Does Gtbabel have any unpatched vulnerabilities?

No. All known vulnerabilities in Gtbabel have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Gtbabel compatible with WordPress 6.9.4?

According to WordPress.org data, Gtbabel 6.8.8 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Gtbabel compatible with PHP 7.2+?

Gtbabel requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Gtbabel updated?

Gtbabel was last updated on Jan 21, 2026. Frequent updates are generally a positive security signal.

What is Gtbabel's security score?

Gtbabel has a WP-Safety security score of 98/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Gtbabel Security & Risk Analysis

wordpress.org/plugins/gtbabel

Gtbabel automatically translates your HTML/PHP pages – server sided!

0 active installs v6.8.8 PHP 7.2+ WP 5.3.2+ Updated Jan 21, 2026

bilinguallanguagemultilingualtranslatetranslation

A · Safe

CVEs total1

Unpatched0

Last CVEFeb 17, 2025

Plugin page Download

Safety Verdict

Is Gtbabel Safe to Use in 2026?

Generally Safe

Score 98/100

Gtbabel has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Feb 17, 2025Updated 2mo ago

Risk Assessment

The gtbabel plugin v6.8.8 presents a mixed security posture. While it demonstrates good practices such as a low number of external requests and file operations, and a high percentage of prepared SQL statements, significant concerns remain. The presence of an unprotected AJAX handler creates a direct attack vector. Furthermore, the low percentage of properly escaped output suggests a high risk of Cross-Site Scripting (XSS) vulnerabilities, as user-supplied data is likely to be rendered directly in the browser without sufficient sanitization.

Taint analysis reveals flows with unsanitized paths, indicating potential for path traversal or information disclosure issues. The vulnerability history, though currently showing no unpatched CVEs, includes a past high-severity vulnerability related to sensitive cookies without the 'Secure' attribute. This pattern, combined with the current code analysis findings, suggests a recurring need for robust security development and auditing practices within the plugin's lifecycle.

Key Concerns

Unprotected AJAX handler
Low proper output escaping (XSS risk)
Flows with unsanitized paths
Past high severity vulnerability

Vulnerabilities

Gtbabel Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

High

1 total CVE

CVE-2024-11638high · 7.5Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

Gtbabel <= 6.6.8 - Unauthenticated Cookie Stealing

Feb 17, 2025 Patched in 6.6.9 (23d)

Code Analysis

Analyzed Mar 17, 2026

Gtbabel Code Analysis

Dangerous Functions

Raw SQL Queries

42 prepared

Unescaped Output

323

12 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

86% prepared49 total queries

Output Escaping

4% escaped335 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

6 flows2 with unsanitized paths

initBackendAutoTranslate (gtbabel.php:2628)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

Gtbabel Attack Surface

Entry Points4

Unprotected1

AJAX Handlers 1

authwp_ajax_dismiss_custom_noticegtbabel.php:608

REST API Routes 1

GET/wp-json/v1/translate/sluggtbabel.php:322

Shortcodes 2

[gtbabel_languagepicker] gtbabel.php:648

[gtbabel_languagepicker_flat] gtbabel.php:651

WordPress Hooks 34

actionwp_loadedgtbabel.php:54

actionwpcf7_contact_formgtbabel.php:84

filterwpforms_frontend_stringsgtbabel.php:102

filterwp_mailgtbabel.php:113

filterposts_searchgtbabel.php:126

filterredirect_canonicalgtbabel.php:168

actionplugins_loadedgtbabel.php:183

actionafter_setup_themegtbabel.php:190

actiontemplate_redirectgtbabel.php:204

actionshutdowngtbabel.php:213

actionplugins_loadedgtbabel.php:311

actionrest_api_initgtbabel.php:321

filterthe_titlegtbabel.php:331

filterdocument_title_partsgtbabel.php:341

filterrender_blockgtbabel.php:369

filterget_the_excerptgtbabel.php:411

filteracf/format_valuegtbabel.php:421

actionpre_get_postsgtbabel.php:448

actionwpgtbabel.php:462

filterwpseo_exclude_from_sitemap_by_post_idsgtbabel.php:492

filterthe_titlegtbabel.php:496

filteresc_htmlgtbabel.php:512

filterwp_get_nav_menu_itemsgtbabel.php:528

actionenqueue_block_editor_assetsgtbabel.php:572

actioninitgtbabel.php:583

actionadmin_noticesgtbabel.php:590

filterwp_sitemaps_posts_entrygtbabel.php:614

actionadmin_bar_menugtbabel.php:621

actionwidgets_initgtbabel.php:642

filternav_menu_meta_box_objectgtbabel.php:657

actionadmin_menugtbabel.php:681

actionadmin_enqueue_scriptsgtbabel.php:729

actionadmin_initgtbabel.php:2940

actioninitgtbabel.php:2980

Maintenance & Trust

Gtbabel Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 21, 2026

PHP min version7.2

Downloads7K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Gtbabel Alternatives

Translate WordPress with GTranslate

gtranslate

Translate WordPress with Google Translate multilanguage plugin to make your website multilingual. Complete multilingual SEO solution for WordPress.

900K 5 CVEs

Polylang

polylang

Go multilingual in a simple and efficient way. Keep writing posts and taxonomy terms as usual while defining their languages all at once.

800K 3 CVEs

Translate Multilingual sites – TranslatePress

translatepress-multilingual

Translate your entire site directly from the front-end and go multilingual. Full support for WooCommerce, page builders + Google Translate integration

400K 5 CVEs

WP Multilang – Translation and Multilingual Plugin

wp-multilang

Multilingual plugin for WordPress. Go Multilingual in minutes with full WordPress support. Translate your site easily with this localization plugin.

10K 1 CVE

wpLingua – Automatic translation – Translate and make website multilingual

wplingua

100

Make your websites multilingual and translate them automatically: no word limits, editable translations, SEO-friendly, no coding knowledge needed

2K No CVEs

Developer Profile

Gtbabel Developer Profile

gtbabel

1 plugin · 0 total installs

trust score

Avg Security Score

98/100

Avg Patch Time

23 days

View full developer profile

Detection Fingerprints

How We Detect Gtbabel

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/gtbabel/gtbabel.js/wp-content/plugins/gtbabel/gtbabel.css

Script Paths

/wp-content/plugins/gtbabel/gtbabel.js

Version Parameters

gtbabel/gtbabel.js?ver=gtbabel/gtbabel.css?ver=

HTML / DOM Fingerprints

CSS Classes

gtbabel-wrapgtbabel-translate-buttongtbabel-active

HTML Comments

gtbabel:startgtbabel:end

Data Attributes

data-gtbabel-translate

JS Globals

gtbabelConfiggtbabel_api_url

REST Endpoints

/wp-json/gtbabel/v1/translate

Shortcode Output

<div class="gtbabel-shortcode">

FAQ