CVE-2023-5798
Assistant < 1.4.4 - Editor+ SSRF
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
The Assistant WordPress plugin before 1.4.4 does not validate a parameter before making a request to it via wp_remote_get(), which could allow users with a role as low as Editor to perform SSRF attacks
El complemento The Assistant WordPress anterior a 1.4.4 no valida un parámetro antes de realizar una solicitud a través de wp_remote_get(), lo que podría permitir a los usuarios con un rol tan bajo como Editor realizar ataques SSRF.
The Assistant plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 1.4.3 via the /posts/(?P<id>\d+)/library/(?P<library_id>\d+) REST API endpoint. This can allow authenticated attackers, with editor-level capabilities and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2023-07-27 CVE Published
- 2023-10-26 CVE Reserved
- 2024-08-02 CVE Updated
- 2024-08-02 First Exploit
- 2024-11-01 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-918: Server-Side Request Forgery (SSRF)
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://wpscan.com/vulnerability/bbb4c98c-4dd7-421e-9666-98f15acde761 | 2024-08-02 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Fastlinemedia Search vendor "Fastlinemedia" | Assistant Search vendor "Fastlinemedia" for product "Assistant" | < 1.4.4 Search vendor "Fastlinemedia" for product "Assistant" and version " < 1.4.4" | wordpress |
Affected
| ||||||