WP-Safety

Smartling Connector Security & Risk Analysis

wordpress.org/plugins/smartling-connector

Translate content in WordPress quickly and seamlessly with Smartling, the industry-leading Translation Management System.

10 active installs v5.3.2 PHP 8.0+ WP 5.5+ Updated Mar 10, 2026
internationalizationlocalizationmultilingualsmartlingtranslation
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Smartling Connector Safe to Use in 2026?

Generally Safe

Score 100/100

Smartling Connector has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 24d ago
Risk Assessment

The "smartling-connector" plugin v5.3.2 exhibits a concerning security posture primarily due to its unprotected AJAX handlers and significant number of improperly escaped outputs. While the plugin shows strengths in its use of prepared statements for SQL queries and a clean vulnerability history, these are overshadowed by the identified weaknesses. The static analysis reveals a critical taint flow, indicating a potential for severe vulnerabilities even without known CVEs. The presence of dangerous functions like 'unserialize' further heightens this risk. The lack of authentication on all identified AJAX endpoints creates a broad attack surface that could be exploited by unauthenticated users. The plugin's vulnerability history, while currently clean, does not mitigate the immediate risks posed by the static analysis findings. The overall assessment is that this plugin requires urgent attention to address its security shortcomings.

Key Concerns

  • Unprotected AJAX handlers
  • Critical severity taint flow
  • Insufficient output escaping
  • Use of dangerous functions (unserialize)
  • Large attack surface without auth
Vulnerabilities
None known

Smartling Connector Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Smartling Connector Code Analysis

Dangerous Functions
18
Raw SQL Queries
2
33 prepared
Unescaped Output
250
10 escaped
Nonce Checks
5
Capability Checks
13
File Operations
11
External Requests
0
Bundled Libraries
2

Dangerous Functions Found

assertassert($content instanceof Content);inc\Smartling\ContentTypes\Elementor\ElementAbstract.php:197
unserialize$translation['meta'][self::META_FIELD_NAME] = $this->buildData(unserialize($original['meta'][self::Minc\Smartling\ContentTypes\ExternalContentBeaverBuilder.php:132
assertassert($manager instanceof DbMigrationManager);inc\Smartling\DbAl\DB.php:44
unserialize$configuration = unserialize($post->post_content);inc\Smartling\Extensions\Acf\AcfDynamicSupport.php:690
assertassert($targetBlock !== null);inc\Smartling\Helpers\PostContentHelper.php:39
unserializereturn unserialize(base64_decode($string), ['allowed_classes' => false]);inc\Smartling\Helpers\Serializers\SerializerJsonWithFallback.php:22
unserialize$value = unserialize($row['meta_value'], ['allowed_classes' => false]);inc\Smartling\Helpers\UserHelper.php:48
assertassert($item instanceof Content);inc\Smartling\Models\RelatedContentInfo.php:15
assertassert($item instanceof Content);inc\Smartling\Models\RelatedContentInfo.php:48
assertassert($shortcodeTable instanceof ShortcodeTableClass);inc\Smartling\WP\View\AdminPage.php:26
assertassert($filterTable instanceof LocalizationRulesTableWidget);inc\Smartling\WP\View\AdminPage.php:28
assertassert($mediaTable instanceof MediaAttachmentTableWidget);inc\Smartling\WP\View\AdminPage.php:30
assertassert($data instanceof BulkSubmitTableWidget);inc\Smartling\WP\View\BulkSubmit.php:12
assertassert($profile instanceof ConfigurationProfileEntity);inc\Smartling\WP\View\ContentEditJob.php:18
assertassert($set instanceof DuplicateSubmissions);inc\Smartling\WP\View\DuplicateSubmissionsCleaner.php:20
assertassert($viewData instanceof TestRunViewData);inc\Smartling\WP\View\TestRun.php:12
assertassert($table instanceof TranslationLockTableWidget);inc\Smartling\WP\View\TranslationLock.php:62
assertassert($submission instanceof SubmissionEntity);inc\Smartling\WP\View\TranslationLock.php:64

Bundled Libraries

Select2Guzzle

SQL Query Safety

94% prepared35 total queries

Output Escaping

4% escaped260 total outputs
Data Flows
3 unsanitized

Data Flow Analysis

3 flows3 with unsanitized paths
<BulkSubmit> (inc\Smartling\WP\View\BulkSubmit.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
3 unprotected

Smartling Connector Attack Surface

Entry Points3
Unprotected3

AJAX Handlers 3

authwp_ajax_ajax_submissions_update_statusinc\Smartling\WP\Controller\CheckStatusController.php:29
authwp_ajax_smartling_link_taxonomiesinc\Smartling\WP\Controller\TaxonomyLinksController.php:67
authwp_ajax_smartling_test_runinc\Smartling\WP\Controller\TestRunController.php:111
WordPress Hooks 70
actionadmin_initinc\Smartling\Base\CustomRotatingFileHandler.php:30
filtercron_schedulesinc\Smartling\Bootstrap.php:51
actionadmin_noticesinc\Smartling\Bootstrap.php:244
actionadmin_enqueue_scriptsinc\Smartling\Bootstrap.php:432
actionwp_loadedinc\Smartling\ContentTypes\AutoDiscover\PostTypes.php:49
actionregistered_taxonomyinc\Smartling\ContentTypes\AutoDiscover\Taxonomies.php:44
filterwpmu_new_bloginc\Smartling\DbAl\MultilingualPress2Connector.php:58
filtermlp_after_new_blog_fieldsinc\Smartling\DbAl\MultilingualPress2Connector.php:63
actionadmin_initinc\Smartling\DITrait.php:131
actionadmin_initinc\Smartling\DITrait.php:159
actionadmin_noticesinc\Smartling\Helpers\AdminNoticesHelper.php:13
filtercron_schedulesinc\Smartling\Helpers\CustomScheduleIntervalHelper.php:18
actionbefore_delete_postinc\Smartling\Helpers\SubmissionCleanupHelper.php:37
actiondelete_attachmentinc\Smartling\Helpers\SubmissionCleanupHelper.php:38
actiondelete_widgetinc\Smartling\Helpers\SubmissionCleanupHelper.php:39
actionpre_delete_terminc\Smartling\Helpers\SubmissionCleanupHelper.php:40
actionrest_api_initinc\Smartling\RestApi.php:36
actiondelete_bloginc\Smartling\Services\BlogRemovalHandler.php:30
actionwp_delete_siteinc\Smartling\Services\BlogRemovalHandler.php:31
actionsmartling_register_serviceinc\Smartling\Services\SmartlingFilterUiService.php:33
filtersmartling_register_field_filterinc\Smartling\Tuner\FilterManager.php:30
filtersmartling_inject_shortcodeinc\Smartling\Tuner\ShortcodeManager.php:29
actionadmin_menuinc\Smartling\WP\Controller\AdminPage.php:33
actionnetwork_admin_menuinc\Smartling\WP\Controller\AdminPage.php:34
actionadmin_menuinc\Smartling\WP\Controller\BulkSubmitController.php:42
actionadmin_enqueue_scriptsinc\Smartling\WP\Controller\BulkSubmitController.php:43
actionadmin_enqueue_scriptsinc\Smartling\WP\Controller\CheckStatusController.php:30
actionadmin_enqueue_scriptsinc\Smartling\WP\Controller\ConfigurationProfileFormController.php:38
actionadmin_menuinc\Smartling\WP\Controller\ConfigurationProfileFormController.php:39
actionnetwork_admin_menuinc\Smartling\WP\Controller\ConfigurationProfileFormController.php:40
actionadmin_post_smartling_configuration_profile_saveinc\Smartling\WP\Controller\ConfigurationProfileFormController.php:41
actionadmin_enqueue_scriptsinc\Smartling\WP\Controller\ConfigurationProfilesController.php:78
actionadmin_menuinc\Smartling\WP\Controller\ConfigurationProfilesController.php:79
actionnetwork_admin_menuinc\Smartling\WP\Controller\ConfigurationProfilesController.php:80
actionadmin_post_smartling_configuration_profile_listinc\Smartling\WP\Controller\ConfigurationProfilesController.php:81
actionadmin_post_smartling_download_log_fileinc\Smartling\WP\Controller\ConfigurationProfilesController.php:82
actionadmin_post_smartling_zerolength_log_fileinc\Smartling\WP\Controller\ConfigurationProfilesController.php:83
actionadmin_post_cnqinc\Smartling\WP\Controller\ConfigurationProfilesController.php:84
actionadmin_enqueue_scriptsinc\Smartling\WP\Controller\ContentEditJobController.php:180
actionadd_meta_boxesinc\Smartling\WP\Controller\ContentEditJobController.php:186
actionadmin_menuinc\Smartling\WP\Controller\DuplicateSubmissionsCleaner.php:32
actionnetwork_admin_menuinc\Smartling\WP\Controller\DuplicateSubmissionsCleaner.php:33
actionadmin_menuinc\Smartling\WP\Controller\FilterForm.php:16
actionnetwork_admin_menuinc\Smartling\WP\Controller\FilterForm.php:17
actionadmin_headinc\Smartling\WP\Controller\LiveNotificationController.php:159
actionadmin_enqueue_scriptsinc\Smartling\WP\Controller\LiveNotificationController.php:164
actionadmin_enqueue_scriptsinc\Smartling\WP\Controller\LiveNotificationController.php:171
actionadmin_bar_menuinc\Smartling\WP\Controller\LiveNotificationController.php:200
actionadmin_menuinc\Smartling\WP\Controller\MediaRuleForm.php:27
actionnetwork_admin_menuinc\Smartling\WP\Controller\MediaRuleForm.php:28
actionadd_meta_boxesinc\Smartling\WP\Controller\PostBasedWidgetControllerStd.php:383
actionsave_postinc\Smartling\WP\Controller\PostBasedWidgetControllerStd.php:384
actionsave_postinc\Smartling\WP\Controller\PostBasedWidgetControllerStd.php:588
actionadmin_menuinc\Smartling\WP\Controller\ShortcodeForm.php:16
actionnetwork_admin_menuinc\Smartling\WP\Controller\ShortcodeForm.php:17
actionadmin_menuinc\Smartling\WP\Controller\SubmissionsPageController.php:35
actionnetwork_admin_menuinc\Smartling\WP\Controller\SubmissionsPageController.php:36
actionadmin_enqueue_scriptsinc\Smartling\WP\Controller\TaxonomyLinksController.php:65
actionadmin_menuinc\Smartling\WP\Controller\TaxonomyLinksController.php:66
actionadmin_enqueue_scriptsinc\Smartling\WP\Controller\TestRunController.php:109
actionadmin_menuinc\Smartling\WP\Controller\TestRunController.php:110
actionadd_meta_boxesinc\Smartling\WP\Controller\TranslationLockController.php:43
actionadmin_post_smartling_translation_lock_popupinc\Smartling\WP\Controller\TranslationLockController.php:44
actionplugins_loadedplugin-examples\attachment-url-rewrite.php:15
actionsmartling_after_deserialize_contentplugin-examples\attachment-url-rewrite.php:16
actionplugins_loadedplugin-examples\url-rewrite.php:16
actionsmartling_after_deserialize_contentplugin-examples\url-rewrite.php:18
actionall_admin_noticessmartling-connector.php:35
actionall_admin_noticessmartling-connector.php:39
actionplugins_loadedsmartling-connector.php:50
Maintenance & Trust

Smartling Connector Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 10, 2026
PHP min version8.0
Downloads45K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Smartling Connector Alternatives

Polylang

Polylang

polylang

A
93

Go multilingual in a simple and efficient way. Keep writing posts and taxonomy terms as usual while defining their languages all at once.

800K 3 CVEs
Performant Translations

Performant Translations

performant-translations

A
100

Making internationalization/localization in WordPress faster than ever before.

40K No CVEs
WP Multilang – Translation and Multilingual Plugin

WP Multilang – Translation and Multilingual Plugin

wp-multilang

A
98

Multilingual plugin for WordPress. Go Multilingual in minutes with full WordPress support. Translate your site easily with this localization plugin.

10K 1 CVE
Preferred Languages

Preferred Languages

preferred-languages

A
99

Choose languages for displaying WordPress in, in order of preference.

2K 1 CVE
wpLingua – Automatic translation – Translate and make website multilingual

wpLingua – Automatic translation – Translate and make website multilingual

wplingua

A
100

Make your websites multilingual and translate them automatically: no word limits, editable translations, SEO-friendly, no coding knowledge needed

2K No CVEs
Developer Profile

Smartling Connector Developer Profile

Smartling

1 plugin · 10 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Smartling Connector

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/smartling-connector/assets/css/editor.css/wp-content/plugins/smartling-connector/assets/css/admin.css/wp-content/plugins/smartling-connector/assets/js/smartling-admin.js/wp-content/plugins/smartling-connector/assets/js/editor.js
Script Paths
/wp-content/plugins/smartling-connector/assets/js/smartling-admin.js/wp-content/plugins/smartling-connector/assets/js/editor.js
Version Parameters
smartling-connector/assets/css/editor.css?ver=smartling-connector/assets/css/admin.css?ver=smartling-connector/assets/js/smartling-admin.js?ver=smartling-connector/assets/js/editor.js?ver=

HTML / DOM Fingerprints

CSS Classes
smartling-connector-admin-wrappersmartling-connector-editor-toolbar
HTML Comments
<!-- wp:sf/example {"backgroundMediaId":57,"backgroundMediaUrl":""} --><!-- /wp:sf/example -->
Data Attributes
data-smartling-integration-statusdata-smartling-project-id
JS Globals
window.smartlingConfigvar smartlingAdminvar smartlingEditor
REST Endpoints
/wp-json/smartling-connector/v1/settings/wp-json/smartling-connector/v1/translate
FAQ

Frequently Asked Questions about Smartling Connector