8

CVE-2022-21661

Exploit

SQL injection in WordPress

WordPress Core < 5.8.3 - SQL Injection via WP_Query

WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to improper sanitization in WP_Query, there can be cases where SQL injection is possible through plugins or themes that use it in a certain way. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this vulnerability.
Mögliche Gegenmaßnahme
WordPress: Update to one of the following versions, or a newer patched version: 3.7.37, 3.8.37, 3.9.35, 4.0.34, 4.1.34, 4.2.31, 4.3.27, 4.4.26, 4.5.25, 4.6.22, 4.7.22, 4.8.18, 4.9.19, 5.0.15, 5.1.12, 5.2.14, 5.3.11, 5.4.9, 5.5.8, 5.6.7, 5.7.5, 5.8.3
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
WordpressWordpress Version >= 3.7 < 3.7.37
WordpressWordpress Version >= 3.8 < 3.8.37
WordpressWordpress Version >= 3.9 < 3.9.35
WordpressWordpress Version >= 4.0 < 4.0.34
WordpressWordpress Version >= 4.1 < 4.1.34
WordpressWordpress Version >= 4.2 < 4.2.31
WordpressWordpress Version >= 4.3 < 4.3.27
WordpressWordpress Version >= 4.4 < 4.4.26
WordpressWordpress Version >= 4.5 < 4.5.25
WordpressWordpress Version >= 4.6 < 4.6.22
WordpressWordpress Version >= 4.7 < 4.7.22
WordpressWordpress Version >= 4.8 < 4.8.18
WordpressWordpress Version >= 4.9 < 4.9.19
WordpressWordpress Version >= 5.0 < 5.0.15
WordpressWordpress Version >= 5.1 < 5.1.12
WordpressWordpress Version >= 5.2 < 5.2.14
WordpressWordpress Version >= 5.3 < 5.3.11
WordpressWordpress Version >= 5.4 < 5.4.9
WordpressWordpress Version >= 5.5 < 5.5.8
WordpressWordpress Version >= 5.6 < 5.6.7
WordpressWordpress Version >= 5.7 < 5.7.5
WordpressWordpress Version >= 5.8 < 5.8.3
FedoraprojectFedora Version34
FedoraprojectFedora Version35
DebianDebian Linux Version9.0
DebianDebian Linux Version10.0
DebianDebian Linux Version11.0
Weitere Schwachstelleninformationen
SystemWordPress Core
Produkt WordPress
Version [3.7, 3.7.37)
Version [3.8, 3.8.37)
Version [3.9, 3.9.35)
Version [4.0, 4.0.34)
Version [4.1, 4.1.34)
Version [4.2, 4.2.31)
Version [4.3, 4.3.27)
Version [4.4, 4.4.26)
Version [4.5, 4.5.25)
Version [4.6, 4.6.22)
Version [4.7, 4.7.22)
Version [4.8, 4.8.18)
Version [4.9, 4.9.19)
Version [5.0, 5.0.15)
Version [5.1, 5.1.12)
Version [5.2, 5.2.14)
Version [5.3, 5.3.11)
Version [5.4, 5.4.9)
Version [5.5, 5.5.8)
Version [5.6, 5.6.7)
Version [5.7, 5.7.5)
Version [5.8, 5.8.3)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 97.8% 0.999
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
security-advisories@github.com 8 1.3 6
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

http://packetstormsecurity.com/files/165540/WordPress-Core-5.8.2-SQL-Injection.html
Third Party Advisory
Exploit
VDB Entry
https://github.com/WordPress/wordpress-develop/commit/17efac8c8ec64555eff5cf51a3eff81e06317214
Patch
Third Party Advisory
https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-6676-cqfm-gw84
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/01/msg00019.html
Third Party Advisory
Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4UNEC63UU5GEU47IIR4RMTZAHNEOJG/
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DM6XPH3JN6V4NF4WBOJTOXZIVE6VKKE3/
Third Party Advisory
https://wordpress.org/news/2022/01/wordpress-5-8-3-security-release/
Vendor Advisory
Release Notes
https://www.debian.org/security/2022/dsa-5039
Third Party Advisory
https://www.exploit-db.com/exploits/50663
Third Party Advisory
Exploit
VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-22-020/
Third Party Advisory
VDB Entry
https://www.vicarius.io/vsociety/posts/understanding-the-wordpress-sql-injection-vulnerability-cve-2022-21661
Third Party Advisory
Exploit
https://www.wordfence.com/threat-intel/vulnerabilities/id/b0ef885f-fd62-4513-83cb-65381b99a172
Third Party Advisory