Lucene search
WPScanCVELIST:CVE-2022-4395HistoryJan 30, 2023 - 8:31 p.m.
CVE-2022-4395 Membership For WooCommerce < 2.1.7 - Unauthenticated Arbitrary File Upload
2023-01-3020:31:42
WPScan
www.cve.org
3
woocommerce
unauthenticated
arbitrary file upload
rce
cve-2022-4395
wordpress
plugin
file validation
The Membership For WooCommerce WordPress plugin before 2.1.7 does not validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as malicious PHP code, and achieve RCE.
CNA Affected
[
{
"vendor": "Unknown",
"product": "Membership For WooCommerce",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThan": "2.1.7"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
}
]Related
prion
prion
Default credentials
2023-01-30 21:15:00
githubexploit
githubexploit
Exploit for CVE-2022-4395
2023-03-09 12:35:48
nvd
nvd
CVE-2022-4395
2023-01-30 21:15:10
wpvulndb
wpvulndb
Membership For WooCommerce < 2.1.7 - Unauthenticated Arbitrary File Upload
2023-01-04 00:00:00
cve
cve
CVE-2022-4395
2023-01-30 21:15:10
exploitdb
exploitdb
wpexploit
wpexploit
Membership For WooCommerce < 2.1.7 - Unauthenticated Arbitrary File Upload
2023-01-04 00:00:00