Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wpfastestcache wp fastest cache vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2019-6726
The WP Fastest Cache plugin up to and including 0.8.9.0 for WordPress allows remote malicious users to delete arbitrary files because wp_postratings_clear_fastest_cache and rm_folder_recursively in wpFastestCache.php mishandle ../ in an HTTP Referer header.
Wpfastestcache Wp Fastest Cache
8.8
CVSSv3
CVE-2021-24869
The WP Fastest Cache WordPress plugin prior to 0.9.5 does not escape user input in the set_urls_with_terms method before using it in a SQL statement, leading to an SQL injection exploitable by low privilege users such as subscriber
Wpfastestcache Wp Fastest Cache
6.1
CVSSv3
CVE-2021-24870
The WP Fastest Cache WordPress plugin prior to 0.9.5 is lacking a CSRF check in its wpfc_save_cdn_integration AJAX action, and does not sanitise and escape some the options available via the action, which could allow malicious users to make logged in high privilege users call it ...
Wpfastestcache Wp Fastest Cache
6.1
CVSSv3
CVE-2018-17583
The WP Fastest Cache plugin 0.8.8.5 for WordPress has XSS via the rules[0][content] parameter in a wpfc_save_exclude_pages action.
Wpfastestcache Wp Fastest Cache 0.8.8.5
8.8
CVSSv3
CVE-2018-17584
The WP Fastest Cache plugin 0.8.8.5 for WordPress has CSRF via the wp-admin/admin.php wpfastestcacheoptions page.
Wpfastestcache Wp Fastest Cache 0.8.8.5
6.1
CVSSv3
CVE-2018-17585
The WP Fastest Cache plugin 0.8.8.5 for WordPress has XSS via the wpfastestcacheoptions wpFastestCachePreload_number or wpFastestCacheLanguage parameter.
Wpfastestcache Wp Fastest Cache 0.8.8.5
6.1
CVSSv3
CVE-2018-17586
The WP Fastest Cache plugin 0.8.8.5 for WordPress has XSS via the rules[0][content] parameter in a wpfc_save_timeout_pages action.
Wpfastestcache Wp Fastest Cache 0.8.8.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3