WordPress WP Fastest Cache <= 0.9.0.2 - Authenticated Arbitrary File Deletion

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized arbitrary file deletion in versions up to, and including, 0.9.0.2 due to a lack of capability checking and insufficient path validation. This makes it possible for authenticated users with minimal permissions to delete...

CVE-2025-10583

CVE-2025-10583 — WordPress WP Fastest Cache Premium : A SSRF vulnerability via the get_server_time_ajax_request action affects WP Fastest Cache Premium versions

WordPress WP Fastest Cache plugin <= 1.4.0 - Missing Authorization to Authenticated (Subscriber+) DB Cleanup Actions vulnerability

Missing Authorization to Authenticated Subscriber+ DB Cleanup Actions vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin WP Fastest Cache versions = 1.4.0...

Exploit for SQL Injection in Wpfastestcache Wp_Fastest_Cache

CVE-2023-6063 PoC Reference - Unauthenticated SQL Inject...

CVE-2023-1931

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the deleteCssAndJsCacheToolbar function in versions up to, and including, 1.1.2. This makes it possible for authenticated attackers with subscriber-level access to perform cache...

CVE-2023-1920

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfcpurgecachevarnishcallback function. This makes it possible for unauthenticated attackers to purge the...

PT-2023-17350 · WordPress · Wp Fastest Cache

Name of the Vulnerable Software and Affected Versions: WP Fastest Cache plugin for WordPress versions up to, and including, 1.1.2 Description: The issue is related to unauthorized data deletion due to a missing capability check on the wpfc clear cache of allsites callback function. This allows...

PT-2023-17349 · WordPress · Wp Fastest Cache

Name of the Vulnerable Software and Affected Versions: WP Fastest Cache plugin for WordPress versions up to, and including, 1.1.2 Description: The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the wpfc purgecache varnish...

PT-2023-17351 · WordPress · Wp Fastest Cache

Name of the Vulnerable Software and Affected Versions: WP Fastest Cache plugin for WordPress versions up to, and including, 1.1.2 Description: The issue is related to unauthorized data loss due to a missing capability check on the deleteCssAndJsCacheToolbar function. This allows authenticated...

WP Fastest Cache < 0.9.0.3 - Cross-Site Request Forgery (CSRF) Arbitrary File Deletion

The plugin did not have a CSRF nonce check on the "wpfcdeletecurrentpagecache" action, allowing CSRF attacks against authenticated users to delete arbitrary files, including the wp-config.php file. PoC...

CVE-2019-13635

The WP Fastest Cache plugin through 0.8.9.5 for WordPress allows wpFastestCache.php and inc/cache.php Directory Traversal...