Reflected File Download Vulnerability in AAWP WordPress Plugin
CVE-2022-4794 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
The AAWP WordPress plugin before 3.12.3 can be used to abuse trusted domains to load malware or other files through it (Reflected File Download) to bypass firewall rules in companies.
Learn more about our Wordpress Pen Testing.