Wpfastestcache

Wp Fastest Cache

29 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1

CVE-2020-36836

Exploit
  • EPSS 28.83%
  • Published 16.10.2024 07:15:08
  • Last modified 13.03.2025 13:30:11

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized arbitrary file deletion in versions up to, and including, 0.9.0.2 due to a lack of capability checking and insufficient path validation. This makes it possible for authenticated ...

6.1

CVE-2021-24870

Exploit
  • EPSS 0.13%
  • Published 16.01.2024 16:15:09
  • Last modified 12.05.2025 15:15:54

The WP Fastest Cache WordPress plugin before 0.9.5 is lacking a CSRF check in its wpfc_save_cdn_integration AJAX action, and does not sanitise and escape some the options available via the action, which could allow attackers to make logged in high pr...

8.8

CVE-2021-24869

Exploit
  • EPSS 0.62%
  • Published 16.01.2024 16:15:09
  • Last modified 02.06.2025 16:15:23

The WP Fastest Cache WordPress plugin before 0.9.5 does not escape user input in the set_urls_with_terms method before using it in a SQL statement, leading to an SQL injection exploitable by low privilege users such as subscriber

7.5

CVE-2023-6063

Exploit
  • EPSS 91.9%
  • Published 04.12.2023 22:15:08
  • Last modified 21.11.2024 08:43:04

The WP Fastest Cache WordPress plugin before 1.2.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users.

4.3

CVE-2023-1375

  • EPSS 0.05%
  • Published 09.06.2023 06:15:56
  • Last modified 21.11.2024 07:39:03

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized cache deletion in versions up to, and including, 1.1.2 due to a missing capability check in the deleteCacheToolbar function . This makes it possible for authenticated attackers, ...

8.8

CVE-2023-1938

Exploit
  • EPSS 7.13%
  • Published 30.05.2023 08:15:09
  • Last modified 10.01.2025 21:15:10

The WP Fastest Cache WordPress plugin before 1.1.5 does not have CSRF check in an AJAX action, and does not validate user input before using it in the wp_remote_get() function, leading to a Blind SSRF issue

4.3

CVE-2023-1931

  • EPSS 0.07%
  • Published 06.04.2023 21:15:07
  • Last modified 21.11.2024 07:40:09

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the deleteCssAndJsCacheToolbar function in versions up to, and including, 1.1.2. This makes it possible for authenticated attackers...

4.3

CVE-2023-1930

  • EPSS 0.07%
  • Published 06.04.2023 21:15:07
  • Last modified 21.11.2024 07:40:09

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data deletion due to a missing capability check on the wpfc_clear_cache_of_allsites_callback function in versions up to, and including, 1.1.2. This makes it possible for authenti...

4.3

CVE-2023-1929

  • EPSS 0.07%
  • Published 06.04.2023 21:15:07
  • Last modified 21.11.2024 07:40:09

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the wpfc_purgecache_varnish_callback function in versions up to, and including, 1.1.2. This makes it possible for authentic...

4.3

CVE-2023-1928

  • EPSS 0.07%
  • Published 06.04.2023 21:15:07
  • Last modified 21.11.2024 07:40:09

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the wpfc_preload_single_callback function in versions up to, and including, 1.1.2. This makes it possible for authenticated...