Back to search
CVE-2022-4794
Published: Jan 30, 2023
Modified: Mar 28, 2025
PUBLISHED
Description
The AAWP WordPress plugin before 3.12.3 can be used to abuse trusted domains to load malware or other files through it (Reflected File Download) to bypass firewall rules in companies.
| Vendor | Product | Versions |
|---|---|---|
Unknown | AAWP | affected 0 - < 3.12.3 |
References
https://wpscan.com/vulnerability/feb4580d-df15-45c8-b59e-ad406e4b064c
exploit
vdb-entry
technical-description
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now