Rewterz Threat Advisory – CVE-2022-32941 – Apple iPhone OS Vulnerability

November 8, 2022

Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs

November 8, 2022

Rewterz Threat Advisory – CVE-2022-3254 – WordPress AWP Classifieds Plugin Vulnerability

November 8, 2022

Severity

High

Analysis Summary

CVE-2022-3254

The WordPress Classifieds Plugin WordPress plugin before 4.3 does not properly sanitise and escape some parameters before using them in a SQL statement via an AJAX action available to unauthenticated users and when a specific premium module is active, leading to a SQL injection

Impact

Unauthorized Access

Indicators Of Compromise

CVE

CVE-2022-3254

Affected Vendors

WordPress

Affected Products

AWP Classifieds Plugin for WordPress 4.3

Remediation

Refer to WordPress Plugin Website for patch, upgrade or suggested workaround information.

WordPress Plugin Website

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

SuperCard X Malware Exploiting NFC for Financial Fraud – Active IOCs

Zoom Remote Control Feature Exploited to Gain Access

Microsoft Entra Account Lockouts Triggered by Token Logging Error

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – CVE-2022-32941 – Apple iPhone OS Vulnerability

Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.