Lucene search
K
WpfastestcacheWp Fastest Cache*

7 matches found

CVE
CVE
added 2023/12/04 9:29 p.m.138 views

CVE-2023-6063

CVE-2023-6063 affects WP Fastest Cache WordPress plugin versions ≤ 1.2.2. The vulnerability is an unauthenticated SQL injection caused by improper sanitization/escaping of parameters in SQL statements, exploitable via the wordpress_logged_in cookie. Impact reported in sources includes potential e...

7.5CVSS7.9AI score0.73708EPSS
Web
CVE
CVE
added 2023/05/30 7:49 a.m.97 views

CVE-2023-1938

CVE-2023-1938 affects the WordPress plugin WP Fastest Cache up to version 1.1.5. The flaw allows Blind SSRF via an AJAX action because there is no CSRF check and user input is not validated before use in wp_remote_get(). Exploitation details are not provided in the initial documents; the CVSS bas...

8.8CVSS8.6AI score0.08466EPSS
Web
CVE
CVE
added 2021/04/27 5:42 a.m.75 views

CVE-2021-20714

CVE-2021-20714 affects the WordPress WP Fastest Cache plugin prior to version 0.9.1.7. The vulnerability is a directory traversal flaw that allows a remote attacker with administrator privileges to delete arbitrary files on the server via unspecified vectors. Root cause is a path traversal issue ...

6.5CVSS6.3AI score0.02625EPSS
CVE
CVE
added 2024/10/16 6:43 a.m.66 views

CVE-2020-36836

The CVE-2020-36836 entry impacts the WordPress WP Fastest Cache plugin. Affected plugin versions are

8.1CVSS8.4AI score0.01367EPSS
CVE
CVE
added 2019/08/14 2:48 p.m.59 views

CVE-2015-9316

The CVE applies to the WordPress WP Fastest Cache plugin before 0.8.4.9. Vulnerable component: wp-admin/admin-ajax.php?action=wpfc_wppolls_ajax_request, where the poll_id parameter is unsafely used in a SQL query, enabling SQL injection. Root cause: improper sanitization/escaping in the AJAX hand...

9.8CVSS9.9AI score0.02987EPSS
Web
CVE
CVE
added 2024/01/16 3:49 p.m.53 views

CVE-2021-24869

CVE-2021-24869 affects the WP Fastest Cache WordPress plugin (versions prior to 0.9.5). The root cause is that user input in the set_urls_with_terms method is not escaped before being used in a SQL statement, enabling an SQL injection. The vulnerability can be exploited by low-privilege users (e....

8.8CVSS8.9AI score0.01178EPSS
CVE
CVE
added 2024/01/16 3:49 p.m.38 views

CVE-2021-24870

CVE-2021-24870 concerns the WordPress plugin WP Fastest Cache prior to 0.9.5. The vulnerability is a CSRF/checks-and-escaping flaw in the wpfc_save_cdn_integration AJAX action, coupled with insufficient sanitization/escaping of options, which could allow a logged-in, high-privilege user to trigge...

6.1CVSS6.3AI score0.00254EPSS