VYPR

Assistant WordPress plugin

by WordPress

CVEs (1)

  • CVE-2023-5798HigOct 26, 2023
    risk 0.57cvss 8.8epss 0.01

    The Assistant WordPress plugin before 1.4.4 does not validate a parameter before making a request to it via wp_remote_get(), which could allow users with a role as low as Editor to perform SSRF attacks