WP-Safety

Translator with Baidu Service Security & Risk Analysis

wordpress.org/plugins/translator-with-baidu-service

Translate your site in many languages with this plugin from JoyBin, Inc. The translating service provider is Baidu.

10 active installs v1.10 PHP + WP 3.8+ Updated Feb 23, 2017
i18ninternationalizationlocalizationtranslationtranslator
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Translator with Baidu Service Safe to Use in 2026?

Generally Safe

Score 85/100

Translator with Baidu Service has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago
Risk Assessment

The translator-with-baidu-service plugin v1.10 exhibits a mixed security posture. On the positive side, it avoids dangerous functions, uses prepared statements exclusively for SQL queries, and has no recorded vulnerabilities (CVEs). This suggests a developer who is aware of some common security pitfalls. However, several significant concerns are raised by the static analysis.

The plugin has two AJAX handlers, both of which lack authentication checks. This creates a direct pathway for unauthenticated users to interact with these handlers, potentially leading to unintended actions or information disclosure. Furthermore, the taint analysis revealed one flow with an unsanitized path, indicating a potential for injection vulnerabilities if this flow is improperly handled on the backend. While the severity of this taint flow is not classified as critical or high, any unsanitized input path is a risk. The low percentage of properly escaped output (37%) is another notable weakness, increasing the risk of Cross-Site Scripting (XSS) vulnerabilities.

In conclusion, while the absence of known vulnerabilities and the use of prepared SQL statements are strengths, the unprotected AJAX endpoints, the unsanitized taint flow, and the poor output escaping practices represent substantial security risks. The plugin's attack surface is relatively small, but the lack of robust access control on critical entry points and insufficient output sanitization warrant significant attention.

Key Concerns

  • AJAX handlers without auth checks
  • Unsanitized path in taint analysis
  • Low output escaping percentage
  • No nonce checks on AJAX handlers
  • No capability checks on entry points
Vulnerabilities
None known

Translator with Baidu Service Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Translator with Baidu Service Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
19
11 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
1
Bundled Libraries
0

Output Escaping

37% escaped30 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths
<baidu-translate-proxy> (includes\baidu-translate-proxy.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Translator with Baidu Service Attack Surface

Entry Points4
Unprotected2

AJAX Handlers 2

authwp_ajax_option-paramsincludes\class-baidu-translator.php:14
noprivwp_ajax_option-paramsincludes\class-baidu-translator.php:15

Shortcodes 2

[baidu_translator] includes\class-baidu-translator.php:32
[notranslate] includes\class-baidu-translator.php:33
WordPress Hooks 7
actionadmin_enqueue_scriptsadmin\includes\class-baidu-translator-admin-screen-settings.php:25
actionadmin_menuadmin\includes\class-baidu-translator-admin.php:5
actionadmin_initadmin\includes\class-baidu-translator-admin.php:6
actionsidebar_admin_setupadmin\includes\class-baidu-translator-admin.php:7
actionmedia_buttonsadmin\includes\class-baidu-translator-admin.php:8
actionplugins_loadedbaidu-translator.php:59
actionwidgets_initincludes\class-baidu-translator.php:13
Maintenance & Trust

Translator with Baidu Service Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.32
Last updatedFeb 23, 2017
PHP min version
Downloads3K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Translator with Baidu Service Alternatives

Performant Translations

Performant Translations

performant-translations

A
100

Making internationalization/localization in WordPress faster than ever before.

40K No CVEs
Preferred Languages

Preferred Languages

preferred-languages

A
99

Choose languages for displaying WordPress in, in order of preference.

2K 1 CVE
Translation Stats

Translation Stats

translation-stats

A
100

Show plugins translation stats on your WordPress install.

20 No CVEs
Admin in English

Admin in English

admin-in-english

A
85

Admin in English lets you have your administration panel in English, even if the rest of your blog is translated into another language.

1K No CVEs
WOVN.io

WOVN.io

wovn-io

A
100

Localize your website, translate web pages in minutes.

200 No CVEs
Developer Profile

Translator with Baidu Service Developer Profile

gongwan33

3 plugins · 10 total installs

91
trust score
Avg Security Score
95/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Translator with Baidu Service

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/translator-with-baidu-service/admin/css/baidu-translator-admin.css
Script Paths
/wp-content/plugins/translator-with-baidu-service/admin/js/baidu-translator-admin.js
Version Parameters
translator-with-baidu-service/style.css?ver=translator-with-baidu-service/script.js?ver=translator-with-baidu-service/admin/css/baidu-translator-admin.css?ver=translator-with-baidu-service/admin/js/baidu-translator-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
baidu-translator-togglable-fieldbaidu-translator-admin-wrap
HTML Comments
Copyright 2010 - 2016 Wagner Wang (email : wagner@joybin.cn)
Data Attributes
name="baidu_translator[appid]"name="baidu_translator[key]"name="baidu_translator[default_lang]"name="baidu_translator[translate_range]"name="baidu_translator[support_lang]"name="baidu_translator[auto_lang]"+1 more
JS Globals
baidu_translator_admin_params
FAQ

Frequently Asked Questions about Translator with Baidu Service