{"vulnerability": "CVE-2021-2166", "sightings": [{"uuid": "a848038c-89cb-4c42-a662-2467c3e19a88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21661", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/641", "content": "CVE-2021-21661 Exposing Database info via WordPress SQL injection\nhttps://www.zerodayinitiative.com/blog/2022/1/18/cve-2021-21661-exposing-database-info-via-wordpress-sql-injection\n\nVulnerable AWS Lambda function Initial access in cloud attacks\nhttps://sysdig.com/blog/exploit-mitigate-aws-lambdas-mitre", "creation_timestamp": "2022-01-19T15:33:14.000000Z"}, {"uuid": "fcddf9ec-948a-443c-b178-c5b804cd4c41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21661", "type": "published-proof-of-concept", "source": "Telegram/e6LCK5GJSK0xKVwHawAhTv7tZ7kQmDa1Okv4UYIPNzkjPxmz", "content": "", "creation_timestamp": "2022-01-18T20:10:50.000000Z"}, {"uuid": "63594af3-17ad-4ee5-9f86-fdd6c92f5a5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-2166", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-02", "content": "", "creation_timestamp": "2026-01-27T11:00:00.000000Z"}, {"uuid": "144309ae-efa2-4f6e-a8c0-8e31007e1339", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21668", "type": "seen", "source": "https://t.me/cibsecurity/25489", "content": "\u203c CVE-2021-21668 \u203c\n\nJenkins Scriptler Plugin 3.1 and earlier does not escape script content, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Scriptler/Configure permission.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-16T18:40:04.000000Z"}, {"uuid": "ba0eb409-5269-497e-be27-98e50c9759d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21661", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5236", "content": "#Threat_Research\n1. The OAuth Misconfiguration\nhttps://infosecwriteups.com/the-oauth-misconfiguration-15e66dd19a6e\n2. CVE-2022-21661: \nExposing Database Info via WordPress SQL Injection\nhttps://www.zerodayinitiative.com/blog/2022/1/18/cve-2021-21661-exposing-database-info-via-wordpress-sql-injection\n]-> https://github.com/APTIRAN/CVE-2022-21661", "creation_timestamp": "2022-12-05T04:44:42.000000Z"}]}