CVE-2023-32128

WordPress Cryptocurrency Donation Box – Bitcoin & Crypto Donations Plugin <= 2.2.7 is vulnerable to SQL Injection

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Adastra Crypto Cryptocurrency Payment & Donation Box – Accept Payments in any Cryptocurrency on your WP Site for Free.This issue affects Cryptocurrency Payment & Donation Box – Accept Payments in any Cryptocurrency on your WP Site for Free: from n/a through 2.2.7.

Remediation

Solution:

Update to 2.2.8 or a higher version.

References

Link	Tags
https://patchstack.com/database/vulnerability/cryptocurrency-donation-box/wordpress-cryptocurrency-payment-donation-box-plugin-2-2-5-sql-injection-vulnerability?_s_id=cve	third party advisory vdb entry

Frequently Asked Questions

What is the severity of CVE-2023-32128?: CVE-2023-32128 has been scored as a medium severity vulnerability.
How to fix CVE-2023-32128?: To fix CVE-2023-32128: Update to 2.2.8 or a higher version.
Is CVE-2023-32128 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2023-32128 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-32128?: CVE-2023-32128 affects Adastra Crypto Cryptocurrency Payment & Donation Box – Accept Payments in any Cryptocurrency on your WP Site for Free.

Description

Remediation

Category

CWE-89 – Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

References

Frequently Asked Questions