CVE-2023-48764

🗓️ 19 Dec 2023 20:39:30Reported by PatchstackType

Improper Neutralization of Special Elements in SQL Command ('SQL Injection') in GuardGiant Brute Force Protection WordPress Brute Force Protectio

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2023-48764	20 Dec 202313:53	–	circl
CNNVD	WordPress plugin Brute Force Protection SQL Injection Vulnerability	19 Dec 202300:00	–	cnnvd
Cvelist	CVE-2023-48764 WordPress WordPress Brute Force Protection – Stop Brute Force Attacks Plugin <= 2.2.5 is vulnerable to SQL Injection	19 Dec 202320:39	–	cvelist
EUVD	EUVD-2023-52797	3 Oct 202520:07	–	euvd
NVD	CVE-2023-48764	19 Dec 202321:15	–	nvd
Patchstack	WordPress WordPress Brute Force Protection – Stop Brute Force Attacks Plugin <= 2.2.5 is vulnerable to SQL Injection	28 Nov 202300:00	–	patchstack
Prion	Sql injection	19 Dec 202321:15	–	prion
RedhatCVE	CVE-2023-48764	23 May 202504:41	–	redhatcve
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (November 27, 2023 to December 3, 2023)	7 Dec 202314:11	–	wordfence
WPVulnDB	WordPress Brute Force Protection < 2.2.6 - Admin+ SQLi	8 Dec 202300:00	–	wpvulndb

NVD

Vulners

Node

guardgiant guardgiantRange≤2.2.5wordpress

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "guardgiant",
    "product": "WordPress Brute Force Protection – Stop Brute Force Attacks",
    "vendor": "GuardGiant Brute Force Protection",
    "versions": [
      {
        "changes": [
          {
            "at": "2.2.6",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "2.2.5",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/vulnerability/guardgiant/wordpress-wordpress-brute-force-protection-stop-brute-force-attacks-plugin-2-2-5-sql-injection-vulnerability

28 Apr 2026 19:22Current

7.8High risk

Vulners AI Score7.8

CVSS 3.17.2 - 7.6

EPSS0.00146

CWE-89