Lucene search
WPScanCVELIST:CVE-2021-24312HistoryJun 01, 2021 - 11:33 a.m.
CVE-2021-24312 WP Super Cache < 1.7.3 - Authenticated Remote Code Execution
2021-06-0111:33:30
CWE-94
WPScan
www.cve.org
0.003 Low
EPSS
Percentile
69.7%
The parameters $cache_path, $wp_cache_debug_ip, $wp_super_cache_front_page_text, $cache_scheduled_time, $cached_direct_pages used in the settings of WP Super Cache WordPress plugin before 1.7.3 result in RCE because they allow input of ‘$’ and ‘\n’. This is due to an incomplete fix of CVE-2021-24209.
CNA Affected
[
{
"product": "WP Super Cache",
"vendor": "Automattic",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "1.7.3",
"versionType": "custom"
}
]
}
]Related
osv
osv
CVE-2021-24312
2021-06-01 14:15:08
CVE-2021-24209
2021-04-05 19:15:17
prion
prion
Design/Logic Flaw
2021-06-01 14:15:00
Input validation
2021-04-05 19:15:00
cve
cve
CVE-2021-24312
2021-06-01 14:15:08
CVE-2021-24209
2021-04-05 19:15:17
nvd
nvd
CVE-2021-24312
2021-06-01 14:15:08
CVE-2021-24209
2021-04-05 19:15:17
checkpoint_advisories
checkpoint_advisories
WordPress Super Cache Plugin Remote Code Execution (CVE-2021-24209)
2021-04-25 00:00:00
openvas
openvas
WordPress WP Super Cache Plugin < 1.7.2 RCE Vulnerability
2021-03-19 00:00:00
WordPress WP Super Cache Plugin < 1.7.3 Multiple Vulnerabilities
2021-06-22 00:00:00
wpexploit
wpexploit
WP Super Cache < 1.7.2 - Authenticated Remote Code Execution (RCE)
2021-03-16 00:00:00
WP Super Cache < 1.7.3 - Authenticated Remote Code Execution
2021-05-14 00:00:00
cvelist
cvelist
wpvulndb
wpvulndb
WP Super Cache < 1.7.2 - Authenticated Remote Code Execution (RCE)
2021-03-16 00:00:00
WP Super Cache < 1.7.3 - Authenticated Remote Code Execution
2021-05-14 00:00:00