5 matches found
CVE-2019-6726
The WP Fastest Cache plugin through 0.8.9.0 for WordPress allows remote attackers to delete arbitrary files because wppostratingsclearfastestcache and rmfolderrecursively in wpFastestCache.php mishandle ../ in an HTTP Referer header...
CVE-2019-6726
The WP Fastest Cache plugin through 0.8.9.0 for WordPress allows remote attackers to delete arbitrary files because wppostratingsclearfastestcache and rmfolderrecursively in wpFastestCache.php mishandle ../ in an HTTP Referer header...
CVE-2019-6726
Summary: CVE-2019-6726 affects the WordPress plugin WP Fastest Cache ≤ 0.8.9.0. The vulnerability allows an unauthenticated, remote attacker to delete arbitrary files by abusing the HTTP Referer header in the functions wp_postratings_clear_fastest_cache and rm_folder_recursively in wpFastestCache...
WordPress Fastest Cache Plugin Arbitrary File Deletion (CVE-2019-6726)
An arbitrary file deletion vulnerability exists in WordPress Fastest Cache Plugin. A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted request to the target system...
WordPress WP Fastest Cache 0.8.9.0 Arbitrary File Deletion
The wordpress plugin "WP Fastest Cache" 0 suffered from an arbitrary file deletion bug. Description A successful attack allows an unauthenticated attacker to specify a path to a directory from which files and directories will be deleted recursively. The vulnerable code path extracts the path...