CVE-2022-21664 | Mend Vulnerability Database

Vulnerability DatabaseCVE-2022-21664

CVE-2022-21664

January 06, 2022

WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to lack of proper sanitization in one of the classes, there's potential for unintended SQL queries to be executed. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 4.1.34. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this issue.

Related Resources (13)

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DM6XPH3JN6V4NF4WBOJTOXZIVE6VKKE3/

https://nvd.nist.gov/vuln/detail/CVE-2022-21664

https://github.com/WordPress/wordpress-develop/commit/c09ccfbc547d75b392dbccc1ef0b4442ccd3c957

https://lists.debian.org/debian-lts-announce/2022/01/msg00019.html

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DM6XPH3JN6V4NF4WBOJTOXZIVE6VKKE3/

https://people.canonical.com/~ubuntu-security/cve/CVE-2022-21664

https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-jp3p-gw8h-6x86

https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/21xxx/CVE-2022-21664.json

https://security-tracker.debian.org/tracker/CVE-2022-21664

https://www.debian.org/security/2022/dsa-5039

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CV4UNEC63UU5GEU47IIR4RMTZAHNEOJG/