WordPress · Social Warfare · CVE-2021-4434
**Name of the Vulnerable Software and Affected Versions**
Social Warfare plugin for WordPress versions up to, and including, 3.5.2
**Description**
The issue allows for Remote Code Execution via the `swp url` parameter, enabling attackers to execute code on the server.
**Recommendations**
For versions up to, and including, 3.5.2, update to a version higher than 3.5.2 to resolve the issue.
As a temporary workaround, consider restricting access to the `swp url` parameter until a patch is available.