Skip to main content

Wp Fastest Cache

22 CVEs product

Monthly

CVE-2020-36836 HIGH POC PATCH THREAT Act Now

Arbitrary file deletion in the WP Fastest Cache WordPress plugin (versions up to and including 0.9.0.2) allows authenticated low-privileged users to remove arbitrary files from the underlying server due to missing capability checks and inadequate path validation. Publicly available exploit code exists, and the EPSS score of 43.15% (97th percentile) indicates a notably elevated exploitation probability relative to the broader CVE population. The flaw is tagged as CSRF (CWE-352), meaning the deletion action can also be triggered via a forged request against an authenticated victim.

WordPress CSRF Wp Fastest Cache
NVD
CVSS 3.1
8.0
EPSS
43.1%
Threat
4.4
CVE-2023-6063 HIGH POC THREAT This Week

The WP Fastest Cache WordPress plugin before 1.2.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress SQLi Wp Fastest Cache
NVD WPScan
CVSS 3.1
7.5
EPSS
73.7%
CVE-2023-1375 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized cache deletion in versions up to, and including, 1.1.2 due to a missing capability check in the deleteCacheToolbar function . Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

WordPress Authentication Bypass Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-1938 HIGH POC This Week

The WP Fastest Cache WordPress plugin before 1.1.5 does not have CSRF check in an AJAX action, and does not validate user input before using it in the wp_remote_get() function, leading to a Blind. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SSRF WordPress CSRF Wp Fastest Cache
NVD WPScan
CVSS 3.1
8.8
EPSS
8.5%
CVE-2023-1931 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the deleteCssAndJsCacheToolbar function in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

WordPress Authentication Bypass Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.2%
CVE-2023-1930 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data deletion due to a missing capability check on the wpfc_clear_cache_of_allsites_callback function in versions up to, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

WordPress Authentication Bypass Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.2%
CVE-2023-1929 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the wpfc_purgecache_varnish_callback function in versions up to, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

WordPress Authentication Bypass Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.3%
CVE-2023-1928 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the wpfc_preload_single_callback function in versions up to, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass WordPress Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.2%
CVE-2023-1927 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-1926 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-1925 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-1924 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-1923 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-1922 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-1921 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-1920 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-1919 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-1918 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2021-20714 MEDIUM This Month

Directory traversal vulnerability in WP Fastest Cache versions prior to 0.9.1.7 allows a remote attacker with administrator privileges to delete arbitrary files on the server via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Wp Fastest Cache
NVD
CVSS 3.1
6.5
EPSS
2.6%
CVE-2019-13635 CRITICAL PATCH Act Now

The WP Fastest Cache plugin through 0.8.9.5 for WordPress allows wpFastestCache.php and inc/cache.php Directory Traversal. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

PHP Path Traversal WordPress Wp Fastest Cache
NVD
CVSS 3.0
9.1
EPSS
44.4%
CVE-2019-6726 MEDIUM POC This Month

The WP Fastest Cache plugin through 0.8.9.0 for WordPress allows remote attackers to delete arbitrary files because wp_postratings_clear_fastest_cache and rm_folder_recursively in wpFastestCache.php. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

PHP Path Traversal WordPress Wp Fastest Cache
NVD
CVSS 3.0
6.5
EPSS
4.3%
CVE-2015-4089 HIGH This Week

Multiple cross-site request forgery (CSRF) vulnerabilities in the optionsPageRequest function in admin.php in WP Fastest Cache plugin before 0.8.3.5 for WordPress allow remote attackers to hijack the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF PHP Wp Fastest Cache
NVD
CVSS 3.0
8.8
EPSS
0.2%
EPSS 43% 4.4 CVSS 8.0
HIGH POC PATCH THREAT Act Now

Arbitrary file deletion in the WP Fastest Cache WordPress plugin (versions up to and including 0.9.0.2) allows authenticated low-privileged users to remove arbitrary files from the underlying server due to missing capability checks and inadequate path validation. Publicly available exploit code exists, and the EPSS score of 43.15% (97th percentile) indicates a notably elevated exploitation probability relative to the broader CVE population. The flaw is tagged as CSRF (CWE-352), meaning the deletion action can also be triggered via a forged request against an authenticated victim.

WordPress CSRF Wp Fastest Cache
NVD
EPSS 74% CVSS 7.5
HIGH POC THREAT This Week

The WP Fastest Cache WordPress plugin before 1.2.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress SQLi Wp Fastest Cache
NVD WPScan
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized cache deletion in versions up to, and including, 1.1.2 due to a missing capability check in the deleteCacheToolbar function . Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

WordPress Authentication Bypass Wp Fastest Cache
NVD VulDB
EPSS 8% CVSS 8.8
HIGH POC This Week

The WP Fastest Cache WordPress plugin before 1.1.5 does not have CSRF check in an AJAX action, and does not validate user input before using it in the wp_remote_get() function, leading to a Blind. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SSRF WordPress CSRF +1
NVD WPScan
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the deleteCssAndJsCacheToolbar function in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

WordPress Authentication Bypass Wp Fastest Cache
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data deletion due to a missing capability check on the wpfc_clear_cache_of_allsites_callback function in versions up to, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

WordPress Authentication Bypass Wp Fastest Cache
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the wpfc_purgecache_varnish_callback function in versions up to, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

WordPress Authentication Bypass Wp Fastest Cache
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the wpfc_preload_single_callback function in versions up to, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass WordPress Wp Fastest Cache
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
EPSS 3% CVSS 6.5
MEDIUM This Month

Directory traversal vulnerability in WP Fastest Cache versions prior to 0.9.1.7 allows a remote attacker with administrator privileges to delete arbitrary files on the server via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Wp Fastest Cache
NVD
EPSS 44% CVSS 9.1
CRITICAL PATCH Act Now

The WP Fastest Cache plugin through 0.8.9.5 for WordPress allows wpFastestCache.php and inc/cache.php Directory Traversal. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

PHP Path Traversal WordPress +1
NVD
EPSS 4% CVSS 6.5
MEDIUM POC This Month

The WP Fastest Cache plugin through 0.8.9.0 for WordPress allows remote attackers to delete arbitrary files because wp_postratings_clear_fastest_cache and rm_folder_recursively in wpFastestCache.php. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

PHP Path Traversal WordPress +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Multiple cross-site request forgery (CSRF) vulnerabilities in the optionsPageRequest function in admin.php in WP Fastest Cache plugin before 0.8.3.5 for WordPress allow remote attackers to hijack the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF PHP +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy