CVE-2023-54333

HIGH

Social-Share-Buttons 2.2.3 - SQL Injection

Title source: llm

Description

Social-Share-Buttons 2.2.3 contains a critical SQL injection vulnerability in the project_id parameter that allows attackers to manipulate database queries. Attackers can exploit this vulnerability by sending crafted POST requests with malicious SQL payloads to retrieve and potentially steal entire database contents.

Exploits (1)

exploitdb WORKING POC
by nu11secur1ty · textwebappsphp
https://www.exploit-db.com/exploits/51116

References (4)

Scores

CVSS v3 8.2
EPSS 0.0005
EPSS Percentile 16.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Details

CWE
CWE-89
Status published
Products (1)
Wordpress/Social-Share-Buttons 2.2.3
Published Jan 13, 2026
Tracked Since Feb 18, 2026