CVE-2022-4395

CRITICAL

Membership For WooCommerce <2.1.7 - Unauthenticated RCE

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2022-4395. PoCs published by Milad karimi, MrG3P5.

AI-analyzed exploit summary This exploit targets an arbitrary file upload vulnerability in the WordPress plugin 'Membership For WooCommerce' versions prior to 2.1.7. It uploads a malicious PHP file disguised as a GIF to achieve unauthenticated remote code execution.

Description

The Membership For WooCommerce WordPress plugin before 2.1.7 does not validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as malicious PHP code, and achieve RCE.

Exploits (2)

exploitdb WORKING POC

by Milad karimi · textwebappsphp

https://www.exploit-db.com/exploits/51959

View Code ZIP pw:eip

This exploit targets an arbitrary file upload vulnerability in the WordPress plugin 'Membership For WooCommerce' versions prior to 2.1.7. It uploads a malicious PHP file disguised as a GIF to achieve unauthenticated remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Membership For WooCommerce < v2.1.7

No auth needed

Prerequisites: Target must have the vulnerable plugin installed and activated · Target must be accessible via HTTP/HTTPS

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1505.003 - Web Shell

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC 7 stars

by MrG3P5 · poc

https://github.com/MrG3P5/CVE-2022-4395

View Code ZIP pw:eip

This repository contains a Python script that automates the exploitation of CVE-2022-4395, an unauthenticated arbitrary file upload vulnerability in the WP Membership plugin for WordPress. The script uploads a PHP shell to vulnerable targets and verifies successful exploitation by checking for a specific string in the response.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: WP Membership plugin for WordPress (versions affected by CVE-2022-4395)

No auth needed

Prerequisites: List of target domains · Python 3 with required libraries (requests, pyfiglet, colorama)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1505.003 - Web Shell

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Third Party Advisory

https://packetstormsecurity.com/files/177934/WordPress-Membership-For-WooCommerce-Shell-Upload.html

Exploit, Third Party Advisory exploit vdb-entry technical-description

https://wpscan.com/vulnerability/80407ac4-8ce3-4df7-9c41-007b69045c40

Exploit, Third Party Advisory

https://www.exploit-db.com/exploits/51959

Scores

CVSS v3 9.8

EPSS 0.7628

EPSS Percentile 99.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

Status published

Products (1)

wpswings/membership_for_woocommerce < 2.1.7

Published Jan 30, 2023

Tracked Since Feb 18, 2026