cleantalk
Vulnerabilities and Security Researches

Assistant – Every Day Productivity Apps, CVE-2023-5798

CVE, Research URL

CVE-2023-5798

Home page URL

Security reports for Assistant – Every Day Productivity Apps

Application

Assistant – Every Day Productivity Apps

Published on
Oct 26, 2023
Research Description
The Assistant WordPress plugin before 1.4.4 does not validate a parameter before making a request to it via wp_remote_get(), which could allow users with a role as low as Editor to perform SSRF attacks
Affected versions
Min -, max 1.4.4.
Status
vulnerable
Previous vulnerability researches
Debug Assistant (CVE-2023-26527) , Jun 10, 2024
Debug Assistant (CVE-2023-26516) , Jun 10, 2024
Floating Buttons for WooCommerce (CVE-2024-52395) , Nov 15, 2024
I Am Gloria (CVE-2025-0990) , Mar 06, 2025
AI ChatBot with ChatGPT and Content Generator by AYS (CVE-2024-7714) , Sep 29, 2024
New vulnerability
PDF Embedder , Sep 11, 2025
Pixeline's Email Protector (CVE-2025-58982) , Sep 11, 2025
Include Me (CVE-2025-58983) , Sep 11, 2025
PagSeguro / PagBank Connect (CVE-2025-10142) , Sep 11, 2025
Duplicate Page and Post (CVE-2025-6189) , Sep 11, 2025