CVE-2023-1924 in WP Fastest Cache Plugininformazioni

Riassunto

di MITRE • 06/04/2023

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfc_toolbar_save_settings_callback function. This makes it possible for unauthenticated attackers to change cache settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Responsabile

Wordfence

Prenotare

06/04/2023

Divulgazione

06/04/2023

Moderazione

accettato

CPE

pronto

EPSS

0.00227

KEV

no

Attività

molto basso

Fonti

Do you want to use VulDB in your project?

Use the official API to access entries easily!