Subscribe

WordPress 5.8.3 Security Update Fixes Four Flaws

January 11, 2022

WordPress has released version 5.8.3 security update that fixes four vulnerabilities: CVE-2022-21661, CVE-2022-21662, CVE-2022-21663, and CVE-2022-21664.

CVE-2022-21661 is a SQL injection via WP _ Query. The vulnerability is a high severity flaw with an 8.0 severity rating. It is exploited via plugins and themes that use WP-Query.

CVE-2022-21662, an XSS high severity flaw has a severity of 8.0. The flaw allows authors with lower privilege users to add a malicious backdoor or take over a page by abusing post slugs.

CVE-2022-21663 has an average severity with a CVSS score of 6.6. This is an object injection problem that is exploited after a threat actor compromised the administrator account.

CVE-2022-21664 is a high severity flaw with a 7.4 CVSS score. It is an SQL injection error that is exploited via the WP_Meta_Query core class.

For CVE-2022-21611, CVE-2022-21612, CVE-2022-21613, fixes cover WordPress versions down to 3.7.37. For CVE-2022-21614, fixes cover WordPress versions down to 4.1.34.

For more information, read the original story in BleepingComputer.

Top Stories

Meta accused of burying internal study linking Facebook deactivation to improved mental health

Salesforce CEO Marc Benioff dumps ChatGPT for Google’s Gemini 3, calls AI leap ‘insane’

Google Gemini bringing AI-powered features to Android Auto

CrowdStrike’s 2025 Global Threat Outlook

Washington Post confirms nearly 10,000 affected in Oracle EBS breach linked to Clop

Lost iPhone users targeted by phishing texts claiming the device was found

Related Articles

Google Gemini bringing AI-powered features to Android Auto

November 24, 2025 Google is rolling out its Gemini artificial intelligence assistant to vehicles equipped with Android Auto, promising a more...

CrowdStrike’s 2025 Global Threat Outlook

November 13, 2025 CrowdStrike’s 2025 Global Threat Report paints a clear picture of a threat landscape moving faster, operating more more...

Washington Post confirms nearly 10,000 affected in Oracle EBS breach linked to Clop

November 13, 2025 The Washington Post has confirmed that nearly 10,000 current and former employees and contractors had personal information more...

Lost iPhone users targeted by phishing texts claiming the device was found

November 13, 2025 Criminals are using a new phishing scheme to target people who have lost their iPhones, sending messages more...

Jim Love

Jim is an author and podcast host with over 40 years in technology.

Share:
Facebook
Twitter
LinkedIn
Tech News Day is a daily publication featuring key news stories about technology and how it affects businesses.

Follow Us

X-twitter Linkedin-in

Popular categories

Tech News Delivered

New, Relevant Tech Stories. Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize them to give you the key takeaways.
Subscribe
© 2025 TECHNEWSDAY. All rights reserved.