Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:8 a.m.17 views

CVE-2022-4395

The Membership For WooCommerce WordPress plugin before 2.1.7 does not validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as malicious PHP code, and achieve RCE...

9.8CVSS7.1AI score0.17569EPSS
Exploits2References1
Circl
Circl
added 2023/11/27 11:59 p.m.6 views

CVE-2022-4395

creationtimestamp| type| source ---|---|--- 2023-11-27 23:59:07+00:00| seen| https://t.me/arpsyndicate/615 2024-09-19 15:32:04+00:00| published-proof-of-concept| Telegram/M-RM6JUeRS-yLbXH47dffFKYpTJTdkiqAiI6xYlcLmjs7Mv7LQ 2024-09-19 15:32:09+00:00| published-proof-of-concept|...

9.8CVSS8.7AI score0.17569EPSS
Exploits2References6
Vulnrichment
Vulnrichment
added 2023/01/30 8:31 p.m.12 views

CVE-2022-4395 Membership For WooCommerce < 2.1.7 - Unauthenticated Arbitrary File Upload

The Membership For WooCommerce WordPress plugin before 2.1.7 does not validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as malicious PHP code, and achieve RCE...

9.7AI score0.17569EPSS
Exploits2References1
CVE
CVE
added 2023/01/30 8:31 p.m.120 views

CVE-2022-4395

The CVE-2022-4395 entry describes a vulnerability in the WordPress plugin “Membership For WooCommerce” prior to version 2.1.7 where uploaded files are not validated, allowing unauthenticated users to upload arbitrary files (e.g., PHP), enabling remote code execution. Affected software: Membership...

9.8CVSS9.6AI score0.17569EPSS
Exploits2References3Affected Software1
Cvelist
Cvelist
added 2023/01/30 8:31 p.m.26 views

CVE-2022-4395 Membership For WooCommerce < 2.1.7 - Unauthenticated Arbitrary File Upload

The Membership For WooCommerce WordPress plugin before 2.1.7 does not validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as malicious PHP code, and achieve RCE...

9.9AI score0.17569EPSS
Exploits2References1
Patchstack
Patchstack
added 2023/01/04 12:0 a.m.15 views

WordPress Membership For WooCommerce Plugin < 2.1.7 is vulnerable to Arbitrary File Upload

Software Membership For WooCommerce Type Plugin Vulnerable versions 2.1.7 Fixed in 2.1.7 OWASP Top 10 A5: Broken Access Control Classification Arbitrary File Upload CVE CVE-2022-4395 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 0a53b711b376 Credits cydave Required...

9.8CVSS6.4AI score0.17569EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder