CVE-2020-14044
Codiad SSRF: CVE-2020-14044 affects v1.7.8 and later. An admin could abuse the plugin install feature to cause the server to fetch arbitrary URLs via components/market/class.market.php, potentially enabling remote code execution. The issue is reported by multiple sources; vendor states Codiad is ...