Lucene search

WP Super Cache Security Vulnerabilities

cve

CVE-2021-24329

The WP Super Cache WordPress plugin before 1.7.3 did not properly sanitise its wp_cache_location parameter in its settings, which could lead to a Stored Cross-Site Scripting...

5.4CVSS

5.3AI Score

0.001EPSS

2021-06-01 02:15 PM

cve

CVE-2021-24312

The parameters $cache_path, $wp_cache_debug_ip, $wp_super_cache_front_page_text, $cache_scheduled_time, $cached_direct_pages used in the settings of WP Super Cache WordPress plugin before 1.7.3 result in RCE because they allow input of '$' and '\n'. This is due to an incomplete fix of...

7.2CVSS

6.8AI Score

0.003EPSS

2021-06-01 02:15 PM

cve

CVE-2021-24209

The WP Super Cache WordPress plugin before 1.7.2 was affected by an authenticated (admin+) RCE in the settings page due to input validation failure and weak $cache_path check in the WP Super Cache Settings -> Cache Location option. Direct access to the wp-cache-config.php file is not prohibited,...

7.2CVSS

6.9AI Score

0.001EPSS

2021-04-05 07:15 PM

cve

CVE-2013-2010

WordPress W3 Total Cache Plugin 0.9.2.8 has a Remote PHP Code Execution...

9.8CVSS

9.6AI Score

0.971EPSS

2020-02-12 03:15 PM

131

cve

CVE-2013-2009

WordPress WP Super Cache Plugin 1.2 has Remote PHP Code...

8.8CVSS

8.9AI Score

0.053EPSS

2020-02-07 02:15 PM

cve

CVE-2013-2008

WordPress Super Cache Plugin 1.3 has...

6.1CVSS

6.1AI Score

0.002EPSS

2020-02-07 02:15 PM