The AAWP WordPress plugin before 3.12.3 can be used to abuse trusted domains to load malware or other files through it (Reflected File Download) to bypass firewall rules in companies.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2023-01-30T20:31:32.385Z

Updated: 2024-08-03T01:48:40.613Z

Reserved: 2022-12-28T11:06:45.546Z

Link: CVE-2022-4794

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-01-30T21:15:12.553

Modified: 2023-11-07T03:58:57.833

Link: CVE-2022-4794

cve-icon Redhat

No data.