{"vulnerability": "CVE-2021-29447", "sightings": [{"uuid": "7ed100f5-1749-4c17-86f9-6506369c2eb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-29447", "type": "seen", "source": "MISP/2931d77b-03fa-4cae-b8e5-e2a7b0b68a69", "content": "", "creation_timestamp": "2024-11-14T06:09:21.000000Z"}, {"uuid": "0b7bf538-8494-472d-a6f6-640542c3e45e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2021-29447", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lmkc6vsj7h52", "content": "", "creation_timestamp": "2025-04-11T15:07:38.608480Z"}, {"uuid": "7f04c239-0545-46a2-af31-ffa5740a85b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-29447", "type": "published-proof-of-concept", "source": "Telegram/-ROXHOfm423XBCCWwhXYaLXGn7xm45QaWmgGH9Ytq2x4Q_M", "content": "", "creation_timestamp": "2025-12-18T09:00:05.000000Z"}, {"uuid": "56c5ec46-377e-4d05-b064-9d280b80f3e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-29447", "type": "published-proof-of-concept", "source": "Telegram/moqY6cW5VnKV_c19yFzOoCThPzN6rcBfQ0zDhyqMg7kJYfg", "content": "", "creation_timestamp": "2025-08-21T03:00:08.000000Z"}, {"uuid": "82fa3d1a-bc79-4dc5-a712-d81e028da3c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-29447", "type": "published-proof-of-concept", "source": "Telegram/ZslVGStVV3_lt95-hFdoeilO4jVWtTXfLdOqUzc5Cu_nctM", "content": "", "creation_timestamp": "2025-10-31T21:00:05.000000Z"}, {"uuid": "17a54d60-6557-4ef1-a902-371d5d87ed52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-29447", "type": "published-proof-of-concept", "source": "https://t.me/user_it_channel/123", "content": "\u0421\u043f\u0438\u0441\u043e\u043a \u0441\u0442\u0430\u0442\u0435\u0439, \u0433\u0434\u0435 \u043f\u0440\u043e\u0441\u0442\u044b\u043c \u044f\u0437\u044b\u043a\u043e\u043c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u0440\u0430\u0437\u044a\u044f\u0441\u043d\u044f\u044e\u0442\u0441\u044f \u0440\u0430\u0437\u043d\u044b\u0435 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c\u044e \u0442\u0435\u043c\u044b \u043e\u0442 \u043a\u0430\u043d\u0430\u043b\u0430 @netrunnerz. \n\n\n\nModel OSI (\u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e) https://szybnev.medium.com/osi-network-model-in-simple-terms-ed91858a8991\n\n\u041f\u0440\u043e\u0442\u043e\u043a\u043e\u043b HTTP https://telegra.ph/HTTP-PROTOCOL-09-22\n\nHTTPS SSL \u0441\u0435\u0440\u0442\u0438\u043a\u0430\u0442 https://telegra.ph/HTTPS-SSL-Certificate-09-22\n\n\u041e\u0441\u043d\u043e\u0432\u044b Linux 1 (\u0441\u0430\u043c\u044b\u0435 \u0433\u043b\u0430\u0432\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b) https://telegra.ph/Osnovy-Linux-CHto-takoe-terminal-Osnovnye-komandy-09-25\n\n\u041e\u0441\u043d\u043e\u0432\u044b Linux 2 (\u043f\u0440\u043e\u0434\u0432\u0438\u043d\u0443\u0442\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b) https://telegra.ph/Osnovy-Linux-part-2-10-02\n\n\u041e\u0441\u043d\u043e\u0432\u044b Linux 3 (\u043f\u0440\u043e\u0434\u0432\u0438\u043d\u0443\u0442\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b) https://telegra.ph/Populyarnye-komandy-chast-3-10-09\n\n\u041f\u0440\u043e\u0442\u043e\u043a\u043e\u043b TLS  https://telegra.ph/CHto-takoe-TLS-protokol-prostymi-slovami-09-26\n\nDNS-\u0441\u0435\u0440\u0432\u0435\u0440 (simple explanation) https://telegra.ph/CHto-takoe-DNS-server-prostymi-slovami-09-28\n\n\u0420\u0435\u0441\u0443\u0440\u0441\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438 DNS https://telegra.ph/CHto-takoe-resursnye-zapisi-DNS-prostymi-slovami-09-29-2\n\n\u0421\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0435 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u044b https://telegra.ph/Standartnye-porty-protokoly-09-29\n\nUPD \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b (simple explanation) https://telegra.ph/UDP-protokol-prostymi-slovami-10-01\n\n\u041f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u044b TCP/IP https://telegra.ph/Protokol-TCPIP-prostymi-slovami-10-03-2\n\n\u0420\u0430\u0437\u0431\u043e\u0440 Writeup HackTheBox OpenSource[EASY] https://szybnev.medium.com/writeup-hackthebox-opensource-easy-df9c16d9e31a\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c LFI - Local File Inclusion 1  https://telegra.ph/Web-security-flaw--LFI-10-10\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c LFI - Local File Inclusion  2 https://telegra.ph/Web-security-flaws--LFI-10-10\n\nSpawning a TTY Shell https://telegra.ph/Spawn-tty-shell-10-26\n\n\u041f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0447\u0435\u0440\u0435\u0437 LD_PRELOAD https://telegra.ph/Povyshenie-privilegij-cherez-LD-PRELOAD--HTB-Easy--Photobomb-10-30\n\n\nMetaTwo | CVE-2022-0739 + CVE-2021-29447  https://telegra.ph/MetaTwo--CVE-2022-0739--CVE-2021-29447--HTB-Easy-12-07\n\n\u041d\u0435 \u0437\u0430\u0431\u0443\u0434\u044c\u0442\u0435 \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u0442\u044c\u0441\u044f \u043d\u0430 @netrunnerz.", "creation_timestamp": "2022-12-16T20:30:40.000000Z"}, {"uuid": "a49af4cc-c8eb-4672-934e-7cfdcbeeb5ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-29447", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/638", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aWordPress - Authenticated XXE (CVE-2021-29447)\nURL\uff1ahttps://github.com/motikan2010/CVE-2021-29447", "creation_timestamp": "2021-10-04T01:18:02.000000Z"}, {"uuid": "1de5abbd-79e0-498a-ae25-65827e55caa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-29447", "type": "published-proof-of-concept", "source": "Telegram/b83YqEoSamzTvIv2g9YPtkdIt3N3ryx9DhLHym4P7gSMoa8", "content": "", "creation_timestamp": "2025-06-12T21:00:05.000000Z"}, {"uuid": "d1aaff0d-0b1e-4988-9c78-4791667aa111", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-29447", "type": "published-proof-of-concept", "source": "Telegram/itekV_7Xkp3Ho6cERYVofdzl_aqFgFj-j1LEcvC2Ybxwbi8", "content": "", "creation_timestamp": "2025-07-04T15:00:06.000000Z"}, {"uuid": "e180dc02-93f5-4636-a32f-78f017eeea6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-29447", "type": "published-proof-of-concept", "source": "https://t.me/netrunnerz/363", "content": "#\u0426\u0438\u043a\u043b\u0421\u0442\u0430\u0442\u0435\u0439_HTB\n\n[ MetaTwo | CVE-2022-0739 + CVE-2021-29447 | HTB Easy]\n\n\u0414\u043e\u0431\u0440\u043e\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u0441\u0443\u0442\u043e\u043a, \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u043c\u044b \u0440\u0430\u0437\u0431\u0435\u0440\u0435\u043c \u043c\u0430\u0448\u0438\u043d\u0443 MetaTwo \u043d\u0430 Hack The Box \u0441\u043e \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e Easy. \u041f\u043e \u0445\u043e\u0434\u0443 \u0441\u0442\u0430\u0442\u044c\u0438 \u0432\u044b \u0438\u0437\u0443\u0447\u0438\u0442\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 CVE-2022-0739 (POC) + CVE-2021-29447 (POC)", "creation_timestamp": "2022-12-09T13:59:41.000000Z"}, {"uuid": "1203cc90-a2c7-460a-8c47-1005a6d95c36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-29447", "type": "published-proof-of-concept", "source": "Telegram/Zb_pAijZjgpIWdaMMCL-38Twt8TGP6G8YOXf2OyH1UYbDuif", "content": "", "creation_timestamp": "2024-07-11T04:11:26.000000Z"}, {"uuid": "9d73c2f5-d3fd-461b-9c59-db4a039e436e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-29447", "type": "published-proof-of-concept", "source": "https://t.me/xxexm/1578", "content": "#CTF\n\n\u062d\u0644 CTF\n\nWordpress: CVE-2021-29447\n\nXXE vuln \n\n\u0631\u0627\u0628\u0637 \u0627\u0644 CTF:\nhttps://tryhackme.com/r/room/wordpresscve202129447", "creation_timestamp": "2024-07-11T11:27:26.000000Z"}, {"uuid": "d63287fa-ad19-472a-9b18-5d920f56a75f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-29447", "type": "published-proof-of-concept", "source": "https://t.me/pwnwiki_zhchannel/355", "content": "CVE-2021-29447 Wordpress XXE\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2021-29447_Wordpress_XXE%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-05-06T10:55:08.000000Z"}, {"uuid": "52d38a50-dded-4099-82d9-8982d836627d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-29447", "type": "published-proof-of-concept", "source": "Telegram/4jHl0A2G6QT9LyNmFhFHRrCZautXHohiqiIoSv0CRydb8w", "content": "", "creation_timestamp": "2021-09-02T14:51:27.000000Z"}, {"uuid": "f4214c9a-57a4-4865-9e7b-5e2a80d9248a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-29447", "type": "published-proof-of-concept", "source": "https://t.me/cybdetective/1496", "content": "List of articles that explain in simple terms the basics of information security from the @netrunnerz channel. \n\n\n\nModel OSI (simple guide) https://szybnev.medium.com/osi-network-model-in-simple-terms-ed91858a8991\n\nHTTP PROTOCOL (basic) https://telegra.ph/HTTP-PROTOCOL-09-22\n\nHTTPS SSL Sertificate (basic) https://telegra.ph/HTTPS-SSL-Certificate-09-22\n\nLinux basic 1 (most important terminal commands) https://telegra.ph/Osnovy-Linux-CHto-takoe-terminal-Osnovnye-komandy-09-25\n\nLinux basic 2 (advanced terminal commands) https://telegra.ph/Osnovy-Linux-part-2-10-02\n\nLinux basic 3 (advanced terminal commands)https://telegra.ph/Populyarnye-komandy-chast-3-10-09\n\nTLS Protocol (simple explanation) https://telegra.ph/CHto-takoe-TLS-protokol-prostymi-slovami-09-26\n\nDNS server (simple explanation) https://telegra.ph/CHto-takoe-DNS-server-prostymi-slovami-09-28\n\nDNS resource records (simple explanation) https://telegra.ph/CHto-takoe-resursnye-zapisi-DNS-prostymi-slovami-09-29-2\n\nStandard network protocols (quick guide) https://telegra.ph/Standartnye-porty-protokoly-09-29\n\nUPD Protocol (simple explanation) https://telegra.ph/UDP-protokol-prostymi-slovami-10-01\n\nTCP/IP Protocol https://telegra.ph/Protokol-TCPIP-prostymi-slovami-10-03-2\n\nWriteup HackTheBox OpenSource[EASY] https://szybnev.medium.com/writeup-hackthebox-opensource-easy-df9c16d9e31a\n\nLFI - Local File Inclusion vulnerability 1  https://telegra.ph/Web-security-flaw--LFI-10-10\n\nLFI - Local File Inclusion vulnerability 2 https://telegra.ph/Web-security-flaws--LFI-10-10\n\nSpawning a TTY Shell https://telegra.ph/Spawn-tty-shell-10-26\n\nPrivilege escalation with LD_PRELOAD https://telegra.ph/Povyshenie-privilegij-cherez-LD-PRELOAD--HTB-Easy--Photobomb-10-30\n\nNew:\n\nMetaTwo | CVE-2022-0739 + CVE-2021-29447  https://telegra.ph/MetaTwo--CVE-2022-0739--CVE-2021-29447--HTB-Easy-12-07\n\n\nDon't forget to follow @netrunnerz.", "creation_timestamp": "2022-12-16T21:16:25.000000Z"}, {"uuid": "1730dd04-e8bf-4c5b-b506-a4e1be0532d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-29447", "type": "seen", "source": "https://t.me/thebugbountyhunter/5402", "content": "WordPress XXE Vulnerability in Media Library \u2013 CVE-2021-29447 https://blog.wpsec.com/wordpress-xxe-in-media-library-cve-2021-29447/", "creation_timestamp": "2021-05-21T12:56:23.000000Z"}, {"uuid": "788ea4db-ec4c-4ebf-9473-3dc2db5c4ec2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-29447", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3142", "content": "#exploit\nCVE-2021-29447:\nWordPress 5.6-5.7 - Authenticated XXE (PoC)\nhttps://github.com/motikan2010/CVE-2021-29447\n]-> Vulnerability details:\nhttps://blog.sonarsource.com/wordpress-xxe-security-vulnerability", "creation_timestamp": "2021-04-30T11:57:20.000000Z"}, {"uuid": "156a2f95-7a53-4361-8c16-c0e106d9ab57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-29447", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3427", "content": "#Threat_Research\n1. WordPress 5.7, 5.6.2, 5.6.1, 5.6, 5.0.11 XXE Vulnerability\nin Media Library (CVE-2021-29447)\nhttps://blog.wpsec.com/wordpress-xxe-in-media-library-cve-2021-29447\n2. Oculus SSO \"Account Linking\" bug leads to account takeover on third party websites and inside VR Games/Apps\nhttps://ysamm.com/?p=697", "creation_timestamp": "2021-05-22T13:03:01.000000Z"}, {"uuid": "f94c5066-d748-4004-9f08-37d6b58e71ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-29447", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3506", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (may 1-31)\nCVE-2021-31166 - HTTP Stack RCE\nhttps://t.me/cybersecuritytechnologies/3388\nCVE-2021-21551 -Dell BIOS Driver PE\nhttps://t.me/cybersecuritytechnologies/3293\nCVE-2021-30747 -Covert channel in Apple M1\nhttps://t.me/cybersecuritytechnologies/3472\nCVE-2021-22204 -DjVu vuln\nhttps://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800\nCVE-2021-28482 -MS Exchange RCE\nhttps://t.me/cybersecuritytechnologies/3286\nCVE-2021-21974 -VMware\u00a0ESXi heap-overflow\nhttps://t.me/cybersecuritytechnologies/3460\nCVE-2021-29447 -WordPress XXE\nhttps://t.me/cybersecuritytechnologies/3142\nCVE-2021-21985 - vSphere Client RCE\nhttps://t.me/cybersecuritytechnologies/3493\nCVE-2021-32471 -ACE in TuringMachine\nhttps://t.me/cybersecuritytechnologies/3364\nCVE-2021-3490 -Linux Kernel eBPF\nhttps://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=049c4e13714ecbca567b4d5f6d563f05d431c80e", "creation_timestamp": "2024-09-28T16:48:46.000000Z"}]}