CVE-2023-1938

Published: May 30, 2023Modified: Jan 10, 2025

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

The WP Fastest Cache WordPress plugin before 1.1.5 does not have CSRF check in an AJAX action, and does not validate user input before using it in the wp_remote_get() function, leading to a Blind SSRF issue

Affected (1)

Products: Wpfastestcache: Wp Fastest Cache

Wpfastestcache

1 product

Wp Fastest Cache

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Wpfastestcache Wp Fastest Cache	Before 1.1.5

References (2)

https://wpscan.com/vulnerability/92b1c6d8-51db-46aa-bde6-abdfb091aab5

Source: contact@wpscan.com

Exploit

https://wpscan.com/vulnerability/92b1c6d8-51db-46aa-bde6-abdfb091aab5

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

Timeline

No history available yet.