Is CVE-2014-8586 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

SQL Injection in Cp_multi_view_event_calendar_project Cp_multi_view_event_calendar

CVE-2014-8586

SQL injection vulnerability in the CP Multi View Event Calendar plugin 1.01 for WordPress allows remote attackers to execute arbitrary SQL commands via the calid parameter.

Vulnerability class: SQL Injection

EPSS: 0.780 (99.0th percentile) — read the EPSS interpretation.

Affected products

Cp_multi_view_event_calendar_project Cp_multi_view_event_calendar — versions 1.0.1
N/a — versions n/a

Weakness classification (CWE)

CWE-89 — SQL Injection

Public proof-of-concept exploits

References

70718 (vdb-entry, x_refsource_BID)
cpmultiview-wordpress-calid-sql-injection(97766) (vdb-entry, x_refsource_XF)
113670 (x_refsource_OSVDB, vdb-entry)
35073 (Exploit, exploit, x_refsource_EXPLOIT-DB)
cve@mitre.org (Exploit, x_refsource_MISC)

Frequently asked questions

What is CVE-2014-8586?: CVE-2014-8586 is a vulnerability in Cp_multi_view_event_calendar_project Cp_multi_view_event_calendar, classified under SQL Injection. Published 2014-11-04.
Is CVE-2014-8586 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.