Sql injection

The wp-fastest-cache plugin before 0.8.4.9 for WordPress has SQL injection in wp-admin/admin-ajax.php?action=wpfcwppollsajaxrequest via the pollid parameter...

WordPress WP Fastest Cache Path Traversal Vulnerability

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports PHP and MySQL servers to set up a personal blog site. WP Fastest Cache is used in one of the plug-ins to support the generation of static HTML files. A path traversal...

CVE-2019-13635

The WP Fastest Cache plugin through 0.8.9.5 for WordPress allows wpFastestCache.php and inc/cache.php Directory Traversal...

W3 Total Cache Plugin for WordPress < 0.9.7.4 Multiple Vulnerabilities

The WordPress W3 Total Cache Plugin installed on the remote host is affected by multiple vulnerabilities : - A Cross-Site Scripting XSS vulnerability exists due to improper validation of user-supplied input in command parameter of /w3-total-cache/pub/opcache.php. - A Server Side Request Forgery...

CVE-2018-17586

The WP Fastest Cache plugin 0.8.8.5 for WordPress has XSS via the rules0content parameter in a wpfcsavetimeoutpages action...

CVE-2018-17586

CVE-2018-17586 affects the WordPress plugin WP Fastest Cache (version 0.8.8.5 and earlier). The issue is an XSS vulnerability via the rules[0][content] parameter in the wpfc_save_timeout_pages action. Connected sources also indicate additional vulnerabilities in the same plugin family and suggest...

CVE-2018-17585

Summary: The WP Fastest Cache WordPress plugin (versions up to 0.8.8.5; advisory texts also reference 0.8.8.6) contains a cross-site scripting (XSS) vulnerability exposed via the parameters wpFastestCachePreload_number and wpFastestCacheLanguage . The issue is confirmed across multiple sources in...

PT-2019-18281 · Frederick Townes · W3 Total Cache

Name of the Vulnerable Software and Affected Versions: W3 Total Cache plugin versions prior to 0.9.4 Description: The issue allows remote attackers to read arbitrary files via the SubscribeURL field in SubscriptionConfirmation JSON data. This is due to a lack of proper access control in the API,...

WordPress WP Fastest Cache plugin cross-site request forgery vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL server set up a personal blog site.WP Fastest Cache is one of the caching plugin. A cross-site request forgery vulnerability exists in the...

WordPress Fastest Cache Plugin < 0.8.3.5 CSRF Vulnerability

The WordPress plugin Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

WordPress W3 Total Cache Plugin <= 0.9.4.1 - Bypass

This plugin is prone to unauthenticated security token bypass vulnerability. Solution Update the plugin...

WordPress Plugin W3 Total Cache 'admin.php' Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platforms developed using the PHP language. w3 Total Cache is one of the blog optimization plug-ins. A cross-site scripting vulnerability exists in the WordPress plugin W3 Total Cache 'admin.php' 0.9.4.1 and earlier. An attacker can...

WordPress Fastest Cache Plugin <= 0.8.5.9 - Local File Inclusion

This plugin is prone to a local file inclusion vulnerability. It allows attackers to place an arbitrary PHP file on the target system. Solution Update the plugin...

WordPress Super Cache Plugin <= 1.4.4 - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...

WordPress WP Fastest Cache plugin cross-site request forgery vulnerability

WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL.WP Fastest Cache is a caching plugin. A cross-site request forgery vulnerability exists in the WordPress WP Fastest Cache plugin that allows remote attackers to...

Ubuntu install php5. 6. 9 immune Multipart/form-data remote denial of service vulnerability-vulnerability warning-the black bar safety net

Recently Baidu classmates liushushengatbaidu. com to php feedback a Multipart/form-data remote denial of service vulnerabilities. An attacker can construct and continue to send the malformation of the HTTP request, a malicious system resources. Simple test, multi-threaded continuous contract, you...

WordPress WP Fast Cache Plugin <= 1.4 - Multiple Vulnerabilities

This plugin is prone to cross site request forgery attacks, which can also be combined with XSS attacks authenticated administrators only. Solution Update the plugin...

WordPress plugin WP Super Cachewp-cache.php stored cross-site scripting vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. WordPress plugin WP Super Cachewp-cache.php cache list handling has a stored cross-site scripting vulnerability that allows...

W3-Total-Cache Wordpress-plugin Username and Hash Extract (CVE-2012-6077)

An information disclosure vulnerability has been reported in W3 Total Cache Plugin for Wordpress...

WP Super Cache Plugin for WordPress Multiple Insecure PHP Code Inclusion Macros Remote Code Execution

The WP Super Cache Plugin for WordPress installed on the remote host is affected by a remote PHP code execution vulnerability due to a failure to properly sanitize user-supplied input. An unauthenticated, remote attacker can submit a comment to a WordPress blog containing arbitrary PHP code. The...