Does Simple Admin Language Change have any unpatched vulnerabilities?

No. All known vulnerabilities in Simple Admin Language Change have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Simple Admin Language Change compatible with WordPress 6.7.5?

According to WordPress.org data, Simple Admin Language Change 2.0.5 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

How often is Simple Admin Language Change updated?

Simple Admin Language Change was last updated on Oct 31, 2024. Frequent updates are generally a positive security signal.

What is Simple Admin Language Change's security score?

Simple Admin Language Change has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Simple Admin Language Change Security & Risk Analysis

wordpress.org/plugins/simple-admin-language-change

Change your dashboard language quickly and easily from the admin bar as often as you need.

10K active installs v2.0.5 PHP + WP 4.7+ Updated Oct 31, 2024

admin-languagebackendbackend-languageenglishlocalization

A · Safe

CVEs total1

Unpatched0

Last CVEMay 5, 2021

Plugin page Download

Safety Verdict

Is Simple Admin Language Change Safe to Use in 2026?

Generally Safe

Score 92/100

Simple Admin Language Change has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: May 5, 2021Updated 1yr ago

Risk Assessment

The plugin "simple-admin-language-change" v2.0.5 exhibits a mixed security posture. On the positive side, the code analysis reveals good practices such as 100% use of prepared statements for SQL queries and proper output escaping. Furthermore, there are no identified dangerous functions, file operations, or external HTTP requests, and all identified flows appear to be sanitized. The plugin also includes nonce and capability checks for a portion of its entry points.

However, a significant concern arises from the attack surface analysis, which identifies one AJAX handler that lacks authorization checks. This unprotected entry point could potentially be exploited by unauthenticated users to perform unintended actions within the plugin's functionality. While the vulnerability history shows no currently unpatched CVEs, the presence of a past medium-severity vulnerability related to missing authorization suggests a recurring pattern that warrants vigilance.

In conclusion, while the plugin demonstrates several strengths in secure coding practices, the existence of an unprotected AJAX endpoint presents a clear risk. This, combined with the historical vulnerability pattern, means that while not critically flawed, the plugin requires careful consideration and potential mitigation for the identified unprotected entry point.

Key Concerns

Unprotected AJAX handler without auth checks
Past medium vulnerability (Missing Authorization)

Vulnerabilities

Simple Admin Language Change Security Vulnerabilities

CVEs by Year

1 CVE in 2021

2021

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

WF-01e1b22f-9622-433f-bada-23d118dc3800-simple-admin-language-changemedium · 4.3Missing Authorization

Simple Admin Language Change <= 2.0.1 - Authorization Bypass

May 5, 2021 Patched in 2.0.2 (993d)

Code Analysis

Analyzed Mar 16, 2026

Simple Admin Language Change Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

3 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped3 total outputs

Attack Surface

1 unprotected

Simple Admin Language Change Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_change_user_localesimple-admin-language-change.php:129

WordPress Hooks 5

actionadmin_headinc\scripts-and-styles.php:28

actionadmin_enqueue_scriptsinc\scripts-and-styles.php:49

actionplugins_loadedinc\upgrade.php:44

actioninitsimple-admin-language-change.php:44

actionadmin_bar_menusimple-admin-language-change.php:88

Maintenance & Trust

Simple Admin Language Change Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedOct 31, 2024

PHP min version

Downloads85K

Community Trust

Rating94/100

Number of ratings22

Active installs10K

Alternatives

Simple Admin Language Change Alternatives

Polylang

polylang

Go multilingual in a simple and efficient way. Keep writing posts and taxonomy terms as usual while defining their languages all at once.

800K 3 CVEs

Performant Translations

performant-translations

100

Making internationalization/localization in WordPress faster than ever before.

40K No CVEs

Bogo

bogo

100

A straight-forward multilingual plugin. No more double-digit custom DB tables or hidden HTML comments that could cause you headaches later on.

10K No CVEs

WP Multilang – Translation and Multilingual Plugin

wp-multilang

Multilingual plugin for WordPress. Go Multilingual in minutes with full WordPress support. Translate your site easily with this localization plugin.

10K 1 CVE

WPGlobus

wpglobus

Multilingual/Globalization: URL-based multilanguage with an easy translation interface.

10K 7 CVEs

Developer Profile

Simple Admin Language Change Developer Profile

Karolina Vyskocilova

5 plugins · 24K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

993 days

View full developer profile

Detection Fingerprints

How We Detect Simple Admin Language Change

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/simple-admin-language-change/script.js

Script Paths