cbcvebase.

Wpfastestcache Wp Fastest Cache vulnerabilities

29 known vulnerabilities affecting wpfastestcache/wp_fastest_cache.

Total CVEs
29
CISA KEV
0
Public exploits
2
Exploited in wild
5
Severity breakdown
CRITICAL2HIGH6MEDIUM21

Vulnerabilities

Page 2 of 2
CVE-2023-1923P4MEDIUMCVSS 4.3≤ 1.1.22023-04-06
CVE-2023-1923 [MEDIUM] CWE-352 CVE-2023-1923: The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfc_remove_cdn_integration_ajax_request_callback function. This makes it possible for unauthenticated attackers to change cdn settings via a forged request granted t
nvd
CVE-2023-1927P4MEDIUMCVSS 4.3≤ 1.1.22023-04-06
CVE-2023-1927 [MEDIUM] CWE-352 CVE-2023-1927: The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the deleteCssAndJsCacheToolbar function. This makes it possible for unauthenticated attackers to perform cache deletion via a forged request granted they can trick a site
nvd
CVE-2023-1922P4MEDIUMCVSS 4.3≤ 1.1.22023-04-06
CVE-2023-1922 [MEDIUM] CWE-352 CVE-2023-1922: The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfc_pause_cdn_integration_ajax_request_callback function. This makes it possible for unauthenticated attackers to change cdn settings via a forged request granted th
nvd
CVE-2023-1926P4MEDIUMCVSS 4.3≤ 1.1.22023-04-06
CVE-2023-1926 [MEDIUM] CWE-352 CVE-2023-1926: The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the deleteCacheToolbar function. This makes it possible for unauthenticated attackers to perform cache deletion via a forged request granted they can trick a site adminis
nvd
CVE-2023-1919P4MEDIUMCVSS 4.3≤ 1.1.22023-04-06
CVE-2023-1919 [MEDIUM] CWE-352 CVE-2023-1919: The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfc_preload_single_save_settings_callback function. This makes it possible for unauthenticated attackers to change cache-related settings via a forged request grante
nvd
CVE-2023-1918P4MEDIUMCVSS 4.3≤ 1.1.22023-04-06
CVE-2023-1918 [MEDIUM] CWE-352 CVE-2023-1918: The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfc_preload_single_callback function. This makes it possible for unauthenticated attackers to invoke a cache building action via a forged request granted they can tr
nvd
CVE-2023-1924P4MEDIUMCVSS 4.3≤ 1.1.22023-04-06
CVE-2023-1924 [MEDIUM] CWE-352 CVE-2023-1924: The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfc_toolbar_save_settings_callback function. This makes it possible for unauthenticated attackers to change cache settings via a forged request granted they can tric
nvd
CVE-2023-1925P4MEDIUMCVSS 4.3≤ 1.1.22023-04-06
CVE-2023-1925 [MEDIUM] CWE-352 CVE-2023-1925: The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfc_clear_cache_of_allsites_callback function. This makes it possible for unauthenticated attackers to clear caches via a forged request granted they can trick a sit
nvd
CVE-2023-1920P4MEDIUMCVSS 4.3≤ 1.1.22023-04-06
CVE-2023-1920 [MEDIUM] CWE-352 CVE-2023-1920: The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfc_purgecache_varnish_callback function. This makes it possible for unauthenticated attackers to purge the varnish cache via a forged request granted they can trick
nvd
Wpfastestcache Wp Fastest Cache vulnerabilities | cvebase