WordPress < 5.8.3 - SQL Injection via WP_Query

Description

Due to improper sanitization in WP_Query, there can be cases where SQL injection is possible through plugins or themes that use it in a certain way.

Affects WordPresses

5.8.2

Fixed in version 5.8.3✓

5.8.1

Fixed in version 5.8.3✓

5.8

Fixed in version 5.8.3✓

5.7.4

Fixed in version 5.7.5✓

5.7.3

Fixed in version 5.7.5✓

5.7.2

Fixed in version 5.7.5✓

5.7.1

Fixed in version 5.7.5✓

5.7

Fixed in version 5.7.5✓

5.6.6

Fixed in version 5.6.7✓

5.6.5

Fixed in version 5.6.7✓

References

CVE

CVE-2022-21661

URL

https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-6676-cqfm-gw84

URL

https://hackerone.com/reports/1378209

Classification

Type

SQLI

OWASP top 10

A1: Injection

CWE

CWE-89

Miscellaneous

Original Researcher

Ngocnb and Khuyenn from GiaoHangTietKiem JSC

Verified

Yes

WPVDB ID

7f768bcf-ed33-4b22-b432-d1e7f95c1317

Timeline

Publicly Published

2022-01-06 (about 15 days ago)

Added

2022-01-06 (about 15 days ago)

Last Updated

2022-01-06 (about 15 days ago)

Our Other Services

WPScan WordPress Security Plugin