CVE-2023-54333

HIGH

Social-Share-Buttons 2.2.3 - SQL Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-54333. PoCs published by nu11secur1ty.

AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in the Social Share Buttons WordPress plugin v2.2.3. The payloads provided show boolean-based and time-based blind SQL injection techniques targeting the `project_id` parameter.

Description

Social-Share-Buttons 2.2.3 contains a critical SQL injection vulnerability in the project_id parameter that allows attackers to manipulate database queries. Attackers can exploit this vulnerability by sending crafted POST requests with malicious SQL payloads to retrieve and potentially steal entire database contents.

Exploits (1)

exploitdb WORKING POC
by nu11secur1ty · textwebappsphp
https://www.exploit-db.com/exploits/51116

This exploit demonstrates a SQL injection vulnerability in the Social Share Buttons WordPress plugin v2.2.3. The payloads provided show boolean-based and time-based blind SQL injection techniques targeting the `project_id` parameter.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Social Share Buttons by Supsystic v2.2.3
No auth needed
Prerequisites: Access to the vulnerable WordPress plugin endpoint
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 8.2
EPSS 0.0025
EPSS Percentile 16.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-89
Status published
Products (1)
Wordpress/Social-Share-Buttons 2.2.3
Published Jan 13, 2026
Tracked Since Feb 18, 2026