Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:34 a.m.8 views

CVE-2022-4047

The Return Refund and Exchange For WooCommerce WordPress plugin before 4.0.9 does not validate attachment files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files such as PHP and lead to RCE...

9.8CVSS7.1AI score0.06152EPSS
Exploits3References1
GithubExploit
GithubExploit
added 2023/12/14 7:36 a.m.592 views

Exploit for CVE-2022-4047

CVE-2022-4047 Return Refund and Exchange For WooCommerce...

9.8CVSS9.7AI score0.06152EPSS
Exploits3
Circl
Circl
added 2023/09/26 10:44 a.m.6 views

CVE-2022-4047

creationtimestamp| type| source ---|---|--- 2023-09-26 10:44:16+00:00| published-proof-of-concept| https://t.me/v3n0mhack/283 2025-04-14 13:54:49+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11607...

9.8CVSS8.7AI score0.06152EPSS
Exploits3References2
CVE
CVE
added 2022/12/26 12:28 p.m.81 views

CVE-2022-4047

CVE-2022-4047 affects the Return Refund and Exchange For WooCommerce WordPress plugin prior to version 4.0.9. The root cause is failure to validate attachment files uploaded via an AJAX action accessible to unauthenticated users, allowing arbitrary files (e.g., PHP) to be uploaded and potentially...

9.8CVSS9.7AI score0.06152EPSS
Exploits3References1Affected Software1
Cvelist
Cvelist
added 2022/12/26 12:28 p.m.22 views

CVE-2022-4047 Return Refund and Exchange For WooCommerce < 4.0.9 - Unauthenticated Arbitrary File Upload

The Return Refund and Exchange For WooCommerce WordPress plugin before 4.0.9 does not validate attachment files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files such as PHP and lead to RCE...

9.9AI score0.06152EPSS
Exploits3References1
Vulnrichment
Vulnrichment
added 2022/12/26 12:28 p.m.12 views

CVE-2022-4047 Return Refund and Exchange For WooCommerce < 4.0.9 - Unauthenticated Arbitrary File Upload

The Return Refund and Exchange For WooCommerce WordPress plugin before 4.0.9 does not validate attachment files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files such as PHP and lead to RCE...

7.1AI score0.06152EPSS
Exploits3References1
Rows per page
Query Builder