5 matches found
CVE-2022-4794
The AAWP WordPress plugin before 3.12.3 can be used to abuse trusted domains to load malware or other files through it Reflected File Download to bypass firewall rules in companies...
CVE-2022-4794 AAWP < 3.12.3 - Unsafe URL Handling
The AAWP WordPress plugin before 3.12.3 can be used to abuse trusted domains to load malware or other files through it Reflected File Download to bypass firewall rules in companies...
CVE-2022-4794 AAWP < 3.12.3 - Unsafe URL Handling
The AAWP WordPress plugin before 3.12.3 can be used to abuse trusted domains to load malware or other files through it Reflected File Download to bypass firewall rules in companies...
CVE-2022-4794
CVE-2022-4794 affects the WordPress plugin AAWP , prior to version 3.12.3. The root cause is unsafe URL handling that enables a Reflected File Download to load malware or files from trusted domains, bypassing some firewall rules. The vulnerability is supported by multiple sources: NVD/Red Hat ent...
WordPress AAWP Plugin < 3.12.3 is vulnerable to Other Vulnerability Type
Software AAWP Type Plugin Vulnerable versions 3.12.3 Fixed in 3.12.3 OWASP Top 10 A6: Security Misconfiguration Classification Other Vulnerability Type CVE CVE-2022-4794 Patch priority Low CVSS severity Low 3.1 Developer Claim ownership PSID 137f96d60cee Credits Daniel Ruf Required privilege...