{"vulnerability": "cve-2022-2166", "sightings": [{"uuid": "5f872928-5d4e-42c3-9c5f-e37a894f785c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21661", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2832", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-21661 exp for Elementor custom skin. \nURL\uff1ahttps://github.com/XmasSnowISBACK/CVE-2022-21661\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-08-02T18:54:57.000000Z"}, {"uuid": "9e234d5d-fc5b-4e6f-a94a-38173f8d2c09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21661", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2305", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aWordpress 5.8.2  CVE-2022-21661 Vuln enviroment POC exploit\nURL\uff1ahttps://github.com/0x4E0x650x6F/Wordpress-cve-CVE-2022-21661\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-28T10:54:16.000000Z"}, {"uuid": "788a7e6d-33de-4af9-a6ce-ae2e094b2537", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21661", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3187", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aThe first poc video presenting the sql injection test from (  WordPress Core 5.8.2-'WP_Query'  / CVE-2022-21661) \nURL\uff1ahttps://github.com/APTIRAN/CVE-2022-21661\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2025-03-07T12:29:59.000000Z"}, {"uuid": "06d143a2-a988-4f10-acb8-9b3262045c08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21661", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2817", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-21661 exp for Elementor custom skin.\nURL\uff1ahttps://github.com/QWERTYisme/CVE-2022-21661\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-07-31T11:56:40.000000Z"}, {"uuid": "3213ded7-12eb-4f46-9e80-60fd447b2b5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21664", "type": "seen", "source": "Telegram/rlHh_9BM73bg9tASnpEOufyHY5Rw4wJvJz2wyYTnEYAOQAw", "content": "", "creation_timestamp": "2024-10-11T15:27:30.000000Z"}, {"uuid": "6f46211b-79ca-4779-ab79-f2262e3ca6e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21661", "type": "seen", "source": "https://t.me/arpsyndicate/1829", "content": "#ExploitObserverAlert\n\nCVE-2022-21661\n\nDESCRIPTION: Exploit Observer has 40 entries related to CVE-2022-21661. WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to improper sanitization in WP_Query, there can be cases where SQL injection is possible through plugins or themes that use it in a certain way. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this vulnerability.\n\nFIRST-EPSS: 0.937320000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-12-16T14:41:24.000000Z"}, {"uuid": "700be60d-25ee-4050-b972-ac28f3403ec5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2166", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13934", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-2166\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_0, Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Improper Restriction of Excessive Authentication Attempts in GitHub repository mastodon/mastodon prior to 4.0.0.\n\ud83d\udccf Published: 2022-11-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-29T20:30:40.434Z\n\ud83d\udd17 References:\n1. https://huntr.dev/bounties/2f96f990-01c2-44ea-ae47-58bdb3aa455b\n2. https://github.com/mastodon/mastodon/commit/21fd25a269cca742af431f0d13299e139f267346", "creation_timestamp": "2025-04-29T21:13:40.000000Z"}, {"uuid": "5662fecb-ef04-486b-bd26-9a11d90e089f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21663", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12951", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-21663\n\ud83d\udd25 CVSS Score: 6.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. On a multisite, users with Super Admin role can bypass explicit/additional hardening under certain conditions through object injection. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this issue.\n\ud83d\udccf Published: 2022-01-06T23:00:11.000Z\n\ud83d\udccf Modified: 2025-04-22T18:33:55.718Z\n\ud83d\udd17 References:\n1. https://wordpress.org/news/2022/01/wordpress-5-8-3-security-release/\n2. https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-jmmq-m8p8-332h\n3. https://www.debian.org/security/2022/dsa-5039\n4. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DM6XPH3JN6V4NF4WBOJTOXZIVE6VKKE3/\n5. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4UNEC63UU5GEU47IIR4RMTZAHNEOJG/\n6. https://lists.debian.org/debian-lts-announce/2022/01/msg00019.html\n7. https://blog.sonarsource.com/wordpress-object-injection-vulnerability/", "creation_timestamp": "2025-04-22T19:03:47.000000Z"}, {"uuid": "ac3dcd6b-db9e-45a6-8529-fac41dc5e3da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21662", "type": "published-proof-of-concept", "source": "https://t.me/HelixsCrewOfficial/133", "content": "WordPress: Stored XSS through authenticated users\n\nCVE ID :\nCVE-2022-21662\n\nDampak :\nPengguna yang memiliki hak rendah seperti penulis dapat menjalankan JavaScript/melakukan serangan Stored XSS, yang dapat memengaruhi pengguna dengan hak yang lebih tinggi seperti administartor.\n\nReferensi :\nhttps://wordpress.org/news/category/releases/\nhttps://hackerone.com/reports/425342\n\nseverity level rated high, 8.0/10\n\nVulnerability ini terdapat pada \"judul\" dari artikel yang dibuat user, dengan payload sederhana maka XSS akan tereksekusi. Pada gambar saya mencoba membuat artikel (WordPress Versi 5.8.2) dengan akun user dan menaruh payload dari XSS hunter pada judul artikel, jika seseorang membuka artikel yang telah saya buat maka payload akan tereksekusi. Stored XSS pada WordPress ini dapat dimanfaatkan attacker untuk mencuri cookies milik user lain. Kerentanan jenis ini telah di perbaiki pada versi 5.8.3 bersamaan dengan 3 kerentanan lainnya.\n\n#HelixsID\n#BugHunt", "creation_timestamp": "2022-01-16T02:11:15.000000Z"}, {"uuid": "8bf7fc24-adeb-48e9-94b9-35bebcf5e97b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21661", "type": "seen", "source": "Telegram/hlaj8pCWo0xhq_29wgWzUqXa3H_JtYFZaxWsf_gjRvhLsWU", "content": "", "creation_timestamp": "2024-10-11T15:03:57.000000Z"}, {"uuid": "48f262fd-0c08-4831-a3dc-d0cf164fc932", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21661", "type": "seen", "source": "Telegram/SmcoBxthnKwgHljRQ5eGvJQRSp7XCqQ6GoUv_bF594oADDQ", "content": "", "creation_timestamp": "2024-10-11T14:27:12.000000Z"}, {"uuid": "796e3d20-52a0-48d1-9dd9-0e475b44bc4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21661", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/584", "content": "CVE-2022-21661 : WordPress Core 5.8.2 - 'WP_Query' SQL Injection\nAuthor: ARYAN CHEHREGHANI\nPOC : https://www.exploit-db.com/exploits/50663", "creation_timestamp": "2022-11-15T09:30:09.000000Z"}, {"uuid": "698fad97-94ff-4a4c-874a-575e8afdff81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21663", "type": "seen", "source": "https://t.me/breachdetector/323573", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2022-21663 WordPress Nesne Yerle\u015ftirme G\u00fcvenlik A\u00e7\u0131\u011f\u0131\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"25 Aug 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-08-25T16:32:19.000000Z"}, {"uuid": "856870e8-a8bf-4970-8325-f99782a073d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21661", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/153961", "content": "{\n  \"Source\": \"https://t.me/documentors\",\n  \"Content\": \"CVE-2022-21661-main.zip 20.0 MB WordPress Core 5.8.2-'WP_Query' / CVE-2022-21661 https://github.com/APTIRAN/CVE-2022-21661 \ud83d\udcc4For Questions and Purchase and place Orders Contact us: \ud83d\udece @darkamo https://t.me/documentors\", \n  \"author\": \"\u2693\ufe0f\ud835\udd07\ud835\udd2c\ud835\udd20\ud835\udd32\ud835\udd2a\ud835\udd22\ud835\udd2b\ud835\udd31\ud835\udd2c\ud835\udd2f\",\n  \"Detection Date\": \"02 Dec 2022\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 Data Leak monitoring system\ud83d\udd39", "creation_timestamp": "2022-12-02T08:57:29.000000Z"}, {"uuid": "43927510-a09a-4369-9e60-c1ecfe86b519", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21661", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/152930", "content": "{\n  \"Source\": \"https://t.me/documentors\",\n  \"Content\": \"CVE-2022-21661-main.zip 20.0 MB WordPress Core 5.8.2-'WP_Query' / CVE-2022-21661 https://github.com/APTIRAN/CVE-2022-21661 \ud83d\udcc4For Questions and Purchase and place Orders Contact us: \ud83d\udece @darkamo https://t.me/documentors\", \n  \"author\": \"\u2693\ufe0f\ud835\udd07\ud835\udd2c\ud835\udd20\ud835\udd32\ud835\udd2a\ud835\udd22\ud835\udd2b\ud835\udd31\ud835\udd2c\ud835\udd2f\",\n  \"Detection Date\": \"30 Nov 2022\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 Data Leak monitoring system\ud83d\udd39", "creation_timestamp": "2022-11-30T17:51:32.000000Z"}, {"uuid": "3838ce88-3a2a-4cbb-b8fa-03539703466a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21661", "type": "published-proof-of-concept", "source": "Telegram/aS6mAmeUhsFL57NL24yCmfK1ybyUebrYuHG32QrjsHtQ-as", "content": "", "creation_timestamp": "2022-12-26T00:02:53.000000Z"}, {"uuid": "6d390a4b-d253-4af3-87e2-b5207c5d0569", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21661", "type": "published-proof-of-concept", "source": "Telegram/zMR22lMSxfSx92UKdkl2Oy7iHmx2McRy0HK2tJZWvPLAmko", "content": "", "creation_timestamp": "2022-12-25T16:18:05.000000Z"}, {"uuid": "9cc9955b-ab0a-45f5-a289-31c6941254c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21661", "type": "published-proof-of-concept", "source": "https://t.me/jokerplstaeen/15955", "content": "\u200f\u0645\u0648\u0636\u0648\u0639 \u062c\u062f\u064a\u062f.\n\n\u0634\u0631\u062d \u0645\u0641\u0635\u0651\u0644 \u0644\u0625\u0643\u062a\u0634\u0627\u0641 \u0648\u0625\u0633\u062a\u063a\u0644\u0627\u0644 \nSQL Injection in the core of Wordpress (CVE-2022-21661)\n\n\u0628\u0627\u0644\u0639\u0631\u0628\u064a \u0648\u0627\u0644\u0640 English.\n\n\u0642\u0631\u0627\u0621\u0629 \u0645\u0645\u062a\u0639\u0629\u2665\ufe0f\ud83d\ude4f\ud83c\udffb\n\nhttps://confidentialteam.github.io/posts/cve-202221661ar/", "creation_timestamp": "2023-04-18T17:51:29.000000Z"}, {"uuid": "5ce7fbaa-0da7-4b30-a36f-feb44f1d08a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21661", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1575", "content": "WordPress Core 5.8.2-'WP_Query' / CVE-2022-21661\n\nhttps://github.com/APTIRAN/CVE-2022-21661", "creation_timestamp": "2023-11-16T19:51:57.000000Z"}, {"uuid": "855a1694-3311-491b-a08a-95a270f08819", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21661", "type": "published-proof-of-concept", "source": "https://t.me/professional_c_h/1857", "content": "WordPress Core 5.8.2-'WP_Query' / CVE-2022-21661\n\nhttps://github.com/APTIRAN/CVE-2022-21661\n\nChannel: \n@Professional_c_h\n@Card_crack_hack", "creation_timestamp": "2022-12-02T11:04:16.000000Z"}, {"uuid": "1b275834-a319-4882-8bcc-82c9b76b1bf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21661", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/31608", "content": "https://github.com/APTIRAN/CVE-2022-21661", "creation_timestamp": "2022-11-08T15:27:29.000000Z"}, {"uuid": "dd0a32f5-d7c9-4a80-b8d9-718718604e04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21661", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/283", "content": "https://github.com/purple-WL/wordpress-CVE-2022-21661\n#github", "creation_timestamp": "2022-09-28T01:44:13.000000Z"}, {"uuid": "e10a3f80-e4b3-4e2c-8d39-16025723aafb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21668", "type": "seen", "source": "https://t.me/cibsecurity/35208", "content": "\u203c CVE-2022-21668 \u203c\n\npipenv is a Python development workflow tool. Starting with version 2018.10.9 and prior to version 2022.1.8, a flaw in pipenv's parsing of requirements files allows an attacker to insert a specially crafted string inside a comment anywhere within a requirements.txt file, which will cause victims who use pipenv to install the requirements file to download dependencies from a package index server controlled by the attacker. By embedding malicious code in packages served from their malicious index server, the attacker can trigger arbitrary remote code execution (RCE) on the victims' systems. If an attacker is able to hide a malicious `--index-url` option in a requirements file that a victim installs with pipenv, the attacker can embed arbitrary malicious code in packages served from their malicious index server that will be executed on the victim's host during installation (remote code execution/RCE). When pip installs from a source distribution, any code in the setup.py is executed by the install process. This issue is patched in version 2022.1.8. The GitHub Security Advisory contains more information about this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-11T00:14:58.000000Z"}, {"uuid": "b07331e1-54c8-4d56-a630-dc1f2b968f6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21666", "type": "seen", "source": "https://t.me/cibsecurity/35203", "content": "\u203c CVE-2022-21666 \u203c\n\nUseful Simple Open-Source CMS (USOC) is a content management system (CMS) for programmers. Versions prior to Pb2.4Bfx3 allowed Sql injection in usersearch.php only for users with administrative privileges. Users should replace the file `admin/pages/useredit.php` with a newer version. USOC version Pb2.4Bfx3 contains a fixed version of `admin/pages/useredit.php`.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-10T22:14:54.000000Z"}, {"uuid": "734c9c21-1c87-49f3-a1ac-9e78bb17b55e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21661", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2441", "content": "#CVE-2022\n\nThe first poc video presenting the sql injection test from (\u00a0 WordPress Core 5.8.2-'WP_Query'\u00a0 / CVE-2022-21661) \n\nhttps://github.com/APTIRAN/CVE-2022-21661\n\n@BlueRedTeam", "creation_timestamp": "2022-11-20T16:59:42.000000Z"}, {"uuid": "44b00ea0-568d-4f4b-9550-80839df730b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21669", "type": "seen", "source": "https://t.me/cibsecurity/35244", "content": "\u203c CVE-2022-21669 \u203c\n\nPuddingBot is a group management bot. In version 0.0.6-b933652 and prior, the bot token is publicly exposed in main.py, making it accessible to malicious actors. The bot token has been revoked and new version is already running on the server. As of time of publication, the maintainers are planning to update code to reflect this change at a later date.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-11T18:15:51.000000Z"}, {"uuid": "02828297-f4a2-42cd-84a8-a8a9cd95aa50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21667", "type": "seen", "source": "https://t.me/cibsecurity/35144", "content": "\u203c CVE-2022-21667 \u203c\n\nsoketi is an open-source WebSockets server. There is an unhandled case when reading POST requests which results in the server crashing if it could not read the body of a request. In the event that a POST request is sent to any endpoint of the server with an empty body, even unauthenticated with the Pusher Protocol, it will crash the server. All users that run the server are affected by this vulnerability and it's highly recommended to upgrade to the latest patch. There are no workarounds for this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-10T16:14:55.000000Z"}, {"uuid": "73c3dfcd-6a44-45b3-b822-1b7fa016069a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21662", "type": "seen", "source": "https://t.me/cibsecurity/35091", "content": "\u203c CVE-2022-21662 \u203c\n\nWordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Low-privileged authenticated users (like author) in WordPress core are able to execute JavaScript/perform stored XSS attack, which can affect high-privileged users. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-07T02:16:27.000000Z"}, {"uuid": "0e255974-06c9-42e5-a31d-1b19de92f811", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21663", "type": "seen", "source": "https://t.me/cibsecurity/35090", "content": "\u203c CVE-2022-21663 \u203c\n\nWordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. On a multisite, users with Super Admin role can bypass explicit/additional hardening under certain conditions through object injection. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-07T02:16:25.000000Z"}, {"uuid": "dd100d7e-c9fb-4c45-80e3-d19caff05290", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21661", "type": "seen", "source": "https://t.me/cibsecurity/35089", "content": "\u203c CVE-2022-21661 \u203c\n\nWordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to improper sanitization in WP_Query, there can be cases where SQL injection is possible through plugins or themes that use it in a certain way. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-07T02:16:24.000000Z"}, {"uuid": "8b585de2-0181-4d53-9f34-6e8e8af49fce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21664", "type": "seen", "source": "https://t.me/cibsecurity/35088", "content": "\u203c CVE-2022-21664 \u203c\n\nWordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to lack of proper sanitization in one of the classes, there's potential for unintended SQL queries to be executed. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 4.1.34. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-07T02:16:23.000000Z"}, {"uuid": "0280f6fd-3391-4eee-a9f9-2e4542760981", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21660", "type": "seen", "source": "https://t.me/cibsecurity/37116", "content": "\u203c CVE-2022-21660 \u203c\n\nGin-vue-admin is a backstage management system based on vue and gin. In versions prior to 2.4.7 low privilege users are able to modify higher privilege users. Authentication is missing on the `setUserInfo` function. Users are advised to update as soon as possible. There are no known workarounds.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-09T22:13:06.000000Z"}, {"uuid": "6a5bb14f-1d22-45ac-8404-6f05d9b73920", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21661", "type": "published-proof-of-concept", "source": "Telegram/q8rexRbZbr7I46zhe_gO9OWmaFaCzrMM5IMiFN0qpnYIqw", "content": "", "creation_timestamp": "2022-11-30T21:50:54.000000Z"}, {"uuid": "6da9222f-657e-494b-90ed-ea2ede818b67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21661", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/4360", "content": "CVE-2022-21661\n\nWordPress Core 5.8.2 - 'WP_Query' SQL Injection. \n\nGithub\n\n#CVE #POC\n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-01-04T10:02:38.000000Z"}, {"uuid": "d8d617cd-3181-4822-9864-71c5debbf8a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21661", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/361", "content": "WordPress Core 5.8.2-'WP_Query' / CVE-2022-21661\n\nhttps://github.com/APTIRAN/CVE-2022-21661", "creation_timestamp": "2022-11-30T15:05:22.000000Z"}, {"uuid": "28a4606f-9b28-4f26-9a1d-7418dc8f5668", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21661", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5174", "content": "#exploit\n1. CVE-2022-21661:\nSQL Injection in Wordpress core\nhttps://unsafe.sh/go-99941.html\n\n2. CVE-2021-26294:\nDirectory Traversal in Afterlogic webmail aurora and pro\nhttps://github.com/dorkerdevil/CVE-2021-26294", "creation_timestamp": "2022-01-11T11:05:12.000000Z"}, {"uuid": "9cf7ec74-c86f-4b48-90ba-33e725580012", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21661", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5236", "content": "#Threat_Research\n1. The OAuth Misconfiguration\nhttps://infosecwriteups.com/the-oauth-misconfiguration-15e66dd19a6e\n2. CVE-2022-21661: \nExposing Database Info via WordPress SQL Injection\nhttps://www.zerodayinitiative.com/blog/2022/1/18/cve-2021-21661-exposing-database-info-via-wordpress-sql-injection\n]-> https://github.com/APTIRAN/CVE-2022-21661", "creation_timestamp": "2022-12-05T04:44:42.000000Z"}, {"uuid": "763e072d-ad3b-4fa3-ae2b-c7f6122b290e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21663", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5399", "content": "#Threat_Research\n1. Cross-origin request forgery against Grafana (CVE-2022-21703)\nhttps://jub0bs.com/posts/2022-02-08-cve-2022-21703-writeup\n2. WordPress <5.8.3 - Object Injection Vulnerability (CVE-2022-21663)\nhttps://blog.sonarsource.com/wordpress-object-injection-vulnerability\n3. A Remote Stack Overflow in The Linux Kernel (CVE-2022-0435)\nhttps://www.openwall.com/lists/oss-security/2022/02/10/1", "creation_timestamp": "2022-02-12T13:52:55.000000Z"}, {"uuid": "9e20c89f-3c77-40d3-b47a-a1f4dbc76b2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21661", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9729", "content": "#Blue_Team_Techniques\n1. Hunting M365 Invaders:\nBlue Team's Guide to Initial Access Vectors\nhttps://www.splunk.com/en_us/blog/security/hunting-m365-invaders-blue-team-s-guide-to-initial-access-vectors.html\n2. Script to validate WordPress CVE-2022-21661\nhttps://github.com/p4ncontomat3/CVE-2022-21661", "creation_timestamp": "2024-01-08T02:57:46.000000Z"}]}