WP-Safety

Bens Translator Security & Risk Analysis

wordpress.org/plugins/bens-translator

Bens Translator is a plugin for Wordpress that generates translated pages using Google Translator. The pages are cached by your webserver and displaye …

10 active installs v1.7.2 PHP + WP 2.9.2+ Updated Mar 2, 2010
global-translatortranslatetranslate-blogtranslate-googletranslator
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Bens Translator Safe to Use in 2026?

Generally Safe

Score 85/100

Bens Translator has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 16yr ago
Risk Assessment

The "bens-translator" plugin v1.7.2 exhibits a mixed security posture. While its vulnerability history is clean, indicating a potentially well-maintained codebase or limited attack vectors in the past, the static analysis reveals significant concerns. The presence of the `exec` function is a major red flag, as it can lead to arbitrary code execution if user-supplied input is not meticulously sanitized. Furthermore, the fact that 0% of output is properly escaped suggests a high likelihood of cross-site scripting (XSS) vulnerabilities. Taint analysis also indicates flows with unsanitized paths, though these are not flagged as critical or high severity, they warrant attention. The lack of nonce and capability checks, combined with the use of raw SQL queries without prepared statements (even though a majority use them), increases the risk of various attacks, including CSRF, privilege escalation, and SQL injection. The plugin's limited attack surface from entry points is a positive, but the internal code quality concerns significantly outweigh this. Therefore, despite no recorded CVEs, the internal code signals present a considerable risk that requires immediate attention and remediation.

Key Concerns

  • Use of dangerous function 'exec'
  • No output escaping
  • Taint flows with unsanitized paths
  • No nonce checks
  • No capability checks
  • SQL queries not using prepared statements
Vulnerabilities
None known

Bens Translator Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Bens Translator Code Analysis

Dangerous Functions
1
Raw SQL Queries
1
2 prepared
Unescaped Output
59
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
30
External Requests
0
Bundled Libraries
1

Dangerous Functions Found

execexec( "tar cfvz $path/benstranslatorbackup.tar.gz $path/ben-translate-cache");core\bentr-cacheman.php:5

Bundled Libraries

jQuery

SQL Query Safety

67% prepared3 total queries

Output Escaping

0% escaped59 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
<functions> (core\functions.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Bens Translator Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 12
filtercron_schedulescore\cron.php:11
actionbentr_cron_hookcore\cron.php:13
filtergenerate_rewrite_rulescore\functions.php:363
filterquery_varscore\settings.php:31
actionparse_querycore\settings.php:32
actionadmin_menucore\settings.php:33
actioninitcore\settings.php:34
actiondelete_postcore\settings.php:35
actionsave_postcore\settings.php:36
actionwp_headcore\settings.php:37
actionsm_buildmaptranslator.php:97
actionplugins_loadedtranslator.php:98

Scheduled Events 1

bentr_cron_hook
Maintenance & Trust

Bens Translator Maintenance & Trust

Maintenance Signals

WordPress version tested2.9.2
Last updatedMar 2, 2010
PHP min version
Downloads17K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Bens Translator Alternatives

Best SEO iTranslator for WordPress

Best SEO iTranslator for WordPress

best-seo-itranslator-for-wordpress

A
85

Translate your blog in 40 languages and get tons of new traffic sources.

10 No CVEs
Translate WordPress with GTranslate

Translate WordPress with GTranslate

gtranslate

A
99

Translate WordPress with Google Translate multilanguage plugin to make your website multilingual. Complete multilingual SEO solution for WordPress.

900K 5 CVEs
Translate WordPress – Google Language Translator

Translate WordPress – Google Language Translator

google-language-translator

A
97

Translate WordPress with Google Language Translator multilanguage plugin which allows to insert Google Translate widget anywhere on your website.

100K 8 CVEs
Multilanguage by BestWebSoft – WordPress Translation Plugin and Language Switcher

Multilanguage by BestWebSoft – WordPress Translation Plugin and Language Switcher

multilanguage

B
76

The ultimate WordPress translation solution with built-in language translator. Create multilingual content, switch languages, and translate your entir &hellip;

3K 1 unpatched
Translate WordPress Websites Globally with ConveyThis Translate

Translate WordPress Websites Globally with ConveyThis Translate

conveythis-translate

C
67

Make your WordPress site multilingual in minutes! 🌐 AI translations, 200+ languages, SEO & WooCommerce ready — no coding needed!

1K 1 unpatched
Developer Profile

Bens Translator Developer Profile

breaker

1 plugin · 10 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Bens Translator

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/bens-translator/css/style.css
Script Paths
/wp-content/plugins/bens-translator/js/script.js
Version Parameters
bens-translator/css/style.css?ver=bens-translator/js/script.js?ver=

HTML / DOM Fingerprints

CSS Classes
bentr-translator-language
HTML Comments
<!--FLAG_BAR_BEGIN--><!--FLAG_BAR_END-->
JS Globals
bentr_preferred_languagesbentr_base_langbentr_translate_templatebentr_current_permalink
FAQ

Frequently Asked Questions about Bens Translator