Broken access control vulnerability fixed in WordPress 10Web AI Assistant plugin.
The WordPress 10Web AI Assistant plugin version 1.0.18 and below was prone to a broken access control vulnerability that could allow authenticated users to install plugins.