CVE-2023-38383
WordPress Language plugin <= 1.2.1 - Broken Access Control vulnerabilityMissing Authorization vulnerability in OnTheGoSystems Language allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Language: from n/a through 1.2.1.
We have discovered 860 live websites that are affected by CVE-2023-38383.
Affected Software
| Product |  Wordpress Language |
| Category | Wordpress Plugins |
| Vulnerable Domains | 860 live websites (100% of Wordpress Language install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 2 versions ( 100% of all versions) |
Common Weakness Enumeration
CWE-862 Missing AuthorizationDetails
- Published - Dec 13, 2024
- Updated - Dec 13, 2024
Credits
- Abdi Pranata (Patchstack Alliance) (finder)
CVE References
CWE References
CWE
Website Distribution by Country
Number of websites using CVE-2023-38383 United States | 107 websites |
 Germany | 129 websites |
 Switzerland | 67 websites |
 Netherlands | 64 websites |
 Italy | 49 websites |
 France | 37 websites |
 Sweden | 30 websites |
 Denmark | 30 websites |
 Austria | 28 websites |
 Czech Republic | 27 websites |
Website Distribution by TLD
Number of websites using CVE-2023-38383| .com | 206 websites |
| .de | 67 websites |
| .ch | 64 websites |
| .nl | 60 websites |
| .it | 36 websites |
| .org | 34 websites |
| .at | 29 websites |
| .net | 29 websites |
| .se | 23 websites |
| .cz | 22 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2023-38383
Top websites that are affected by CVE-2023-38383. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ************.com |  Israel | **,*** | |
| *********.***.uk |  GB | **,*** | |
| *****.com |  Japan | ***,*** | |
| *********.***.in |  India | ***,*** | |
| ********************.cz | Czech Republic | ***,*** | |
| **********.it | Italy | ***,*** | |
| *****.com |  Poland | ***,*** | |
| ***********************.nl | United States | ***,*** | |
| *******************.nl | United States | *,***,*** | |
| ****.***.pr |  Puerto Rico | *,***,*** |
FAQ
CVE-2023-38383 is Missing Authorization in Wordpress Language
A total of 860 websites have been identified as vulnerable to CVE-2023-38383, based on global website indexing conducted by WebTechSurvey.
The Wordpress Language is affected by the CVE-2023-38383 vulnerability.
Wordpress Language versions up to and including 1.2.1 are vulnerable to CVE-2023-38383.