Vulners
Lucene search
CVE-2023-0224
๐๏ธย 16 Jan 2024ย 15:54:45Reported byย WPScanTypeย 
ย cve๐ย web.nvd.nist.gov๐ย 81ย Views๐ WEB
| Reporter | Title | Published | Views | Family All 14 |
|---|---|---|---|---|
 | CVE-2023-0224 | 22 Jan 202423:16 | โ | circl |
 | WordPress plugin GiveWP ๅฎๅ จๆผๆด | 30 Jan 202300:00 | โ | cnnvd |
 | CVE-2023-0224 GiveWP < 2.24.1 - Unauthenticated SQLi | 16 Jan 202415:54 | โ | cvelist |
 | EUVD-2023-12310 | 3 Oct 202520:07 | โ | euvd |
 | CVE-2023-0224 | 16 Jan 202416:15 | โ | nvd |
 | CVE-2023-0224 | 16 Jan 202416:15 | โ | osv |
 | WordPress GiveWP Plugin <= 2.23.2 is vulnerable to SQL Injection | 18 Jan 202300:00 | โ | patchstack |
 | Sql injection | 16 Jan 202416:15 | โ | prion |
 | PT-2024-11920 ยท WordPress ยท Givewp | 16 Jan 202400:00 | โ | ptsecurity |
 | CVE-2023-0224 | 23 May 202502:51 | โ | redhatcve |
10
[
{
"vendor": "Unknown",
"product": "GiveWP",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThan": "2.24.1"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| data | path | donor-wall-post-we-created-earlier/ | SQL injection possibility via donor wall post page using requests that include injected data in the donor comments flow | CWE-89 |
| action | path | donor-wall-post-we-created-earlier/ | SQL injection possibility via donor wall post page using requests that include injected data in the donor comments flow | CWE-89 |
| nonce | path | donor-wall-post-we-created-earlier/ | SQL injection possibility via donor wall post page using requests that include injected data in the donor comments flow | CWE-89 |
| action | request body | wp-admin/admin-ajax.php | SQL injection via admin-ajax endpoint using POST data in action=give_get_donor_comments with crafted data parameter | CWE-89 |
| nonce | request body | wp-admin/admin-ajax.php | SQL injection via admin-ajax endpoint using POST data in action=give_get_donor_comments with crafted data parameter | CWE-89 |
| data | request body | wp-admin/admin-ajax.php | SQL injection via admin-ajax endpoint using POST data in action=give_get_donor_comments with crafted data parameter | CWE-89 |
Data
Build on a solid foundation withย Vulners data
Weย provide theย essential building blocks forย cybersecurity solutions withย comprehensive, structured, andย constantly updated vulnerability andย exploits data
Api
Power your application withย Vulners API
The Vulners REST API offers reliable, high-performance access toย vulnerabilityย intelligence, withย 99.9%ย SLAย uptime andย CDN-backed data delivery forย seamlessย global access
App
Assess and manage vulnerabilities withย Vulnersย tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
13 Jun 2025 16:15Current
9.9High risk
Vulners AI Score9.9
CVSS 3.19.8
EPSS0.01156
SSVC