Cyber Resilience

CVE-2022-4395

CriticalPublic PoC

Published: 30 January 2023

Published
30 January 2023
Modified
27 March 2025
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.7628 99.0th percentile
Risk Priority 65 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-4395 is a critical-severity an unspecified weakness vulnerability in Wpswings Membership For Woocommerce. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 1.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

The Membership For WooCommerce WordPress plugin before version 2.1.7 contains an unauthenticated file-upload flaw that permits arbitrary files, including malicious PHP payloads, to be stored and executed on the server. The affected component is the membership-management extension for WooCommerce sites, which fails to enforce any server-side validation or type restrictions on user-supplied uploads.

An unauthenticated attacker can therefore send a crafted HTTP request containing a web shell or other executable file, place it in a web-accessible directory, and invoke it to obtain remote code execution with the privileges of the web server process. The vulnerability carries a CVSS 3.1 score of 9.8, reflecting network attack vector, no required credentials, and full confidentiality, integrity, and availability impact.

Publicly available references, including WPScan, Exploit-DB, and PacketStorm, document working proof-of-concept exploits and recommend immediate upgrade to 2.1.7 or later as the primary mitigation. The CVE’s EPSS score has remained elevated, with a recorded peak of 0.7740 and a current value of 0.7628, indicating sustained exploitation interest after disclosure.

EU & UK References

Vulnerability details

The Membership For WooCommerce WordPress plugin before 2.1.7 does not validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as malicious PHP code, and achieve RCE.

CWE(s)
None listed

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

wpswings
membership for woocommerce
≤ 2.1.7

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References