Source |
CVE Liste |
Identifiant |
8400817 |
Date de publication |
2023-10-26 10:15:34 (vue: 2023-10-26 13:08:53) |
Titre |
CVE-2023-5798 |
Texte |
The Assistant WordPress plugin before 1.4.4 does not validate a parameter before making a request to it via wp_remote_get(), which could allow users with a role as low as Editor to perform SSRF attacks
The Assistant WordPress plugin before 1.4.4 does not validate a parameter before making a request to it via wp_remote_get(), which could allow users with a role as low as Editor to perform SSRF attacks |
Envoyé |
Oui |
Condensat |
2023 5798 allow assistant attacks before could cve does editor get low making not parameter perform plugin remote request role ssrf users validate which wordpress |
Tags |
|
Stories |
|
Notes |
|
Move |
|