3 matches found
CVE-2023-1938 WP Fatest Cache < 1.1.5 - Blind SSRF via CSRF
The WP Fastest Cache WordPress plugin before 1.1.5 does not have CSRF check in an AJAX action, and does not validate user input before using it in the wpremoteget function, leading to a Blind SSRF issue...
CVE-2023-1938
CVE-2023-1938 affects the WordPress plugin WP Fastest Cache up to version 1.1.5. The flaw allows Blind SSRF via an AJAX action because there is no CSRF check and user input is not validated before use in wp_remote_get(). Exploitation details are not provided in the initial documents; the CVSS bas...
WordPress WP Fastest Cache Plugin < 1.1.5 is vulnerable to Server Side Request Forgery (SSRF)
Software WP Fastest Cache Type Plugin Vulnerable versions 1.1.5 Fixed in 1.1.5 OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2023-1938 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID b892370bc54e Credits Erwan LR WPScan Required privile...