Does AI Translate have any unpatched vulnerabilities?

No. All known vulnerabilities in AI Translate have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is AI Translate compatible with WordPress 6.9.4?

According to WordPress.org data, AI Translate 2.2.9 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is AI Translate compatible with PHP 8.0.0+?

AI Translate requires PHP 8.0.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is AI Translate updated?

AI Translate was last updated on Mar 13, 2026. Frequent updates are generally a positive security signal.

What is AI Translate's security score?

AI Translate has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

AI Translate Security & Risk Analysis

wordpress.org/plugins/ai-translate

AI Translate for WordPress & WooCommerce. Multilingual SEO with translated slugs & 35+ languages. Fast caching, unique Tone of Voice & low AI costs.

40 active installs v2.2.9 PHP 8.0.0+ WP 5.0+ Updated Mar 13, 2026

artificial-intelligencemultilingualseotranslationwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is AI Translate Safe to Use in 2026?

Generally Safe

Score 100/100

AI Translate has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 21d ago

Risk Assessment

The 'ai-translate' plugin v2.2.9 exhibits a mixed security posture. While it demonstrates good practices in SQL query preparation (94%) and a clean vulnerability history with no recorded CVEs, significant concerns arise from its attack surface and taint analysis. A large portion of its AJAX handlers (12 out of 12) lack authentication checks, presenting a substantial entry point for unauthorized actions. Furthermore, the taint analysis reveals three high-severity flows with unsanitized paths, indicating potential vulnerabilities where user-controlled data could be mishandled. The plugin's reliance on file operations (14) and external HTTP requests (18) also warrant careful consideration in conjunction with these unsanitized paths.

Despite the absence of known vulnerabilities and proper nonce checks on most entry points, the high number of unprotected AJAX handlers and critical taint flows overshadow these strengths. The plugin needs immediate attention to address the security gaps in its AJAX endpoints and the identified high-severity taint issues. The lack of recorded vulnerabilities in its history might indicate a lack of rigorous security auditing or that past issues were minor and quickly addressed, but the current static analysis reveals pressing concerns that should be prioritized.

Key Concerns

High number of AJAX handlers without auth checks
High severity taint flows with unsanitized paths
Unescaped output percentage is moderate

Vulnerabilities

None known

AI Translate Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

AI Translate Code Analysis

Dangerous Functions

Raw SQL Queries

135 prepared

Unescaped Output

114

374 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

94% prepared143 total queries

Output Escaping

77% escaped488 total outputs

Data Flows

4 unsanitized

Data Flow Analysis

4 flows4 with unsanitized paths

<ai-translate> (ai-translate.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

12 unprotected

AI Translate Attack Surface

Entry Points15

Unprotected12

AJAX Handlers 12

authwp_ajax_add-menu-itemai-translate.php:2908

authwp_ajax_ai_translate_clear_cache_languageincludes\admin-page.php:101

authwp_ajax_ai_translate_delete_cacheincludes\admin-page.php:212

authwp_ajax_ai_translate_get_cache_urls_by_languageincludes\admin-page.php:246

authwp_ajax_ai_translate_delete_cache_fileincludes\admin-page.php:308

authwp_ajax_ai_translate_warm_cacheincludes\admin-page.php:816

authwp_ajax_ai_translate_generate_website_contextincludes\admin-page.php:885

authwp_ajax_ai_translate_generate_homepage_metaincludes\admin-page.php:946

authwp_ajax_ai_translate_get_modelsincludes\admin-page.php:2480

authwp_ajax_ai_translate_get_custom_urlincludes\admin-page.php:2636

authwp_ajax_ai_translate_validate_apiincludes\admin-page.php:2648

authwp_ajax_ai_translate_update_language_settingsincludes\admin-page.php:2859

REST API Routes 1

POST/wp-json/ai-translate/v1/batch-stringsai-translate.php:1308

Shortcodes 2

[ai_language_switcher] ai-translate.php:2711

[ai_menu_language_switcher] ai-translate.php:3024

WordPress Hooks 63

filterwp_redirectai-translate.php:67

actionplugins_loadedai-translate.php:149

actionadmin_initai-translate.php:154

actioninitai-translate.php:346

actioninitai-translate.php:349

actionai_translate_sync_cache_metadataai-translate.php:359

filterquery_varsai-translate.php:367

actioninitai-translate.php:384

filterdo_redirect_guess_404_permalinkai-translate.php:415

filterredirect_canonicalai-translate.php:441

filterplugin_row_metaai-translate.php:476

filterrequestai-translate.php:519

actiontemplate_redirectai-translate.php:669

actiontemplate_redirectai-translate.php:707

actionwp_footerai-translate.php:753

filterlocaleai-translate.php:760

filterlocaleai-translate.php:904

filterlocaleai-translate.php:997

actionwp_enqueue_scriptsai-translate.php:1031

actionwp_footerai-translate.php:1192

actionrest_api_initai-translate.php:1307

actionparse_requestai-translate.php:1703

actionparse_requestai-translate.php:1745

actionparse_requestai-translate.php:1811

actionparse_requestai-translate.php:1853

filterpost_linkai-translate.php:2138

filterpage_linkai-translate.php:2154

filterpost_type_linkai-translate.php:2172

actionsave_postai-translate.php:2197

actionpost_updatedai-translate.php:2221

actionpost_updatedai-translate.php:2233

actioninitai-translate.php:2255

filterpre_handle_404ai-translate.php:2307

actioninitai-translate.php:2426

actioninitai-translate.php:2434

filterhome_urlai-translate.php:2445

actionpre_get_postsai-translate.php:2526

filterget_search_queryai-translate.php:2587

actionadmin_noticesai-translate.php:2602

actionwp_enqueue_scriptsai-translate.php:2716

actionadmin_head-nav-menus.phpai-translate.php:2739

actionwp_update_nav_menuai-translate.php:2778

actionwp_update_nav_menu_itemai-translate.php:2784

actionadmin_head-nav-menus.phpai-translate.php:2801

actionwp_nav_menu_item_custom_fieldsai-translate.php:2811

actionadmin_initai-translate.php:2916

filternav_menu_css_classai-translate.php:2972

filterwp_nav_menu_argsai-translate.php:2996

actionadmin_initai-translate.php:3123

filterwp_nav_menu_argsai-translate.php:3148

actionwp_footerai-translate.php:3172

actionwp_update_nav_menu_itemai-translate.php:3332

filterwalker_nav_menu_start_elai-translate.php:3360

actionadmin_noticesincludes\admin-page.php:12

actionupdate_option_ai_translate_settingsincludes\admin-page.php:951

actionadmin_menuincludes\admin-page.php:970

actionadmin_enqueue_scriptsincludes\admin-page.php:983

actionadmin_initincludes\admin-page.php:1076

actionupdate_option_ai_translate_settingsincludes\admin-page.php:2834

actioninitincludes\class-ai-sitemap.php:18

actionplugins_loadedincludes\class-ai-sitemap.php:22

actionsm_build_indexincludes\class-ai-sitemap.php:33

actionsm_build_contentincludes\class-ai-sitemap.php:34

Scheduled Events 1

ai_translate_sync_cache_metadata

Maintenance & Trust

AI Translate Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 13, 2026

PHP min version8.0.0

Downloads3K

Community Trust

Rating100/100

Number of ratings6

Active installs40

Alternatives

AI Translate Alternatives

Ailo – AI Slug Translator

haayal-ai-slug-translator

100

Automatically translate non-English slugs into clean, user-friendly English to improve sharing and SEO.

1K No CVEs

Linguise – AI Automatic Multilingual Translation

linguise

100

Linguise is a top-quality automatic AI translation with a front-end translation editor. 5' install, SEO-optimized translations, 85+ languages

1K No CVEs

Clonable – Translate Woocommerce / WordPress website. Multilingual in 5 minutes.

clonable

100

Seamlessly translate and maintain your multilingual websites. Speed up and simplify your internationalisation with Clonable.

300 No CVEs

ContentGecko Connector

contentgecko-connector

100

ContentGecko Connector syncs ContentGecko posts, products, and translations with WordPress securely.

40 No CVEs

Voxfor Multilanguage

voxfor-multilanguage

100

Professional multilingual WordPress plugin using the DeepL API. Transform your website into a global platform.

10 No CVEs

Developer Profile

AI Translate Developer Profile

Gerard Kanters

1 plugin · 40 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect AI Translate

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ai-translate/assets/css/styles.css/wp-content/plugins/ai-translate/assets/js/backend.js/wp-content/plugins/ai-translate/assets/js/frontend.js/wp-content/plugins/ai-translate/assets/js/scripts.js

Script Paths

/wp-content/plugins/ai-translate/assets/js/frontend.js

Version Parameters

ai-translate/assets/css/styles.css?ver=ai-translate/assets/js/scripts.js?ver=ai-translate/assets/js/frontend.js?ver=ai-translate/assets/js/backend.js?ver=

HTML / DOM Fingerprints

CSS Classes

ai-translate-backend

HTML Comments

AI Translate: Translation is OFFAI Translate: Translation is ON

JS Globals

ai_translate_params

REST Endpoints

/wp-json/ai-translate/v1/translate/wp-json/ai-translate/v1/get-languages

FAQ