The Assistant plugin for WordPress, up to version 1.4.3, has a security flaw that can allow malicious users with editor-level permissions to make requests to other locations on the web from the WordPress website. These requests can be used to view and change information from other services.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
