WP-Safety

WPCasa Polylang Security & Risk Analysis

wordpress.org/plugins/wpcasa-polylang

Add support for Polylang to manage WPCasa property data in multiple languages.

100 active installs v1.2.1 PHP 7.2+ WP 6.2+ Updated Unknown
bilingualinternationallanguagelocalizationpolylang
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is WPCasa Polylang Safe to Use in 2026?

Generally Safe

Score 100/100

WPCasa Polylang has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

Based on the provided static analysis and vulnerability history, the wpcasa-polylang plugin v1.2.1 exhibits a very strong security posture. The absence of any identified attack surface entry points, dangerous functions, unsanitized taint flows, or file operations indicates a well-developed and securely coded plugin. Furthermore, all SQL queries are properly prepared, and all output is correctly escaped, mitigating common web vulnerabilities like SQL injection and cross-site scripting.

The vulnerability history is equally impressive, with zero recorded CVEs of any severity. This suggests a consistent track record of secure development and maintenance over time. The lack of common vulnerability types further reinforces this positive assessment. While the plugin appears to have no direct vulnerabilities as per the data, the complete absence of any capability checks or nonce checks on what would typically be considered entry points (even if there are none currently) could represent a potential blind spot if such points were ever introduced in future updates without proper security considerations.

In conclusion, the wpcasa-polylang plugin v1.2.1 demonstrates excellent security practices, with no identified vulnerabilities or significant risks. The code is clean, and the plugin has a clean historical record. The only minor observation is the complete absence of capability and nonce checks, which, while not an issue in the current state, is something to monitor for in future versions to ensure new functionalities are adequately protected.

Key Concerns

  • Missing capability checks
  • Missing nonce checks
Vulnerabilities
None known

WPCasa Polylang Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

WPCasa Polylang Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
5 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

100% escaped5 total outputs
Attack Surface

WPCasa Polylang Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 17
actionupdated_post_metaincludes\admin\class-wpsight-polylang-admin.php:17
actionwpsight_profile_agent_update_save_optionsincludes\admin\class-wpsight-polylang-admin.php:23
filterwpsight_profile_agent_update_post_metaincludes\admin\class-wpsight-polylang-admin.php:26
filterwpsight_meta_box_listing_agent_fieldsincludes\admin\class-wpsight-polylang-admin.php:29
filterpll_copy_post_metasincludes\admin\class-wpsight-polylang-admin.php:32
filterwpsight_meta_box_listing_images_fieldsincludes\admin\class-wpsight-polylang-admin.php:35
actionadmin_initwpcasa-polylang.php:58
actionadmin_initwpcasa-polylang.php:59
actionadmin_initwpcasa-polylang.php:60
filterwpsight_detailswpcasa-polylang.php:64
filterwpsight_rental_periodswpcasa-polylang.php:65
filterwpsight_listing_labelswpcasa-polylang.php:66
filterwpsight_get_optionwpcasa-polylang.php:69
filterwpsight_get_dashboard_listings_argswpcasa-polylang.php:73
filterwpsight_dashboard_columnswpcasa-polylang.php:74
actionwpsight_dashboard_column_langwpcasa-polylang.php:75
actionwpsight_initwpcasa-polylang.php:369
Maintenance & Trust

WPCasa Polylang Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedUnknown
PHP min version7.2
Downloads8K

Community Trust

Rating0/100
Number of ratings0
Active installs100
Alternatives

WPCasa Polylang Alternatives

Ray Enterprise Translation

Ray Enterprise Translation

lingotek-translation

C
65

Convenient cloud-based localization and translation for WordPress.

10K 1 unpatched
Preferred Languages

Preferred Languages

preferred-languages

A
99

Choose languages for displaying WordPress in, in order of preference.

2K 1 CVE
Translation Tools

Translation Tools

translation-tools

A
100

Translation tools for your WordPress install.

100 No CVEs
Polylang

Polylang

polylang

A
93

Go multilingual in a simple and efficient way. Keep writing posts and taxonomy terms as usual while defining their languages all at once.

800K 3 CVEs
Connect Polylang for Elementor

Connect Polylang for Elementor

connect-polylang-elementor

A
100

Connect Polylang with Elementor: translated templates, language switcher widget, language visibility conditions and more

100K No CVEs
Developer Profile

WPCasa Polylang Developer Profile

WPSight

10 plugins · 3K total installs

99
trust score
Avg Security Score
99/100
Avg Patch Time
7 days
View full developer profile
Detection Fingerprints

How We Detect WPCasa Polylang

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wpcasa-polylang/includes/admin/css/wpcasa-polylang-admin.css/wp-content/plugins/wpcasa-polylang/includes/admin/js/wpcasa-polylang-admin.js
Script Paths
/wp-content/plugins/wpcasa-polylang/includes/admin/js/wpcasa-polylang-admin.js
Version Parameters
wpcasa-polylang/includes/admin/css/wpcasa-polylang-admin.css?ver=wpcasa-polylang/includes/admin/js/wpcasa-polylang-admin.js?ver=

HTML / DOM Fingerprints

JS Globals
WPSIGHT_POLYLANG_NAMEWPSIGHT_POLYLANG_DOMAINWPSIGHT_POLYLANG_PLUGIN_DIRWPSIGHT_POLYLANG_PLUGIN_URL
FAQ

Frequently Asked Questions about WPCasa Polylang