CVE-2025-68506 WordPress Docket Cache plugin <= 24.07.03 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Nawawi Jamili Docket Cache docket-cache allows PHP Local File Inclusion.This issue affects Docket Cache: from n/a through = 24.07.03...

CVE-2025-10583

The WP Fastest Cache Premium plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.7.4 via the 'getservertimeajaxrequest' AJAX action. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web reques...

WordPress WP Fastest Cache Premium plugin <= 1.7.4 - Missing Authorization to Authenticated (Subscriber+) Blind Server-Side Request Forgery vulnerability

Missing Authorization to Authenticated Subscriber+ Blind Server-Side Request Forgery vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin WP Fastest Cache Premium versions = 1.7.4...

CVE-2023-22675 WordPress WP Fast Cache plugin <= 1.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Taylor Hawkes WP Fast Cache allows Cross Site Request Forgery.This issue affects WP Fast Cache: from n/a through 1.5...

WordPress plugin Ergonet Cache 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...

WordPress W3 Total Cache plugin < 2.8.13 - Unauthenticated Command Injection vulnerability

Unauthenticated Command Injection vulnerability discovered by wcraft in WordPress Plugin W3 Total Cache versions 2.8.13...

PT-2025-47401

⚠️ CVE-2025-33514 🖥️ W3 Total Cache plugin vulnerability 💬 allows attackers to bypass security controls and potentially execute malicious actions through improperly sanitized parameters in the caching layer 🔗 https://t.co/sjWsZ4lifo The flaw affects W3 Total Cache for WordPress and can expose sites...

CVE-2025-12014

The NGINX Cache Optimizer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'nginxcacheoptimizer-blacklist-update' AJAX action in all versions up to, and including, 1.1. This makes it possible for authenticated attackers, with...

EUVD-2024-51008

Malicious code in bioql PyPI...

EUVD-2022-49582

Malicious code in bioql PyPI...

WordPress plugin LWSCache 授权问题漏洞

WordPress LWSCache plugin is a caching plugin officially developed by WordPress, which is mainly used to optimize the loading speed of the website and improve SEO ranking. WordPress LWSCache plugin has an authorization issue vulnerability, the vulnerability stems from improper authorization of th...

WordPress plugin WP REST Cache 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...

CVE-2024-12628

The bodi0s Easy cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'cache-folder' parameter in all versions up to, and including, 0.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-lev...

CVE-2023-1919

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfcpreloadsinglesavesettingscallback function. This makes it possible for unauthenticated attackers to change...

CVE-2021-24964

The LiteSpeed Cache WordPress plugin before 4.4.4 does not properly verify that requests are coming from QUIC.cloud servers, allowing attackers to make requests to certain endpoints by using a specific X-Forwarded-For header value. In addition, one of the endpoint could be used to set CSS code if...

CVE-2021-24436

The W3 Total Cache WordPress plugin before 2.1.4 was vulnerable to a reflected Cross-Site Scripting XSS security vulnerability within the "extension" parameter in the Extensions dashboard, which is output in an attribute without being escaped first. This could allow an attacker, who can convince ...

CVE-2015-9316

The wp-fastest-cache plugin before 0.8.4.9 for WordPress has SQL injection in wp-admin/admin-ajax.php?action=wpfcwppollsajaxrequest via the pollid parameter...

CVE-2013-2009

WordPress WP Super Cache Plugin 1.2 has Remote PHP Code Execution...

CVE-2024-13337

The Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3.2. This is due to missing or incorrect nonce validation on the 'setup-wbcrclearfy' page. This makes it possibl...

CVE-2024-13338

The Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3.1. This is due to missing or incorrect nonce validation on the wclearfycachedelete functionality . This makes ...