visibility.

4K No CVEs
Automatic Post Tagger

Automatic Post Tagger

automatic-post-tagger

A
85

Adds relevant taxonomy terms to posts using a keyword list provided by the user.

2K No CVEs
FV Simpler SEO

FV Simpler SEO

fv-all-in-one-seo-pack

A
99

Simple and effective SEO. Non-invasive, elegant. Ideal for client facing projects.

2K 1 CVE
Developer Profile

iDNich' Developer Profile

Wizard Widgets

2 plugins · 70 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect iDNich'

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/idnich/stylesheet.css/wp-content/plugins/idnich/js/idnich.js
Script Paths
/wp-content/plugins/idnich/js/idnich.js
Version Parameters
idnich_stylesheet?ver=idnich_js?ver=

HTML / DOM Fingerprints

CSS Classes
dnich_admin_menudnich_icondnich_api_token_inputdnich_keep_list_inputdnich_options_inputstar-full
HTML Comments
<!-- --><!-- --><div class="inline_box" style="width:200px;"><!-- --><div class="inline_box default_font" style="width:calc(100% - 200px);vertical-align:middle;">
Data Attributes
aria-hidden="true"
JS Globals
dnich_api_tokenimport_translation_finished_titleimport_translation_finished_content
FAQ

Frequently Asked Questions about iDNich'