CVE-2022-4794 - Vulnerability Details - OpenCVE

Description

The AAWP WordPress plugin before 3.12.3 can be used to abuse trusted domains to load malware or other files through it (Reflected File Download) to bypass firewall rules in companies.

Published: 2023-01-30

Score: 7.5 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Unknown

AAWP

unaffected

Version	Status	Constraints
`0`	affected	< 3.12.3

Configuration 1 [-]

cpe:2.3:a:getaawp:amazon_affiliate_wordpress_plugin:*:*:*:*:*:wordpress:*:*

No data.

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2022-52090	The AAWP WordPress plugin before 3.12.3 can be used to abuse trusted domains to load malware or other files through it (Reflected File Download) to bypass firewall rules in companies.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00536.

Exploitation poc

Automatable yes

Technical Impact partial

References

Link	Providers
https://wpscan.com/vulnerability/feb4580d-df15-45c8-b59e-ad406e4b064c

History

Fri, 28 Mar 2025 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Subscriptions

Getaawp Amazon Affiliate Wordpress Plugin

MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2023-01-30T20:31:32.385Z

Updated: 2025-03-28T14:20:43.549Z

Reserved: 2022-12-28T11:06:45.546Z

Link: CVE-2022-4794

Vulnrichment

Updated: 2024-08-03T01:48:40.613Z

NVD

Status : Modified

Published: 2023-01-30T21:15:12.553

Modified: 2025-03-28T15:15:43.120

Link: CVE-2022-4794

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-4794", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "state": "PUBLISHED", "assignerShortName": "WPScan", "dateReserved": "2022-12-28T11:06:45.546Z", "datePublished": "2023-01-30T20:31:32.385Z", "dateUpdated": "2025-03-28T14:20:43.549Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2023-01-30T20:31:32.385Z"}, "title": "AAWP < 3.12.3 - Unsafe URL Handling", "problemTypes": [{"descriptions": [{"description": "CWE-639 Authorization Bypass Through User-Controlled Key", "lang": "en", "type": "CWE"}]}], "affected": [{"vendor": "Unknown", "product": "AAWP", "versions": [{"status": "affected", "versionType": "custom", "version": "0", "lessThan": "3.12.3"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The AAWP WordPress plugin before 3.12.3 can be used to abuse trusted domains to load malware or other files through it (Reflected File Download) to bypass firewall rules in companies."}], "references": [{"url": "https://wpscan.com/vulnerability/feb4580d-df15-45c8-b59e-ad406e4b064c", "tags": ["exploit", "vdb-entry", "technical-description"]}], "credits": [{"lang": "en", "value": "Daniel Ruf", "type": "finder"}, {"lang": "en", "value": "WPScan", "type": "coordinator"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "WPScan CVE Generator"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T01:48:40.613Z"}, "title": "CVE Program Container", "references": [{"url": "https://wpscan.com/vulnerability/feb4580d-df15-45c8-b59e-ad406e4b064c", "tags": ["exploit", "vdb-entry", "technical-description", "x_transferred"]}]}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-03-28T14:20:26.427324Z", "id": "CVE-2022-4794", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-28T14:20:43.549Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://wpscan.com/vulnerability/feb4580d-df15-45c8-b59e-ad406e4b064c", "tags": ["exploit", "vdb-entry", "technical-description", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T01:48:40.613Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2022-4794", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-03-28T14:20:26.427324Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-28T14:20:38.691Z"}}], "cna": {"title": "AAWP < 3.12.3 - Unsafe URL Handling", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Daniel Ruf"}, {"lang": "en", "type": "coordinator", "value": "WPScan"}], "affected": [{"vendor": "Unknown", "product": "AAWP", "versions": [{"status": "affected", "version": "0", "lessThan": "3.12.3", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://wpscan.com/vulnerability/feb4580d-df15-45c8-b59e-ad406e4b064c", "tags": ["exploit", "vdb-entry", "technical-description"]}], "x_generator": {"engine": "WPScan CVE Generator"}, "descriptions": [{"lang": "en", "value": "The AAWP WordPress plugin before 3.12.3 can be used to abuse trusted domains to load malware or other files through it (Reflected File Download) to bypass firewall rules in companies."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-639 Authorization Bypass Through User-Controlled Key"}]}], "providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2023-01-30T20:31:32.385Z"}}}, "cveMetadata": {"cveId": "CVE-2022-4794", "state": "PUBLISHED", "dateUpdated": "2025-03-28T14:20:43.549Z", "dateReserved": "2022-12-28T11:06:45.546Z", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "datePublished": "2023-01-30T20:31:32.385Z", "assignerShortName": "WPScan"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:getaawp:amazon_affiliate_wordpress_plugin:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "ED83A416-4500-49DF-8499-BAB7BF35171B", "versionEndExcluding": "3.12.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The AAWP WordPress plugin before 3.12.3 can be used to abuse trusted domains to load malware or other files through it (Reflected File Download) to bypass firewall rules in companies."}, {"lang": "es", "value": "El complemento AAWP de WordPress anterior a 3.12.3 se puede utilizar para abusar de dominios confiables y cargar malware u otros archivos a trav\u00e9s de \u00e9l (descarga de archivos reflejados) para eludir las reglas de firewall en las empresas."}], "id": "CVE-2022-4794", "lastModified": "2025-03-28T15:15:43.120", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2023-01-30T21:15:12.553", "references": [{"source": "contact@wpscan.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/feb4580d-df15-45c8-b59e-ad406e4b064c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/feb4580d-df15-45c8-b59e-ad406e4b064c"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Modified"}