cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-3852,https://securityvulnerability.io/vulnerability/CVE-2022-3852,Cross-Site Request Forgery Vulnerability in VR Calendar Plugin for WordPress,"The VR Calendar plugin for WordPress is susceptible to a Cross-Site Request Forgery vulnerability due to inadequate nonce validation in various functions. This flaw allows unauthenticated attackers to manipulate calendars and plugin settings if they successfully deceive a site administrator into executing a malicious action, such as clicking on a specially crafted link. It is crucial for users of the VR Calendar plugin to ensure they are on the latest version to mitigate potential risks associated with this vulnerability.",Wordpress,Vr Calendar,8.8,HIGH,0.0012700000079348683,false,,false,false,false,,false,false,2022-11-03T17:15:11.490Z,0
CVE-2022-2314,https://securityvulnerability.io/vulnerability/CVE-2022-2314,VR Calendar < 2.3.2 - Unauthenticated Arbitrary Function Call,The VR Calendar WordPress plugin through 2.3.2 lets any user execute arbitrary PHP functions on the site.,Wordpress,Vr Calendar,9.8,CRITICAL,0.46208998560905457,false,,false,false,false,,false,false,2022-08-15T08:36:40.000Z,0