CVE-2022-21661 – WordPress / WordPress – SQLi

January 11, 2022

CVE-2022-21661 is a structured query language injection (SQLi) vulnerability impacting WordPress versions 5.7.5 and earlier. A proof of concept (PoC) was observed in open source.

Summary:

CVE-2022-21661 is a structured query language injection (SQLi) vulnerability impacting WordPress versions 5.7.5 and earlier. A proof of concept (PoC) was observed in open source.

PoC Links(if available):

Twitter PoC information –

Known Counter Measures:

WordPress addressed the vulnerability in WordPress version 5.8.3.

Links to patches(if available)

WordPress 5.8.3 Security Release

You may have missed

CISA Logo

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

April 20, 2024
CISA Logo

CISA: Joint Guidance on Deploying AI Systems Securely

April 20, 2024
CISA Logo

CISA: Juniper Releases Security Bulletin for Multiple Juniper Products

April 20, 2024
CISA Logo

CISA: Citrix Releases Security Updates for XenServer and Citrix Hypervisor

April 20, 2024
CISA Logo

CISA: Palo Alto Networks Releases Guidance for Vulnerability in PAN-OS, CVE-2024-3400

April 20, 2024