Multilingual Comments Number Security & Risk Analysis
wordpress.org/plugins/multilingual-comments-numberThis plugin corrects output of comments_number for languages having more than one form of plurals (All Slavic languages for example).
Is Multilingual Comments Number Safe to Use in 2026?
Generally Safe
Score 100/100Multilingual Comments Number has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "multilingual-comments-number" v2.0.25 plugin exhibits a strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events significantly limits its attack surface. Furthermore, the code signals indicate a lack of dangerous functions, reliance on prepared statements for all SQL queries, and no file operations or external HTTP requests. The taint analysis also shows no identified vulnerabilities.
However, there are some areas that warrant caution. The fact that only 67% of outputs are properly escaped suggests a potential for cross-site scripting (XSS) vulnerabilities if the unescaped outputs handle user-controlled input. Additionally, the complete lack of nonce and capability checks across all entry points (which are currently zero) is concerning. If any new entry points are introduced in future versions without proper authentication and authorization checks, this could create significant security risks.
The plugin's vulnerability history is clean, with no recorded CVEs. This, combined with the positive static analysis findings, suggests a generally well-developed and secure plugin. The main weakness identified is the potential for XSS due to incomplete output escaping and the absence of checks on entry points that are currently non-existent but could be added.
Key Concerns
- Incomplete output escaping
- No nonce checks on entry points
- No capability checks on entry points
Multilingual Comments Number Security Vulnerabilities
Multilingual Comments Number Code Analysis
Output Escaping
Multilingual Comments Number Attack Surface
WordPress Hooks 2
Maintenance & Trust
Multilingual Comments Number Maintenance & Trust
Maintenance Signals
Community Trust
Multilingual Comments Number Alternatives
Russian Number Comments
russian-number-comments
Плагин позволяет переименовать "комментарии" в "отзывы", "отклики", "ответы" и тому подобное (а также правильно склоняет слово "комментарии").
Akismet Anti-spam: Spam Protection
akismet
The best anti-spam protection to block spam comments and spam in a contact form. The most trusted antispam solution for WordPress and WooCommerce.
![Disable Comments – Remove Comments & Stop Spam [Multi-Site Support]](https://ps.w.org/disable-comments/assets/icon-128x128.png){kind=icon}
Disable Comments – Remove Comments & Stop Spam [Multi-Site Support]
disable-comments
Allows administrators to globally disable comments on their site. Comments can be disabled according to post type. Multisite friendly.
Antispam Bee
antispam-bee
Sophisticated antispam plugin for effective daily comment and trackback spam-fighting. Built with data protection and privacy in mind.
Spam protection, Honeypot, Anti-Spam by CleanTalk
cleantalk-spam-protect
Blocks spam comments, fake users, contact form spam and more. No impact on SEO. Privacy focused. CAPTCHA free, premium Antispam plugin.
Multilingual Comments Number Developer Profile
3 plugins · 2K total installs
How We Detect Multilingual Comments Number
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.