A vulnerability was found in WP-FeedStats affiliate-toolkit Plugin up to 3.4.2 on WordPress. It has been rated as critical. Affected by this issue is some unknown functionality of the file affiliate-toolkit-starter/tools/atkp_imagereceiver.php. The manipulation leads to server-side request forgery.
This vulnerability is handled as CVE-2023-5877. The attack needs to be done within the local network. There is no exploit available.
It is recommended to upgrade the affected component.