Unrated severityNVD Advisory· Published Jan 30, 2023· Updated Mar 28, 2025
AAWP < 3.12.3 - Unsafe URL Handling
CVE-2022-4794
Description
The AAWP WordPress plugin before 3.12.3 can be used to abuse trusted domains to load malware or other files through it (Reflected File Download) to bypass firewall rules in companies.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- wpscan.com/vulnerability/feb4580d-df15-45c8-b59e-ad406e4b064cmitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.