exploitDog

GHSA-3242-hvmp-wgvm

Опубликовано: 30 янв. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

The AAWP WordPress plugin before 3.12.3 can be used to abuse trusted domains to load malware or other files through it (Reflected File Download) to bypass firewall rules in companies.

The AAWP WordPress plugin before 3.12.3 can be used to abuse trusted domains to load malware or other files through it (Reflected File Download) to bypass firewall rules in companies.

Ссылки

EPSS

Процентиль: 49%

0.00257

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-639

Связанные уязвимости

CVE-2022-4794

CVSS3: 7.5

nvd

около 3 лет назад

The AAWP WordPress plugin before 3.12.3 can be used to abuse trusted domains to load malware or other files through it (Reflected File Download) to bypass firewall rules in companies.

EPSS

Процентиль: 49%

0.00257

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-639