CVE STALKER

CVE-2022-21661

CVSS
DESCRIPTIONWordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to improper sanitization in WP_Query, there can be cases where SQL injection is possible through plugins or themes that use it in a certain way. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this vulnerability.
HEAT SCORE249

WORDS

TWEETS

DATE TWEETS USER
2022-01-24 00:30:12SQL injection Information Disclosure(CVE-2022-21661) https://t.co/M6URUEoI2g #Hacking #redteam #CVE #SQL #WordPress https://www.zerodayinitiative.com/blog/2022/1/18/cve-2021-21661-exposing-database-info-via-wordpress-sql-injectionDragon_Pwn
2022-01-23 21:50:39🚨 NEW: CVE-2022-21661 🚨 WordPress is a free and open-source content management system written in PHP and paired wit… https://t.co/4sXNteMszl https://twitter.com/i/web/status/1485367542164115457threatintelctr
2022-01-23 18:40:07Zero Day Initiative — CVE-2022-21661: Exposing Database Info via WordPress SQL Injection https://t.co/xYYaa0gHDM https://www.thezdi.com/blog/2022/1/18/cve-2021-21661-exposing-database-info-via-wordpress-sql-injectionSecurityblog
2022-01-22 15:10:20CVE-2022-21661 https://t.co/6sydBXacdv #HarsiaInfo https://har-sia.info/CVE-2022-21661.htmlHar_sia
2022-01-22 05:50:46CVE-2022-21661: EXPOSING DATABASE INFO VIA WORDPRESS SQL INJECTION. https://t.co/mE1QbNcijo https://lnkd.in/en_3bpSiSecurity_KM
2022-01-22 03:36:17A better breakdown of #Wordpress #CVE-2022-21661: #bugbounty #bugbountytip #infosec https://t.co/Ca9yCijRnI https://www.zerodayinitiative.com/blog/2022/1/18/cve-2021-21661-exposing-database-info-via-wordpress-sql-injection0xc3po
2022-01-22 03:30:34@thezdi video demonstration of #Wordpress #CVE-2022-21661: #bugbounty #bugbountytip https://t.co/vcrdZ34tOX https://youtu.be/X2dvqrwAaos0xc3po
2022-01-22 03:00:15#WordPress SQLi problem with WP_Query on the 'wp-admin/admin-ajax.php' endpoint: #CVE-2022-21661... See links for d… https://t.co/EupdZskvOi https://twitter.com/i/web/status/14847224860128870400xc3po
2022-01-21 16:11:44New post from https://t.co/9KYxtdZjkl (CVE-2022-21661 (debian_linux, fedora, wordpress)) has been published on https://t.co/ejuxZ2K8ad http://www.sesin.at https://www.sesin.at/2022/01/21/cve-2022-21661-debian_linux-fedora-wordpress/www_sesin_at
2022-01-21 16:10:48New post from https://t.co/uXvPWJy6tj (CVE-2022-21661 (debian_linux, fedora, wordpress)) has been published on https://t.co/OMGijslVvW http://www.sesin.at https://www.sesin.at/2022/01/21/cve-2022-21661-debian_linux-fedora-wordpress/WolfgangSesin
2022-01-21 16:09:07CVE-2022-21661 - https://t.co/YS4ty2Q1p7 https://www.redpacketsecurity.com/cve-2022-21661-7/RedPacketSec
2022-01-21 16:08:28CVE-2022-21661 - https://t.co/w9jDCDCrza https://www.redpacketsecurity.com/cve-2022-21661-8/RedPacketSec
2022-01-21 16:08:15CVE-2022-21661 - https://t.co/3NWMdn7Ht5 https://www.redpacketsecurity.com/cve-2022-21661-9/RedPacketSec
2022-01-21 16:08:02CVE-2022-21661 - https://t.co/76kUC5Ys1N https://www.redpacketsecurity.com/cve-2022-21661-10/RedPacketSec
2022-01-21 16:07:51CVE-2022-21661 - https://t.co/ljQiGVeVgB https://www.redpacketsecurity.com/cve-2022-21661-11/RedPacketSec
2022-01-21 16:07:41CVE-2022-21661 - https://t.co/qEKUIyivs5 https://www.redpacketsecurity.com/cve-2022-21661-12/RedPacketSec
2022-01-21 16:07:18CVE-2022-21661 - https://t.co/WPQ3lTyiYM https://www.redpacketsecurity.com/cve-2022-21661-13/RedPacketSec
2022-01-21 16:06:53CVE-2022-21661 - https://t.co/lfdl07GJC8 https://www.redpacketsecurity.com/cve-2022-21661-14/RedPacketSec
2022-01-21 15:20:42🚨 NEW: CVE-2022-21661 🚨 WordPress is a free and open-source content management system written in PHP and paired wit… https://t.co/dVTDZLJ8mp https://twitter.com/i/web/status/1484544619828416513threatintelctr
2022-01-21 02:12:39CVE-2022-21661: Exposing Database Info Via WordPress SQL Injection https://t.co/dKAJ5zx382 #Pentesting #WordPress… https://t.co/YJybsppNkX https://www.zerodayinitiative.com/blog/2022/1/18/cve-2021-21661-exposing-database-info-via-wordpress-sql-injection https://twitter.com/i/web/status/1484345399028584449ptracesecurity
2022-01-20 19:50:40#Threat_Research 1. The OAuth Misconfiguration https://t.co/XpYUz6yrAK 2. CVE-2022-21661: Exposing Database Info v… https://t.co/6qhI8TKLaa https://infosecwriteups.com/the-oauth-misconfiguration-15e66dd19a6e https://twitter.com/i/web/status/1484251505335144448ksg93rd
2022-01-20 10:23:25CVE-2022-21661 Exposing Database Info via WordPress SQL Injection https://t.co/ciS6ldFFDq #cybersecurity #infosec… https://t.co/Af5ByK54zN https://www.zerodayinitiative.com/blog/2022/1/18/cve-2021-21661-exposing-database-info-via-wordpress-sql-injection https://twitter.com/i/web/status/1484106884604993539PentestingN
2022-01-17 16:00:39CVE-2022-21661 - https://t.co/qYUloqsaVz https://www.redpacketsecurity.com/cve-2022-21661-3/RedPacketSec
2022-01-17 16:00:36CVE-2022-21661 - https://t.co/67pbn5DGBN https://www.redpacketsecurity.com/cve-2022-21661-4/RedPacketSec
2022-01-17 16:00:33CVE-2022-21661 - https://t.co/hkfqgoGWGM https://www.redpacketsecurity.com/cve-2022-21661-5/RedPacketSec
2022-01-17 16:00:27CVE-2022-21661 - https://t.co/SxwSL7GSVS https://www.redpacketsecurity.com/cve-2022-21661-6/RedPacketSec
2022-01-17 04:50:35🚨 NEW: CVE-2022-21661 🚨 WordPress is a free and open-source content management system written in PHP and paired wit… https://t.co/elpctYY377 https://twitter.com/i/web/status/1482936523104436224threatintelctr
2022-01-16 16:50:08🚨 NEW: CVE-2022-21661 🚨 WordPress is a free and open-source content management system written in PHP and paired wit… https://t.co/xyIB4vZiUf https://twitter.com/i/web/status/1482755329121300480threatintelctr
2022-01-16 16:00:09CVE-2022-21661 - https://t.co/d67hYrqyPO https://www.redpacketsecurity.com/cve-2022-21661/RedPacketSec
2022-01-16 16:00:08CVE-2022-21661 - https://t.co/QvajS8W7sn https://www.redpacketsecurity.com/cve-2022-21661-2/RedPacketSec
2022-01-16 10:20:06🚨 NEW: CVE-2022-21661 🚨 WordPress is a free and open-source content management system written in PHP and paired wit… https://t.co/RzDo62Cz34 https://twitter.com/i/web/status/1482657180394266626threatintelctr
2022-01-16 04:50:59🚨 NEW: CVE-2022-21661 🚨 WordPress is a free and open-source content management system written in PHP and paired wit… https://t.co/9ghP2NqGLR https://twitter.com/i/web/status/1482574133829505028threatintelctr
2022-01-15 09:02:27Wordpress Core Injection in SQL CVE-2022-21661 #bugbountytips #BugBounty #WordPress https://t.co/pwUstIDpYl https://lnkd.in/g3vziFpEhasanakajan
2022-01-15 01:23:30CVE-2022-21661 SQLi in Wordpress Core via a vulnerable template. Be sure to test your setups! It can sometimes succ… https://t.co/IsJPnFgQRy https://twitter.com/i/web/status/1482158571894853634p01arst0rm
2022-01-14 17:22:35One night, CVE-2022-21661 wished upon a star, and today that wish has been granted. It now has a name, like a real,… https://t.co/PhVAnOf12C https://twitter.com/i/web/status/1482036658283368448vulnonym
2022-01-14 06:45:18New post from https://t.co/9KYxtdZjkl (CVE-2022-21661 (debian_linux, wordpress)) has been published on https://t.co/mcj5S4tgYl http://www.sesin.at https://www.sesin.at/2022/01/14/cve-2022-21661-debian_linux-wordpress/www_sesin_at
2022-01-14 06:42:34New post from https://t.co/uXvPWJy6tj (CVE-2022-21661 (debian_linux, wordpress)) has been published on https://t.co/OujSH7laHu http://www.sesin.at https://www.sesin.at/2022/01/14/cve-2022-21661-debian_linux-wordpress/WolfgangSesin
2022-01-14 01:53:28🚨 NEW: CVE-2022-21661 🚨 WordPress is a free and open-source content management system written in PHP and paired wit… https://t.co/xeBk4SikNO https://twitter.com/i/web/status/1481804059136958467threatintelctr
2022-01-14 00:50:39Check out the analysis of CVE-2022-21661 created by @ConfidentialTM https://t.co/KXNuzy7qFN https://twitter.com/confidentialtm/status/1481781464240898049electronicbots
2022-01-14 00:32:02موضوع جديد. شرح مفصّل لإكتشاف وإستغلال SQL Injection in the core of Wordpress (CVE-2022-21661) بالعربي والـ Engl… https://t.co/2CbATg3GGv https://twitter.com/i/web/status/1481783881879756803Mesh3l_911
2022-01-14 00:21:03Detailed Static/Dynamic analysis for(CVE-2022-21661) Our team approached the discovering/exploiting for the SQLi i… https://t.co/7JVOnSZCc8 https://twitter.com/i/web/status/1481781464240898049ConfidentialTM
2022-01-14 00:20:53Detailed Static/Dynamic analysis for(CVE-2022-21661) قام فريقنا بعمل تحليل بكامل التفاصيل Statically/Dynamically ب… https://t.co/SDKyp9MnWV https://twitter.com/i/web/status/1481781466312888320ConfidentialTM
2022-01-13 19:54:18🚨 NEW: CVE-2022-21661 🚨 WordPress is a free and open-source content management system written in PHP and paired wit… https://t.co/LvkU1LpgCM https://twitter.com/i/web/status/1481713462757703684threatintelctr
2022-01-13 12:40:15An SQL Injection #vulnerability, CVE-2022-21661, has been disclosed in WordPress Core. Update immediately to at lea… https://t.co/mRgXIsij4M https://twitter.com/i/web/status/1481605389393313793CSIRTMalta
2022-01-12 01:21:03なんかヤバそうな脆弱性なので急遽朝一で5.8.3に更新 #WordPress #CVE-2022-21661 https://t.co/5fvooAqoJM https://twitter.com/ncsc_nl/status/1480870601921290240RootLinks_Co
2022-01-11 19:31:59Multiple Vulnerabilities for #wordpress between 3.7 and 5.8: CVE-2022-21661 (SQLi - CVSS 8.0) CVE-2022-21664 (SQLi… https://t.co/2UQZxd0dAZ https://twitter.com/i/web/status/1480983524501082116fractionservers
2022-01-11 14:06:21CVE-2022-21661 WordPress Core SQL注入漏洞 影响版本: < 5.8.3 https://t.co/6uhwQGMK8j https://www.xxe.one/index.php?threads/145/xxe_one
2022-01-11 13:33:17CVE-2022-21661 WordPress Core SQL注入漏洞 影响版本: < 5.8.3 https://t.co/6uhwQGMK8j https://www.xxe.one/index.php?threads/145/xxe_one
2022-01-11 13:10:21CVE-2022-21661 WordPress Core SQL注入漏洞 影响版本: < 5.8.3 https://t.co/6uhwQGMK8j https://www.xxe.one/index.php?threads/145/xxe_one
2022-01-11 12:01:03We hebben een update van het beveiligingsadvies over de kwetsbaarheden in WordPress. Voor CVE-2022-21661 is een Pro… https://t.co/Nn7ueZV03z https://twitter.com/i/web/status/1480870601921290240ncsc_nl
2022-01-11 11:14:45CVE-2022-21661 - WordPress / WordPress - SQLi - https://t.co/dXSb7Iabpb https://www.redpacketsecurity.com/cve-2022-21661-wordpress-wordpress-sqli/RedPacketSec
2022-01-11 04:20:51#exploit 1. CVE-2022-21661: SQL Injection in Wordpress core https://t.co/ytAvxxhGHF 2. CVE-2021-26294: Directory T… https://t.co/xwcaTXhZ9F https://unsafe.sh/go-99941.html https://twitter.com/i/web/status/1480754676190654464ksg93rd
2022-01-11 00:10:22Forwarded from @Leakinfo ​SQL инъекция в ядре Wordpress (CVE-2022-21661) Обновите ваши вордпрессы! Из-за неправиль… https://t.co/IYiGm7XOqh https://twitter.com/i/web/status/1480692240259461125gebutcher
2022-01-11 00:10:13Type juggling leading to SQLi fixed in Wordpress core (CVE-2022-21661). Alongside an stored XSS, which was reported… https://t.co/jy1iVrGIVg https://twitter.com/i/web/status/1480692715977379842hkashfi
2022-01-10 21:08:13SQL Injection in WordPress Core: CVE-2022-21661 https://t.co/U1A0oSe3vU https://stackdiary.com/sql-injection-in-wordpress-core-cve-2022-21661/stackdiary
2022-01-10 20:41:21SQL Injection in WordPress Core: CVE-2022-21661 https://t.co/U1A0oSe3vU https://stackdiary.com/sql-injection-in-wordpress-core-cve-2022-21661/stackdiary
2022-01-10 20:12:59SQL Injection in WordPress Core: CVE-2022-21661 https://t.co/U1A0oSe3vU https://stackdiary.com/sql-injection-in-wordpress-core-cve-2022-21661/stackdiary
2022-01-10 19:50:55🚨 NEW: CVE-2022-21661 🚨 WordPress is a free and open-source content management system written in PHP and paired wit… https://t.co/n1cCbuc6PU https://twitter.com/i/web/status/1480626299970404361threatintelctr
2022-01-10 19:43:39SQL Injection in WordPress Core: CVE-2022-21661 https://t.co/U1A0oSe3vU https://stackdiary.com/sql-injection-in-wordpress-core-cve-2022-21661/stackdiary
2022-01-10 19:19:49SQL Injection in WordPress Core: CVE-2022-21661 https://t.co/U1A0oSe3vU https://stackdiary.com/sql-injection-in-wordpress-core-cve-2022-21661/stackdiary
2022-01-10 18:54:45SQL Injection in WordPress Core: CVE-2022-21661 https://t.co/U1A0oSe3vU https://stackdiary.com/sql-injection-in-wordpress-core-cve-2022-21661/stackdiary
2022-01-10 09:30:16🚨🚨 Wordpress Core Injection in SQL CVE-2022-21661 by Ngocnb Sqli error-based https://t.co/47re5cb9gvMohamed87Khayat
2022-01-08 08:10:20CVE-2022-21661 WordPress is a free and open-source content management system written in PHP and paired with a Maria… https://t.co/cP06mRmytJ https://twitter.com/i/web/status/1479726891678453761threatmeter
2022-01-07 08:22:43🚨 NEW: CVE-2022-21661 🚨 WordPress is a free and open-source content management system written in PHP and paired wit… https://t.co/ry5NxYQgaW https://twitter.com/i/web/status/1479365963992768515threatintelctr
2022-01-07 02:11:05Wordpress - CVE-2022-21661: https://t.co/PNwIlqPVIL https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-6676-cqfm-gw84LinInfoSec
2022-01-07 02:00:38#cve #redteam #WordPress 不是不爆,时候未到 CVE-2022-21661 (SQLi - CVSS 8. 0) CVE-2022-21664 (SQLi - CVSS 7.4) CVE-2022-2166… https://t.co/AAHlEgt2ip https://twitter.com/i/web/status/1479270834103472129ckcsec
2022-01-07 01:40:14CVE-2022-21661 WordPress is a free and open-source content management system written in...… https://t.co/1jQuoQrmQh https://twitter.com/i/web/status/1479265952386662403VulmonFeeds
2022-01-07 01:30:31New post from https://t.co/uXvPWJy6tj (CVE-2022-21661) has been published on https://t.co/8BZuhwitD9 http://www.sesin.at https://www.sesin.at/2022/01/07/cve-2022-21661/WolfgangSesin
2022-01-07 01:30:16New post from https://t.co/9KYxtdZjkl (CVE-2022-21661) has been published on https://t.co/zAhAN8Kgyt http://www.sesin.at https://www.sesin.at/2022/01/07/cve-2022-21661/www_sesin_at
2022-01-06 23:52:13🚨 NEW: CVE-2022-21661 🚨 WordPress is a free and open-source content management system written in PHP and paired wit… https://t.co/VDSxXRBmLD https://twitter.com/i/web/status/1479237619708055552threatintelctr
2022-01-06 23:50:41CVE-2022-21661 WordPress is a free and open-source content management system written in PHP and paired with a Maria… https://t.co/EBCMbmwvfK https://twitter.com/i/web/status/1479237633104662529CVEnew
2022-01-06 23:00:17CVE-2022-21661 : WordPress is a free and open-source content management system written in PHP and paired with a Mar… https://t.co/xXORH9SeWE https://twitter.com/i/web/status/1479225228471541764CVEreport