Showing 1 - 1 of 1

CVE-2022-21663

Status Candidate

Overview

WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. On a multisite, users with Super Admin role can bypass explicit/additional hardening under certain conditions through object injection. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this issue.

Related Files

Debian Security Advisory 5039-1: Posted Jan 28, 2022; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5039-1 - Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform SQL injection, run unchecked SQL queries, bypass hardening, or perform Cross-Site Scripting (XSS) attacks.; tags | advisory, remote, web, vulnerability, xss, sql injection; systems | linux, debian; advisories | CVE-2022-21661, CVE-2022-21662, CVE-2022-21663, CVE-2022-21664; SHA-256 | 01b9104ccc078857a13fed75219322b0d655fb12af3483b26cde82257f6685db; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 308 files
Ubuntu 77 files
Debian 18 files
Ahmet Umit Bayram 10 files
Apple 10 files
Jann Horn 4 files
tmrswrr 4 files
malvuln 4 files
Google Security Research 4 files
Furkan Eren Tetik 4 files

File Archives

Systems

AIX (429)
Apple (2,089)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,056)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,500)
HPUX (880)
iOS (375)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,990)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (16,053)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,568)
UNIX (9,416)
UnixWare (187)
Windows (6,662)
Other

CVE-2022-21663

Overview

Related Files

File Archive:

June 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems