WP Super Cache WordPress Plugin Security Vulnerabilities | WPScan

14

November 11, 2025

1000000

Published

2022-10-03

Title

WP Super Cache < 1.9 - Unauthenticated Cache Poisoning

Fixed in

Fixed in 1.9

CVSS

4.8 (medium)

Published

2021-05-14

Title

WP Super Cache < 1.7.3 - Authenticated Remote Code Execution

Fixed in

Fixed in 1.7.3

CVSS

7.2 (high)

Published

2021-04-12

Title

WP Super Cache < 1.7.3 - Authenticated Stored Cross-Site Scripting (XSS)

Fixed in

Fixed in 1.7.3

CVSS

5.5 (medium)

Published

2021-03-16

Title

WP Super Cache < 1.7.2 - Authenticated Remote Code Execution (RCE)

Fixed in

Fixed in 1.7.2

CVSS

7.2 (high)

Published

2017-02-03

Title

WP Super Cache < 1.4.9 - Cross-Site Scripting (XSS)

Fixed in

Fixed in 1.4.9

CVSS

5.9 (medium)

Published

2015-09-25

Title

WP Super Cache < 1.4.5 - PHP Object Injection

Fixed in

Fixed in 1.4.5

CVSS

8.0 (high)

Published

2015-04-07

Title

WP Super Cache < 1.4.3 - Stored Cross-Site Scripting (XSS)

Fixed in

Fixed in 1.4.3

CVSS

7.2 (high)

Published

2014-08-01

Title

WP Super Cache 1.3 - trunk/plugins/badbehaviour.php URI XSS

Fixed in

Fixed in 1.3.1

CVSS

6.1 (medium)

Published

2014-08-01

Title

WP Super Cache 1.3 - trunk/plugins/domain-mapping.php URI XSS

Fixed in

Fixed in 1.3.1

CVSS

6.1 (medium)

Published

2014-08-01

Title

WP Super Cache 1.3 - trunk/plugins/awaitingmoderation.php URI XSS

Fixed in

Fixed in 1.3.1

CVSS

6.1 (medium)

Published

2014-08-01

Title

WP Super Cache 1.3 - trunk/wp-cache.php wp_nonce_url Function URI XSS

Fixed in

Fixed in 1.3.1

CVSS

6.1 (medium)

Published

2014-08-01

Title

WP Super Cache 1.3 - trunk/plugins/searchengine.php URI XSS

Fixed in

Fixed in 1.3.1

CVSS

6.1 (medium)

Published

2014-08-01

Title

WP Super Cache 1.3 - trunk/plugins/wptouch.php URI XSS

Fixed in

Fixed in 1.3.1

CVSS

6.1 (medium)

Published

2014-08-01

Title

WP-Super-Cache 1.3 - Remote Code Execution

Fixed in

Fixed in 1.3.2

CVSS

8.8 (high)