Does Just Translate have any unpatched vulnerabilities?

No. All known vulnerabilities in Just Translate have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Just Translate compatible with WordPress 6.8.5?

According to WordPress.org data, Just Translate 0.0.10 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Just Translate compatible with PHP 8.1+?

Just Translate requires PHP 8.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Just Translate updated?

Just Translate was last updated on Sep 12, 2025. Frequent updates are generally a positive security signal.

What is Just Translate's security score?

Just Translate has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Just Translate Security & Risk Analysis

wordpress.org/plugins/just-translate

Automatically captures and translates text strings using a custom translation panel with multi-language support.

0 active installs v0.0.10 PHP 8.1+ WP 6.5+ Updated Sep 12, 2025

i18nlanguagemultilingualstring-translationtranslation

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Just Translate Safe to Use in 2026?

Generally Safe

Score 100/100

Just Translate has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6mo ago

Risk Assessment

The "just-translate" plugin v0.0.10 exhibits a mixed security posture. On the positive side, the plugin demonstrates strong output sanitization, with all identified outputs being properly escaped. It also has a clean vulnerability history, with no known CVEs recorded. The absence of external HTTP requests and a minimal attack surface further contribute to its security. However, there are significant concerns arising from the static analysis. The presence of the `unserialize` function is a major red flag, as it can lead to remote code execution if user-controlled data is unserialized without proper validation. While no critical or high-severity taint flows were found in the limited analysis, the potential for exploitation through `unserialize` remains. Furthermore, the complete lack of capability checks across all entry points is a substantial weakness, meaning that even unauthenticated users could potentially interact with features that should be protected.

Key Concerns

Dangerous function: unserialize detected
No capability checks on entry points

Vulnerabilities

None known

Just Translate Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Just Translate Code Analysis

Dangerous Functions

Raw SQL Queries

64 prepared

Unescaped Output

56 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$setting = $row->is_array ? unserialize($row->s_value) : $row->s_value;modules\jt-query.php:332

SQL Query Safety

81% prepared79 total queries

Output Escaping

100% escaped56 total outputs

Data Flows

All sanitized

Data Flow Analysis

4 flows

wpjt_translation_page (admin\translations.php:6)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Just Translate Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[wpjt_language_switcher] inc\plugin.php:26

WordPress Hooks 8

actionadmin_menuadmin\base.php:7

actionwpjt_runinc\plugin.php:12

actioninitinc\plugin.php:20

actiontemplate_redirectinc\plugin.php:21

actionwpjt_loadinc\plugin.php:23

filterwpjt_loadedinc\plugin.php:24

actionplugins_loadedjust-translate.php:35

filterredirect_canonicalmodules\jt.php:54

Maintenance & Trust

Just Translate Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedSep 12, 2025

PHP min version8.1

Downloads525

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Just Translate Alternatives

Loco Translate

loco-translate

Translate WordPress plugins and themes directly in your browser. Versatile PO file editor with integrated AI translation providers.

1.0M 4 CVEs

ICanLocalize Translator

icanlocalize-translator

Allows running multilingual WordPress sites with zero management. Automatically creates and updates translation when you edit.

10 No CVEs

Frenglish Translations

frenglish-translations

100

Frenglish is a translation plugin that enables multilingual content on your WordPress site with an easy-to-use interface.

0 No CVEs

Multilify

multilify

100

Powerful multilingual content management for WordPress with custom slugs and SEO optimization.

0 No CVEs

Translate WordPress with GTranslate

gtranslate

Translate WordPress with Google Translate multilanguage plugin to make your website multilingual. Complete multilingual SEO solution for WordPress.

900K 5 CVEs

Developer Profile

Just Translate Developer Profile

Akah Subarkah

3 plugins · 10 total installs

trust score

Avg Security Score

97/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Just Translate

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/just-translate/admin/css/translations.css/wp-content/plugins/just-translate/admin/js/translations.js

Script Paths

/wp-content/plugins/just-translate/admin/js/translations.js

Version Parameters

just-translate/admin/css/translations.css?ver=just-translate/admin/js/translations.js?ver=

HTML / DOM Fingerprints

CSS Classes

wpjt-string

Data Attributes

name="wpjt_update"name="wpjt_delete"name="delete_keys[]"name="translation[]"id=""name="form_translation_nonce"+2 more

JS Globals

jQuery

FAQ