CVE-2023-28662 – This vulnerability allows unauthenticated attac... (How to Fix)

Q: What is the severity of CVE-2023-28662?

CVE-2023-28662 has a CVSS score of 9.8 (CRITICAL). This vulnerability allows unauthenticated attackers to execute arbitrary SQL commands on WordPress sites using the Gift Cards plugin version 4.3.1 or earlier. It can lead to data theft, modification, or deletion, affecting all sites with the vulnerable plugin installed.

📋 TL;DR

This vulnerability allows unauthenticated attackers to execute arbitrary SQL commands on WordPress sites using the Gift Cards plugin version 4.3.1 or earlier. It can lead to data theft, modification, or deletion, affecting all sites with the vulnerable plugin installed.

💻 Affected Systems

Products:

Gift Cards (Gift Vouchers and Packages) WordPress Plugin

Versions: <= 4.3.1

Operating Systems: All, as it's a WordPress plugin

Default Config Vulnerable: ⚠️ Yes

Notes: Affects any WordPress installation with the plugin enabled; no special configuration required.

📦 What is this software?

Gift Vouchers by Codemenschen

View all CVEs affecting Gift Vouchers →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the WordPress database, including sensitive data exfiltration, site defacement, or remote code execution via database functions.

🟠

Likely Case

Unauthorized access to or manipulation of database contents, such as user credentials, payment information, or gift card data.

🟢

If Mitigated

Limited impact if SQL injection protections like input sanitization or web application firewalls are in place, but risk remains high without patching.

🌐 Internet-Facing: HIGH, as the vulnerability is exploitable without authentication and affects publicly accessible WordPress sites.

🏢 Internal Only: LOW, but could be relevant if internal systems use the vulnerable plugin and are exposed to internal threats.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation is straightforward via crafted HTTP requests to the vulnerable endpoint, as detailed in public references.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: > 4.3.1

Vendor Advisory: https://wordpress.org/plugins/gift-voucher/

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'Gift Cards (Gift Vouchers and Packages)' and update to the latest version. 4. Verify update completes successfully.

🔧 Temporary Workarounds

Disable the vulnerable plugin

all

Temporarily deactivate the plugin to prevent exploitation until patching is possible.

wp plugin deactivate gift-voucher

Implement WAF rules

all

Add web application firewall rules to block SQL injection attempts targeting the wpgv_doajax_voucher_pdf_save_func action.

🧯 If You Can't Patch

Restrict access to the WordPress admin and vulnerable endpoints using IP whitelisting or authentication.
Monitor logs for unusual SQL queries or requests to the affected plugin and implement intrusion detection.

🔍 How to Verify

Check if Vulnerable:

Check the plugin version in WordPress admin under Plugins > Installed Plugins; if version is 4.3.1 or lower, it is vulnerable.

Check Version:

wp plugin get gift-voucher --field=version

Verify Fix Applied:

After updating, confirm the plugin version is above 4.3.1 and test the vulnerable endpoint with safe payloads to ensure no SQL injection occurs.

📡 Detection & Monitoring

Log Indicators:

Unusual POST requests to /wp-admin/admin-ajax.php with action=wpgv_doajax_voucher_pdf_save_func and SQL-like parameters in logs.

Network Indicators:

HTTP traffic containing SQL injection patterns (e.g., UNION, SELECT) directed at the plugin's AJAX endpoint.

SIEM Query:

source="wordpress.log" AND uri="/wp-admin/admin-ajax.php" AND (param="template" AND value CONTAINS "' OR '1'='1")

📊 Metadata

CVE ID: CVE-2023-28662

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: March 22, 2023

Last Updated: February 25, 2025

🔗 References

https://www.tenable.com/security/research/tra-2023-2 Exploit,Third Party Advisory
https://www.tenable.com/security/research/tra-2023-2 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-28662, you might also want to check these: