Does Unify WPML Comments have any unpatched vulnerabilities?

No. All known vulnerabilities in Unify WPML Comments have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Unify WPML Comments compatible with WordPress 5.0.25?

According to WordPress.org data, Unify WPML Comments 1.1 has been tested up to WordPress 5.0.25. Check the plugin's changelog for the latest compatibility information.

Is Unify WPML Comments compatible with PHP 7.0+?

Unify WPML Comments requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Unify WPML Comments updated?

Unify WPML Comments was last updated on Dec 8, 2018. Frequent updates are generally a positive security signal.

What is Unify WPML Comments's security score?

Unify WPML Comments has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Unify WPML Comments Security & Risk Analysis

wordpress.org/plugins/unify-wpml-comments

Unify WPML Comments displays all the comments of a given post for all active languages.

10 active installs v1.1 PHP 7.0+ WP 4.9.5+ Updated Dec 8, 2018

commentsmultilingualreviewswmplwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Unify WPML Comments Safe to Use in 2026?

Generally Safe

Score 85/100

Unify WPML Comments has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago

Risk Assessment

The "unify-wpml-comments" v1.1 plugin exhibits a generally strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events with unprotected entry points is a significant strength, indicating a minimal attack surface. Furthermore, the code demonstrates good practices by correctly preparing all SQL queries and properly escaping all output, with no observed file operations or external HTTP requests. The lack of any reported vulnerabilities in its history further bolsters this positive assessment.

However, a notable concern arises from the complete absence of nonce checks and capability checks. While the current static analysis shows no immediately exploitable vulnerabilities due to the limited attack surface, this lack of authorization and security checks means that if any new functionality is added or if the attack surface expands in future versions, there's a high risk of introducing significant security weaknesses. The taint analysis also shows zero flows, which could be due to the limited code analyzed or the plugin's simplicity. Overall, the plugin is currently secure due to its minimal functionality and diligent coding practices, but it has a critical weakness in its authorization mechanisms that needs to be addressed for future maintainability and scalability.

Key Concerns

Missing nonce checks
Missing capability checks

Vulnerabilities

None known

Unify WPML Comments Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Unify WPML Comments Release Timeline

No version history available.

Code Analysis

Analyzed Apr 16, 2026

Unify WPML Comments Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

3 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared1 total queries

Output Escaping

100% escaped3 total outputs

Attack Surface

Unify WPML Comments Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 7

filtercomments_arrayinc/class-unify-wpml-comments.php:14

filterget_comments_numberinc/class-unify-wpml-comments.php:16

filterwoocommerce_product_get_review_countinc/class-unify-wpml-comments.php:17

filterwoocommerce_product_get_average_ratinginc/class-unify-wpml-comments.php:19

filtercomments_clausesinc/class-unify-wpml-comments.php:124

filterwoocommerce_product_get_average_ratinginc/class-unify-wpml-comments.php:175

actionplugins_loadedunify-wpml-comments.php:28

Maintenance & Trust

Unify WPML Comments Maintenance & Trust

Maintenance Signals

WordPress version tested5.0.25

Last updatedDec 8, 2018

PHP min version7.0

Downloads1K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

Unify WPML Comments Alternatives

Multilingual Comments

multilingual-comments

Multilingual Comments is an add-on for WPML / WooCommerce. This plugin makes it possible via its own plugin settings, to show: comments on blog posts …

100 No CVEs

Discussions Tab for WooCommerce Products

discussions-tab-for-woocommerce-products

100

Creates a discussions tab for WooCommerce products.

40 No CVEs

ST Product Review Generator

st-product-review-generator

100

Transform the way you manage product feedback with ST Product Review Generator by StrivioThemes — the ultimate solution for bringing your customer&#03 …

30 No CVEs

Taknalogy Reviews

taknalogy-reviews

Manages and displays reviews for woocommerce product pages. It uses reviews service from taknalogy.com Taknalogy Reviews Homepage.

10 No CVEs

Featured Reviews for Woocommerce

ecommerce-featured-reviews

This plugin will helps to change review order, You can easily move any review to top or bottom, for that you have to setup order number in reviews.

0 No CVEs

Developer Profile

Unify WPML Comments Developer Profile

Alexandre Froger

12 plugins · 8K total installs

trust score

Avg Security Score

88/100

Avg Patch Time

110 days

View full developer profile

Detection Fingerprints

How We Detect Unify WPML Comments

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

FAQ