High severity8.8NVD Advisory· Published Oct 26, 2023· Updated Jun 17, 2026
CVE-2023-5798
CVE-2023-5798
Description
The Assistant WordPress plugin before 1.4.4 does not validate a parameter before making a request to it via wp_remote_get(), which could allow users with a role as low as Editor to perform SSRF attacks
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <1.4.4
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/bbb4c98c-4dd7-421e-9666-98f15acde761nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.