CVE-2023-0224
GiveWP < 2.24.1 - Unauthenticated SQLi
The GiveWP WordPress plugin before 2.24.1 does not properly escape user input before it reaches SQL queries, which could let unauthenticated attackers perform SQL Injection attacks
We have discovered 2,488 live websites that are affected by CVE-2023-0224.
Affected Software
| Product |  GiveWP |
| Category | Wordpress Plugins |
| Vulnerable Versions |
|
| Total Vulnerable Versions | 178 |
| Vulnerable Domains | 2,488 live websites (17.90% of GiveWP install base) |
Common Weakness Enumeration
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Distribution by Website Rank
The diagram provides a graphic representation of the correlation between the occurrence of CVE-2023-0224 and the relative popularity of websitesDetails
- Published - Jan 16, 2024
- Updated - Jan 16, 2024
Credits
- dc11 (finder)
- WPScan (coordinator)
CWE
CVE References
CWE References
Countries
 United States | 1,139 websites |
 GB | 145 websites |
 Italy | 144 websites |
 Germany | 125 websites |
 France | 115 websites |
 India | 87 websites |
 Canada | 71 websites |
 Australia | 64 websites |
 Spain | 57 websites |
 Netherlands | 28 websites |
TLDs
| .org | 1,027 websites |
| .com | 630 websites |
| .it | 86 websites |
| .de | 53 websites |
| .org.uk | 45 websites |
| .net | 41 websites |
| .fr | 39 websites |
| .ca | 35 websites |
| .co.uk | 32 websites |
| .eu | 20 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redGeographical Distribution
The distribution of websites across the globe that are exposed to CVE-2023-0224 through included software libraries and plugins.References
- https://wpscan.com/vulnerability/d8da539d-0a1b-46ef-b48d-710c59cf68e1/
- https://givewp.com/core-2-24-0-vulnerability-patched/
Websites affected by CVE-2023-0224
Top websites that are affected by CVE-2023-0224. Please click on the "Contact us" button above to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ***.******************.org | United States | *,*** | |
| ***.******************.org | United States | **,*** | |
| ***.*****************.org | United States | **,*** | |
| *****.org | United States | **,*** | |
| *********.org | GB | **,*** | |
| ****************.org | Germany | **,*** | |
| ***.*******.org | United States | **,*** | |
| *************.org | United States | **,*** | |
| ***.**************.com | Australia | **,*** | |
| ***************.no |  Norway | **,*** |