Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wp fastest cache vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-1931
The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the deleteCssAndJsCacheToolbar function in versions up to, and including, 1.1.2. This makes it possible for authenticated attackers with subscriber-level access ...
Wpfastestcache Wp Fastest Cache
NA
CVE-2023-1938
The WP Fastest Cache WordPress plugin prior to 1.1.5 does not have CSRF check in an AJAX action, and does not validate user input before using it in the wp_remote_get() function, leading to a Blind SSRF issue
Wpfastestcache Wp Fastest Cache
5.8
CVSSv2
CVE-2019-6726
The WP Fastest Cache plugin up to and including 0.8.9.0 for WordPress allows remote malicious users to delete arbitrary files because wp_postratings_clear_fastest_cache and rm_folder_recursively in wpFastestCache.php mishandle ../ in an HTTP Referer header.
Wpfastestcache Wp Fastest Cache
6.8
CVSSv2
CVE-2018-17584
The WP Fastest Cache plugin 0.8.8.5 for WordPress has CSRF via the wp-admin/admin.php wpfastestcacheoptions page.
Wpfastestcache Wp Fastest Cache 0.8.8.5
4.3
CVSSv2
CVE-2018-17583
The WP Fastest Cache plugin 0.8.8.5 for WordPress has XSS via the rules[0][content] parameter in a wpfc_save_exclude_pages action.
Wpfastestcache Wp Fastest Cache 0.8.8.5
4.3
CVSSv2
CVE-2018-17586
The WP Fastest Cache plugin 0.8.8.5 for WordPress has XSS via the rules[0][content] parameter in a wpfc_save_timeout_pages action.
Wpfastestcache Wp Fastest Cache 0.8.8.5
4.3
CVSSv2
CVE-2018-17585
The WP Fastest Cache plugin 0.8.8.5 for WordPress has XSS via the wpfastestcacheoptions wpFastestCachePreload_number or wpFastestCacheLanguage parameter.
Wpfastestcache Wp Fastest Cache 0.8.8.5
5.5
CVSSv2
CVE-2021-20714
Directory traversal vulnerability in WP Fastest Cache versions before 0.9.1.7 allows a remote attacker with administrator privileges to delete arbitrary files on the server via unspecified vectors.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3