WP-Safety

Caldera Forms Translation Security & Risk Analysis

wordpress.org/plugins/caldera-forms-translation

Multilingual WordPress Forms

300 active installs v1.2.1 PHP + WP 4.5+ Updated Dec 14, 2017
caldera-formsformstranslationswpform
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Caldera Forms Translation Safe to Use in 2026?

Generally Safe

Score 85/100

Caldera Forms Translation has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago
Risk Assessment

The plugin 'caldera-forms-translation' v1.2.1 exhibits a strong security posture based on the provided static analysis and vulnerability history. The absence of any identified entry points like AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the plugin's attack surface. Furthermore, the code signals indicate responsible development practices, with no dangerous functions, 100% of SQL queries using prepared statements, and the presence of nonce and capability checks. The lack of any recorded vulnerabilities, including critical or high-severity ones, in its history reinforces this positive assessment. While the output escaping rate is not perfect (64% properly escaped), this is a relatively minor concern compared to the absence of other critical security flaws. The zero taint analysis results also suggest no obvious vulnerabilities related to unsanitized data flows. Overall, this plugin appears to be well-secured with no immediate or critical risks identified.

Key Concerns

  • Low output escaping rate
Vulnerabilities
None known

Caldera Forms Translation Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Caldera Forms Translation Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
12
21 escaped
Nonce Checks
1
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

64% escaped33 total outputs
Attack Surface

Caldera Forms Translation Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 14
actioncaldera_forms_includes_completecf-translate.php:34
actioncaldera_forms_render_startcf-translate.php:56
filtercaldera_forms_submit_get_formcf-translate.php:61
filtercaldera_forms_get_field_typescf-translate.php:66
actionrest_api_initcf-translate.php:71
actioncaldera_forms_rest_api_pre_initcf-translate.php:72
filtercaldera_forms_submission_urlcf-translate.php:77
filtercf_translate_get_current_languagecf-translate.php:91
actioninitcf-translate.php:197
actioncf_translate_templatescf-translate.php:203
actionrest_api_initcf-translate.php:264
actionadmin_menuclasses\admin.php:66
actionadmin_enqueue_scriptsclasses\admin.php:67
actionadmin_enqueue_scriptsclasses\admin.php:68
Maintenance & Trust

Caldera Forms Translation Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29
Last updatedDec 14, 2017
PHP min version
Downloads13K

Community Trust

Rating34/100
Number of ratings10
Active installs300
Alternatives

Caldera Forms Translation Alternatives

Image CAPTCHA for Contact Form 7 and WPForms by HookAndHook (DSGVO/GDPR)

Image CAPTCHA for Contact Form 7 and WPForms by HookAndHook (DSGVO/GDPR)

contact-form-7-image-captcha

A
100

Adds an Image CAPTCHA to Contact Form 7 and WPForms, GDPR ready, perfect WPForms or Contact Form 7 Spam Protection Image CAPTCHA, adds a honeypot

80K No CVEs
Database for Contact Form 7, WPforms, Elementor forms

Database for Contact Form 7, WPforms, Elementor forms

contact-form-entries

B
76

Saves Contact Form 7, WPforms,Elementor Forms, CRM Perks Forms and many other contact form submissions to database.

70K 13 CVEs
Utimate Kit ( Styler ) for WPForms

Utimate Kit ( Styler ) for WPForms

styler-for-wpforms

A
100

Ultimate Kit for WPForms makes the task of designing WPForms an easy one.

30K No CVEs
Database Addon For WPForms ( wpforms entries ) – WPFormsDB

Database Addon For WPForms ( wpforms entries ) – WPFormsDB

database-for-wpforms

A
100

Save and manage WPForms entries (WPForms database). It is a lightweight WPForms database plugin.

20K No CVEs
GSheetConnector For WPForms – WPForms Google Sheets Integration (Real-Time Sync)

GSheetConnector For WPForms – WPForms Google Sheets Integration (Real-Time Sync)

gsheetconnector-wpforms

A
95

Connect WPForms to Google Sheets and automatically send form entries to a google sheet in real-time. No manual exports, no coding required.

8K 3 CVEs
Developer Profile

Caldera Forms Translation Developer Profile

Josh Pollock

6 plugins · 540 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Caldera Forms Translation

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/caldera-forms-translation/assets/js/language-picker.min.js
Script Paths
/wp-content/plugins/caldera-forms-translation/assets/js/language-picker.min.js
Version Parameters
caldera-forms-translation/assets/js/language-picker.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
cf-form-language-picker
Data Attributes
data-field-iddata-caldera-field-id
JS Globals
CF_Translate_Objectcaldera_forms_language_picker_options
REST Endpoints
/wp-json/cf-translate/v1/options
FAQ

Frequently Asked Questions about Caldera Forms Translation