Does SiteTran – Translate Your WordPress Site have any unpatched vulnerabilities?

No. All known vulnerabilities in SiteTran – Translate Your WordPress Site have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is SiteTran – Translate Your WordPress Site compatible with WordPress 6.7.5?

According to WordPress.org data, SiteTran – Translate Your WordPress Site 1.3.5 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

How often is SiteTran – Translate Your WordPress Site updated?

SiteTran – Translate Your WordPress Site was last updated on Jun 6, 2025. Frequent updates are generally a positive security signal.

What is SiteTran – Translate Your WordPress Site's security score?

SiteTran – Translate Your WordPress Site has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

SiteTran – Translate Your WordPress Site Security & Risk Analysis

wordpress.org/plugins/sitetran

WordPress Translation Made Easy. Full SEO Benefits. No coding required. Low-cost usage-based pricing. Go global with SiteTran today!

30 active installs v1.3.5 PHP + WP 4.5+ Updated Jun 6, 2025

languagelocalizationlocalizemultilingualtranslate

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is SiteTran – Translate Your WordPress Site Safe to Use in 2026?

Generally Safe

Score 100/100

SiteTran – Translate Your WordPress Site has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago

Risk Assessment

The "sitetran" plugin v1.3.5 presents a mixed security posture. While the plugin boasts no recorded historical vulnerabilities and avoids dangerous functions, SQL injection risks, and direct file operations, significant concerns arise from its attack surface and code analysis. A substantial 18 out of 20 total entry points lack authentication checks, primarily within its AJAX handlers. This wide-open access to backend functionality is a major security weakness. Furthermore, although a majority of SQL queries use prepared statements, the remaining queries could still be a vector for injection. The output escaping also shows room for improvement, with over a third of outputs not being properly escaped, potentially leading to cross-site scripting (XSS) vulnerabilities. The absence of any historical CVEs is positive, suggesting diligent maintenance or a lack of prior exploitation. However, the current static analysis findings, particularly the extensive unprotected AJAX handlers, indicate a high potential for exploitation if an attacker can identify and target these endpoints. The plugin needs significant hardening around its entry points to mitigate these risks.

Key Concerns

Unprotected AJAX handlers
Unescaped output
Unprotected REST API routes
SQL queries without prepared statements
Limited nonce checks

Vulnerabilities

None known

SiteTran – Translate Your WordPress Site Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

SiteTran – Translate Your WordPress Site Code Analysis

Dangerous Functions

Raw SQL Queries

14 prepared

Unescaped Output

75 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

SQL Query Safety

78% prepared18 total queries

Output Escaping

62% escaped121 total outputs

Data Flows

5 unsanitized

Data Flow Analysis

6 flows5 with unsanitized paths

SITETRAN_dns_ajax_callback (includes\sitetran-backend.php:490)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

18 unprotected

SiteTran – Translate Your WordPress Site Attack Surface

Entry Points20

Unprotected18

AJAX Handlers 18

authwp_ajax_sitetran_dnt_ajaxincludes\sitetran-backend.php:1113

noprivwp_ajax_sitetran_dnt_ajaxincludes\sitetran-backend.php:1114

authwp_ajax_sitetran_dns_ajaxincludes\sitetran-backend.php:1115

noprivwp_ajax_sitetran_dns_ajaxincludes\sitetran-backend.php:1116

authwp_ajax_sitetran_upseo_ajaxincludes\sitetran-backend.php:1117

noprivwp_ajax_sitetran_upseo_ajaxincludes\sitetran-backend.php:1118

authwp_ajax_sitetran_update_caches_ajaxincludes\sitetran-backend.php:1119

noprivwp_ajax_sitetran_update_caches_ajaxincludes\sitetran-backend.php:1120

authwp_ajax_sitetran_google_analytics_ajaxincludes\sitetran-backend.php:1121

noprivwp_ajax_sitetran_google_analytics_ajaxincludes\sitetran-backend.php:1122

authwp_ajax_sitetran_auto_detect_language_ajaxincludes\sitetran-backend.php:1123

noprivwp_ajax_sitetran_auto_detect_language_ajaxincludes\sitetran-backend.php:1124

noprivwp_ajax_sitetran_send_and_save_data_on_auth_ajaxincludes\sitetran-backend.php:1125

authwp_ajax_sitetran_send_and_save_data_on_auth_ajaxincludes\sitetran-backend.php:1126

noprivwp_ajax_sitetran_pages_sent_status_message_ajaxincludes\sitetran-backend.php:1127

authwp_ajax_sitetran_pages_sent_status_message_ajaxincludes\sitetran-backend.php:1128

noprivwp_ajax_sitetran_update_intialize_message_status_ajaxincludes\sitetran-backend.php:1129

authwp_ajax_sitetran_update_intialize_message_status_ajaxincludes\sitetran-backend.php:1130

REST API Routes 1

POST/wp-json/sitetran/update-cache/translate-your-website-sitetran.php:215

Shortcodes 1

[sitetran_widget] includes\sitetran-front.php:669

WordPress Hooks 18

actionadmin_menuincludes\sitetran-backend.php:1109

actioninitincludes\sitetran-backend.php:1110

actionadmin_initincludes\sitetran-backend.php:1111

actionadmin_noticesincludes\sitetran-backend.php:1112

actiontransition_post_statusincludes\sitetran-backend.php:1131

actionwp_footerincludes\sitetran-front.php:664

filterposts_requestincludes\sitetran-front.php:665

actioninitincludes\sitetran-front.php:675

actionwp_headincludes\sitetran-front.php:678

filterquery_varsincludes\sitetran-front.php:681

actiontemplate_redirectincludes\sitetran-front.php:683

actioninitincludes\sitetran-front.php:685

actionadmin_enqueue_scriptstranslate-your-website-sitetran.php:106

actionwp_enqueue_scriptstranslate-your-website-sitetran.php:108

actionplugins_loadedtranslate-your-website-sitetran.php:210

actionrest_api_inittranslate-your-website-sitetran.php:294

actionrest_api_inittranslate-your-website-sitetran.php:297

filterrest_pre_serve_requesttranslate-your-website-sitetran.php:301

Maintenance & Trust

SiteTran – Translate Your WordPress Site Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedJun 6, 2025

PHP min version

Downloads2K

Community Trust

Rating100/100

Number of ratings1

Active installs30

Alternatives

SiteTran – Translate Your WordPress Site Alternatives

Polylang

polylang

Go multilingual in a simple and efficient way. Keep writing posts and taxonomy terms as usual while defining their languages all at once.

800K 3 CVEs

WP Multilang – Translation and Multilingual Plugin

wp-multilang

Multilingual plugin for WordPress. Go Multilingual in minutes with full WordPress support. Translate your site easily with this localization plugin.

10K 1 CVE

WPGlobus

wpglobus

Multilingual/Globalization: URL-based multilanguage with an easy translation interface.

10K 7 CVEs

wpLingua – Automatic translation – Translate and make website multilingual

wplingua

100

Make your websites multilingual and translate them automatically: no word limits, editable translations, SEO-friendly, no coding knowledge needed

2K No CVEs

Geo Targetly Geo Translate

geo-targetly-geo-translate

100

Auto-translate and localize your website based on visitor location. Show the right language variant to the right user.

10 No CVEs

Developer Profile

SiteTran – Translate Your WordPress Site Developer Profile

sitetran

1 plugin · 30 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect SiteTran – Translate Your WordPress Site

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/sitetran/css/backend_style.css/wp-content/plugins/sitetran/css/tippy_light_theme_6.3.7.css/wp-content/plugins/sitetran/js/popperjs_core_2.11.8.min.js/wp-content/plugins/sitetran/js/tippyjs_6.3.7.min.js/wp-content/plugins/sitetran/js/backend.js

Script Paths

//c.sitetran.com/widget/v3.js

Version Parameters

sitetran/css/backend_style.css?ver=sitetran/css/tippy_light_theme_6.3.7.css?ver=sitetran/js/popperjs_core_2.11.8.min.js?ver=sitetran/js/tippyjs_6.3.7.min.js?ver=sitetran/js/backend.js?ver=sitetran/widget/v3.js?ver=3.0.0

HTML / DOM Fingerprints

CSS Classes

sitetran_frontend_css

JS Globals

SITETRAN_js_variablessitetran_cm_settings

REST Endpoints

/wp-json/sitetran-translate/v1

FAQ