cbcvebase.
CVE-2023-23489
published 2023-01-20

CVE-2023-23489: The Easy Digital Downloads WordPress Plugin, versions 3.1.0.2 & 3.1.0.3, is affected by an unauthenticated SQL injection vulnerability in the 's' parameter of…

PriorityP183critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
11.17%
95.4th percentile
The Easy Digital Downloads WordPress Plugin, versions 3.1.0.2 & 3.1.0.3, is affected by an unauthenticated SQL injection vulnerability in the 's' parameter of its 'edd_download_search' action.

Affected

1 ranges
VendorProductVersion rangeFixed in
sandhillsdeveasy_digital_downloads< 3.1.0.43.1.0.4

Detection & IOCsextracted from sources · hover to see the quote

url/wp-admin/admin-ajax.php?action=edd_download_search&s=1'+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))a)--+-
path/wp-content/plugins/easy-digital-downloads/readme.txt
  • Detect unauthenticated time-based blind SQL injection attempts targeting the 's' parameter of the 'edd_download_search' AJAX action. Look for requests to /wp-admin/admin-ajax.php with action=edd_download_search and SQL payloads (e.g., SLEEP) in the 's' parameter.
  • A time-based detection strategy is viable: if the server response to the crafted edd_download_search request is delayed by 6 or more seconds, the target is likely vulnerable.
  • Confirm plugin presence by probing /wp-content/plugins/easy-digital-downloads/readme.txt and checking the response body for the string 'Easy Digital Downloads'.
  • ·The vulnerability is limited to plugin versions 3.1.0.2 and 3.1.0.3 only; other versions are not affected.
  • ·The exploit is unauthenticated — no credentials or session are required, making it exploitable by any remote attacker against exposed WordPress instances running the affected plugin versions.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.