WordPress Plugin Vulnerabilities

CP Multi View Event Calendar <= 1.1.7 - Unauthenticated SQL Injection

Description

The Calendar Event Multi View WordPress plugin was affected by an Unauthenticated SQL Injection security vulnerability.

Affects Plugins

Plugin icon
cp-multi-view-calendar
Fixed in 1.1.8

References

Exploitdb
37560

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
3bf2665d-2e2d-4cc4-ac5d-7300e9cb1c11

Timeline

Publicly Published
2015-07-10 (about 10 years ago)
Added
2015-07-12 (about 10 years ago)
Last Updated
2019-10-22 (about 6 years ago)

Other

Published
Title
Published
2017-06-06
Title
Multi Feed Reader <= 2.2.3 - SQL Injection
Published
2024-12-14
Title
TSB Occasion Editor <= 1.2.1 - Authenticated (Subscriber+) SQL Injection
Published
2025-05-16
Title
SHOUT <= 3.5.3 - Authenticated (Contributor+) SQL Injection
Published
2021-10-11
Title
Affiliate Manager < 2.8.7 - Admin+ SQL injection
Published
2016-11-10
Title
Sirv <= 1.3.1 - Authenticated SQL Injection