Login Sign Up

CVE-2022-28700

9.1 CRITICAL

📋 TL;DR

This vulnerability allows authenticated WordPress users with appropriate permissions to create arbitrary files on the server via the GiveWP plugin's export function. Attackers can potentially write malicious files like web shells, leading to remote code execution. It affects WordPress sites running GiveWP plugin version 2.20.2 and earlier.

💻 Affected Systems

Products:
  • GiveWP WordPress Plugin
Versions: <= 2.20.2
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Requires authenticated user with export permissions (typically administrator or editor roles).

📦 What is this software?

Givewp by Givewp

View all CVEs affecting Givewp →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server compromise via web shell deployment, data theft, defacement, or ransomware deployment.

🟠

Likely Case

Unauthorized file creation leading to web shell installation, privilege escalation, and lateral movement within the WordPress environment.

🟢

If Mitigated

Limited impact with proper file permission restrictions and monitoring, though file system integrity may still be compromised.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires authenticated access but is straightforward once credentials are obtained.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.20.3

Vendor Advisory: https://wordpress.org/plugins/give/#developers

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find GiveWP and click 'Update Now'. 4. Verify version is 2.20.3 or later.

🔧 Temporary Workarounds

Disable GiveWP Plugin

all

Temporarily disable the vulnerable plugin until patching is possible.

wp plugin deactivate give

Restrict User Permissions

all

Limit export functionality to trusted administrators only and review user roles.

🧯 If You Can't Patch

  • Implement strict file system permissions to prevent PHP file execution in upload directories.
  • Enable WordPress security plugins with file integrity monitoring and alerting.

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > GiveWP version. If version is 2.20.2 or lower, you are vulnerable.

Check Version:

wp plugin list --name=give --field=version

Verify Fix Applied:

Confirm GiveWP plugin version is 2.20.3 or higher in WordPress admin.

📡 Detection & Monitoring

Log Indicators:

  • Unusual file creation events in WordPress uploads directory
  • Multiple export requests from single user in short timeframe
  • POST requests to /wp-admin/edit.php?post_type=give_forms&page=give-tools containing file creation parameters

Network Indicators:

  • HTTP requests to GiveWP export endpoints with suspicious file parameters

SIEM Query:

source="wordpress.log" AND ("give-tools" OR "export") AND ("php" OR ".exe" OR suspicious_file_extension)

📊 Metadata

CVE ID: CVE-2022-28700
CVSS v3 Score: 9.1 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CWE: CWE-434
Published: July 21, 2022
Last Updated: February 20, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-28700, you might also want to check these:

CVE-2024-52490 10.0

This vulnerability allows attackers to upload arbitrary files, including web shells, to Pathomation ...

Same vulnerability type (CWE-434)
CVE-2024-43160 10.0

CVE-2024-43160 is an unauthenticated arbitrary file upload vulnerability in the BerqWP WordPress plu...

Same vulnerability type (CWE-434)
CVE-2024-8940 10.0

CVE-2024-8940 is a critical unrestricted file upload vulnerability in Scriptcase version 9.4.019 tha...

Same vulnerability type (CWE-434)