CVE-2022-2314
VR Calendar < 2.3.2 - Unauthenticated Arbitrary Function Call
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- July 05, 2022
- Published Date
- August 15, 2022
- Last Updated
- August 03, 2024
- Vendor
- Innate Images LLC
- Product
- VR Calendar
- Description
- The VR Calendar WordPress plugin through 2.3.2 lets any user execute arbitrary PHP functions on the site.
- Tags
- Exploited in the Wild
- Yes (added 2025-05-11 00:00:00 UTC) Source
wordpress
php
CVSS Scores
Exploit Status
Known Exploited Vulnerability Information
| Source | Added Date |
|---|---|
| The Shadowserver (via CIRCL) | 2025-05-11 00:00:00 UTC |
Scanner Integrations
| Scanner | URL | Date Detected |
|---|---|---|
| Nuclei | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-2314.yaml | 2025-04-26 00:00:00 UTC |