Lucene search
WPScanCVELIST:CVE-2023-1938HistoryMay 30, 2023 - 7:49 a.m.
CVE-2023-1938 WP Fatest Cache < 1.1.5 - Blind SSRF via CSRF
2023-05-3007:49:14
WPScan
www.cve.org
3
wp fastest cache
blind ssrf
csrf
wordpress plugin
wp_remote_get
ajax action
The WP Fastest Cache WordPress plugin before 1.1.5 does not have CSRF check in an AJAX action, and does not validate user input before using it in the wp_remote_get() function, leading to a Blind SSRF issue
CNA Affected
[
{
"vendor": "Unknown",
"product": "WP Fastest Cache",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThan": "1.1.5"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
}
]Related
cve
cve
CVE-2023-1938
2023-05-30 08:15:09
wpvulndb
wpvulndb
WP Fatest Cache < 1.1.5 - Blind SSRF via CSRF
2023-05-02 00:00:00
prion
prion
Server side request forgery (ssrf)
2023-05-30 08:15:00
openvas
openvas
WordPress Fastest Cache Plugin < 1.1.5 SSRF Vulnerability
2023-06-09 00:00:00
nvd
nvd
CVE-2023-1938
2023-05-30 08:15:09
wpexploit
wpexploit
WP Fatest Cache < 1.1.5 - Blind SSRF via CSRF
2023-05-02 00:00:00
wordfence
wordfence