WordPress WP Fastest Cache Premium plugin <= 1.7.4 - Missing Authorization to Authenticated (Subscriber+) Blind Server-Side Request Forgery vulnerability

Missing Authorization to Authenticated Subscriber+ Blind Server-Side Request Forgery vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin WP Fastest Cache Premium versions = 1.7.4...

CVE-2015-9316

The wp-fastest-cache plugin before 0.8.4.9 for WordPress has SQL injection in wp-admin/admin-ajax.php?action=wpfcwppollsajaxrequest via the pollid parameter...

WP Fastest Cache Plugin for WordPress < 1.1.3 Multiple Vulnerabilities

The WordPress Fastest Cache Plugin installed on the remote host suffers from multiple vulnerabilities: - A nonce validation issue on the wpfcpreloadsinglecallback function leading to a Cross-Site Request Forgery CSRF vulnerability permitting attackers to invoke a cache building action CVE-2023-19...

CVE-2023-1930

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data deletion due to a missing capability check on the wpfcclearcacheofallsitescallback function in versions up to, and including, 1.1.2. This makes it possible for authenticated attackers with subscriber-level access to dele...

Cross site request forgery (csrf)

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the deleteCssAndJsCacheToolbar function. This makes it possible for unauthenticated attackers to perform cache...

CVE-2023-1924 WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'wpfc_toolbar_save_settings_callback'

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfctoolbarsavesettingscallback function. This makes it possible for unauthenticated attackers to change cache...

WordPress plugin WP Fastest Cache 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

WordPress 插件路径遍历漏洞

WordPress Fastest Cache plugin is an application plugin for WordPress. A directory traversal vulnerability exists in versions of the WordPress WP Fastest Cache plugin prior to 0.9.1.7, which can be exploited by a remote attacker with administrator privileges to delete arbitrary files on the serve...

WordPress WP Fastest Cache plugin <= 0.9.1.6 - Authenticated Arbitrary File Deletion via Path Traversal vulnerability

Authenticated Arbitrary File Deletion via Path Traversal vulnerability discovered by Gen Sato in WordPress WP Fastest Cache plugin versions = 0.9.1.6. Solution Update the WordPress WP Fastest Cache plugin to the latest available version at least 0.9.1.7...

Sql injection

The wp-fastest-cache plugin before 0.8.4.9 for WordPress has SQL injection in wp-admin/admin-ajax.php?action=wpfcwppollsajaxrequest via the pollid parameter...

WordPress WP Fastest Cache Path Traversal Vulnerability

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports PHP and MySQL servers to set up a personal blog site. WP Fastest Cache is used in one of the plug-ins to support the generation of static HTML files. A path traversal...

CVE-2018-17586

CVE-2018-17586 affects the WordPress plugin WP Fastest Cache (version 0.8.8.5 and earlier). The issue is an XSS vulnerability via the rules[0][content] parameter in the wpfc_save_timeout_pages action. Connected sources also indicate additional vulnerabilities in the same plugin family and suggest...

CVE-2018-17585

Summary: The WP Fastest Cache WordPress plugin (versions up to 0.8.8.5; advisory texts also reference 0.8.8.6) contains a cross-site scripting (XSS) vulnerability exposed via the parameters wpFastestCachePreload_number and wpFastestCacheLanguage . The issue is confirmed across multiple sources in...

WordPress Fastest Cache Plugin < 0.8.3.5 CSRF Vulnerability

The WordPress plugin Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

WordPress WP Fastest Cache plugin cross-site request forgery vulnerability

WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL.WP Fastest Cache is a caching plugin. A cross-site request forgery vulnerability exists in the WordPress WP Fastest Cache plugin that allows remote attackers to...