Reflected File Download Vulnerability in AAWP WordPress Plugin

Reflected File Download Vulnerability in AAWP WordPress Plugin

CVE-2022-4794 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

The AAWP WordPress plugin before 3.12.3 can be used to abuse trusted domains to load malware or other files through it (Reflected File Download) to bypass firewall rules in companies.

Learn more about our Wordpress Pen Testing.