CVE-2023-39920
WordPress Redirection for Contact Form 7 plugin <= 2.9.2 - Broken Access Control vulnerabilityMissing Authorization vulnerability in Themeisle Redirection for Contact Form 7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Redirection for Contact Form 7: from n/a through 2.9.2.
We have discovered 49,764 live websites that are affected by CVE-2023-39920.
Affected Software
| Product |  Wpcf7 Redirect |
| Category | Wordpress Plugins |
| Vulnerable Domains | 49,764 live websites (99.82% of Wpcf7 Redirect install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 1 versions ( 3.23% of all versions) |
Common Weakness Enumeration
CWE-862 Missing AuthorizationDetails
- Published - Dec 13, 2024
- Updated - Dec 13, 2024
Credits
- Nguyen Anh Tien (Patchstack Alliance) (finder)
CWE
CVE References
CWE References
CVE-2023-39920 usage by Country
 United States | 20,109 websites |
 Germany | 4,382 websites |
 France | 2,379 websites |
 Netherlands | 2,257 websites |
 GB | 2,076 websites |
 Spain | 1,834 websites |
 Italy | 1,695 websites |
 Japan | 1,614 websites |
 Australia | 1,438 websites |
 Cyprus | 1,149 websites |
CVE-2023-39920 usage by TLD
| .com | 21,394 websites |
| .nl | 2,438 websites |
| .com.au | 2,366 websites |
| .co.uk | 2,086 websites |
| .de | 1,787 websites |
| .it | 1,703 websites |
| .com.br | 1,507 websites |
| .org | 1,156 websites |
| .es | 1,100 websites |
| .ca | 810 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2023-39920
Top websites that are affected by CVE-2023-39920. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ******************.de | Germany | **,*** | |
| *****************.com | United States | **,*** | |
| **********.global | United States | **,*** | |
| *********.in |  India | **,*** | |
| ******.**.il | United States | **,*** | |
| **********.com | United States | **,*** | |
| ***********.com | United States | ***,*** | |
| ***************.org | United States | ***,*** | |
| *********.net | Japan | ***,*** | |
| **********.com | United States | ***,*** |
FAQ
CVE-2023-39920 is Missing Authorization in Wpcf7 Redirect
A total of 49,764 websites have been identified as vulnerable to CVE-2023-39920, discovered through global website indexing conducted by WebTechSurvey.
Wpcf7 Redirect is susceptible to CVE-2023-39920 vulnerability.
Wpcf7 Redirect versions before, and including, 2.9.2 are vulnerable to CVE-2023-39920.