CVE-2023-5798 – Assistant < 1.4.4 - Editor+ SSRF

https://notcve.org/view.php?id=CVE-2023-5798

The Assistant WordPress plugin before 1.4.4 does not validate a parameter before making a request to it via wp_remote_get(), which could allow users with a role as low as Editor to perform SSRF attacks El complemento The Assistant WordPress anterior a 1.4.4 no valida un parámetro antes de realizar una solicitud a través de wp_remote_get(), lo que podría permitir a los usuarios con un rol tan bajo como Editor realizar ataques SSRF. The Assistant plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 1.4.3 via the /posts/(?P<id>\d+)/library/(?P<library_id>\d+) REST API endpoint. This can allow authenticated attackers, with editor-level capabilities and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. • https://wpscan.com/vulnerability/bbb4c98c-4dd7-421e-9666-98f15acde761 • CWE-918: Server-Side Request Forgery (SSRF) •