Design/Logic Flaw

2019-04-1520:29:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

39.6%

The WP Fastest Cache plugin 0.8.8.5 for WordPress has XSS via the rules[0][content] parameter in a wpfc_save_timeout_pages action.

CPENameOperatorVersion
wp_fastest_cacheeq0.8.8.5

CPE	Name	Operator	Version
	wp_fastest_cache	eq	0.8.8.5

References

ansawaf.blogspot.com/2019/04/csrf-multiple-stored-xss-in-wp-fastest.html

docs.google.com/document/d/17JSC97ecikWalB_ZTScNipFoud2aFXb5mXEZ7g-KIQI/edit?usp=sharing

wpvulndb.com/vulnerabilities/9696

0.001 Low

EPSS

Percentile

39.6%

Related for PRION:CVE-2018-17586