[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fwP1LKqbE_6BL6uWt4CS91vKGAk9VgSL45zyvcJ256zo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":34,"analysis":139,"fingerprints":204},"wp-rest-api-multilanguage-over-wmpl","WP REST API multilanguage (over WMPL)","0.1","elemind","https:\u002F\u002Fprofiles.wordpress.org\u002Felemind\u002F","\u003Cp>Plugin will allow you to fetch the WP REST API call with a “lang” variable.\u003Cbr \u002F>\nIt will retrieve the right content from WPML.\u003C\u002Fp>\n\u003Cp>Tested with the latest version of:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WPML 3.2.7\u003C\u002Fli>\n\u003Cli>WP REST API 2.0-beta4\u003C\u002Fli>\n\u003C\u002Ful>\n","Allows you to request a language with your WP-API and WPML site.",10,2058,0,"2015-11-02T14:42:00.000Z","4.3.34","4.3.0","",[19,20,21,22],"json-api","multilanguage","wp-rest-api","wpml","http:\u002F\u002Felemind.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-rest-api-multilanguage-over-wmpl.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},1,30,84,"2026-04-05T16:35:26.558Z",[35,57,78,101,118],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":17,"tags":50,"homepage":55,"download_link":56,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"wpml-widgets","WPML Widgets","1.0.6","Jeroen Sormani","https:\u002F\u002Fprofiles.wordpress.org\u002Fsormano\u002F","\u003Cp>WPML Widgets is a simple to use extension to add a language selector dropdown to your widgets.\u003C\u002Fp>\n\u003Cp>This plugin is the easiest way to add multilingual widgets to your website.\u003C\u002Fp>\n\u003Cp>WPML Widgets is a ultra lightweight plugin, so there will be (about) zero extra loading time.\u003C\u002Fp>\n","WPML Widgets is a simple to use extension to add a language selector dropdown to your widgets.",10000,171698,98,36,"2017-11-28T08:13:00.000Z","4.7.32","3.6",[51,52,22,53,54],"wordpress-multilanguage","wordpress-multilanguage-widget","wpml-widget","wpml-widget-selector","http:\u002F\u002Fjeroensormani.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpml-widgets.1.0.6.zip",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":67,"num_ratings":68,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":17,"tags":72,"homepage":75,"download_link":76,"security_score":77,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"rest-api-toolbox","REST API Toolbox","1.4.4","Pete Nelson","https:\u002F\u002Fprofiles.wordpress.org\u002Fgungeekatx\u002F","\u003Cp>Allows tweaking of several REST API settings\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Disable the REST API\u003C\u002Fli>\n\u003Cli>Remove WordPress core endpoints\u003C\u002Fli>\n\u003Cli>Require authentication for core endpoints\u003C\u002Fli>\n\u003Cli>Force SSL\u003C\u002Fli>\n\u003Cli>WP-CLI commands: wp rest-api-toolbox\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Find us on GitHub at https:\u002F\u002Fgithub.com\u002Fpetenelson\u002Fwp-rest-api-toolbox\u003C\u002Fp>\n\u003Cp>(Creative commons toolbox image provided by James Tworow https:\u002F\u002Fwww.flickr.com\u002Fphotos\u002Fsherlock77\u002F)\u003C\u002Fp>\n","Allows tweaking of several REST API settings",2000,40876,100,8,"2025-01-02T16:18:00.000Z","6.7.5","4.4",[19,73,74,21],"rest","rest-api","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frest-api-toolbox","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frest-api-toolbox.1.4.4.zip",92,{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":65,"downloaded":86,"rating":77,"num_ratings":87,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":91,"tags":92,"homepage":96,"download_link":97,"security_score":98,"vuln_count":99,"unpatched_count":30,"last_vuln_date":100,"fetched_at":27},"srbtranslatin","SrbTransLatin – Serbian Latinisation","3.2.0","Oblak Studio","https:\u002F\u002Fprofiles.wordpress.org\u002Foblakstudio\u002F","\u003Ch3>SrbTransLatin: The BEST WordPress transliteration plugin\u003C\u002Fh3>\n\u003Cp>SrbTransLatin enables you to have \u003Cstrong>both cyrillic and latin scripts\u003C\u002Fstrong> on your website. Transliteration is done in-place automatically.\u003C\u002Fp>\n\u003Ch3>Features (v3+)\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Transliteration features\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Website content is automatically transliterated into latin\u003C\u002Fli>\n\u003Cli>Ajax calls are transliterated into latin (both JSON and HTML)\u003C\u002Fli>\n\u003Cli>Your visitors can search cyrillic content using latin script\u003C\u002Fli>\n\u003Cli>Selective transliteration via shortcodes – Force parts of your website to stay in cyrillic script, use custom transliteration (\u003Cem>Gutenblocks coming soon\u003C\u002Fem>)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Performance features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Cache plugin compatible\u003C\u002Fstrong> – No reinventing the wheel. Works OOB with all the popular caching plugins.\u003C\u002Fli>\n\u003Cli>SEO Friendly – no double content or SERP penalties!\u003C\u002Fli>\n\u003Cli>Optimized autoloading – Plugin is PSR-12 compatible and loads the functionalities only when needed\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>File and Media features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Script specific files\u003C\u002Fstrong> – You can have separate versions of images or other files for cyrillic and latin scripts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Filename transliteration\u003C\u002Fstrong> – Cyrillic uploads are automatically converted to latin script\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Script Selector features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Append the script selector to any menu of your choosing – Either as a dropdown, or inline\u003C\u002Fli>\n\u003Cli>Selector widget – place it any sidebar you’d like\u003C\u002Fli>\n\u003Cli>Custom function – Use \u003Ccode>stl_selector\u003C\u002Fcode> function anywhere in the code (but read the docs first)\u003C\u002Fli>\n\u003Cli>Works everywhere – Plugin hooks into WordPress core transliterating your content inplace\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>MultiLanguage features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Tested with:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>PolyLang\u003C\u002Fli>\n\u003Cli>WPML\u003C\u002Fli>\n\u003Cli>TranslatePress\u003C\u002Fli>\n\u003Cli>qTranslateX\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>If you can’t find your anwsers in the FAQ below, documentation can be found \u003Ca href=\"https:\u002F\u002Frtfm.oblak.studio\u002Fsrbtranslatin\" rel=\"nofollow ugc\">here\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Authorship\u003C\u002Fh3>\n\u003Cp>Original version of this plugin was developer by \u003Ca href=\"https:\u002F\u002Fpedja.supurovic.net\u002F\" rel=\"nofollow ugc\">Predrag Supurović\u003C\u002Fa>.\u003Cbr \u002F>\nPlugin development was handed over to \u003Ca href=\"https:\u002F\u002Foblak.studio\" rel=\"nofollow ugc\">Oblak Solutions\u003C\u002Fa> in march 2020. Since then, we am the sole authors and maintainers of the plugin\u003C\u002Fp>\n","SrbTransLatin plugin allows you to use both Cyrillic and Latin scripts on your website.",71153,38,"2023-12-13T10:09:00.000Z","6.3.8","6.0","7.4",[93,20,94,95,22],"latinisation","translatepress","transliteration","https:\u002F\u002Foblak.studio\u002Fplugins\u002Fsrbtranslatin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsrbtranslatin.3.2.0.zip",60,3,"2025-04-01 00:00:00",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":11,"downloaded":109,"rating":67,"num_ratings":30,"last_updated":110,"tested_up_to":111,"requires_at_least":112,"requires_php":17,"tags":113,"homepage":17,"download_link":117,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"language-option-for-acf4-fields","Language option for ACF4+ Fields","1.3.0","VoiD2008","https:\u002F\u002Fprofiles.wordpress.org\u002Fvoid2008\u002F","\u003Cp>This plugin allows to select language for fields to be shown.\u003Cbr \u002F>\nWPML,xili-language,Polylang plugins supported.\u003C\u002Fp>\n\u003Ch3>Contribute\u003C\u002Fh3>\n\u003Cp>If you find this useful and you if you want to contribute, there are three ways:\u003C\u002Fp>\n\u003Col>\n\u003Cli>You can write me (void2008dev[at]gmail.com or \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FVoiD2008\u002Facf_wpml_fields\" rel=\"nofollow ugc\">here\u003C\u002Fa>) and submit your bug reports, suggestions and requests for features;\u003C\u002Fli>\n\u003Cli>Using the plugin is free, but if you want you can send me some money with PayPal \u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fcgi-bin\u002Fwebscr?cmd=_s-xclick&hosted_button_id=WBHZUEALQ2RAN\" rel=\"nofollow ugc\">here\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Fol>\n","Adding language option to ACF fields plugin.",2532,"2014-09-03T02:08:00.000Z","3.9.40","3.0",[114,20,115,22,116],"acf","polylang","xili","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flanguage-option-for-acf4-fields.1.3.0.zip",{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":43,"downloaded":126,"rating":127,"num_ratings":128,"last_updated":129,"tested_up_to":130,"requires_at_least":131,"requires_php":132,"tags":133,"homepage":17,"download_link":137,"security_score":77,"vuln_count":30,"unpatched_count":13,"last_vuln_date":138,"fetched_at":27},"theme-translation-for-polylang","Theme and plugin translation for Polylang (TTfP)","3.4.9","Marcin Kazmierski","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarcinkazmierski\u002F","\u003Ch4>What is “Theme and plugin translation for Polylang”?\u003C\u002Fh4>\n\u003Cp>Extension for Polylang plugin (Polylang is an extension to make multilingual WordPress websites.).\u003Cbr \u002F>\nPlugin is needed to translate the WordPress themes and plugins by Polylang.\u003C\u002Fp>\n\u003Ch4>How to configure it?\u003C\u002Fh4>\n\u003Cp>Select themes and plugins to find texts for translation by Polylang.\u003Cbr \u002F>\nIn admin dashboard:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>Languages -> TTfP Settings\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>How it is work?\u003C\u002Fh4>\n\u003Cp>“Theme and plugin translation for Polylang” automatically searches all files of WordPress themes and plugins. It chooses from this file only those files with extensions:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>php\u003C\u002Fli>\n\u003Cli>inc\u003C\u002Fli>\n\u003Cli>twig\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>In addition, is implemented the integration with Timber library (read more: http:\u002F\u002Ftimber.upstatement.com) – which allows to translate twig’s skins in simple way.\u003Cbr \u002F>\nPlugin in searched skins or plugins chooses texts from Polylang functions, such as:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>_e(string $text, string $domain = ‘default’);\u003C\u002Fli>\n\u003Cli>__(string $text, string $domain = ‘default’);\u003C\u002Fli>\n\u003Cli>_x(string $text, string $context, string $domain = ‘default’);\u003C\u002Fli>\n\u003Cli>pll_e(string $text);\u003C\u002Fli>\n\u003Cli>pll__(string $text);\u003C\u002Fli>\n\u003Cli>esc_html(string $text);\u003C\u002Fli>\n\u003Cli>esc_html_e(string $text, string $domain = ‘default’);\u003C\u002Fli>\n\u003Cli>esc_html__(string $text, string $domain = ‘default’);\u003C\u002Fli>\n\u003Cli>_n(string $single, string $plural, int $number, string $domain = ‘default’);\u003C\u002Fli>\n\u003Cli>esc_attr_e(string $text, string $domain = ‘default’);\u003C\u002Fli>\n\u003Cli>esc_attr__(string $text, string $domain = ‘default’);\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>In your function.php, themes or plugins.\u003C\u002Fp>\n\u003Cp>For example:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003Cp>\u003C?php pll_e('My text'); ?>\u003C\u002Fp>\n\n\u003Cp>\u003C?php _e('My another text', 'my_theme'); ?>\u003C\u002Fp>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>On the timber context declare this functions like:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$context['pll_e'] = TimberHelper::function_wrapper('pll_e');\n\n$context['pll_'] = TimberHelper::function_wrapper('pll_');\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>See more on: \u003Ccode>https:\u002F\u002Fpolylang.wordpress.com\u002Fdocumentation\u002Fdocumentation-for-developers\u002Ffunctions-reference\u002F\u003C\u002Fcode>\u003Cbr \u002F>\nThese functions are defined by Polylang plugin for printing translations.\u003Cbr \u002F>\nThanks “Theme and plugin translation for Polylang” you can find these strings to translate and add to Polylang register on very simple way.\u003Cbr \u002F>\nAnd then you can translate these texts from the admin dashboard.\u003Cbr \u002F>\nThe scan result can be seen on the tab with translations:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>Settings -> Languages -> String translation\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>or\u003C\u002Fp>\n\u003Cpre>\u003Ccode>Languages -> String translation\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>You don’t need programs like poedit – you don’t change files with extensions like: \u003Ccode>.pot\u003C\u002Fcode>, \u003Ccode>.po\u003C\u002Fcode>, \u003Ccode>.mo\u003C\u002Fcode>.\u003Cbr \u002F>\n“Theme and plugin translation for Polylang” is highly efficient because the scanner is worked only on admin dashboard in tab:\u003Cbr \u002F>\nIn dashboard:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>Settings -> Languages -> String translation\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>or\u003C\u002Fp>\n\u003Cpre>\u003Ccode>Languages -> String translation\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Export and import string translation\u003C\u002Fh4>\n\u003Cp>In dashboard:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>Languages -> TTfP Settings\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Filter reference\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>ttfp_domains\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Allows plugins and themes (in functions.php) to modify list of text domains (unique identifier for retrieving translated strings).\u003Cbr \u002F>\nList of text domains is displayed on “TTfP Settings” page to select them for translation by polylang engine.\u003C\u002Fp>\n\u003Cp>Example:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter('ttfp_domains', 'custom_ttfp_domains', 10, 1);\nfunction custom_ttfp_domains(array $domains):array\n {\n     $domains[] = \"my-custom-domain\";\n     return $domains;\n }\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Filter reference\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>ttfp_translation_access\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Returns whether the user has capability to view and edit translations provided by TTfP.\u003C\u002Fp>\n\u003Cp>Example:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter('ttfp_translation_access', 'custom_ttfp_translation_access', 10, 1);\nfunction custom_ttfp_translation_access(bool $hasAccess):bool\n {\n     return current_user_can('edit_posts');\n }\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Theme and plugin translation using Polylang for WordPress. Extension for Polylang plugin.",269744,94,35,"2025-03-15T15:35:00.000Z","6.6.5","5.7","7.0",[134,20,115,135,136],"languages","translate","translation","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftheme-translation-for-polylang.3.4.9.zip","2022-11-28 00:00:00",{"attackSurface":140,"codeSignals":164,"taintFlows":171,"riskAssessment":172,"analyzedAt":203},{"hooks":141,"ajaxHandlers":160,"restRoutes":161,"shortcodes":162,"cronEvents":163,"entryPointCount":13,"unprotectedCount":13},[142,148,152,157],{"type":143,"name":144,"callback":145,"file":146,"line":147},"action","admin_init","activation_check","wpml-to-wp-api.php",13,{"type":143,"name":149,"callback":150,"file":146,"line":151},"admin_notices","activation_notice",26,{"type":143,"name":153,"callback":154,"priority":155,"file":146,"line":156},"rest_api_init","wpml_wp_rest_api_init",5,39,{"type":143,"name":158,"callback":154,"priority":155,"file":146,"line":159},"wp_json_server_before_serve",40,[],[],[],[],{"dangerousFunctions":165,"sqlUsage":166,"outputEscaping":168,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":30,"bundledLibraries":170},[],{"prepared":13,"raw":13,"locations":167},[],{"escaped":13,"rawEcho":13,"locations":169},[],[],[],{"summary":173,"deductions":174},"The plugin \"wp-rest-api-multilanguage-over-wmpl\" v0.1 presents a strong security posture based on the provided static analysis.  The absence of dangerous functions, reliance on prepared statements for SQL queries, and proper output escaping are commendable practices.  Furthermore, the zero-count for known CVEs and the lack of any recorded vulnerabilities in its history suggest a history of secure development or a very limited attack surface that hasn't attracted known exploits.  The plugin also demonstrates a positive practice by including a capability check.\n\nHowever, the analysis also highlights potential areas of concern. The fact that there are zero AJAX handlers, REST API routes, shortcodes, and cron events means there are no immediately identifiable entry points for external interaction within this version's static analysis.  While this contributes to a seemingly secure surface, it's unusual for a plugin intended to interact with WordPress features like the REST API and potentially WPML to have no exposed entry points.  This could indicate that the plugin relies entirely on other plugins for its functionality or that the analysis might not be fully capturing its intended interaction points.  The absence of nonce checks and the zero taint flows, while seemingly positive, might also stem from the lack of exposed entry points, rather than a proactive security design for handling user input.  The single capability check is a good sign but not comprehensive without more context on its usage.\n\nIn conclusion, the plugin exhibits excellent code hygiene in terms of function usage, SQL, and output handling, and has a clean vulnerability history. The primary weakness lies in the very limited attack surface reported, which raises questions about its functionality and potential for indirect vulnerabilities or reliance on other less secure components. It's difficult to give a definitive high score without more information on how the plugin actually integrates and operates within a WordPress environment, especially concerning its interaction with WPML and the REST API.",[175,177,179,181,183,185,187,189,191,193,195,197,199,201],{"reason":176,"points":30},"Zero AJAX handlers without auth checks",{"reason":178,"points":30},"Zero REST API routes without permission checks",{"reason":180,"points":30},"Zero shortcodes",{"reason":182,"points":30},"Zero cron events",{"reason":184,"points":30},"Zero dangerous functions",{"reason":186,"points":30},"100% SQL prepared statements",{"reason":188,"points":30},"100% output properly escaped",{"reason":190,"points":30},"Zero file operations",{"reason":192,"points":30},"Zero external HTTP requests",{"reason":194,"points":155},"Zero nonce checks",{"reason":196,"points":30},"1 capability check found",{"reason":198,"points":30},"No bundled libraries",{"reason":200,"points":155},"Zero taint flows analyzed",{"reason":202,"points":30},"Zero CVEs, unpatched, or historical vulns","2026-03-17T00:06:00.646Z",{"wat":205,"direct":210},{"assetPaths":206,"generatorPatterns":207,"scriptPaths":208,"versionParams":209},[],[],[],[],{"cssClasses":211,"htmlComments":212,"htmlAttributes":213,"restEndpoints":214,"jsGlobals":215,"shortcodeOutput":216},[],[],[],[],[],[]]