CVE-2023-1924 in WP Fastest Cache Plugininfo

Zusammenfassung

von MITRE • 06.04.2023

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfc_toolbar_save_settings_callback function. This makes it possible for unauthenticated attackers to change cache settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Zuständig

Wordfence

Reservieren

06.04.2023

Veröffentlichung

06.04.2023

Moderieren

akzeptiert

Eintrag

VDB-225203

CPE

bereit

EPSS

0.00227

KEV

nein

Aktivitäten

very low

Quellen

Might our Artificial Intelligence support you?

Check our Alexa App!