CVE-2019-11223

An Unrestricted File Upload Vulnerability in the SupportCandy plugin through 2.0.0 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension.

We have discovered 16 live websites that are affected by CVE-2019-11223.

Run a Free Instant Scan



Affected Software

Product  Supportcandy
Category Wordpress Plugins
Vulnerable Domains16 live websites (0.80% of Supportcandy install base)
Vulnerable Versions
  • from 0 through 2
Vulnerable Versions Count0 versions ( less than 0.1% of all versions)



Details

  • Published - Apr 19, 2019
  • Updated - Aug 4, 2024

Website Distribution by Country

Number of websites using CVE-2019-11223
United States2 websites


Germany2 websites
GB2 websites
Turkey2 websites
Australia1 websites
Spain1 websites
Iran1 websites
Italy1 websites
Kazakhstan1 websites
Malaysia1 websites

Website Distribution by TLD

Number of websites using CVE-2019-11223
.com5 websites
.net2 websites
.com.au1 websites
.de1 websites
.eu1 websites
.pl1 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2019-11223

Top websites that are affected by CVE-2019-11223. Please click on the "Contact us" link to get more information.
DomainCountryRankContacts
***********.com United States*,***,***
**************.com Spain*,***,***
*********.de Germany**,***,***
*********.ir Iran**,***,***
*****.***.tr Turkey**,***,***
*******.eu GB**,***,***
****.*************.net Germany**,***,***
********.com Turkey**,***,***
***************.com Italy**,***,***
****.***.my Malaysia**,***,***
See full domain list

FAQ

A total of 16 websites have been identified as vulnerable to CVE-2019-11223, based on global website indexing conducted by WebTechSurvey.
The Supportcandy is affected by the CVE-2019-11223 vulnerability.
Supportcandy versions up to and including 2 are vulnerable to CVE-2019-11223.