CVE-2023-23800
WordPress Shortcodes Ultimate Plugin <= 5.12.6 is vulnerable to Server Side Request Forgery (SSRF)Server-Side Request Forgery (SSRF) vulnerability in Vova Anokhin WP Shortcodes Plugin — Shortcodes Ultimate.This issue affects WP Shortcodes Plugin — Shortcodes Ultimate: from n/a through 5.12.6.
We have discovered 23,643 live websites that are affected by CVE-2023-23800.
Affected Software
| Product | |
| Category | Widgets |
| Vulnerable Domains | 23,643 live websites (31.86% of Shortcodes Ultimate install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 107 versions ( 74.83% of all versions) |
Common Weakness Enumeration
CWE-918 Server-Side Request Forgery (SSRF)Details
- Published - Nov 13, 2023
- Updated - Aug 28, 2024
Credits
- Rafie Muhammad (Patchstack) (finder)
CWE
CVE References
CWE References
CVE-2023-23800 usage by Country
 United States | 4,834 websites |
 Japan | 5,305 websites |
 Russia | 2,439 websites |
 Germany | 2,274 websites |
 France | 1,203 websites |
 Poland | 799 websites |
 GB | 525 websites |
 Italy | 473 websites |
 Spain | 468 websites |
 Canada | 400 websites |
CVE-2023-23800 usage by TLD
| .com | 8,917 websites |
| .ru | 2,036 websites |
| .de | 1,311 websites |
| .org | 1,293 websites |
| .jp | 1,087 websites |
| .net | 942 websites |
| .pl | 640 websites |
| .co.jp | 559 websites |
| .fr | 457 websites |
| .it | 352 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2023-23800
Top websites that are affected by CVE-2023-23800. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ***********.net | United States | **,*** | |
| ******.com | United States | **,*** | |
| ********.com |  Bulgaria | **,*** | |
| *****************.com | United States | **,*** | |
| ******.pl | Poland | **,*** | |
| ************.fr | France | **,*** | |
| ****.org | United States | **,*** | |
| ***.org | United States | **,*** | |
| ************************.gov | United States | ***,*** | |
| *******.com | United States | ***,*** |
FAQ
CVE-2023-23800 is Server-Side Request Forgery (SSRF) in Shortcodes Ultimate
A total of 23,643 websites have been identified as vulnerable to CVE-2023-23800, discovered through global website indexing conducted by WebTechSurvey.
Shortcodes Ultimate is susceptible to CVE-2023-23800 vulnerability.
Shortcodes Ultimate versions before, and including, 5.12.6 are vulnerable to CVE-2023-23800.