CVE-2023-1926

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the deleteCacheToolbar function. This makes it possible for unauthenticated attackers to perform cache deletion vi...

CVE-2023-1924 WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'wpfc_toolbar_save_settings_callback'

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfctoolbarsavesettingscallback function. This makes it possible for unauthenticated attackers to change cache...

VulnCheck KEV: CVE-2023-1929

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the wpfcpurgecachevarnishcallback function in versions up to, and including, 1.1.2. This makes it possible for authenticated attackers with subscriber-level access...

WordPress plugin WP Fastest Cache 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

PT-2023-17342 · WordPress · Wp Fastest Cache

Name of the Vulnerable Software and Affected Versions: WP Fastest Cache plugin for WordPress versions up to, and including, 1.1.2 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the wpfc pause cdn integration ajax request callback...

WordPress LiteSpeed Cache plugin <= 4.4.3 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Emil Kylander in WordPress LiteSpeed Cache plugin versions = 4.4.3. Solution Update the WordPress LiteSpeed Cache plugin to the latest available version at least 4.4.4...

Docket Cache < 21.08.02 - Reflected Cross-Site Scripting

The plugin does not escape some filter parameters when the OPCache Viewer is enabled before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues PoC https://example.com/wp-admin/admin.php?page=docket-cache-opcviewer=opcviewer=a="="...

CVE-2021-20714

Directory traversal vulnerability in WP Fastest Cache versions prior to 0.9.1.7 allows a remote attacker with administrator privileges to delete arbitrary files on the server via unspecified vectors...

WordPress 插件路径遍历漏洞

WordPress Fastest Cache plugin is an application plugin for WordPress. A directory traversal vulnerability exists in versions of the WordPress WP Fastest Cache plugin prior to 0.9.1.7, which can be exploited by a remote attacker with administrator privileges to delete arbitrary files on the serve...

WordPress WP Fastest Cache plugin <= 0.9.1.6 - Authenticated Arbitrary File Deletion via Path Traversal vulnerability

Authenticated Arbitrary File Deletion via Path Traversal vulnerability discovered by Gen Sato in WordPress WP Fastest Cache plugin versions = 0.9.1.6. Solution Update the WordPress WP Fastest Cache plugin to the latest available version at least 0.9.1.7...

WordPress WP Super Cache plugin <= 1.7.1 - Authenticated Remote Code Execution (RCE) vulnerability

Authenticated Remote Code Execution RCE vulnerability settings page discovered by m0ze Patchstack Red Team in WordPress WP Super Cache plugin versions = 1.7.1. Solution Update the WordPress WP Super Cache plugin to the latest available version at least 1.7.2...

CVE-2013-2008

WordPress Super Cache Plugin 1.3 has XSS...

Cross site scripting

WordPress Super Cache Plugin 1.3 has XSS...

Code injection

WordPress WP Super Cache Plugin 1.2 has Remote PHP Code Execution...

CVE-2013-2009

WordPress WP Super Cache Plugin 1.2 has Remote PHP Code Execution...

CVE-2013-2009

The CVE-2013-2009 entry concerns WordPress WP Super Cache Plugin 1.2, which is vulnerable to remote PHP code execution via unsanitized input (e.g., malicious blog comments). Root cause cited as an incomplete fix for CVE-2013-2009. Impact is remote code execution on the web server as the web-serve...

CVE-2013-2008

WordPress Super Cache Plugin 1.3 has XSS...

CVE-2013-2011

WordPress W3 Super Cache Plugin before 1.3.2 contains a PHP code-execution vulnerability which could allow remote attackers to inject arbitrary code. This issue exists because of an incomplete fix for CVE-2013-2009...

CVE-2013-2011

WordPress W3 Super Cache Plugin before 1.3.2 contains a PHP code-execution vulnerability which could allow remote attackers to inject arbitrary code. This issue exists because of an incomplete fix for CVE-2013-2009...

W3 Total Cache Plugin for WordPress < 0.9.4 Arbitrary File Read

The WordPress W3 Total Cache Plugin installed on the remote host is affected by an arbitrary file read vulnerability due to improper sanitization of user-supplied input. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version...