83 matches found
CVE-2026-1843
The Super Page Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Activity Log in all versions up to, and including, 5.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts ...
EUVD-2013-1999
Malware in sbrugna...
EUVD-2013-2002
Malware in sbrugna...
EUVD-2021-11226
Malware in sbrugna...
CVE-2021-24312
The parameters $cachepath, $wpcachedebugip, $wpsupercachefrontpagetext, $cachescheduledtime, $cacheddirectpages used in the settings of WP Super Cache WordPress plugin before 1.7.3 result in RCE because they allow input of '$' and '\n'. This is due to an incomplete fix of CVE-2021-24209...
CVE-2021-24329
The WP Super Cache WordPress plugin before 1.7.3 did not properly sanitise its wpcachelocation parameter in its settings, which could lead to a Stored Cross-Site Scripting issue...
CVE-2021-24209
The WP Super Cache WordPress plugin before 1.7.2 was affected by an authenticated admin+ RCE in the settings page due to input validation failure and weak $cachepath check in the WP Super Cache Settings - Cache Location option. Direct access to the wp-cache-config.php file is not prohibited, so...
CVE-2013-2008
WordPress Super Cache Plugin 1.3 has XSS...
CVE-2013-2009
WordPress WP Super Cache Plugin 1.2 has Remote PHP Code Execution...
WordPress WP Super Cache plugin <= 1.8 - Cache Poisoning vulnerability
Cache Poisoning vulnerability discovered in WordPress WP Super Cache plugin versions = 1.8. Solution Update the WordPress WP Super Cache plugin to the latest available version at least 1.9...
WP Super Cache < 1.9 - Unauthenticated Cache Poisoning
The plugin is affected by a cache poisoning issue PoC curl 'https://example.com//?s=12333'...
WP Super Cache < 1.9 - Unauthenticated Cache Poisoning
The plugin is affected by a cache poisoning issue curl 'https://example.com//?s=12333'...
VulnCheck KEV: CVE-2021-24209
The WP Super Cache WordPress plugin before 1.7.2 was affected by an authenticated admin+ RCE in the settings page due to input validation failure and weak $cachepath check in the WP Super Cache Settings - Cache Location option. Direct access to the wp-cache-config.php file is not...
WordPress WP Super Cache Plugin < 1.7.3 Multiple Vulnerabilities
The WordPress plugin Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...
CVE-2021-24329
The WP Super Cache WordPress plugin before 1.7.3 did not properly sanitise its wpcachelocation parameter in its settings, which could lead to a Stored Cross-Site Scripting issue...
CVE-2021-24329
The WP Super Cache WordPress plugin before 1.7.3 did not properly sanitise its wpcachelocation parameter in its settings, which could lead to a Stored Cross-Site Scripting issue...
CVE-2021-24312
The parameters $cachepath, $wpcachedebugip, $wpsupercachefrontpagetext, $cachescheduledtime, $cacheddirectpages used in the settings of WP Super Cache WordPress plugin before 1.7.3 result in RCE because they allow input of '$' and '\n'. This is due to an incomplete fix of CVE-2021-24209...
CVE-2021-24312
The parameters $cachepath, $wpcachedebugip, $wpsupercachefrontpagetext, $cachescheduledtime, $cacheddirectpages used in the settings of WP Super Cache WordPress plugin before 1.7.3 result in RCE because they allow input of '$' and '\n'. This is due to an incomplete fix of CVE-2021-24209...
Design/Logic Flaw
The parameters $cachepath, $wpcachedebugip, $wpsupercachefrontpagetext, $cachescheduledtime, $cacheddirectpages used in the settings of WP Super Cache WordPress plugin before 1.7.3 result in RCE because they allow input of '$' and '\n'. This is due to an incomplete fix of CVE-2021-24209...
Cross site scripting
The WP Super Cache WordPress plugin before 1.7.3 did not properly sanitise its wpcachelocation parameter in its settings, which could lead to a Stored Cross-Site Scripting issue...