CVE-2022-21661 – WordPress / WordPress – SQLi

Summary:

CVE-2022-21661 is a structured query language injection (SQLi) vulnerability impacting WordPress versions 5.7.5 and earlier. A proof of concept (PoC) was observed in open source.

PoC Links(if available):

Twitter PoC information –

🚨🚨
WordPress Core Injection in SQL CVE-2022-21661
by Ngocnb
Sqli error-based pic.twitter.com/47re5cb9gv

— Mohamed Elkhayat (@Mohamed87Khayat) January 10, 2022

Known Counter Measures:

WordPress addressed the vulnerability in WordPress version 5.8.3.

Links to patches(if available)

WordPress 5.8.3 Security Release