CVE-2023-0224 – CVE-2023-0224 is an SQL injection vulnerability... (How to Fix)

📋 TL;DR

CVE-2023-0224 is an SQL injection vulnerability in the GiveWP WordPress plugin that allows unauthenticated attackers to execute arbitrary SQL commands. This affects WordPress sites running GiveWP versions before 2.24.1. Attackers could potentially steal sensitive data, modify database contents, or gain administrative access.

💻 Affected Systems

Products:

GiveWP WordPress Plugin

Versions: All versions before 2.24.1

Operating Systems: All operating systems running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all WordPress installations with vulnerable GiveWP versions installed and activated.

📦 What is this software?

Givewp by Givewp

View all CVEs affecting Givewp →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the WordPress database including theft of all user data, administrative takeover of the site, and potential server compromise if database permissions allow file system access.

🟠

Likely Case

Data exfiltration of sensitive information including user credentials, payment details, and donor information, potentially leading to credential stuffing attacks and financial fraud.

🟢

If Mitigated

Limited impact with proper input validation and database user restrictions, potentially only allowing data viewing without modification.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

SQL injection vulnerabilities in WordPress plugins are frequently exploited in the wild, and public proof-of-concept code exists.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.24.1

Vendor Advisory: https://givewp.com/core-2-24-0-vulnerability-patched/

Restart Required: No

Instructions:

1. Log into WordPress admin panel
2. Navigate to Plugins → Installed Plugins
3. Find GiveWP and click 'Update Now'
4. Verify version shows 2.24.1 or higher
5. Clear any caching plugins if used

🔧 Temporary Workarounds

Disable GiveWP Plugin

all

Temporarily disable the vulnerable plugin until patching is possible

wp plugin deactivate give

Web Application Firewall Rules

all

Implement WAF rules to block SQL injection patterns targeting GiveWP endpoints

🧯 If You Can't Patch

Implement strict network segmentation to isolate the vulnerable system
Deploy a web application firewall with SQL injection detection rules

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel → Plugins → Installed Plugins → GiveWP version

Check Version:

wp plugin list --name=give --field=version

Verify Fix Applied:

Verify GiveWP version is 2.24.1 or higher in WordPress admin

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in database logs
Multiple failed login attempts from single IP
Unexpected database schema changes

Network Indicators:

HTTP requests with SQL syntax in parameters
Traffic to GiveWP endpoints with unusual payloads

SIEM Query:

source="web_server" AND (uri="*givewp*" OR uri="*give*" OR plugin="give") AND (payload="*UNION*" OR payload="*SELECT*" OR payload="*INSERT*" OR payload="*DELETE*")

📊 Metadata

CVE ID: CVE-2023-0224

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: January 16, 2024

Last Updated: June 13, 2025

🔗 References

https://givewp.com/core-2-24-0-vulnerability-patched/ Release Notes,Vendor Advisory
https://wpscan.com/vulnerability/d8da539d-0a1b-46ef-b48d-710c59cf68e1/ Exploit,Third Party Advisory
https://givewp.com/core-2-24-0-vulnerability-patched/ Release Notes,Vendor Advisory
https://wpscan.com/vulnerability/d8da539d-0a1b-46ef-b48d-710c59cf68e1/ Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-0224, you might also want to check these: