Cyber Resilience

CVE-2022-4060

CriticalPublic PoC

Published: 16 January 2023

Published
16 January 2023
Modified
04 April 2025
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.8872 99.5th percentile
Risk Priority 73 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-4060 is a critical-severity an unspecified weakness vulnerability in Odude User Post Gallery. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 0.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

The User Post Gallery WordPress plugin through version 2.19 is affected by CVE-2022-4060, a critical flaw in which the plugin fails to restrict the callback functions that can be invoked by users. This permits arbitrary code execution on any site running the vulnerable plugin. The issue carries a CVSS v3.1 score of 9.8, reflecting network-accessible attack vectors with no required authentication or user interaction.

Unauthenticated visitors can directly exploit the weakness to invoke arbitrary callbacks, resulting in full compromise of confidentiality, integrity, and availability on the target WordPress installation. The published description explicitly states that any site visitor can run code, enabling outcomes such as data exfiltration, site defacement, or persistent backdoor installation.

The associated EPSS score has remained elevated, with a current value of 0.8872 and a recorded peak of 0.9112. WPScan has published technical details on the vulnerability at the referenced advisory URL.

EU & UK References

Vulnerability details

The User Post Gallery WordPress plugin through 2.19 does not limit what callback functions can be called by users, making it possible to any visitors to run code on sites running it.

CWE(s)
None listed

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

odude
user post gallery
≤ 2.19

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References