CVE-2022-4047

CRITICAL

WooCommerce <4.0.9 - RCE

Title source: llm

Description

The Return Refund and Exchange For WooCommerce WordPress plugin before 4.0.9 does not validate attachment files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files such as PHP and lead to RCE

Exploits (2)

nomisec WORKING POC 1 stars

by im-hanzou · poc

https://github.com/im-hanzou/WooRefer

View Code ZIP pw:eip

nomisec WORKING POC

by entroychang · poc

https://github.com/entroychang/CVE-2022-4047

View Code ZIP pw:eip

References (1)

[Exploit, Third Party Advisory] https://wpscan.com/vulnerability/8965a87c-5fe5-4b39-88f3-e00966ca1d94

Scores

CVSS v3 9.8

EPSS 0.7330

EPSS Percentile 98.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Status published

Products (1)

wpswings/return_refund_and_exchange_for_woocommerce < 4.0.9

Published Dec 26, 2022

Tracked Since Feb 18, 2026