The WP Fastest Cache plugin for WordPress is vulnerable...
High severity
Unreviewed
Published
May 23, 2024
to the GitHub Advisory Database
•
Updated May 23, 2024
Description
Published by the National Vulnerability Database
May 23, 2024
Published to the GitHub Advisory Database
May 23, 2024
Last updated
May 23, 2024
The WP Fastest Cache plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.6 via the specificDeleteCache function. This makes it possible for authenticated attackers to delete arbitrary files on the server, which can include wp-config.php files of the affected site or other sites in a shared hosting environment.
References