CVE-2023-5798
CVE-2023-5798 affects the Assistant WordPress plugin prior to 1.4.4. The issue is that a parameter is not validated before making a request via wp_remote_get(), enabling SSRF from users with roles as low as Editor. Impact is SSRF with potential access to internal/external resources; document note...