CVE-2022-4395 Information

Description

The Membership For WooCommerce WordPress plugin before 2.1.7 does not validate uploaded files which could allow unauthenticated users to upload arbitrary files such as malicious PHP code and achieve RCE.

Reference

https://wpscan.com/vulnerability/80407ac4-8ce3-4df7-9c41-007b69045c40