WP Fastest Cache
CVE-2020-36836
HIGH
Severity by source
AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
3DescriptionCVE.org
The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized arbitrary file deletion in versions up to, and including, 0.9.0.2 due to a lack of capability checking and insufficient path validation. This makes it possible for authenticated users with minimal permissions to delete arbitrary files from the server.
AnalysisAI
Arbitrary file deletion in the WP Fastest Cache WordPress plugin (versions up to and including 0.9.0.2) allows authenticated low-privileged users to remove arbitrary files from the underlying server due to missing capability checks and inadequate path validation. Publicly available exploit code exists, and the EPSS score of 43.15% (97th percentile) indicates a notably elevated exploitation probability relative to the broader CVE population. The flaw is tagged as CSRF (CWE-352), meaning the deletion action can also be triggered via a forged request against an authenticated victim.
Technical ContextAI
WP Fastest Cache is a widely deployed caching plugin for WordPress (CPE cpe:2.3:a:wpfastestcache:wp_fastest_cache) that generates and manages static cache files on the server filesystem. The plugin exposes administrative-style actions (typically cache invalidation/deletion routines) without enforcing WordPress capability checks (current_user_can) and without validating or canonicalizing user-supplied path parameters. Combined with the CWE-352 (Cross-Site Request Forgery) classification, the deletion endpoint also lacks nonce verification, so the same action can be coerced from an authenticated browser session via a crafted external page. The result is a path traversal-style arbitrary file deletion accessible to any logged-in user (e.g., Subscriber).
RemediationAI
Patch available per vendor advisory: upgrade WP Fastest Cache to a version newer than 0.9.0.2 via the WordPress plugin updater or by replacing the plugin files manually; consult the Wordfence advisory referenced in the CVE record for the exact fixed release. If immediate patching is not feasible, compensating controls include temporarily deactivating the WP Fastest Cache plugin (trade-off: loss of caching and a performance regression on the site), restricting wp-admin and admin-ajax.php access to known IP ranges via web server or WAF rules (trade-off: blocks legitimate remote administrators), and disabling new user self-registration in WordPress general settings to shrink the pool of low-privileged accounts that could abuse the endpoint (trade-off: blocks legitimate community signups). Also ensure file system permissions on wp-config.php and core files limit the WordPress process user's write/delete access where the hosting model allows.
More in Wp Fastest Cache
View allThe WP Fastest Cache WordPress plugin before 1.1.5 does not have CSRF check in an AJAX action, and does not validate use
The WP Fastest Cache WordPress plugin before 1.2.2 does not properly sanitise and escape a parameter before using it in
The WP Fastest Cache plugin through 0.8.9.0 for WordPress allows remote attackers to delete arbitrary files because wp_p
The WP Fastest Cache plugin through 0.8.9.5 for WordPress allows wpFastestCache.php and inc/cache.php Directory Traversa
Multiple cross-site request forgery (CSRF) vulnerabilities in the optionsPageRequest function in admin.php in WP Fastest
Directory traversal vulnerability in WP Fastest Cache versions prior to 0.9.1.7 allows a remote attacker with administra
The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability ch
The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on t
The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data deletion due to a missing capability check
The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability ch
The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including,
The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including,
Same weakness CWE-352 – Cross-Site Request Forgery (CSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today