CVE-2023-51533

WordPress Ecwid Shopping Cart Plugin <= 6.12.4 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) vulnerability in Ecwid Ecommerce Ecwid Ecommerce Shopping Cart.This issue affects Ecwid Ecommerce Shopping Cart: from n/a through 6.12.4.

We have discovered 989 live websites that are affected by CVE-2023-51533.

Affected Software


Product	Ecwid Ecommerce Shopping Cart
Category	Wordpress Plugins
Vulnerable Versions	from 0 through 6.12.4
Total Vulnerable Versions	124
Vulnerable Domains	989 live websites (35.15% of Ecwid Ecommerce Shopping Cart install base)

Common Weakness Enumeration

CWE-352 Cross-Site Request Forgery (CSRF)

Distribution by Website Rank

The diagram provides a graphic representation of the correlation between the occurrence of CVE-2023-51533 and the relative popularity of websites

Available Reports

Website List

Details

Published - Feb 28, 2024
Updated - Feb 28, 2024

Credits

Brandon Roldan (Patchstack Alliance) (finder)

CWE

CWE-352

CVE References

CWE References

cwe.mitre.org

Countries

United States	506 websites

GB	72 websites
Germany	69 websites
Italy	45 websites
Canada	41 websites
Australia	32 websites
Russia	30 websites
France	24 websites
Netherlands	19 websites
South Africa	16 websites

TLDs

.com	581 websites
.org	90 websites
.co.uk	40 websites
.de	32 websites
.it	26 websites
.com.au	26 websites
.net	19 websites
.ru	17 websites
.nl	15 websites
.ca	15 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Geographical Distribution

The distribution of websites across the globe that are exposed to CVE-2023-51533 through included software libraries and plugins.

References

https://patchstack.com/database/vulnerability/ecwid-shopping-cart/wordpress-ecwid-ecommerce-shopping-cart-plugin-6-12-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Websites affected by CVE-2023-51533

Top websites that are affected by CVE-2023-51533. Please click on the "Contact us" button above to get more information.

Domain	Country	Rank
*.**.org	United States	*,*
**************.com	United States	*,*
*********.com		*,*
*.***********************.org	United States	*,*
*************.org	United States	*,*
*****************.org	United States	*,*
*.*******.com	United States	*,*
**********************.com	Cyprus	*,*
********.com	Russia	*,*
******************.org	United States	*,*

See full domain list