The Membership For WooCommerce WordPress plugin before 2.1.7 does not validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as malicious PHP code, and achieve RCE.
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/80407ac4-8ce3-4df7-9c41-007b69045c40 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2023-01-30T20:31:42.219Z
Updated:
Reserved: 2022-12-10T01:03:42.456Z
Link: CVE-2022-4395
JSON object: View
NVD Information
Status : Modified
Published: 2023-01-30T21:15:10.623
Modified: 2023-11-07T03:57:44.797
Link: CVE-2022-4395
JSON object: View
Redhat Information
No data.
CWE
No CWE.