The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data deletion due to a missing capability check on the wpfc_clear_cache_of_allsites_callback function in versions up to, and including, 1.1.2. This makes it possible for authenticated attackers with subscriber-level access to delete caches.
References
Configurations
History
07 Nov 2023, 04:05
Type | Values Removed | Values Added |
---|---|---|
CWE |
Information
Published : 2023-04-06 21:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-1930
Mitre link : CVE-2023-1930
CVE.ORG link : CVE-2023-1930
JSON object : View
Products Affected
wpfastestcache
- wp_fastest_cache
CWE
No CWE.