SQL Injection in Wordpress Social-share-buttons
CVE-2023-54333
Social-Share-Buttons 2.2.3 contains a critical SQL injection vulnerability in the project_id parameter that allows attackers to manipulate database queries. Attackers can exploit this vulnerability by sending crafted POST requests with mal…
Vulnerability class: SQL Injection
EPSS: 0.003 (16.6th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.2 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N.
Affected products
- Wordpress Social-share-buttons — versions 2.2.3
Weakness classification (CWE)
References
- disclosure@vulncheck.com (exploit)
- disclosure@vulncheck.com (product)
- disclosure@vulncheck.com (technical-description)
- disclosure@vulncheck.com (third-party-advisory)
Frequently asked questions
- What is CVE-2023-54333?
- CVE-2023-54333 is a high-severity vulnerability in Wordpress Social-share-buttons, classified under SQL Injection. CVSS score: 8.2/10. Published 2026-01-13.
- How severe is CVE-2023-54333?
- High severity. CVSS v3 base score is 8.2 out of 10.