Lucene search

[email protected]CVE-2022-2314

HistoryAug 15, 2022 - 11:21 a.m.

CVE-2022-2314

2022-08-1511:21:21

CWE-78

[email protected]

web.nvd.nist.gov

cve-2022-2314

vr calendar

wordpress plugin

php

security vulnerability

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.319 Low

EPSS

Percentile

97.0%

JSON

The VR Calendar WordPress plugin through 2.3.2 lets any user execute arbitrary PHP functions on the site.

Affected configurations

Vulners

NVD

Node

vr_calendar_projectvr_calendarRange<2.3.2

VendorProductVersionCPE
vr_calendar_projectvr_calendar*cpe:2.3:a:vr_calendar_project:vr_calendar:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
vr_calendar_project	vr_calendar	*	cpe:2.3:a:vr_calendar_project:vr_calendar::::::::

CNA Affected

[
  {
    "product": "VR Calendar",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThan": "2.3.2",
        "status": "affected",
        "version": "2.3.2",
        "versionType": "custom"
      }
    ]
  }
]

References

wpscan.com/vulnerability/b22fe77c-844e-4c24-8023-014441cc1e82

Social References

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.319 Low

EPSS

Percentile

97.0%

JSON

Related for CVE-2022-2314

nvd1 patchstack1 prion1 wpvulndb1 wpexploit1 cvelist1 nuclei1