Does mqTranslate Separate Comments have any unpatched vulnerabilities?

No. All known vulnerabilities in mqTranslate Separate Comments have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is mqTranslate Separate Comments compatible with WordPress 4.1.42?

According to WordPress.org data, mqTranslate Separate Comments 1.2.4 has been tested up to WordPress 4.1.42. Check the plugin's changelog for the latest compatibility information.

How often is mqTranslate Separate Comments updated?

mqTranslate Separate Comments was last updated on Dec 13, 2014. Frequent updates are generally a positive security signal.

What is mqTranslate Separate Comments's security score?

mqTranslate Separate Comments has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

mqTranslate Separate Comments Security & Risk Analysis

wordpress.org/plugins/mqtranslate-separate-comments

Automatically separates the user comments by the language they viewed in the article.

10 active installs v1.2.4 PHP + WP 3.9+ Updated Dec 13, 2014

comment-languagesmqtranslateseparate-comments

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is mqTranslate Separate Comments Safe to Use in 2026?

Generally Safe

Score 85/100

mqTranslate Separate Comments has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The mqtranslate-separate-comments plugin v1.2.4 demonstrates a generally good security posture based on the static analysis. It correctly uses prepared statements for all its SQL queries, indicating a strong defense against SQL injection. The presence of nonce checks and the absence of dangerous functions are also positive signs. However, the analysis reveals a significant concern regarding output escaping, with only 63% of outputs being properly escaped. This leaves room for potential Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is outputted without sufficient sanitization. Additionally, the complete lack of capability checks on its single AJAX handler is a critical oversight, as it means any authenticated user, regardless of their role, can trigger this functionality. The plugin's vulnerability history is clean, with no recorded CVEs, which is a strength. Overall, while the plugin avoids common pitfalls like raw SQL and dangerous functions, the unescaped outputs and unprotected AJAX endpoint represent notable risks that should be addressed.

Key Concerns

Unprotected AJAX endpoint
Inadequate output escaping

Vulnerabilities

None known

mqTranslate Separate Comments Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

mqTranslate Separate Comments Code Analysis

Dangerous Functions

Raw SQL Queries

15 prepared

Unescaped Output

10 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared15 total queries

Output Escaping

63% escaped16 total outputs

Attack Surface

mqTranslate Separate Comments Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_qtc_set_languageqtranslate-separate-comments.php:72

WordPress Hooks 11

filtercomments_arrayqtranslate-separate-comments.php:48

filtermanage_edit-comments_columnsqtranslate-separate-comments.php:49

filterget_comments_numberqtranslate-separate-comments.php:50

actioncomment_postqtranslate-separate-comments.php:60

actioncomment_formqtranslate-separate-comments.php:63

actionedit_commentqtranslate-separate-comments.php:66

actionadmin_footer-edit-comments.phpqtranslate-separate-comments.php:69

actionplugins_loadedqtranslate-separate-comments.php:74

actionmanage_comments_custom_columnqtranslate-separate-comments.php:75

actionadmin_initqtranslate-separate-comments.php:76

filtercomment_post_redirectqtranslate-separate-comments.php:315

Maintenance & Trust

mqTranslate Separate Comments Maintenance & Trust

Maintenance Signals

WordPress version tested4.1.42

Last updatedDec 13, 2014

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

mqTranslate Separate Comments Alternatives

mqtranslate langcode widget selector

language-code-selector-mqtranslate

Plugin that creates a widget with a language switcher with language codes. It's compatible with qtranslate and mqtranslate plugin.

30 No CVEs

W2Q: WPML to qTranslate

w2q-wpml-to-qtranslate

Migrates WPML translations to qTranslate.

20 No CVEs

Integration of Yoast wordpress SEO module with mqtranslate module

wp-seo-yoast-integration-mq-translate

100

Integration between the popular Wordpress SEO module by Yoast and mqtranslate plugin (a fork of qtranslate that is updated).

10 No CVEs

Developer Profile

mqTranslate Separate Comments Developer Profile

Guido Eugenio aka Zhenya

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect mqTranslate Separate Comments

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/mqtranslate-separate-comments/css/style.css/wp-content/plugins/mqtranslate-separate-comments/js/script.js

Script Paths

/wp-content/plugins/mqtranslate-separate-comments/js/script.js

Version Parameters

mqtranslate-separate-comments/css/style.css?ver=mqtranslate-separate-comments/js/script.js?ver=

HTML / DOM Fingerprints

CSS Classes

comment_xtra

Data Attributes

id="qTranslate_Separate_Comments_language"

JS Globals

var qTC_languages

FAQ