CVE-2022-21661 PoC — WordPress plugin SQL注入漏洞

Source

https://github.com/safe3s/CVE-2022-21661

Associated Vulnerability

Title:WordPress plugin SQL注入漏洞 (CVE-2022-21661)
Description:WordPress是Wordpress基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是WordPress开源的一个应用插件。 WordPress plugin 存在SQL注入漏洞，该漏洞源于WP_查询中的不正确清理。攻击者可利用该漏洞执行SQL注入攻击。

Description

The first poc video presenting the sql injection test from (  WordPress Core 5.8.2-'WP_Query'  / CVE-2022-21661)

Readme

# CVE-2022-21661
 POC Video | WordPress Core 5.8.2 - 'WP_Query' SQL Injection
 ![alt text](https://github.com/APTIRAN/CVE-2022-21661/blob/main/image/PIC.png?raw=true)
CVE-2022-21661 : EDB : https://www.exploit-db.com/exploits/50663

File Snapshot


 [4.0K]  /data/pocs/481461f1ecec2992464b2ff1397006c284578dcb
├── [4.0K]  Exploit
│   └── [1.6K]  50663.txt
├── [4.0K]  image
│   └── [906K]  PIC.png
├── [4.0K]  POC
│   └── [4.0K]  Video
│       ├── [ 171]  APTIRAN
│       └── [ 20M]  APTIRAN.mp4
└── [ 232]  README.md

4 directories, 5 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!