There are several instances in this module where text from variables is displayed to users without being passed through the t() function or where the t() function is used improperly.

Some examples:

$error[]=$node->title .' is set to : '.$privacy_levels[$privacy];

form_set_error('privacy',t('<p>Sorry the privacy level of this item must be the same as its parent items. The following items conflict with this privacy level:</p>'.$error));/

I can't say for certain that this is an exhaustive list, but it should provide some examples. This is a critical problem because it not only affects translations but it also impacts security (the t() function performs filtering of text). That is why I'm marking this critical.

You recently fixed some other bugs like this so I take it you know what to do, but if not, let me know.

I suggest you fix those two examples and also review the module for more text that is presented to users but which is not sent through the t() system. You may also find the handbooks on secure code useful: http://drupal.org/writing-secure-code and http://drupal.org/node/28984