PLUGIN SECURITY
Is Sitepress Multilingual Cms safe?
Known vulnerabilities, PHP compatibility and safer alternatives for the Sitepress Multilingual Cms WordPress plugin — checked against WP Clinic's local security database.
Plugin details
- Slug:
sitepress-multilingual-cms
Known vulnerabilities
- CVE-2020-10568 — WPML [sitepress-multilingual-cms] < 4.3.8 (CSRF) · High
- CVE-2015-9416 — WPML [sitepress-multilingual-cms] >= 2.9.3 - <= 3.2.6 (XSS) · Medium
- CVE-2018-18069 — WPML [sitepress-multilingual-cms] < 4.0 (XSS) · Medium
- CVE-2015-2791 — WPML [sitepress-multilingual-cms] < 3.1.9.1
- CVE-2015-2792 — WPML [sitepress-multilingual-cms] < 3.1.9.1 (Improper Access Control)
+ 16 more known vulnerabilities
- CVE-2015-2314 — WPML [sitepress-multilingual-cms] < 3.1.9.1 (SQL Injection)
- CVE-2015-2315 — WPML [sitepress-multilingual-cms] < 3.1.9 (XSS)
- WPML [sitepress-multilingual-cms] < 3.1.7.2
- WPML [sitepress-multilingual-cms] < 3.2.7
- CVE-2022-45071 — WPML [sitepress-multilingual-cms] < 4.5.14 (CSRF) · Medium
- CVE-2022-38461 — WPML [sitepress-multilingual-cms] < 4.5.11 · Medium
- CVE-2022-38974 — WPML [sitepress-multilingual-cms] < 4.5.11 · Medium
- CVE-2022-45072 — WPML [sitepress-multilingual-cms] < 4.5.14 (CSRF) · Medium
- WPML [sitepress-multilingual-cms] < 4.5.11
- WPML [sitepress-multilingual-cms] < 4.6.1
- WPML [sitepress-multilingual-cms] < 4.6.1
- WPML [sitepress-multilingual-cms] < 4.6.1
- WPML [sitepress-multilingual-cms] < 3.1.7.2
- WPML [sitepress-multilingual-cms] < 4.6.1
- CVE-2024-6386 — WPML [sitepress-multilingual-cms] < 4.6.13 (Code Injection) · High
- CVE-2025-3488 — WPML [sitepress-multilingual-cms] >= 3.6.0 - <= 4.7.3 (XSS) · Medium
Vulnerabilities are matched against the exact installed version when it's known. Always keep the plugin updated to the latest release.
Check your own WordPress site
Run a free passive scan now, or create a free account and install the WP Clinic plugin for a deep scan of your whole hosting account and AI-assisted repair.